package secureauth.android.token.e;

import android.annotation.TargetApi;
import android.content.Context;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.security.keystore.UserNotAuthenticatedException;
import b.b.a.a.c.h;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.UnrecoverableEntryException;
import java.security.spec.InvalidKeySpecException;
import java.util.Calendar;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes.dex */
public class e {

    /* renamed from: a, reason: collision with root package name */
    private Context f4777a;

    /* renamed from: b, reason: collision with root package name */
    private KeyStore f4778b;

    /* renamed from: c, reason: collision with root package name */
    private String f4779c;
    private c d;
    private boolean e;

    public e(Context context) {
        this.f4777a = context.getApplicationContext();
    }

    private Key a(long j) {
        b.b.a.a.c.f.a(this, "buildLegacyKey");
        String valueOf = String.valueOf(j);
        return new SecretKeySpec(SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1").generateSecret(new PBEKeySpec((b.b.a.a.c.c.a(this.f4777a) + valueOf).toCharArray(), h.a(valueOf), 1000, 256)).getEncoded(), "AES");
    }

    private Key a(KeyStore.PrivateKeyEntry privateKeyEntry, byte[] bArr) {
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
        cipher.init(4, privateKeyEntry.getPrivateKey());
        return cipher.unwrap(bArr, "AES", 3);
    }

    private byte[] a(KeyStore.PrivateKeyEntry privateKeyEntry, Key key) {
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
        cipher.init(3, privateKeyEntry.getCertificate().getPublicKey());
        return cipher.wrap(key);
    }

    private Key c() {
        b.b.a.a.c.f.a(this, "createKitKatKey");
        Calendar calendar = Calendar.getInstance();
        Calendar calendar2 = Calendar.getInstance();
        calendar2.add(1, 30);
        KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(this.f4777a).setAlias(this.f4779c).setKeySize(2048).setSubject(new X500Principal("CN=" + this.f4779c)).setSerialNumber(BigInteger.ONE).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).setEncryptionRequired().build();
        Key key = null;
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
            keyPairGenerator.initialize(build);
            keyPairGenerator.generateKeyPair();
            KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) this.f4778b.getEntry(this.f4779c, null);
            key = f();
            this.d.a(System.currentTimeMillis(), a(privateKeyEntry, key));
            return key;
        } catch (IllegalStateException e) {
            b.b.a.a.c.f.a(this, "IllegalStateException, needs authentication");
            throw new g(e);
        } catch (InvalidAlgorithmParameterException e2) {
            e = e2;
            b.b.a.a.c.f.a(this, "Failed to generate key", e);
            return key;
        } catch (InvalidKeyException e3) {
            if (Build.VERSION.SDK_INT >= 23 && (e3 instanceof UserNotAuthenticatedException)) {
                throw new g(e3);
            }
            b.b.a.a.c.f.a(this, "Invalid key", e3);
            throw e3;
        } catch (KeyStoreException e4) {
            e = e4;
            b.b.a.a.c.f.a(this, "Failed to generate key", e);
            return key;
        } catch (NoSuchAlgorithmException e5) {
            e = e5;
            b.b.a.a.c.f.a(this, "Failed to generate key", e);
            return key;
        } catch (NoSuchProviderException e6) {
            e = e6;
            b.b.a.a.c.f.a(this, "Failed to generate key", e);
            return key;
        } catch (UnrecoverableEntryException e7) {
            e = e7;
            b.b.a.a.c.f.a(this, "Failed to generate key", e);
            return key;
        } catch (IllegalBlockSizeException e8) {
            e = e8;
            b.b.a.a.c.f.a(this, "Failed to generate key", e);
            return key;
        } catch (NoSuchPaddingException e9) {
            e = e9;
            b.b.a.a.c.f.a(this, "Failed to generate key", e);
            return key;
        }
    }

    private Key d() {
        b.b.a.a.c.f.a(this, "createLegacyKey");
        long currentTimeMillis = System.currentTimeMillis();
        Key key = null;
        try {
            key = a(currentTimeMillis);
            this.d.a(currentTimeMillis, true);
            return key;
        } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
            b.b.a.a.c.f.a(this, "Failed to create the legacy key", e);
            return key;
        }
    }

    @TargetApi(23)
    private Key e() {
        SecretKey secretKey;
        Throwable e;
        b.b.a.a.c.f.a(this, "createMarshmallowKey");
        try {
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", "AndroidKeyStore");
            keyGenerator.init(new KeyGenParameterSpec.Builder(this.f4779c, 3).setBlockModes("GCM").setEncryptionPaddings("NoPadding").setUserAuthenticationRequired(true).setUserAuthenticationValidityDurationSeconds(2592000).build());
            secretKey = keyGenerator.generateKey();
        } catch (InvalidAlgorithmParameterException | NoSuchAlgorithmException | NoSuchProviderException e2) {
            secretKey = null;
            e = e2;
        }
        try {
            this.d.a(System.currentTimeMillis(), (byte[]) null);
        } catch (InvalidAlgorithmParameterException e3) {
            e = e3;
            b.b.a.a.c.f.a(this, "Failed to generate key", e);
            return secretKey;
        } catch (NoSuchAlgorithmException e4) {
            e = e4;
            b.b.a.a.c.f.a(this, "Failed to generate key", e);
            return secretKey;
        } catch (NoSuchProviderException e5) {
            e = e5;
            b.b.a.a.c.f.a(this, "Failed to generate key", e);
            return secretKey;
        }
        return secretKey;
    }

    private Key f() {
        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
        keyGenerator.init(256);
        return keyGenerator.generateKey();
    }

    private void g() {
        b.b.a.a.c.f.a(this, "removeKeyNoThrow");
        try {
            this.f4778b.deleteEntry(this.f4779c);
        } catch (Exception e) {
            b.b.a.a.c.f.a(this, "Failed to delete entry", e);
        }
    }

    private void h() {
        String str = this.f4779c;
        if (str == null || str.isEmpty()) {
            throw new IllegalArgumentException("Alias is null or empty");
        }
        if (this.f4778b == null) {
            b.b.a.a.c.f.a(this, "Using default KeyStore");
            this.f4778b = f.b().a();
        }
        if (this.d == null) {
            this.d = c.a(this.f4777a, this.f4779c);
        }
    }

    public Key a() {
        b.b.a.a.c.f.a(this, "create");
        h();
        if (this.e) {
            return d();
        }
        g();
        return Build.VERSION.SDK_INT >= 23 ? e() : c();
    }

    public e a(String str) {
        this.f4779c = str;
        return this;
    }

    public e a(boolean z) {
        this.e = z;
        return this;
    }

    /* JADX WARN: Multi-variable type inference failed */
    public Key b() {
        String str = "Failed to load key";
        b.b.a.a.c.f.a(this, "load");
        h();
        Key key = null;
        try {
            if (this.d.f()) {
                b.b.a.a.c.f.a(this, "load legacy key");
                key = a(this.d.d());
                str = str;
            } else {
                b.b.a.a.c.f.a(this, "getEntry");
                KeyStore.Entry entry = this.f4778b.getEntry(this.f4779c, null);
                if (entry == null) {
                    b.b.a.a.c.f.a(this, "entry not found");
                    str = str;
                } else if (entry instanceof KeyStore.PrivateKeyEntry) {
                    b.b.a.a.c.f.a(this, "entry instance of asymmetric key");
                    byte[] c2 = this.d.c();
                    str = str;
                    if (c2 != null) {
                        Key a2 = a((KeyStore.PrivateKeyEntry) entry, c2);
                        key = a2;
                        str = a2;
                    }
                } else {
                    b.b.a.a.c.f.a(this, "entry instance of symmetric key");
                    key = this.f4778b.getKey(this.f4779c, null);
                    str = str;
                }
            }
        } catch (InvalidKeyException e) {
            if (Build.VERSION.SDK_INT >= 23 && (e instanceof UserNotAuthenticatedException)) {
                throw new g(e);
            }
            b.b.a.a.c.f.a(this, str, e);
            throw e;
        } catch (KeyStoreException e2) {
            e = e2;
            b.b.a.a.c.f.a(this, str, e);
            return key;
        } catch (NoSuchAlgorithmException e3) {
            e = e3;
            b.b.a.a.c.f.a(this, str, e);
            return key;
        } catch (UnrecoverableEntryException e4) {
            e = e4;
            b.b.a.a.c.f.a(this, str, e);
            return key;
        } catch (InvalidKeySpecException e5) {
            e = e5;
            b.b.a.a.c.f.a(this, str, e);
            return key;
        } catch (NoSuchPaddingException e6) {
            e = e6;
            b.b.a.a.c.f.a(this, str, e);
            return key;
        }
        return key;
    }
}
