package com.tmobile.tmoid.sdk.impl.inbound.dat;

import android.content.Context;
import com.tmobile.tmoid.sdk.impl.inbound.dat.utils.CryptoException;
import com.tmobile.tmoid.sdk.impl.inbound.dat.utils.CryptoUtils;
import com.tmobile.tmoid.sdk.impl.inbound.dat.utils.SecureStorage;
import com.tmobile.tmoid.sdk.impl.inbound.dat.utils.SecureStorageException;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import timber.log.Timber;

/* loaded from: classes3.dex */
public class RsaKeyPairHelper {
    public PrivateKey decodePrK(byte[] bArr) throws NoSuchAlgorithmException, InvalidKeySpecException {
        PrivateKey generatePrivate = KeyFactory.getInstance(SecureStorage.KEYSTORE_ALGO).generatePrivate(new PKCS8EncodedKeySpec(bArr));
        Timber.v("PRK.algo:" + generatePrivate.getAlgorithm(), new Object[0]);
        Timber.v("PRK.format:" + generatePrivate.getFormat(), new Object[0]);
        Timber.v("PRK.encoded HEX:" + CryptoUtils.bytesToHexString(generatePrivate.getEncoded()), new Object[0]);
        return generatePrivate;
    }

    public PublicKey decodePubK(byte[] bArr) throws NoSuchAlgorithmException, InvalidKeySpecException {
        PublicKey generatePublic = KeyFactory.getInstance(SecureStorage.KEYSTORE_ALGO).generatePublic(new X509EncodedKeySpec(bArr));
        Timber.v("PUBK.algo:" + generatePublic.getAlgorithm(), new Object[0]);
        Timber.v("PUBK.format:" + generatePublic.getFormat(), new Object[0]);
        Timber.v("PUBK.encoded HEX:" + CryptoUtils.bytesToHexString(generatePublic.getEncoded()), new Object[0]);
        return generatePublic;
    }

    public KeyPair generateNewDeviceKeys(Context context) throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, SecureStorageException {
        SecureStorage secureStorage = getSecureStorage(context);
        Timber.d("no keys found, generating RSA keys", new Object[0]);
        KeyPair genKeyPair = KeyPairGenerator.getInstance(SecureStorage.KEYSTORE_ALGO).genKeyPair();
        Timber.v("PubK:" + CryptoUtils.puKToPem(genKeyPair.getPublic()), new Object[0]);
        Timber.v("PrK:" + CryptoUtils.prKToPem(genKeyPair.getPrivate()), new Object[0]);
        Timber.v("saving keys to secure storage...", new Object[0]);
        secureStorage.write("PUBK", genKeyPair.getPublic().getEncoded());
        secureStorage.write("PRK", genKeyPair.getPrivate().getEncoded());
        return genKeyPair;
    }

    public PrivateKey getDevicePrivatekKey(Context context) throws CryptoException {
        try {
            SecureStorage secureStorage = getSecureStorage(context);
            return secureStorage.hasValueForKey("PRK") ? decodePrK(secureStorage.read("PRK")) : generateNewDeviceKeys(context).getPrivate();
        } catch (SecureStorageException | InvalidAlgorithmParameterException | NoSuchAlgorithmException | InvalidKeySpecException e) {
            Timber.d(e, "while generating RSA key", new Object[0]);
            throw new CryptoException(e);
        }
    }

    public PublicKey getDevicePublickKey(Context context) throws CryptoException {
        return getDevicePublickKey(false, context);
    }

    public PublicKey getDevicePublickKey(boolean z, Context context) throws CryptoException {
        try {
            RsaKeyPairHelper rsaKeyPairHelper = new RsaKeyPairHelper();
            SecureStorage secureStorage = rsaKeyPairHelper.getSecureStorage(context);
            return (z || !secureStorage.hasValueForKey("PUBK")) ? rsaKeyPairHelper.generateNewDeviceKeys(context).getPublic() : decodePubK(secureStorage.read("PUBK"));
        } catch (SecureStorageException | InvalidAlgorithmParameterException | NoSuchAlgorithmException | InvalidKeySpecException e) {
            Timber.e(e, "while generating RSA key", new Object[0]);
            throw new CryptoException(e);
        }
    }

    public SecureStorage getSecureStorage(Context context) throws SecureStorageException {
        return new SecureStorage("sdk_rsakeykpair", context);
    }
}
