package com.mttnow.android.encryption.internal;

import android.content.Context;
import android.content.SharedPreferences;
import android.security.KeyPairGeneratorSpec;
import androidx.annotation.RequiresApi;
import com.mttnow.android.encryption.AndroidEncryption;
import com.mttnow.android.encryption.EncryptionException;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.math.BigInteger;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.util.Arrays;
import java.util.Calendar;
import java.util.Date;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;
import timber.log.Timber;

@RequiresApi(api = 18)
/* loaded from: classes3.dex */
public final class KeyLoaderApi18 implements KeyLoader {
    private static final String KEY_PREFS_KEY = "KeyLoaderApi18RSAKey";
    private static final String PREFS_NAME = "KeyLoaderApi18";
    private static final String RSA_MODE = "RSA/None/PKCS1Padding";
    private final Context context;
    private final KeyStore keyStore;
    private final SharedPreferences sharedPreferences;

    public KeyLoaderApi18(Context context, SharedPreferences sharedPreferences, KeyStore keyStore) {
        this.context = context;
        this.sharedPreferences = sharedPreferences;
        this.keyStore = keyStore;
    }

    public static KeyLoader create(Context context) throws EncryptionException {
        try {
            KeyStore keyStore = KeyStore.getInstance(AndroidEncryption.ANDROID_KEY_STORE);
            keyStore.load(null, null);
            return new KeyLoaderApi18(context, context.getSharedPreferences(PREFS_NAME, 0), keyStore);
        } catch (Exception e) {
            throw EncryptionException.from("Error getting keystore", e);
        }
    }

    private byte[] rsaDecrypt(byte[] bArr, String str) throws EncryptionException {
        try {
            Timber.i("cipherText %s ", Arrays.toString(bArr));
            KeyPair rsaKeyEntry = rsaKeyEntry(str);
            Cipher cipher = Cipher.getInstance(RSA_MODE);
            cipher.init(2, rsaKeyEntry.getPrivate());
            CipherInputStream cipherInputStream = new CipherInputStream(new ByteArrayInputStream(bArr), cipher);
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream(bArr.length);
            byte[] bArr2 = new byte[1024];
            while (true) {
                int read = cipherInputStream.read(bArr2);
                if (read <= 0) {
                    byteArrayOutputStream.close();
                    cipherInputStream.close();
                    return byteArrayOutputStream.toByteArray();
                }
                byteArrayOutputStream.write(bArr2, 0, read);
            }
        } catch (Exception e) {
            Timber.e(e, "Error decrypting aes key with rsa keys", new Object[0]);
            throw EncryptionException.from("Error decrypting aes key with rsa", e);
        }
    }

    private byte[] rsaEncrypt(byte[] bArr, String str) throws EncryptionException {
        try {
            KeyPair rsaKeyEntry = rsaKeyEntry(str);
            Cipher cipher = Cipher.getInstance(RSA_MODE);
            cipher.init(1, rsaKeyEntry.getPublic());
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream(bArr.length);
            CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, cipher);
            cipherOutputStream.write(bArr);
            cipherOutputStream.close();
            return byteArrayOutputStream.toByteArray();
        } catch (Exception e) {
            throw EncryptionException.from("Error encrypting aes key with rsa", e);
        }
    }

    private KeyPair rsaKeyEntry(String str) throws EncryptionException {
        try {
            Calendar calendar = Calendar.getInstance();
            calendar.add(1, 99);
            if (this.keyStore.containsAlias(str)) {
                return new KeyPair(this.keyStore.getCertificate(str).getPublicKey(), (PrivateKey) this.keyStore.getKey(str, null));
            }
            KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(this.context).setAlias(str).setSubject(new X500Principal("CN=" + str)).setSerialNumber(BigInteger.TEN).setAlias(str).setStartDate(new Date()).setEndDate(calendar.getTime()).build();
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", AndroidEncryption.ANDROID_KEY_STORE);
            keyPairGenerator.initialize(build);
            return keyPairGenerator.generateKeyPair();
        } catch (Exception e) {
            throw EncryptionException.from("Error generating KeyPair", e);
        }
    }

    @Override // com.mttnow.android.encryption.internal.KeyLoader
    public KeyPair loadKeyPair(String str) throws EncryptionException {
        try {
            if (this.keyStore.containsAlias(str)) {
                return new KeyPair(this.keyStore.getCertificate(str).getPublicKey(), (PrivateKey) this.keyStore.getKey(str, null));
            }
            Calendar calendar = Calendar.getInstance();
            calendar.add(1, 99);
            KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(this.context).setAlias(str).setSubject(new X500Principal("CN=" + str)).setSerialNumber(BigInteger.TEN).setAlias(str).setStartDate(new Date()).setEndDate(calendar.getTime()).build();
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", AndroidEncryption.ANDROID_KEY_STORE);
            keyPairGenerator.initialize(build);
            return keyPairGenerator.generateKeyPair();
        } catch (Exception e) {
            Functions.deleteAliasQuietly(this.keyStore, str);
            throw EncryptionException.from("Error generating KeyPair", e);
        }
    }

    @Override // com.mttnow.android.encryption.internal.KeyLoader
    public SecretKey loadSecret(String str) throws EncryptionException {
        if (this.sharedPreferences.contains(KEY_PREFS_KEY)) {
            return new SecretKeySpec(rsaDecrypt(Base64.decode(this.sharedPreferences.getString(KEY_PREFS_KEY, null)), str), "AES");
        }
        try {
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
            keyGenerator.init(256);
            SecretKey generateKey = keyGenerator.generateKey();
            this.sharedPreferences.edit().putString(KEY_PREFS_KEY, Base64.encodeToString(rsaEncrypt(generateKey.getEncoded(), str))).apply();
            return generateKey;
        } catch (Exception e) {
            this.sharedPreferences.edit().remove(KEY_PREFS_KEY).apply();
            throw EncryptionException.from("Error generating AES Key", e);
        }
    }

    @Override // com.mttnow.android.encryption.internal.KeyLoader
    public KeyPair loadSigningKeyPair(String str) throws EncryptionException {
        return rsaKeyEntry(str);
    }
}
