package d.d.a.v.b.a;

import android.security.keystore.KeyGenParameterSpec;
import com.arenim.crypttalk.utils.exception.EncryptionException;
import com.arenim.crypttalk.utils.security.encryption.EncryptedData;
import com.arenim.crypttalk.utils.security.encryption.EncryptionService;
import com.arenim.crypttalk.utils.security.encryption.EncryptionUtils;
import com.arenim.crypttalk.utils.security.encryption.KeystoreRecoveryNotifier;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.UnrecoverableEntryException;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.MGF1ParameterSpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Arrays;
import java.util.Calendar;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.OAEPParameterSpec;
import javax.crypto.spec.PSource;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes.dex */
public class d extends a implements EncryptionService, KeystoreRecoveryNotifier {
    public d() throws EncryptionException {
        super("com.arenim.crypttalk.security.passcode.rsa.key");
        this.f3591c = this;
        this.f3594f = 30;
    }

    @Override // d.d.a.v.b.a.a
    public boolean b() throws EncryptionException {
        try {
            Calendar calendar = Calendar.getInstance();
            Calendar calendar2 = Calendar.getInstance();
            calendar2.add(1, 25);
            if (this.f3590b.containsAlias(this.f3589a)) {
                return false;
            }
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
            keyPairGenerator.initialize(new KeyGenParameterSpec.Builder(this.f3589a, 2).setCertificateSubject(new X500Principal("CN = CryptTalk Secured Preferences, O = Arenim Technologies AB.")).setCertificateSerialNumber(BigInteger.ONE).setKeyValidityEnd(calendar2.getTime()).setKeyValidityStart(calendar.getTime()).setBlockModes("ECB").setDigests("SHA-256").setEncryptionPaddings("OAEPPadding").setRandomizedEncryptionRequired(false).setUserAuthenticationRequired(true).setUserAuthenticationValidityDurationSeconds(this.f3594f).build());
            keyPairGenerator.generateKeyPair();
            return true;
        } catch (InvalidAlgorithmParameterException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException e2) {
            throw new EncryptionException(e2);
        }
    }

    @Override // d.d.a.v.b.a.a
    public void d() throws EncryptionException {
        try {
            if (this.f3590b.containsAlias(this.f3589a) && this.f3590b.entryInstanceOf(this.f3589a, KeyStore.PrivateKeyEntry.class)) {
                this.f3592d = ((KeyStore.PrivateKeyEntry) this.f3590b.getEntry(this.f3589a, null)).getPrivateKey();
            }
        } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableEntryException e2) {
            throw new EncryptionException(e2);
        }
    }

    @Override // d.d.a.v.b.a.a, com.arenim.crypttalk.utils.security.encryption.EncryptionService
    public byte[] decrypt(EncryptedData encryptedData) throws EncryptionException {
        if (encryptedData != null) {
            try {
                if (encryptedData.getData() != null) {
                    initCipher(2, null);
                    return this.f3593e.doFinal(encryptedData.getData());
                }
            } catch (BadPaddingException | IllegalBlockSizeException e2) {
                e2.printStackTrace();
                throw new EncryptionException(e2);
            }
        }
        return null;
    }

    @Override // com.arenim.crypttalk.utils.security.encryption.EncryptionService
    public EncryptedData encrypt(byte[] bArr) throws EncryptionException {
        if (bArr == null || bArr.length <= 0) {
            return null;
        }
        initCipher(1, null);
        try {
            byte[] doFinal = this.f3593e.doFinal(bArr);
            EncryptedData encryptedData = new EncryptedData();
            encryptedData.setData(doFinal);
            return encryptedData;
        } catch (BadPaddingException | IllegalBlockSizeException e2) {
            throw new EncryptionException(e2);
        }
    }

    @Override // d.d.a.v.b.a.a, com.arenim.crypttalk.utils.security.encryption.EncryptionService
    public Cipher initCipher(int i2, byte[] bArr) throws EncryptionException {
        try {
            if (this.f3592d == null) {
                b();
            }
            d();
            this.f3593e = Cipher.getInstance("RSA/ECB/OAEPWithSHA-256AndMGF1Padding");
            if (i2 == 1) {
                try {
                    this.f3593e.init(i2, KeyFactory.getInstance(this.f3592d.getAlgorithm()).generatePublic(new X509EncodedKeySpec(this.f3590b.getCertificate(this.f3589a).getPublicKey().getEncoded())), new OAEPParameterSpec("SHA-256", "MGF1", MGF1ParameterSpec.SHA1, PSource.PSpecified.DEFAULT));
                } catch (InvalidAlgorithmParameterException | KeyStoreException | InvalidKeySpecException e2) {
                    e2.printStackTrace();
                    throw new EncryptionException(e2);
                }
            } else {
                this.f3593e.init(i2, this.f3592d);
            }
            return this.f3593e;
        } catch (EncryptionException | InvalidKeyException | NoSuchAlgorithmException | NoSuchPaddingException e3) {
            e3.printStackTrace();
            throw new EncryptionException(e3);
        }
    }

    @Override // com.arenim.crypttalk.utils.security.encryption.KeystoreRecoveryNotifier
    public boolean onRecoveryRequired(Exception exc, KeyStore keyStore, String str) {
        if (!this.f3589a.equals(str)) {
            return false;
        }
        try {
            EncryptionUtils.clearKeyStore(keyStore, Arrays.asList(str));
            return true;
        } catch (KeyStoreException unused) {
            return false;
        }
    }

    @Override // com.arenim.crypttalk.utils.security.encryption.EncryptionService
    public void setValiditySeconds(int i2) throws KeyStoreException {
        if (i2 < 5) {
            i2 = 5;
        }
        super.a(i2);
        wipe();
        this.f3592d = null;
    }

    @Override // d.d.a.v.b.a.a, com.arenim.crypttalk.utils.security.encryption.EncryptionService
    public void wipe() throws KeyStoreException {
        super.wipe();
    }
}
