package com.tmobile.popsigning;

import android.annotation.TargetApi;
import android.content.Context;
import android.content.SharedPreferences;
import android.content.res.Configuration;
import android.content.res.Resources;
import android.security.KeyPairGeneratorSpec;
import android.util.Base64;
import java.io.IOException;
import java.math.BigInteger;
import java.nio.charset.Charset;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.UnrecoverableEntryException;
import java.security.cert.CertificateException;
import java.util.Date;
import java.util.Locale;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes3.dex */
public class SecureStorage {
    public Context a;
    public Cipher b;
    public String c;
    public Locale d;
    public byte[] e = "1234567812345678".getBytes(Charset.forName("ASCII"));

    public SecureStorage(String str, Context context) throws Exception {
        this.a = context;
        try {
            this.d = Locale.getDefault();
            a(Locale.ENGLISH);
            this.c = str;
            this.b = Cipher.getInstance(com.tmobile.tmoid.sdk.impl.inbound.dat.utils.SecureStorage.KEYSTORE_CIPHER);
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            if (!keyStore.containsAlias("com.tmobile.tmoid.sdk.impl.inbound.dat.utils.SecureStorage_KEY_ALIAS")) {
                a(this.a, "com.tmobile.tmoid.sdk.impl.inbound.dat.utils.SecureStorage_KEY_ALIAS");
            }
            if (b() == null) {
                d();
            }
            c();
            a(this.d);
        } catch (IOException | NullPointerException | InvalidAlgorithmParameterException | InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | UnrecoverableEntryException | CertificateException | IllegalBlockSizeException | NoSuchPaddingException e) {
            a(this.d);
            throw new Exception(e);
        }
    }

    public final Key a() throws NoSuchAlgorithmException {
        SecureRandom secureRandom = SecureRandom.getInstance(com.tmobile.tmoid.sdk.impl.inbound.dat.utils.SecureStorage.SECURE_RANDOM_ALGO);
        KeyGenerator keyGenerator = KeyGenerator.getInstance(com.tmobile.tmoid.sdk.impl.inbound.dat.utils.SecureStorage.ENCRYPTION_ALGO);
        keyGenerator.init(256, secureRandom);
        return keyGenerator.generateKey();
    }

    @TargetApi(18)
    public final void a(Context context, String str) throws NoSuchProviderException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, InvalidKeyException, CertificateException, UnrecoverableEntryException, KeyStoreException, IOException, IllegalBlockSizeException {
        KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(context).setAlias(str).setSerialNumber(BigInteger.ONE).setStartDate(new Date()).setEndDate(new Date(System.currentTimeMillis() + com.tmobile.tmoid.sdk.impl.inbound.dat.utils.SecureStorage.KEY_LIFETIME)).setSubject(new X500Principal("CN=" + str)).build();
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(com.tmobile.tmoid.sdk.impl.inbound.dat.utils.SecureStorage.KEYSTORE_ALGO, "AndroidKeyStore");
        keyPairGenerator.initialize(build);
        keyPairGenerator.generateKeyPair();
    }

    public final void a(String str, byte[] bArr) throws InvalidKeyException, NoSuchPaddingException, NoSuchAlgorithmException, CertificateException, UnrecoverableEntryException, KeyStoreException, IOException, BadPaddingException, IllegalBlockSizeException, InvalidAlgorithmParameterException {
        if ("com.tmobile.tmoid.sdk.impl.inbound.dat.utils.SecureStorage_ENCRYPTION_KEY".equals(str)) {
            throw new IllegalArgumentException("name invalid");
        }
        SecretKey b = b();
        SharedPreferences.Editor edit = this.a.getSharedPreferences(this.c, 0).edit();
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
        cipher.init(1, b, new IvParameterSpec(this.e));
        edit.putString(str, Base64.encodeToString(cipher.doFinal(bArr), 2));
        edit.apply();
    }

    public final void a(Locale locale) {
        Locale.setDefault(locale);
        Resources resources = this.a.getResources();
        Configuration configuration = resources.getConfiguration();
        configuration.locale = locale;
        resources.updateConfiguration(configuration, resources.getDisplayMetrics());
    }

    public final SecretKey b() throws CertificateException, UnrecoverableEntryException, NoSuchAlgorithmException, KeyStoreException, IOException, NullPointerException, InvalidKeyException {
        String string;
        KeyPair c = c();
        SharedPreferences sharedPreferences = this.a.getSharedPreferences(this.c, 0);
        String string2 = sharedPreferences.getString("com.tmobile.tmoid.sdk.impl.inbound.dat.utils.SecureStorage_ENCRYPTION_KEY", null);
        if (string2 == null || (string = sharedPreferences.getString("com.tmobile.tmoid.sdk.impl.inbound.dat.utils.SecureStorage_ENCRYPTION_IV", null)) == null) {
            return null;
        }
        this.e = Base64.decode(string, 2);
        try {
            this.b.init(4, c.getPrivate());
            return (SecretKey) this.b.unwrap(Base64.decode(string2, 2), com.tmobile.tmoid.sdk.impl.inbound.dat.utils.SecureStorage.ENCRYPTION_ALGO, 3);
        } catch (Exception unused) {
            return null;
        }
    }

    public final KeyPair c() throws CertificateException, NoSuchAlgorithmException, IOException, NullPointerException, KeyStoreException, UnrecoverableEntryException {
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null);
        if (!keyStore.containsAlias("com.tmobile.tmoid.sdk.impl.inbound.dat.utils.SecureStorage_KEY_ALIAS") || !keyStore.isKeyEntry("com.tmobile.tmoid.sdk.impl.inbound.dat.utils.SecureStorage_KEY_ALIAS")) {
            throw new KeyStoreException("Alias not found in keystore");
        }
        return new KeyPair(keyStore.getCertificate("com.tmobile.tmoid.sdk.impl.inbound.dat.utils.SecureStorage_KEY_ALIAS").getPublicKey(), (PrivateKey) keyStore.getKey("com.tmobile.tmoid.sdk.impl.inbound.dat.utils.SecureStorage_KEY_ALIAS", null));
    }

    public final void d() throws InvalidKeyException, CertificateException, UnrecoverableEntryException, NoSuchAlgorithmException, KeyStoreException, IOException, NullPointerException, IllegalBlockSizeException {
        Key a = a();
        this.b.init(3, c().getPublic());
        String encodeToString = Base64.encodeToString(this.b.wrap(a), 2);
        SharedPreferences.Editor edit = this.a.getSharedPreferences(this.c, 0).edit();
        edit.clear();
        edit.putString("com.tmobile.tmoid.sdk.impl.inbound.dat.utils.SecureStorage_ENCRYPTION_KEY", encodeToString);
        this.e = CryptoUtils.generateRandomBlob(16);
        edit.putString("com.tmobile.tmoid.sdk.impl.inbound.dat.utils.SecureStorage_ENCRYPTION_IV", Base64.encodeToString(this.e, 2));
        edit.apply();
    }

    public boolean hasValueForKey(String str) {
        return this.a.getSharedPreferences(this.c, 0).getString(str, null) != null;
    }

    public void re_init_AnyStoredInfoWillBeLost() throws Exception {
        try {
            d();
        } catch (IOException | NullPointerException | InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableEntryException | CertificateException | IllegalBlockSizeException e) {
            throw new Exception(e);
        }
    }

    public byte[] read(String str) throws Exception {
        try {
            if ("com.tmobile.tmoid.sdk.impl.inbound.dat.utils.SecureStorage_ENCRYPTION_KEY".equals(str)) {
                throw new IllegalArgumentException("name invalid");
            }
            SecretKey b = b();
            SharedPreferences sharedPreferences = this.a.getSharedPreferences(this.c, 0);
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
            cipher.init(2, b, new IvParameterSpec(this.e));
            String string = sharedPreferences.getString(str, null);
            if (string != null) {
                return cipher.doFinal(Base64.decode(string, 2));
            }
            return null;
        } catch (IOException | InvalidAlgorithmParameterException | InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableEntryException | CertificateException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e) {
            throw new Exception(e);
        }
    }

    public void write(String str, byte[] bArr) throws Exception {
        try {
            a(str, bArr);
        } catch (IOException | InvalidAlgorithmParameterException | InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableEntryException | CertificateException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e) {
            throw new Exception(e);
        }
    }
}
