package com.citrix.sdk.crypto.a;

import android.content.Context;
import android.security.keystore.KeyGenParameterSpec;
import com.citrix.sdk.crypto.api.CryptoAPI;
import com.citrix.sdk.crypto.api.CryptoData;
import com.citrix.sdk.crypto.api.CryptoKey;
import com.citrix.sdk.crypto.exception.CryptoException;
import com.citrix.sdk.logging.api.Logger;
import com.citrix.shield.crypto.CtxShieldCrypto;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.UnrecoverableEntryException;
import java.security.UnrecoverableKeyException;
import java.security.cert.X509Certificate;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.net.ssl.KeyManager;

/* loaded from: classes2.dex */
public class a extends CryptoAPI {

    /* renamed from: c, reason: collision with root package name */
    private Logger f15024c = Logger.getLogger("JavaCrypto");

    /* renamed from: d, reason: collision with root package name */
    private SecureRandom f15025d = new SecureRandom();

    public a(Context context) {
    }

    private static String a(byte[] bArr) {
        if (bArr == null) {
            return "null";
        }
        return "bytes=" + bArr.length;
    }

    private void a(CryptoKey cryptoKey, CryptoData cryptoData) throws CryptoException {
        String str = cryptoKey == null ? "decryptAES: CryptoKey is null" : cryptoData == null ? "decryptAES: CryptoData is null" : cryptoData.getBytes() == null ? "decryptAES: CryptoData.bytes is null" : cryptoData.getBytes().length == 0 ? "decryptAES: CryptoData.bytes length is 0" : null;
        if (str == null) {
            return;
        }
        this.f15024c.error(str);
        throw new CryptoException(new IllegalArgumentException("decryptAES: CryptoData is null"));
    }

    private void a(CryptoKey cryptoKey, byte[] bArr) throws CryptoException {
        String str = cryptoKey == null ? "encryptAES: CryptoKey is null" : bArr == null ? "encryptAES: Data is null" : bArr.length == 0 ? "encryptAES: Data length is 0" : null;
        if (str == null) {
            return;
        }
        this.f15024c.error(str);
        throw new CryptoException(new IllegalArgumentException(str));
    }

    private byte[] b(CryptoKey cryptoKey, CryptoData cryptoData) throws CryptoException {
        try {
            try {
                PrivateKey privateKey = cryptoKey.getKeyPair().getPrivate();
                Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
                cipher.init(2, privateKey);
                byte[] doFinal = cipher.doFinal(cryptoData.getBytes());
                this.f15024c.exit("decryptRSA", a(doFinal));
                return doFinal;
            } catch (Throwable th2) {
                this.f15024c.exit("decryptRSA", a(null));
                throw th2;
            }
        } catch (InvalidKeyException | NoSuchAlgorithmException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e10) {
            this.f15024c.error("decryptRSA: exception thrown", e10);
            throw new CryptoException(e10);
        }
    }

    @Override // com.citrix.sdk.crypto.api.CryptoAPI
    public byte[] PBDecrypt(byte[] bArr, byte[] bArr2, int i10, char[] cArr) throws CryptoException {
        throw new CryptoException(new UnsupportedOperationException("Unsupported Operation PBDecrypt"));
    }

    @Override // com.citrix.sdk.crypto.api.CryptoAPI
    public byte[] PBEncrypt(byte[] bArr, byte[] bArr2, int i10, char[] cArr) throws CryptoException {
        throw new CryptoException(new UnsupportedOperationException("Unsupported Operation PBEncrypt"));
    }

    @Override // com.citrix.sdk.crypto.api.CryptoAPI
    public byte[] decryptAES(CryptoKey cryptoKey, CryptoData cryptoData) throws CryptoException {
        String str = "null";
        this.f15024c.enter("decryptAES", cryptoKey, cryptoData);
        a(cryptoKey, cryptoData);
        try {
            try {
                IvParameterSpec ivParameterSpec = new IvParameterSpec(cryptoData.getIv());
                Cipher cipher = Cipher.getInstance(CtxShieldCrypto.CwaSymmetricCipher);
                cipher.init(2, cryptoKey.getKey(), ivParameterSpec);
                byte[] doFinal = cipher.doFinal(cryptoData.getBytes());
                Logger logger = this.f15024c;
                if (doFinal != null) {
                    str = "bytes=" + doFinal.length;
                }
                logger.exit("decryptAES", str);
                return doFinal;
            } catch (Throwable th2) {
                this.f15024c.exit("decryptAES", "null");
                throw th2;
            }
        } catch (InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e10) {
            throw new CryptoException(e10);
        }
    }

    @Override // com.citrix.sdk.crypto.api.CryptoAPI
    public byte[] decryptRSA(CryptoKey cryptoKey, CryptoData cryptoData) throws CryptoException {
        this.f15024c.enter("decryptRSA", cryptoKey, cryptoData);
        a(cryptoKey, cryptoData);
        return b(cryptoKey, cryptoData);
    }

    @Override // com.citrix.sdk.crypto.api.CryptoAPI
    public boolean deleteKey(String str) throws CryptoException {
        this.f15024c.enter("deleteKey(" + str + ")");
        try {
            if (str == null) {
                this.f15024c.error("deleteKey: Key Alias is null");
                throw new CryptoException(new IllegalArgumentException("deleteKey: Key Alias is null"));
            }
            try {
                KeyStore androidKeyStore = CryptoAPI.getAndroidKeyStore();
                if (androidKeyStore.containsAlias(str)) {
                    androidKeyStore.deleteEntry(str);
                }
                this.f15024c.exit("deleteKey(" + str + ")");
                return true;
            } catch (KeyStoreException e10) {
                this.f15024c.error("KeyStoreException thrown", e10);
                throw new CryptoException(e10);
            }
        } catch (Throwable th2) {
            this.f15024c.exit("deleteKey(" + str + ")");
            throw th2;
        }
    }

    @Override // com.citrix.sdk.crypto.api.CryptoAPI
    public CryptoData encryptAES(CryptoKey cryptoKey, byte[] bArr) throws CryptoException {
        this.f15024c.enter("encryptAES");
        a(cryptoKey, bArr);
        CryptoData cryptoData = new CryptoData();
        try {
            try {
                Cipher cipher = Cipher.getInstance(CtxShieldCrypto.CwaSymmetricCipher);
                cipher.init(1, cryptoKey.getKey());
                cryptoData.setIv(cipher.getIV());
                cryptoData.setBytes(cipher.doFinal(bArr));
                return cryptoData;
            } finally {
                this.f15024c.exit("encryptAES", cryptoData);
            }
        } catch (InvalidKeyException | NoSuchAlgorithmException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e10) {
            this.f15024c.error("encryptAES: Exception thrown", e10);
            throw new CryptoException(e10);
        }
    }

    @Override // com.citrix.sdk.crypto.api.CryptoAPI
    public CryptoData encryptRSA(CryptoKey cryptoKey, byte[] bArr) throws CryptoException {
        this.f15024c.enter("encryptRSA", cryptoKey, a(bArr));
        a(cryptoKey, bArr);
        CryptoData cryptoData = new CryptoData();
        try {
            try {
                PublicKey publicKey = cryptoKey.getKeyPair().getPublic();
                Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
                cipher.init(1, publicKey);
                cryptoData.setBytes(cipher.doFinal(bArr));
                cryptoData.setIv(cipher.getIV());
                return cryptoData;
            } finally {
                this.f15024c.exit("encryptRSA", cryptoData);
            }
        } catch (InvalidKeyException | NoSuchAlgorithmException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e10) {
            this.f15024c.error("encryptRSA: exception thrown", e10);
            throw new CryptoException(e10);
        }
    }

    @Override // com.citrix.sdk.crypto.api.CryptoAPI
    public boolean fillWithRandom(byte[] bArr) throws CryptoException {
        this.f15025d.nextBytes(bArr);
        return true;
    }

    @Override // com.citrix.sdk.crypto.api.CryptoAPI
    public KeyManager[] generateTunnelKeyManager() throws CryptoException {
        throw new CryptoException(new UnsupportedOperationException("Unsupported Operation generateTunnelKeyManager"));
    }

    @Override // com.citrix.sdk.crypto.api.CryptoAPI
    public String getHashValue(String str) throws CryptoException {
        throw new CryptoException(new UnsupportedOperationException("Unsupported Operation performHash"));
    }

    @Override // com.citrix.sdk.crypto.api.CryptoAPI
    public X509Certificate getTunnelCertificate() throws CryptoException {
        throw new CryptoException(new UnsupportedOperationException("Unsupported Operation getTunnelCertificate"));
    }

    @Override // com.citrix.sdk.crypto.api.CryptoAPI
    public CryptoKey obtainAESKey(String str, int i10) throws CryptoException {
        String str2;
        CryptoKey cryptoKey;
        this.f15024c.enter("obtainAESKey", str, Integer.valueOf(i10));
        if (str == null) {
            str2 = "obtainAESKey: Key Alias is null";
        } else if (i10 == 128 || i10 == 192 || i10 == 256) {
            str2 = null;
        } else {
            str2 = "obtainAESKey: Illegal Key Size = " + i10;
        }
        try {
            if (str2 != null) {
                this.f15024c.error(str2);
                throw new CryptoException(new IllegalArgumentException(str2));
            }
            try {
                Key key = CryptoAPI.getAndroidKeyStore().getKey(str, null);
                if (key != null) {
                    cryptoKey = new CryptoKey(str, key);
                    try {
                        cryptoKey.setFromKeyStore(true);
                    } catch (InvalidAlgorithmParameterException e10) {
                        e = e10;
                        this.f15024c.error("obtainAESKey: Exception thrown", e);
                        throw new CryptoException(e);
                    } catch (KeyStoreException e11) {
                        e = e11;
                        this.f15024c.error("obtainAESKey: Exception thrown", e);
                        throw new CryptoException(e);
                    } catch (NoSuchAlgorithmException e12) {
                        e = e12;
                        this.f15024c.error("obtainAESKey: Exception thrown", e);
                        throw new CryptoException(e);
                    } catch (NoSuchProviderException e13) {
                        e = e13;
                        this.f15024c.error("obtainAESKey: Exception thrown", e);
                        throw new CryptoException(e);
                    } catch (UnrecoverableKeyException e14) {
                        e = e14;
                        this.f15024c.error("obtainAESKey: Exception thrown", e);
                        throw new CryptoException(e);
                    } catch (Throwable th2) {
                        th = th2;
                        this.f15024c.exit("obtainAESKey", cryptoKey);
                        throw th;
                    }
                } else {
                    KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", "AndroidKeyStore");
                    keyGenerator.init(new KeyGenParameterSpec.Builder(str, 3).setBlockModes("CBC").setEncryptionPaddings("PKCS7Padding").setRandomizedEncryptionRequired(true).setKeySize(i10).build(), new SecureRandom());
                    SecretKey generateKey = keyGenerator.generateKey();
                    if (generateKey == null) {
                        this.f15024c.error("obtainAESKey: Failed to get secretKey for AES key");
                        throw new CryptoException("obtainAESKey: Failed to get secretKey for AES key");
                    }
                    cryptoKey = new CryptoKey(str, generateKey);
                }
                this.f15024c.exit("obtainAESKey", cryptoKey);
                return cryptoKey;
            } catch (InvalidAlgorithmParameterException e15) {
                e = e15;
            } catch (KeyStoreException e16) {
                e = e16;
            } catch (NoSuchAlgorithmException e17) {
                e = e17;
            } catch (NoSuchProviderException e18) {
                e = e18;
            } catch (UnrecoverableKeyException e19) {
                e = e19;
            }
        } catch (Throwable th3) {
            th = th3;
            cryptoKey = null;
        }
    }

    @Override // com.citrix.sdk.crypto.api.CryptoAPI
    public CryptoKey obtainRSAKey(String str, int i10) throws CryptoException {
        String str2;
        CryptoKey cryptoKey;
        this.f15024c.enter("obtainRSAKey", str, Integer.valueOf(i10));
        if (str == null) {
            str2 = "obtainRSAKey: Key Alias is null";
        } else if (i10 < 2048) {
            str2 = "obtainRSAKey: Illegal Key Size (< 2048) = " + i10;
        } else {
            str2 = null;
        }
        try {
            if (str2 != null) {
                this.f15024c.error(str2);
                throw new CryptoException(new IllegalArgumentException(str2));
            }
            try {
                KeyStore androidKeyStore = CryptoAPI.getAndroidKeyStore();
                KeyStore.Entry entry = androidKeyStore.getEntry(str, null);
                if (entry != null) {
                    cryptoKey = new CryptoKey(str, new KeyPair(androidKeyStore.getCertificate(str).getPublicKey(), ((KeyStore.PrivateKeyEntry) entry).getPrivateKey()));
                    try {
                        cryptoKey.setFromKeyStore(true);
                    } catch (InvalidAlgorithmParameterException e10) {
                        e = e10;
                        this.f15024c.error("obtainRSAKey: Exception thrown", e);
                        throw new CryptoException(e);
                    } catch (KeyStoreException e11) {
                        e = e11;
                        this.f15024c.error("obtainRSAKey: Exception thrown", e);
                        throw new CryptoException(e);
                    } catch (NoSuchAlgorithmException e12) {
                        e = e12;
                        this.f15024c.error("obtainRSAKey: Exception thrown", e);
                        throw new CryptoException(e);
                    } catch (NoSuchProviderException e13) {
                        e = e13;
                        this.f15024c.error("obtainRSAKey: Exception thrown", e);
                        throw new CryptoException(e);
                    } catch (UnrecoverableEntryException e14) {
                        e = e14;
                        this.f15024c.error("obtainRSAKey: Exception thrown", e);
                        throw new CryptoException(e);
                    } catch (Throwable th2) {
                        th = th2;
                        this.f15024c.exit("obtainRSAKey", cryptoKey);
                        throw th;
                    }
                } else {
                    KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
                    keyPairGenerator.initialize(new KeyGenParameterSpec.Builder(str, 3).setRandomizedEncryptionRequired(true).setKeySize(i10).setBlockModes("ECB").setEncryptionPaddings("PKCS1Padding").build(), new SecureRandom());
                    KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
                    if (generateKeyPair == null) {
                        String str3 = "obtainRSAKey: Failed to get key pair for RSA key = " + str;
                        this.f15024c.error(str3);
                        throw new CryptoException(str3);
                    }
                    cryptoKey = new CryptoKey(str, generateKeyPair);
                }
                this.f15024c.exit("obtainRSAKey", cryptoKey);
                return cryptoKey;
            } catch (InvalidAlgorithmParameterException e15) {
                e = e15;
            } catch (KeyStoreException e16) {
                e = e16;
            } catch (NoSuchAlgorithmException e17) {
                e = e17;
            } catch (NoSuchProviderException e18) {
                e = e18;
            } catch (UnrecoverableEntryException e19) {
                e = e19;
            }
        } catch (Throwable th3) {
            th = th3;
            cryptoKey = null;
        }
    }

    @Override // com.citrix.sdk.crypto.api.CryptoAPI
    public byte[] performHash(int i10, byte[] bArr) throws CryptoException {
        try {
            return MessageDigest.getInstance("SHA-" + i10).digest(bArr);
        } catch (Exception e10) {
            throw new CryptoException(e10);
        }
    }

    @Override // com.citrix.sdk.crypto.api.CryptoAPI
    public int setFipsMode(int i10) throws CryptoException {
        throw new CryptoException(new UnsupportedOperationException("Unsupported Operation setFipsMode"));
    }
}
