package com.authy.onetouch.storage;

import android.content.Context;
import android.security.KeyPairGeneratorSpec;
import com.authy.onetouch.internal.models.crypto.AESCipher;
import com.authy.onetouch.models.crypto.AndroidKeyStore;
import com.authy.onetouch.storage.EncryptedKeysStorage;
import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.Key;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.util.Calendar;
import java.util.Date;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes4.dex */
public class MasterKeyStore {
    public static final String ALIAS_MASTER_KEY = "authy_master_key";
    public static final String KEY_MASTER_KEY = "keys.master_key";
    private AESCipher cipher;
    private Context context;
    private AndroidKeyStore keyStore;
    private EncryptedKeysStorage.Storage storage;

    public MasterKeyStore(Context context, EncryptedKeysStorage.Storage storage) {
        this(context, storage, new AndroidKeyStore());
    }

    public MasterKeyStore(Context context, EncryptedKeysStorage.Storage storage, AndroidKeyStore androidKeyStore) {
        this.storage = storage;
        this.context = context;
        this.cipher = new AESCipher();
        this.keyStore = androidKeyStore;
    }

    private void generateKeyPair() {
        Calendar calendar = Calendar.getInstance();
        Date time = calendar.getTime();
        calendar.add(1, 100);
        this.keyStore.generateKeyPair(new KeyPairGeneratorSpec.Builder(this.context).setAlias(ALIAS_MASTER_KEY).setStartDate(time).setEndDate(calendar.getTime()).setSerialNumber(BigInteger.valueOf(1L)).setSubject(new X500Principal("CN=AuthyMasterKey")).build());
    }

    public String decrypt(String str) throws IOException {
        Key key = getKey();
        if (key != null) {
            return this.cipher.decrypt(key, str);
        }
        throw new IOException("Loaded a null master key");
    }

    public String encrypt(String str) throws IOException {
        Key key = getKey();
        if (key != null) {
            return this.cipher.encrypt(key, str);
        }
        throw new IOException("Loaded a null master key");
    }

    public Key getKey() throws IOException {
        if (this.storage.contains(KEY_MASTER_KEY)) {
            return loadAndDecrypt();
        }
        Key generateKey = this.cipher.generateKey();
        saveAndEncrypt(generateKey);
        return generateKey;
    }

    PrivateKey getPrivateKey() {
        if (!this.keyStore.containsAlias(ALIAS_MASTER_KEY)) {
            generateKeyPair();
        }
        return this.keyStore.getPrivateKey(ALIAS_MASTER_KEY);
    }

    PublicKey getPublicKey() {
        if (!this.keyStore.containsAlias(ALIAS_MASTER_KEY)) {
            generateKeyPair();
        }
        return this.keyStore.getPublicKey(ALIAS_MASTER_KEY);
    }

    Key loadAndDecrypt() throws IOException {
        try {
            return this.cipher.generateKey(this.keyStore.decryptAsBytes(getPrivateKey(), this.storage.get(KEY_MASTER_KEY)));
        } catch (GeneralSecurityException e) {
            throw new IOException("Error loading/decrypting the key", e);
        }
    }

    void saveAndEncrypt(Key key) {
        this.storage.put(KEY_MASTER_KEY, this.keyStore.encrypt(getPublicKey(), key.getEncoded()));
    }
}
