package com.surfeasy.sdk.secretkeeper;

import android.content.Context;
import com.surfeasy.sdk.SurfEasyLog;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import javax.crypto.Cipher;
import javax.crypto.NoSuchPaddingException;

/* loaded from: classes2.dex */
public class RsaCipher extends KeystoreCipher {
    private static final int IV_SIZE = 0;
    private final String keyAlias;

    RsaCipher(Context context, String str) throws Exception {
        this.keyAlias = str;
        new RsaKeyGenerator(str).createKeysIfNeeded(context);
    }

    private PrivateKey getPrivateKey() throws KeyStoreException, UnrecoverableKeyException, NoSuchAlgorithmException, CertificateException, IOException, SecretKeeperException {
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null);
        Key key = keyStore.getKey(this.keyAlias, null);
        if (key == null) {
            throw new SecretKeeperException("No key found under alias " + this.keyAlias);
        }
        if (key instanceof PrivateKey) {
            return (PrivateKey) key;
        }
        throw new SecretKeeperException("Not an instance of a PrivateKey");
    }

    private PublicKey getPublicKey() throws GeneralSecurityException, IOException, SecretKeeperException {
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null);
        Certificate certificate = keyStore.getCertificate(this.keyAlias);
        if (certificate == null) {
            throw new SecretKeeperException("No certificate found under alias " + this.keyAlias);
        }
        PublicKey publicKey = certificate.getPublicKey();
        if (publicKey != null) {
            return publicKey;
        }
        throw new SecretKeeperException("No key found under alias " + this.keyAlias);
    }

    private Cipher getRsaCipher() throws NoSuchPaddingException, NoSuchAlgorithmException {
        return Cipher.getInstance("RSA/ECB/PKCS1Padding");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // com.surfeasy.sdk.secretkeeper.KeystoreCipher
    public void clear() {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            keyStore.deleteEntry(this.keyAlias);
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException unused) {
            SurfEasyLog.SeLogger.e("Unable to delete entry %s from KeyStore", this.keyAlias);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // com.surfeasy.sdk.secretkeeper.KeystoreCipher
    public int getRequiredIvSize() {
        return 0;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // com.surfeasy.sdk.secretkeeper.KeystoreCipher
    public Key unwrap(byte[] bArr, byte[] bArr2, String str) throws GeneralSecurityException, IOException, SecretKeeperException {
        PrivateKey privateKey = getPrivateKey();
        Cipher rsaCipher = getRsaCipher();
        rsaCipher.init(4, privateKey);
        return rsaCipher.unwrap(bArr, str, 3);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Override // com.surfeasy.sdk.secretkeeper.KeystoreCipher
    public byte[] wrap(Key key, byte[] bArr) throws GeneralSecurityException, IOException, SecretKeeperException {
        PublicKey publicKey = getPublicKey();
        Cipher rsaCipher = getRsaCipher();
        rsaCipher.init(3, publicKey);
        return rsaCipher.wrap(key);
    }
}
