package com.mcafee.encryption.security.store;

import android.content.Context;
import android.content.SharedPreferences;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.text.TextUtils;
import android.util.Base64;
import androidx.annotation.RequiresApi;
import com.google.android.gms.analytics.ecommerce.ProductAction;
import com.mcafee.csp.internal.base.servicediscovery.CspServiceDiscoveryClient;
import com.mcafee.encryption.logging.Logging;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.math.BigInteger;
import java.nio.charset.Charset;
import java.security.InvalidAlgorithmParameterException;
import java.security.Key;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.spec.AlgorithmParameterSpec;
import java.util.GregorianCalendar;
import javax.crypto.Cipher;
import javax.security.auth.x500.X500Principal;
import kotlin.Metadata;
import kotlin.TypeCastException;
import kotlin.jvm.internal.Intrinsics;
import kotlin.text.Charsets;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;

@Metadata(bv = {1, 0, 3}, d1 = {"\u0000\\\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\u0010\u0012\n\u0000\n\u0002\u0010\u000e\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0004\n\u0002\u0018\u0002\n\u0002\b\u0004\n\u0002\u0010\u000b\n\u0002\b\u0007\n\u0002\u0018\u0002\n\u0002\b\b\n\u0002\u0010\u0002\n\u0002\b\b\n\u0002\u0010\b\n\u0002\b\u0006\n\u0002\u0018\u0002\n\u0002\b\u0006\u0018\u00002\u00020\u0001B\u0017\u0012\u0006\u0010\b\u001a\u00020\u0007\u0012\u0006\u0010:\u001a\u00020\u0004¢\u0006\u0004\b;\u0010<J\u0019\u0010\u0005\u001a\u0004\u0018\u00010\u00042\u0006\u0010\u0003\u001a\u00020\u0002H\u0002¢\u0006\u0004\b\u0005\u0010\u0006J\u001b\u0010\n\u001a\u0004\u0018\u00010\t2\b\u0010\b\u001a\u0004\u0018\u00010\u0007H\u0003¢\u0006\u0004\b\n\u0010\u000bJ%\u0010\u000f\u001a\u0004\u0018\u00010\u00042\b\u0010\r\u001a\u0004\u0018\u00010\f2\b\u0010\u000e\u001a\u0004\u0018\u00010\u0004H\u0002¢\u0006\u0004\b\u000f\u0010\u0010J#\u0010\u0014\u001a\u0004\u0018\u00010\u00042\u0006\u0010\u0012\u001a\u00020\u00112\b\u0010\u0013\u001a\u0004\u0018\u00010\u0004H\u0002¢\u0006\u0004\b\u0014\u0010\u0015J\u0019\u0010\u0017\u001a\u00020\u00162\b\u0010\b\u001a\u0004\u0018\u00010\u0007H\u0003¢\u0006\u0004\b\u0017\u0010\u0018J\u001c\u0010\u001a\u001a\u0004\u0018\u00010\u00042\b\u0010\u0019\u001a\u0004\u0018\u00010\u0004H\u0096\u0002¢\u0006\u0004\b\u001a\u0010\u001bJ\u001b\u0010\u001c\u001a\u0004\u0018\u00010\u00022\b\u0010\u0013\u001a\u0004\u0018\u00010\u0004H\u0002¢\u0006\u0004\b\u001c\u0010\u001dJ\u000f\u0010\u001f\u001a\u00020\u001eH\u0002¢\u0006\u0004\b\u001f\u0010 J\u0019\u0010\"\u001a\u0004\u0018\u00010\f2\u0006\u0010!\u001a\u00020\u001eH\u0002¢\u0006\u0004\b\"\u0010#J\u0019\u0010$\u001a\u00020\u00162\b\u0010\b\u001a\u0004\u0018\u00010\u0007H\u0017¢\u0006\u0004\b$\u0010\u0018J!\u0010%\u001a\u00020\u00162\u0006\u0010!\u001a\u00020\u001e2\b\u0010\r\u001a\u0004\u0018\u00010\fH\u0002¢\u0006\u0004\b%\u0010&J\u0019\u0010(\u001a\u00020'2\b\u0010\u0019\u001a\u0004\u0018\u00010\u0004H\u0016¢\u0006\u0004\b(\u0010)J#\u0010+\u001a\u00020'2\b\u0010\u0019\u001a\u0004\u0018\u00010\u00042\b\u0010*\u001a\u0004\u0018\u00010\u0004H\u0016¢\u0006\u0004\b+\u0010,R\u0016\u0010-\u001a\u00020\u00048\u0002@\u0002X\u0082D¢\u0006\u0006\n\u0004\b-\u0010.R\u0016\u0010/\u001a\u00020\u00048\u0002@\u0002X\u0082D¢\u0006\u0006\n\u0004\b/\u0010.R\u0016\u00101\u001a\u0002008\u0002@\u0002X\u0082D¢\u0006\u0006\n\u0004\b1\u00102R\u0016\u00103\u001a\u00020\u00048\u0002@\u0002X\u0082D¢\u0006\u0006\n\u0004\b3\u0010.R\u0016\u00104\u001a\u00020\u00048\u0002@\u0002X\u0082D¢\u0006\u0006\n\u0004\b4\u0010.R\u0016\u00105\u001a\u00020\u00048\u0002@\u0002X\u0082D¢\u0006\u0006\n\u0004\b5\u0010.R\u0018\u00106\u001a\u0004\u0018\u00010\u00048\u0002@\u0002X\u0082\u000e¢\u0006\u0006\n\u0004\b6\u0010.R\u0018\u00108\u001a\u0004\u0018\u0001078\u0002@\u0002X\u0082\u000e¢\u0006\u0006\n\u0004\b8\u00109¨\u0006="}, d2 = {"Lcom/mcafee/encryption/security/store/CSPSecureKeyStoreImpl;", "Lcom/mcafee/encryption/security/store/CSPSecureKeyStore;", "", "aDecrypted", "", "GetDataString", "([B)Ljava/lang/String;", "Landroid/content/Context;", "aContext", "Ljava/security/spec/AlgorithmParameterSpec;", "createKeyGeneratorSpec", "(Landroid/content/Context;)Ljava/security/spec/AlgorithmParameterSpec;", "Ljava/security/PrivateKey;", "aPrivateKey", "aEncryptedData", "decode", "(Ljava/security/PrivateKey;Ljava/lang/String;)Ljava/lang/String;", "Ljava/security/PublicKey;", "aPublicKey", "aData", "encode", "(Ljava/security/PublicKey;Ljava/lang/String;)Ljava/lang/String;", "", "generateKey", "(Landroid/content/Context;)Z", "aKey", CspServiceDiscoveryClient.OP_CODE_GET, "(Ljava/lang/String;)Ljava/lang/String;", "getDataBytes", "(Ljava/lang/String;)[B", "Ljava/security/KeyStore;", "getKeyStore", "()Ljava/security/KeyStore;", "aKeyStore", "getPrivateKey", "(Ljava/security/KeyStore;)Ljava/security/PrivateKey;", "initialize", "isAllKeyAvailable", "(Ljava/security/KeyStore;Ljava/security/PrivateKey;)Z", "", ProductAction.ACTION_REMOVE, "(Ljava/lang/String;)V", "aSecureData", "store", "(Ljava/lang/String;Ljava/lang/String;)V", "CHARSET_UTF8", "Ljava/lang/String;", "KEYSTORE_PROVIDER_ANDROID_KEYSTORE", "", "KEY_VALID_FOR_IN_YEARS", "I", "RSA_ECB_PKCS1_PADDING", "STORAGE_NAME", "TAG", "mKeyAlias", "Landroid/content/SharedPreferences;", "mPrefStorage", "Landroid/content/SharedPreferences;", "aKeyAlias", "<init>", "(Landroid/content/Context;Ljava/lang/String;)V", "encryption_release"}, k = 1, mv = {1, 1, 15}, pn = "", xi = 0, xs = "")
/* loaded from: classes5.dex */
public final class CSPSecureKeyStoreImpl implements CSPSecureKeyStore {

    /* renamed from: a, reason: collision with root package name */
    private final String f7216a;
    private final String b;
    private final String c;
    private final String d;
    private final int e;
    private final String f;
    private String g;
    private SharedPreferences h;

    public CSPSecureKeyStoreImpl(@NotNull Context aContext, @NotNull String aKeyAlias) {
        Intrinsics.checkParameterIsNotNull(aContext, "aContext");
        Intrinsics.checkParameterIsNotNull(aKeyAlias, "aKeyAlias");
        this.f7216a = "CSPSecureKeyStoreImpl";
        this.b = "csp_k_store_e";
        this.c = "UTF-8";
        this.d = "AndroidKeyStore";
        this.e = 10;
        this.f = "RSA/ECB/PKCS1Padding";
        this.h = aContext.getSharedPreferences("csp_k_store_e", 0);
        this.g = aKeyAlias;
    }

    private final String a(byte[] bArr) {
        try {
            Charset forName = Charset.forName(this.c);
            Intrinsics.checkExpressionValueIsNotNull(forName, "Charset.forName(CHARSET_UTF8)");
            return new String(bArr, forName);
        } catch (UnsupportedEncodingException e) {
            String message = e.getMessage();
            if (message != null) {
                Logging.INSTANCE.e(this.f7216a, message);
            }
            return new String(bArr, Charsets.UTF_8);
        }
    }

    @RequiresApi(24)
    private final AlgorithmParameterSpec b(Context context) {
        GregorianCalendar gregorianCalendar = new GregorianCalendar();
        GregorianCalendar gregorianCalendar2 = new GregorianCalendar();
        gregorianCalendar2.add(1, this.e);
        int i = Build.VERSION.SDK_INT;
        if (i < 18 || i >= 23) {
            if (Build.VERSION.SDK_INT < 23) {
                return null;
            }
            String str = this.g;
            if (str == null) {
                Intrinsics.throwNpe();
            }
            return new KeyGenParameterSpec.Builder(str, 2).setDigests("SHA-256", "SHA-512").setEncryptionPaddings("PKCS1Padding").build();
        }
        if (context == null) {
            return null;
        }
        KeyPairGeneratorSpec.Builder builder = new KeyPairGeneratorSpec.Builder(context);
        String str2 = this.g;
        if (str2 == null) {
            Intrinsics.throwNpe();
        }
        return builder.setAlias(str2).setSubject(new X500Principal("CN=" + this.g)).setSerialNumber(BigInteger.valueOf(1337L)).setStartDate(gregorianCalendar.getTime()).setEndDate(gregorianCalendar2.getTime()).build();
    }

    private final String c(PrivateKey privateKey, String str) {
        try {
            byte[] decode = Base64.decode(str, 0);
            Intrinsics.checkExpressionValueIsNotNull(decode, "Base64.decode(\n         …e64.DEFAULT\n            )");
            Cipher cipher = Cipher.getInstance(this.f);
            Intrinsics.checkExpressionValueIsNotNull(cipher, "Cipher.getInstance(RSA_ECB_PKCS1_PADDING)");
            cipher.init(2, privateKey);
            byte[] doFinal = cipher.doFinal(decode);
            Intrinsics.checkExpressionValueIsNotNull(doFinal, "cipher.doFinal(encryptedBuffer)");
            return a(doFinal);
        } catch (Exception e) {
            String message = e.getMessage();
            if (message == null) {
                return null;
            }
            Logging.INSTANCE.e(this.f7216a, message);
            return null;
        }
    }

    private final String d(PublicKey publicKey, String str) {
        try {
            Cipher cipher = Cipher.getInstance(this.f);
            Intrinsics.checkExpressionValueIsNotNull(cipher, "Cipher.getInstance(RSA_ECB_PKCS1_PADDING)");
            cipher.init(1, publicKey);
            byte[] doFinal = cipher.doFinal(f(str));
            Intrinsics.checkExpressionValueIsNotNull(doFinal, "cipher.doFinal(getDataBytes(aData))");
            return Base64.encodeToString(doFinal, 0);
        } catch (Exception e) {
            String message = e.getMessage();
            if (message == null) {
                return null;
            }
            Logging.INSTANCE.e(this.f7216a, message);
            return null;
        }
    }

    @RequiresApi(24)
    private final boolean e(Context context) {
        AlgorithmParameterSpec b = b(context);
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", this.d);
            Intrinsics.checkExpressionValueIsNotNull(keyPairGenerator, "KeyPairGenerator.getInst…ID_KEYSTORE\n            )");
            keyPairGenerator.initialize(b);
            keyPairGenerator.generateKeyPair();
            return true;
        } catch (InvalidAlgorithmParameterException e) {
            Logging.INSTANCE.e(this.f7216a, "Generate key error:" + e.getMessage());
            return false;
        } catch (NoSuchAlgorithmException e2) {
            Logging.INSTANCE.e(this.f7216a, "Generate key error:" + e2.getMessage());
            return false;
        } catch (NoSuchProviderException e3) {
            Logging.INSTANCE.e(this.f7216a, "Generate key error:" + e3.getMessage());
            return false;
        }
    }

    private final byte[] f(String str) {
        if (str == null) {
            return null;
        }
        try {
            Charset forName = Charset.forName(this.c);
            Intrinsics.checkExpressionValueIsNotNull(forName, "Charset.forName(charsetName)");
            byte[] bytes = str.getBytes(forName);
            Intrinsics.checkExpressionValueIsNotNull(bytes, "(this as java.lang.String).getBytes(charset)");
            return bytes;
        } catch (UnsupportedEncodingException e) {
            String message = e.getMessage();
            if (message != null) {
                Logging.INSTANCE.e(this.f7216a, message);
            }
            byte[] bytes2 = str.getBytes(Charsets.UTF_8);
            Intrinsics.checkExpressionValueIsNotNull(bytes2, "(this as java.lang.String).getBytes(charset)");
            return bytes2;
        }
    }

    private final KeyStore g() throws KeyStoreException, CertificateException, IOException, NoSuchAlgorithmException {
        KeyStore keyStore = KeyStore.getInstance(this.d);
        keyStore.load(null);
        Intrinsics.checkExpressionValueIsNotNull(keyStore, "keyStore");
        return keyStore;
    }

    private final PrivateKey h(KeyStore keyStore) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException {
        Key key = keyStore.getKey(this.g, null);
        if (key != null) {
            return (PrivateKey) key;
        }
        throw new TypeCastException("null cannot be cast to non-null type java.security.PrivateKey");
    }

    private final boolean i(KeyStore keyStore, PrivateKey privateKey) throws KeyStoreException {
        if (privateKey == null || keyStore.getCertificate(this.g) == null) {
            return false;
        }
        Certificate certificate = keyStore.getCertificate(this.g);
        Intrinsics.checkExpressionValueIsNotNull(certificate, "aKeyStore.getCertificate(mKeyAlias)");
        return certificate.getPublicKey() != null;
    }

    @Override // com.mcafee.encryption.security.store.CSPSecureKeyStore
    @Nullable
    public String get(@Nullable String aKey) {
        try {
            PrivateKey h = h(g());
            SharedPreferences sharedPreferences = this.h;
            if (sharedPreferences == null) {
                Intrinsics.throwNpe();
            }
            String string = sharedPreferences.getString(aKey, null);
            return !TextUtils.isEmpty(string) ? c(h, string) : string;
        } catch (Exception e) {
            String message = e.getMessage();
            if (message == null) {
                return null;
            }
            Logging.INSTANCE.e(this.f7216a, message);
            return null;
        }
    }

    @Override // com.mcafee.encryption.security.store.CSPSecureKeyStore
    @RequiresApi(24)
    public boolean initialize(@Nullable Context aContext) {
        try {
            KeyStore g = g();
            PrivateKey h = h(g);
            if (h == null || !i(g, h)) {
                return e(aContext);
            }
            Logging.INSTANCE.d(this.f7216a, "Keys are available");
            return true;
        } catch (Exception e) {
            String message = e.getMessage();
            if (message == null) {
                return false;
            }
            Logging.INSTANCE.e(this.f7216a, message);
            return false;
        }
    }

    @Override // com.mcafee.encryption.security.store.CSPSecureKeyStore
    public void remove(@Nullable String aKey) {
        SharedPreferences.Editor edit;
        SharedPreferences.Editor remove;
        SharedPreferences sharedPreferences = this.h;
        if (sharedPreferences == null || (edit = sharedPreferences.edit()) == null || (remove = edit.remove(aKey)) == null) {
            return;
        }
        remove.apply();
    }

    @Override // com.mcafee.encryption.security.store.CSPSecureKeyStore
    public void store(@Nullable String aKey, @Nullable String aSecureData) {
        try {
            KeyStore g = g();
            if (g.getCertificate(this.g) == null) {
                Logging.INSTANCE.e(this.f7216a, "No certificate found");
                return;
            }
            Certificate certificate = g.getCertificate(this.g);
            Intrinsics.checkExpressionValueIsNotNull(certificate, "ks.getCertificate(mKeyAlias)");
            PublicKey publicKey = certificate.getPublicKey();
            if (publicKey == null) {
                Logging.INSTANCE.e(this.f7216a, "No public key");
                return;
            }
            String d = d(publicKey, aSecureData);
            SharedPreferences sharedPreferences = this.h;
            if (sharedPreferences == null) {
                Intrinsics.throwNpe();
            }
            sharedPreferences.edit().putString(aKey, d).apply();
        } catch (Exception e) {
            String message = e.getMessage();
            if (message != null) {
                Logging.INSTANCE.e(this.f7216a, message);
            }
        }
    }
}
