package com.freeagent.internal.libmigration.session;

import android.content.Context;
import android.content.SharedPreferences;
import android.security.KeyPairGeneratorSpec;
import android.util.Base64;
import com.freeagent.internal.libsecurity.KeyStoreWrapper;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.UnrecoverableEntryException;
import java.security.cert.CertificateException;
import java.util.Calendar;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes2.dex */
public class LegacyKeyStore {
    protected Context context;
    private int BASE_64_MODE = 2;
    private String RSA_ALGORITHM = "RSA/ECB/PKCS1Padding";
    private String ANDROID_KEY_STORE = KeyStoreWrapper.ANDROID_KEY_STORE_NAME;
    private String KEY_ALIAS = "com.freeagent.keys.wrap";
    private String PREFERENCES_NAME = "com.freeagent.prefs";

    public LegacyKeyStore(Context context) {
        this.context = context;
    }

    private void generateWrapperKey() throws NoSuchProviderException, NoSuchAlgorithmException, InvalidAlgorithmParameterException {
        Calendar calendar = Calendar.getInstance();
        Calendar calendar2 = Calendar.getInstance();
        calendar2.add(1, 30);
        KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(this.context).setAlias(this.KEY_ALIAS).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).setSubject(new X500Principal("CN=" + this.KEY_ALIAS)).setSerialNumber(BigInteger.TEN).build();
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", this.ANDROID_KEY_STORE);
        keyPairGenerator.initialize(build);
        keyPairGenerator.generateKeyPair();
    }

    private Cipher getCipherInstance() throws NoSuchPaddingException, NoSuchAlgorithmException {
        return Cipher.getInstance(this.RSA_ALGORITHM);
    }

    private KeyStore getKeyStoreInstance() throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException {
        KeyStore keyStore = KeyStore.getInstance(this.ANDROID_KEY_STORE);
        keyStore.load(null);
        return keyStore;
    }

    private KeyStore.PrivateKeyEntry getWrapperEntry() throws CertificateException, NoSuchAlgorithmException, KeyStoreException, IOException, NoSuchProviderException, InvalidAlgorithmParameterException, UnrecoverableEntryException {
        KeyStore keyStoreInstance = getKeyStoreInstance();
        if (!keyStoreInstance.containsAlias(this.KEY_ALIAS)) {
            generateWrapperKey();
        }
        return (KeyStore.PrivateKeyEntry) keyStoreInstance.getEntry(this.KEY_ALIAS, null);
    }

    public SecretKey generateKey() throws NoSuchAlgorithmException, IOException, CertificateException, InvalidKeyException, UnrecoverableEntryException, InvalidAlgorithmParameterException, NoSuchPaddingException, NoSuchProviderException, BadPaddingException, KeyStoreException, IllegalBlockSizeException {
        SecretKey generateKey = KeyGenerator.getInstance("AES").generateKey();
        storeKey(generateKey);
        return generateKey;
    }

    public SecretKey getKey() throws CertificateException, NoSuchAlgorithmException, KeyStoreException, UnrecoverableEntryException, NoSuchProviderException, InvalidAlgorithmParameterException, IOException, NoSuchPaddingException, InvalidKeyException {
        PrivateKey privateKey = getWrapperEntry().getPrivateKey();
        Cipher cipherInstance = getCipherInstance();
        cipherInstance.init(4, privateKey);
        String string = this.context.getSharedPreferences(this.PREFERENCES_NAME, 0).getString("cryptoKey", null);
        if (string == null) {
            return null;
        }
        return (SecretKey) cipherInstance.unwrap(Base64.decode(string, this.BASE_64_MODE), this.RSA_ALGORITHM, 3);
    }

    public void storeKey(SecretKey secretKey) throws CertificateException, NoSuchAlgorithmException, KeyStoreException, UnrecoverableEntryException, NoSuchProviderException, InvalidAlgorithmParameterException, IOException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException {
        PublicKey publicKey = getWrapperEntry().getCertificate().getPublicKey();
        Cipher cipherInstance = getCipherInstance();
        cipherInstance.init(3, publicKey);
        String encodeToString = Base64.encodeToString(cipherInstance.wrap(secretKey), this.BASE_64_MODE);
        SharedPreferences.Editor edit = this.context.getSharedPreferences(this.PREFERENCES_NAME, 0).edit();
        edit.putString("cryptoKey", encodeToString);
        edit.commit();
    }
}
