package com.zentity.nedbank.roa.ws.model.auth.secure;

import android.annotation.TargetApi;
import android.content.Context;
import android.content.SharedPreferences;
import android.security.KeyPairGeneratorSpec;
import android.util.Base64;
import androidx.annotation.NonNull;
import eg.f;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.math.BigInteger;
import java.security.Key;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Calendar;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;

@TargetApi(18)
/* loaded from: classes3.dex */
final class a implements c {

    /* renamed from: d, reason: collision with root package name */
    public static final String f13690d = "RSA";

    /* renamed from: e, reason: collision with root package name */
    private static final String f13691e = "AndroidKeyStore";

    /* renamed from: f, reason: collision with root package name */
    private static final String f13692f = "key_alias";

    /* renamed from: g, reason: collision with root package name */
    private static final String f13693g = "encryptedPin";

    /* renamed from: h, reason: collision with root package name */
    private static final String f13694h = "sharedPrefName";

    /* renamed from: i, reason: collision with root package name */
    private static final String f13695i = "RSA/ECB/PKCS1Padding";

    /* renamed from: j, reason: collision with root package name */
    private static final String f13696j = "AES/GCM/NoPadding";

    /* renamed from: a, reason: collision with root package name */
    f f13697a = f.b(a.class);

    /* renamed from: b, reason: collision with root package name */
    private final SecureRandom f13698b = new SecureRandom();

    /* renamed from: c, reason: collision with root package name */
    private KeyStore f13699c;

    private String c(@NonNull Context context) throws d {
        try {
            byte[] bArr = new byte[16];
            this.f13698b.nextBytes(bArr);
            f fVar = this.f13697a;
            Arrays.toString(bArr);
            fVar.getClass();
            return Base64.encodeToString(h(bArr, context), 0);
        } catch (Exception e10) {
            this.f13697a.getClass();
            throw new d("Unable to generate AES key", e10);
        }
    }

    private KeyStore d(@NonNull Context context) throws d {
        if (this.f13699c == null) {
            f(context);
        }
        return this.f13699c;
    }

    private Key e(@NonNull Context context) throws Exception {
        String str;
        SharedPreferences sharedPreferences = context.getSharedPreferences(f13694h, 0);
        if (sharedPreferences.contains(f13693g)) {
            this.f13697a.getClass();
            str = sharedPreferences.getString(f13693g, null);
        } else {
            this.f13697a.getClass();
            String c10 = c(context);
            sharedPreferences.edit().putString(f13693g, c10).apply();
            str = c10;
        }
        this.f13697a.getClass();
        SecretKeySpec secretKeySpec = new SecretKeySpec(g(Base64.decode(str, 0), context), "AES");
        f fVar = this.f13697a;
        Arrays.toString(secretKeySpec.getEncoded());
        fVar.getClass();
        return secretKeySpec;
    }

    private void f(Context context) throws d {
        try {
            KeyStore keyStore = KeyStore.getInstance(f13691e);
            this.f13699c = keyStore;
            keyStore.load(null);
            if (this.f13699c.containsAlias(f13692f)) {
                return;
            }
            this.f13697a.getClass();
            Calendar calendar = Calendar.getInstance();
            Calendar calendar2 = Calendar.getInstance();
            calendar2.add(1, 30);
            KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(context).setAlias(f13692f).setSubject(new X500Principal("CN=key_alias")).setSerialNumber(BigInteger.TEN).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build();
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(f13690d, f13691e);
            keyPairGenerator.initialize(build);
            keyPairGenerator.generateKeyPair();
        } catch (Exception e10) {
            this.f13697a.getClass();
            throw new d("Unable to init keystore", e10);
        }
    }

    private byte[] g(@NonNull byte[] bArr, @NonNull Context context) throws Exception {
        KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) d(context).getEntry(f13692f, null);
        Cipher cipher = Cipher.getInstance(f13695i);
        cipher.init(2, privateKeyEntry.getPrivateKey());
        CipherInputStream cipherInputStream = new CipherInputStream(new ByteArrayInputStream(bArr), cipher);
        ArrayList arrayList = new ArrayList();
        while (true) {
            int read = cipherInputStream.read();
            if (read == -1) {
                break;
            }
            arrayList.add(Byte.valueOf((byte) read));
        }
        int size = arrayList.size();
        byte[] bArr2 = new byte[size];
        for (int i10 = 0; i10 < size; i10++) {
            bArr2[i10] = ((Byte) arrayList.get(i10)).byteValue();
        }
        return bArr2;
    }

    private byte[] h(byte[] bArr, Context context) throws Exception {
        KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) d(context).getEntry(f13692f, null);
        Cipher cipher = Cipher.getInstance(f13695i);
        cipher.init(1, privateKeyEntry.getCertificate().getPublicKey());
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, cipher);
        cipherOutputStream.write(bArr);
        cipherOutputStream.close();
        return byteArrayOutputStream.toByteArray();
    }

    @Override // com.zentity.nedbank.roa.ws.model.auth.secure.c
    public final byte[] a(@NonNull Context context, @NonNull byte[] bArr) throws d {
        if (bArr == null) {
            throw new IllegalArgumentException("Encrypted data cannot be null");
        }
        if (bArr.length == 0) {
            throw new IllegalArgumentException("Encrypted data cannot be empty");
        }
        try {
            Cipher cipher = Cipher.getInstance(f13696j);
            cipher.init(2, e(context));
            return cipher.doFinal(bArr);
        } catch (Exception e10) {
            this.f13697a.getClass();
            throw new d("Unable to decrypt", e10);
        }
    }

    @Override // com.zentity.nedbank.roa.ws.model.auth.secure.c
    public final byte[] b(@NonNull Context context, @NonNull byte[] bArr) throws d {
        try {
            Cipher cipher = Cipher.getInstance(f13696j);
            cipher.init(1, e(context));
            return cipher.doFinal(bArr);
        } catch (Exception e10) {
            this.f13697a.getClass();
            throw new d("Unable to encrypt", e10);
        }
    }
}
