package org.jboss.aerogear.android.impl.security;

import android.content.Context;
import android.util.Log;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.InputStream;
import java.security.InvalidKeyException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.UnrecoverableEntryException;
import java.security.cert.CertificateException;
import javax.crypto.KeyAgreement;
import javax.crypto.spec.SecretKeySpec;
import org.jboss.aerogear.AeroGearCrypto;
import org.jboss.aerogear.android.security.CryptoConfig;
import org.jboss.aerogear.android.security.EncryptionService;
import org.jboss.aerogear.android.security.EncryptionServiceType;
import org.jboss.aerogear.crypto.CryptoBox;
import org.jboss.aerogear.crypto.keys.KeyPair;

/* loaded from: classes.dex */
public class PasswordEncryptionServices extends AbstractEncryptionService implements EncryptionService {
    private static final String TAG = PasswordEncryptionServices.class.getSimpleName();
    private final CryptoBox crypto;

    /* loaded from: classes.dex */
    public static class PasswordProtectedKeystoreCryptoConfig implements CryptoConfig {
        private String alias;
        private String keyStoreFile = "default.keystore";
        private String password;

        public String getAlias() {
            return this.alias;
        }

        public String getKeyStoreFile() {
            return this.keyStoreFile;
        }

        public String getPassword() {
            return this.password;
        }

        @Override // org.jboss.aerogear.android.security.CryptoConfig
        public EncryptionServiceType getType() {
            return EncryptionServiceTypes.PASSWORD_KEYSTORE;
        }

        public void setAlias(String str) {
            this.alias = str;
        }

        public void setKeyStoreFile(String str) {
            this.keyStoreFile = str;
        }

        public void setPassword(String str) {
            this.password = str;
        }
    }

    public PasswordEncryptionServices(PasswordProtectedKeystoreCryptoConfig passwordProtectedKeystoreCryptoConfig, Context context) {
        super(context);
        this.crypto = getCrypto(context, passwordProtectedKeystoreCryptoConfig);
    }

    private CryptoBox createKey(KeyStore keyStore, PasswordProtectedKeystoreCryptoConfig passwordProtectedKeystoreCryptoConfig, Context context) {
        KeyPair keyPair = new KeyPair();
        PrivateKey privateKey = keyPair.getPrivateKey();
        PublicKey publicKey = keyPair.getPublicKey();
        char[] charArray = passwordProtectedKeystoreCryptoConfig.password.toCharArray();
        String alias = passwordProtectedKeystoreCryptoConfig.getAlias();
        String keyStoreFile = passwordProtectedKeystoreCryptoConfig.getKeyStoreFile();
        KeyStore.PasswordProtection passwordProtection = new KeyStore.PasswordProtection(charArray);
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("SHA-256", AeroGearCrypto.PROVIDER);
            KeyAgreement keyAgreement = KeyAgreement.getInstance("ECDH", AeroGearCrypto.PROVIDER);
            keyAgreement.init(privateKey);
            keyAgreement.doPhase(publicKey, true);
            byte[] digest = messageDigest.digest(keyAgreement.generateSecret());
            keyStore.setEntry(alias, new KeyStore.SecretKeyEntry(new SecretKeySpec(digest, "ECDH")), passwordProtection);
            keyStore.store(context.openFileOutput(keyStoreFile, 0), charArray);
            return new CryptoBox(digest);
        } catch (IOException e) {
            Log.e(TAG, e.getMessage(), e);
            throw new RuntimeException(e);
        } catch (InvalidKeyException e2) {
            Log.e(TAG, e2.getMessage(), e2);
            throw new RuntimeException(e2);
        } catch (KeyStoreException e3) {
            Log.e(TAG, e3.getMessage(), e3);
            throw new RuntimeException(e3);
        } catch (NoSuchAlgorithmException e4) {
            Log.e(TAG, e4.getMessage(), e4);
            throw new RuntimeException(e4);
        } catch (NoSuchProviderException e5) {
            Log.e(TAG, e5.getMessage(), e5);
            throw new RuntimeException(e5);
        } catch (CertificateException e6) {
            Log.e(TAG, e6.getMessage(), e6);
            throw new RuntimeException(e6);
        }
    }

    private CryptoBox getCrypto(Context context, PasswordProtectedKeystoreCryptoConfig passwordProtectedKeystoreCryptoConfig) {
        validate(passwordProtectedKeystoreCryptoConfig);
        String alias = passwordProtectedKeystoreCryptoConfig.getAlias();
        if (alias == null) {
            throw new IllegalArgumentException("Alias in CryptoConfig may not be null");
        }
        char[] charArray = passwordProtectedKeystoreCryptoConfig.password.toCharArray();
        KeyStore.PasswordProtection passwordProtection = new KeyStore.PasswordProtection(charArray);
        try {
            KeyStore keyStore = KeyStore.getInstance("BKS");
            keyStore.load(getKeystoreStream(context, passwordProtectedKeystoreCryptoConfig.getKeyStoreFile()), charArray);
            return keyStore.containsAlias(alias) ? new CryptoBox(((KeyStore.SecretKeyEntry) keyStore.getEntry(alias, passwordProtection)).getSecretKey().getEncoded()) : createKey(keyStore, passwordProtectedKeystoreCryptoConfig, context);
        } catch (IOException e) {
            Log.e(TAG, e.getMessage(), e);
            throw new RuntimeException(e);
        } catch (KeyStoreException e2) {
            Log.e(TAG, e2.getMessage(), e2);
            throw new RuntimeException(e2);
        } catch (NoSuchAlgorithmException e3) {
            Log.e(TAG, e3.getMessage(), e3);
            throw new RuntimeException(e3);
        } catch (UnrecoverableEntryException e4) {
            Log.e(TAG, e4.getMessage(), e4);
            throw new RuntimeException(e4);
        } catch (CertificateException e5) {
            Log.e(TAG, e5.getMessage(), e5);
            throw new RuntimeException(e5);
        }
    }

    private InputStream getKeystoreStream(Context context, String str) {
        File file = new File(context.getFilesDir(), str);
        if (!file.exists()) {
            return null;
        }
        try {
            return new FileInputStream(file);
        } catch (FileNotFoundException e) {
            Log.e(TAG, e.getMessage());
            throw new RuntimeException(e);
        }
    }

    private void validate(PasswordProtectedKeystoreCryptoConfig passwordProtectedKeystoreCryptoConfig) {
        if (passwordProtectedKeystoreCryptoConfig.alias == null) {
            throw new IllegalArgumentException("The alias must not be null");
        }
        if (passwordProtectedKeystoreCryptoConfig.password == null) {
            throw new IllegalArgumentException("The password must not be null");
        }
        if (passwordProtectedKeystoreCryptoConfig.keyStoreFile == null) {
            throw new IllegalArgumentException("The keystoreFile must not be null");
        }
    }

    @Override // org.jboss.aerogear.android.impl.security.AbstractEncryptionService
    protected CryptoBox getCryptoInstance() {
        return this.crypto;
    }
}
