package c.h.a;

import android.annotation.SuppressLint;
import android.content.Context;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import java.math.BigInteger;
import java.security.Key;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.security.spec.AlgorithmParameterSpec;
import java.util.Calendar;
import javax.crypto.Cipher;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes.dex */
public final class e implements d {

    /* renamed from: a, reason: collision with root package name */
    private final String f3100a;

    /* renamed from: b, reason: collision with root package name */
    private final Context f3101b;

    /* renamed from: c, reason: collision with root package name */
    private final String f3102c;

    /* renamed from: d, reason: collision with root package name */
    private final String f3103d;

    public e(Context context) {
        g.f.b.c.c(context, "context");
        this.f3102c = "RSA";
        this.f3103d = "AndroidKeyStore";
        String packageName = context.getPackageName();
        g.f.b.c.b(packageName, "context.packageName");
        this.f3100a = packageName;
        this.f3101b = context;
        b();
    }

    @SuppressLint({"NewApi"})
    private final void a() {
        AlgorithmParameterSpec build;
        String str;
        Calendar calendar = Calendar.getInstance();
        Calendar calendar2 = Calendar.getInstance();
        calendar2.add(1, 25);
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(this.f3102c, this.f3103d);
        if (Build.VERSION.SDK_INT < 23) {
            KeyPairGeneratorSpec.Builder serialNumber = new KeyPairGeneratorSpec.Builder(this.f3101b).setAlias(this.f3100a).setSubject(new X500Principal("CN=" + this.f3100a)).setSerialNumber(BigInteger.valueOf(1L));
            g.f.b.c.b(calendar, "start");
            KeyPairGeneratorSpec.Builder startDate = serialNumber.setStartDate(calendar.getTime());
            g.f.b.c.b(calendar2, "end");
            build = startDate.setEndDate(calendar2.getTime()).build();
            str = "android.security.KeyPair…e)\n              .build()";
        } else {
            KeyGenParameterSpec.Builder certificateSerialNumber = new KeyGenParameterSpec.Builder(this.f3100a, 3).setCertificateSubject(new X500Principal("CN=" + this.f3100a)).setDigests("SHA-256").setEncryptionPaddings("PKCS1Padding").setUserAuthenticationRequired(false).setCertificateSerialNumber(BigInteger.valueOf(1L));
            g.f.b.c.b(calendar, "start");
            KeyGenParameterSpec.Builder certificateNotBefore = certificateSerialNumber.setCertificateNotBefore(calendar.getTime());
            g.f.b.c.b(calendar2, "end");
            build = certificateNotBefore.setCertificateNotAfter(calendar2.getTime()).build();
            str = "KeyGenParameterSpec.Buil…\n                .build()";
        }
        g.f.b.c.b(build, str);
        keyPairGenerator.initialize(build);
        keyPairGenerator.generateKeyPair();
    }

    private final void b() {
        KeyStore keyStore = KeyStore.getInstance(this.f3103d);
        PrivateKey privateKey = null;
        keyStore.load(null);
        for (int i2 = 1; i2 <= 5; i2++) {
            try {
                privateKey = c();
                break;
            } catch (Exception unused) {
            }
        }
        if (privateKey == null) {
            a();
            try {
                privateKey = c();
            } catch (Exception unused2) {
                keyStore.deleteEntry(this.f3100a);
            }
            if (privateKey == null) {
                a();
            }
        }
    }

    private final PrivateKey c() {
        KeyStore keyStore = KeyStore.getInstance(this.f3103d);
        keyStore.load(null);
        if (Build.VERSION.SDK_INT >= 28) {
            Key key = keyStore.getKey(this.f3100a, null);
            if (key != null) {
                return (PrivateKey) key;
            }
            throw new NullPointerException("null cannot be cast to non-null type java.security.PrivateKey");
        }
        KeyStore.Entry entry = keyStore.getEntry(this.f3100a, null);
        if (entry == null) {
            throw new NullPointerException("null cannot be cast to non-null type java.security.KeyStore.PrivateKeyEntry");
        }
        PrivateKey privateKey = ((KeyStore.PrivateKeyEntry) entry).getPrivateKey();
        g.f.b.c.b(privateKey, "asymmetricKey.privateKey");
        return privateKey;
    }

    private final PublicKey d() {
        PublicKey publicKey;
        String str;
        KeyStore keyStore = KeyStore.getInstance(this.f3103d);
        keyStore.load(null);
        if (Build.VERSION.SDK_INT >= 28) {
            Certificate certificate = keyStore.getCertificate(this.f3100a);
            g.f.b.c.b(certificate, "ks.getCertificate(keyAlias)");
            publicKey = certificate.getPublicKey();
            str = "ks.getCertificate(keyAlias).publicKey";
        } else {
            KeyStore.Entry entry = keyStore.getEntry(this.f3100a, null);
            if (entry == null) {
                throw new NullPointerException("null cannot be cast to non-null type java.security.KeyStore.PrivateKeyEntry");
            }
            Certificate certificate2 = ((KeyStore.PrivateKeyEntry) entry).getCertificate();
            g.f.b.c.b(certificate2, "asymmetricKey.certificate");
            publicKey = certificate2.getPublicKey();
            str = "asymmetricKey.certificate.publicKey";
        }
        g.f.b.c.b(publicKey, str);
        return publicKey;
    }

    private final Cipher e() {
        Cipher cipher;
        String str;
        if (Build.VERSION.SDK_INT < 23) {
            cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", "AndroidOpenSSL");
            str = "Cipher.getInstance(\"RSA/…dding\", \"AndroidOpenSSL\")";
        } else {
            cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", "AndroidKeyStoreBCWorkaround");
            str = "Cipher.getInstance(\"RSA/…oidKeyStoreBCWorkaround\")";
        }
        g.f.b.c.b(cipher, str);
        return cipher;
    }

    @Override // c.h.a.d
    public Key a(byte[] bArr, String str) {
        g.f.b.c.c(bArr, "wrappedKey");
        g.f.b.c.c(str, "algorithm");
        PrivateKey c2 = c();
        Cipher e2 = e();
        e2.init(4, c2);
        Key unwrap = e2.unwrap(bArr, str, 3);
        g.f.b.c.b(unwrap, "cipher.unwrap(wrappedKey…rithm, Cipher.SECRET_KEY)");
        return unwrap;
    }

    @Override // c.h.a.d
    public byte[] a(Key key) {
        g.f.b.c.c(key, "key");
        PublicKey d2 = d();
        Cipher e2 = e();
        e2.init(3, d2);
        byte[] wrap = e2.wrap(key);
        g.f.b.c.b(wrap, "cipher.wrap(key)");
        return wrap;
    }
}
