package de.telekom.tpd.fmc.keychain.platform;

import android.app.Application;
import android.content.SharedPreferences;
import android.util.Base64;
import com.facebook.stetho.common.Utf8Charset;
import de.telekom.tpd.fmc.keychain.dataaccess.KeyStorePreferences;
import de.telekom.tpd.fmc.keychain.domain.CryptoException;
import de.telekom.tpd.fmc.keychain.domain.KeyStoreController;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import org.apache.commons.io.IOUtils;
import timber.log.Timber;

/* loaded from: classes3.dex */
public class KeyStoreControllerImpl implements KeyStoreController {
    public static final String TRANSFORMATION = "RSA";
    private final String PREF_SUFFIX = "_ks_old";
    private final String prKeyPref;
    private final SharedPreferences prefs;
    private final String puKeyPref;
    private final KeyPair secretKey;

    public KeyStoreControllerImpl(Application application, KeyStorePreferences keyStorePreferences) {
        this.prKeyPref = keyStorePreferences.getPrKeyPrefName();
        this.puKeyPref = keyStorePreferences.getPuKeyPrefName();
        this.prefs = application.getSharedPreferences("KeyStore", 0);
        try {
            this.secretKey = initKeystore();
        } catch (Exception e) {
            throw new IllegalStateException("Cannot load keystore", e);
        }
    }

    private KeyPair generateNewKeyPair() throws Exception {
        KeyPair generateKeyPair = KeyPairGenerator.getInstance(TRANSFORMATION).generateKeyPair();
        putKey(this.puKeyPref, generateKeyPair.getPublic());
        putKey(this.prKeyPref, generateKeyPair.getPrivate());
        return generateKeyPair;
    }

    private byte[] getKey(String str) {
        return Base64.decode(this.prefs.getString(str, null), 0);
    }

    private KeyPair initKeystore() throws Exception {
        return (this.prefs.contains(this.puKeyPref) && this.prefs.contains(this.prKeyPref)) ? loadKeyPair() : generateNewKeyPair();
    }

    private KeyPair loadKeyPair() throws Exception {
        KeyFactory keyFactory = KeyFactory.getInstance(TRANSFORMATION);
        return new KeyPair(keyFactory.generatePublic(new X509EncodedKeySpec(getKey(this.puKeyPref))), keyFactory.generatePrivate(new PKCS8EncodedKeySpec(getKey(this.prKeyPref))));
    }

    private void putKey(String str, Key key) {
        String encodeToString = Base64.encodeToString(key.getEncoded(), 0);
        Timber.d("Put key with value: " + encodeToString, new Object[0]);
        this.prefs.edit().putString(str, encodeToString).commit();
    }

    @Override // de.telekom.tpd.fmc.keychain.domain.KeyStoreController
    public String decryptString(String str) throws CryptoException {
        Timber.d("decryptString() called with: textToDecrypt = [" + str + "]", new Object[0]);
        try {
            Cipher cipher = Cipher.getInstance(TRANSFORMATION);
            cipher.init(2, this.secretKey.getPrivate());
            CipherInputStream cipherInputStream = new CipherInputStream(new ByteArrayInputStream(Base64.decode(str, 0)), cipher);
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            IOUtils.copy(cipherInputStream, byteArrayOutputStream);
            byte[] byteArray = byteArrayOutputStream.toByteArray();
            String str2 = new String(byteArray, 0, byteArray.length, Utf8Charset.NAME);
            Timber.d("Decrypted text: " + str2, new Object[0]);
            return str2;
        } catch (Exception e) {
            Timber.e(e, "Can not decrypt given value", new Object[0]);
            throw new CryptoException("Can not decrypt given value");
        }
    }

    @Override // de.telekom.tpd.fmc.keychain.domain.KeyStoreController
    public String encryptString(String str) throws CryptoException {
        Timber.d("encryptString() called with: textToEncrypt = [" + str + "]", new Object[0]);
        try {
            Cipher cipher = Cipher.getInstance(TRANSFORMATION);
            cipher.init(1, this.secretKey.getPublic());
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, cipher);
            cipherOutputStream.write(str.getBytes(Utf8Charset.NAME));
            cipherOutputStream.close();
            String encodeToString = Base64.encodeToString(byteArrayOutputStream.toByteArray(), 0);
            Timber.d("Encrypted text: " + encodeToString, new Object[0]);
            return encodeToString;
        } catch (Exception e) {
            Timber.e(e, "Can not encrypt given value", new Object[0]);
            throw new CryptoException("Can not encrypt given value");
        }
    }

    @Override // de.telekom.tpd.fmc.keychain.domain.KeyStoreController
    public String preferenceNameWithSuffix(String str) {
        return str + "_ks_old";
    }
}
