package f.o.Ub.f;

import android.annotation.SuppressLint;
import android.content.Context;
import android.os.Build;
import android.os.Looper;
import android.os.NetworkOnMainThreadException;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import b.a.M;
import b.a.X;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.util.ArrayList;
import java.util.Calendar;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;
import k.l.b.E;
import kotlin.TypeCastException;
import q.d.b.d;

@SuppressLint({"NewApi"})
/* loaded from: classes6.dex */
public final class a {

    /* renamed from: a, reason: collision with root package name */
    public final byte[] f46034a;

    /* renamed from: b, reason: collision with root package name */
    public final IvParameterSpec f46035b;

    /* renamed from: c, reason: collision with root package name */
    public final boolean f46036c;

    /* renamed from: d, reason: collision with root package name */
    public final Context f46037d;

    /* renamed from: e, reason: collision with root package name */
    public final c f46038e;

    /* renamed from: f, reason: collision with root package name */
    public final String f46039f;

    @j.b.a
    public a(@d Context context, @d c cVar, @d String str) {
        E.f(context, "context");
        E.f(cVar, "store");
        E.f(str, "keyStoreAlias");
        this.f46037d = context;
        this.f46038e = cVar;
        this.f46039f = str;
        this.f46034a = new byte[16];
        this.f46035b = new IvParameterSpec(this.f46034a);
        this.f46036c = Build.VERSION.SDK_INT < 23;
    }

    private final byte[] a(byte[] bArr) throws GeneralSecurityException, IOException {
        KeyStore.PrivateKeyEntry privateKeyEntry;
        KeyStore c2 = c();
        c2.load(null);
        KeyStore.Entry entry = c2.getEntry(this.f46039f, null);
        if (entry == null) {
            privateKeyEntry = null;
        } else {
            if (entry == null) {
                throw new TypeCastException("null cannot be cast to non-null type java.security.KeyStore.PrivateKeyEntry");
            }
            privateKeyEntry = (KeyStore.PrivateKeyEntry) entry;
        }
        Cipher cipher = this.f46036c ? Cipher.getInstance("RSA/ECB/PKCS1Padding", "AndroidOpenSSL") : Cipher.getInstance("RSA/ECB/PKCS1Padding");
        cipher.init(2, privateKeyEntry != null ? privateKeyEntry.getPrivateKey() : null);
        CipherInputStream cipherInputStream = new CipherInputStream(new ByteArrayInputStream(bArr), cipher);
        ArrayList arrayList = new ArrayList();
        for (int read = cipherInputStream.read(); read != -1; read = cipherInputStream.read()) {
            arrayList.add(Byte.valueOf((byte) read));
        }
        byte[] bArr2 = new byte[arrayList.size()];
        int length = bArr2.length;
        for (int i2 = 0; i2 < length; i2++) {
            Object obj = arrayList.get(i2);
            E.a(obj, "values[i]");
            bArr2[i2] = ((Number) obj).byteValue();
        }
        return bArr2;
    }

    private final byte[] b(byte[] bArr) throws GeneralSecurityException, IOException {
        KeyStore.PrivateKeyEntry privateKeyEntry;
        Certificate certificate;
        KeyStore c2 = c();
        PublicKey publicKey = null;
        c2.load(null);
        KeyStore.Entry entry = c2.getEntry(this.f46039f, null);
        if (entry == null) {
            privateKeyEntry = null;
        } else {
            if (entry == null) {
                throw new TypeCastException("null cannot be cast to non-null type java.security.KeyStore.PrivateKeyEntry");
            }
            privateKeyEntry = (KeyStore.PrivateKeyEntry) entry;
        }
        Cipher cipher = this.f46036c ? Cipher.getInstance("RSA/ECB/PKCS1Padding", "AndroidOpenSSL") : Cipher.getInstance("RSA/ECB/PKCS1Padding");
        if (privateKeyEntry != null && (certificate = privateKeyEntry.getCertificate()) != null) {
            publicKey = certificate.getPublicKey();
        }
        cipher.init(1, publicKey);
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, cipher);
        cipherOutputStream.write(bArr);
        cipherOutputStream.close();
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        E.a((Object) byteArray, "outputStream.toByteArray()");
        return byteArray;
    }

    private final String e() {
        KeyStore c2 = c();
        c2.load(null);
        if (!c2.containsAlias(this.f46039f)) {
            if (this.f46036c) {
                g();
            } else {
                f();
            }
        }
        byte[] bArr = new byte[16];
        new SecureRandom().nextBytes(bArr);
        String encodeToString = Base64.encodeToString(b(bArr), 0);
        E.a((Object) encodeToString, "Base64.encodeToString(en…yptedKey, Base64.DEFAULT)");
        return encodeToString;
    }

    @M(23)
    private final void f() throws GeneralSecurityException {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
        keyPairGenerator.initialize(new KeyGenParameterSpec.Builder(this.f46039f, 3).setBlockModes("ECB").setEncryptionPaddings("PKCS1Padding").build());
        keyPairGenerator.generateKeyPair();
    }

    private final void g() throws GeneralSecurityException {
        Calendar calendar = Calendar.getInstance();
        Calendar calendar2 = Calendar.getInstance();
        calendar2.add(1, 30);
        KeyPairGeneratorSpec.Builder serialNumber = new KeyPairGeneratorSpec.Builder(this.f46037d).setAlias(this.f46039f).setSubject(new X500Principal("CN=" + this.f46039f)).setSerialNumber(BigInteger.TEN);
        E.a((Object) calendar, "start");
        KeyPairGeneratorSpec.Builder startDate = serialNumber.setStartDate(calendar.getTime());
        E.a((Object) calendar2, "end");
        KeyPairGeneratorSpec build = startDate.setEndDate(calendar2.getTime()).build();
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
        keyPairGenerator.initialize(build);
        keyPairGenerator.generateKeyPair();
    }

    private final SecretKey h() {
        Thread currentThread = Thread.currentThread();
        Looper mainLooper = Looper.getMainLooper();
        E.a((Object) mainLooper, "Looper.getMainLooper()");
        if (E.a(currentThread, mainLooper.getThread())) {
            throw new NetworkOnMainThreadException();
        }
        String a2 = this.f46038e.a();
        if (a2 == null) {
            a2 = e();
            this.f46038e.a(a2);
        }
        byte[] decode = Base64.decode(a2, 0);
        E.a((Object) decode, "byteEncryptedKey");
        return new SecretKeySpec(a(decode), "AES");
    }

    @d
    public final Cipher a() {
        SecretKey h2 = h();
        Cipher cipher = Cipher.getInstance(b.f46044e);
        cipher.init(2, h2, this.f46035b);
        E.a((Object) cipher, "cipher");
        return cipher;
    }

    @d
    public final Cipher b() {
        SecretKey h2 = h();
        Cipher cipher = Cipher.getInstance(b.f46044e);
        cipher.init(1, h2, this.f46035b);
        E.a((Object) cipher, "cipher");
        return cipher;
    }

    @X
    @d
    public final KeyStore c() {
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        E.a((Object) keyStore, "KeyStore.getInstance(ANDROID_KEY_STORE)");
        return keyStore;
    }

    public final void d() {
        this.f46038e.b();
        KeyStore c2 = c();
        c2.load(null);
        if (c2.containsAlias(this.f46039f)) {
            c2.deleteEntry(this.f46039f);
            if (c2.containsAlias(this.f46039f)) {
                throw new KeyStoreException("Failed to remove " + this.f46039f);
            }
        }
    }
}
