package com.bosch.sh.ui.android.connect.persistence.encryption;

import android.annotation.SuppressLint;
import android.annotation.TargetApi;
import android.content.Context;
import android.security.KeyPairGeneratorSpec;
import android.util.Base64;
import com.bosch.sh.ui.android.BuildConfig;
import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.Key;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.util.Calendar;
import java.util.Locale;
import javax.security.auth.x500.X500Principal;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: classes.dex */
public class UserCredentialsEncryptionKeyStoreImpl extends UserCredentialsEncryptionBase implements UserCredentialsEncryption {
    public static final String ANDROID_KEY_STORE = "AndroidKeyStore";
    private static final int CERTIFICATE_TTL = 2;
    private static final String ENCRYPTION_ALGORITHM = "RSA/None/PKCS1PADDING";
    public static final String KEY_PAIR_ALGORITHM = "RSA";
    public static final String KEY_STORE_ALIAS = "keyPw";
    private static final Logger LOG = LoggerFactory.getLogger(UserCredentialsEncryptionKeyStoreImpl.class);
    private final Context context;

    /* JADX INFO: Access modifiers changed from: protected */
    /* loaded from: classes.dex */
    public static class KeyEntryNotFoundException extends Exception {
        KeyEntryNotFoundException() {
            super("No private key entry was found for key =keyPw");
        }

        KeyEntryNotFoundException(Throwable th) {
            super(th);
        }
    }

    public UserCredentialsEncryptionKeyStoreImpl(Context context) {
        this.context = context;
    }

    protected static KeyStore getAndroidKeyStore() throws GeneralSecurityException, IOException {
        KeyStore keyStore = KeyStore.getInstance(ANDROID_KEY_STORE);
        keyStore.load(null);
        return keyStore;
    }

    @Override // com.bosch.sh.ui.android.connect.persistence.encryption.UserCredentialsEncryption
    public synchronized String decrypt(String str) {
        try {
            getCipher().init(2, getPrivateKey());
        } catch (KeyEntryNotFoundException | IOException | GeneralSecurityException unused) {
            return null;
        }
        return new String(Base64.decode(getCipher().doFinal(Base64.decode(str, 0)), 0), "UTF-8");
    }

    @Override // com.bosch.sh.ui.android.connect.persistence.encryption.UserCredentialsEncryption
    public synchronized String encrypt(String str) {
        try {
            if (!isKeyCreated()) {
                init();
            }
            getCipher().init(1, getPublicKey());
        } catch (KeyEntryNotFoundException | IOException | GeneralSecurityException e) {
            throw new IllegalStateException(e);
        }
        return Base64.encodeToString(getCipher().doFinal(Base64.encode(str.getBytes("UTF-8"), 0)), 0);
    }

    @Override // com.bosch.sh.ui.android.connect.persistence.encryption.UserCredentialsEncryptionBase
    String getCipherAlgorithm() {
        return ENCRYPTION_ALGORITHM;
    }

    protected KeyStore.PrivateKeyEntry getKeyStoreEntry() throws KeyEntryNotFoundException {
        try {
            KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) getAndroidKeyStore().getEntry(KEY_STORE_ALIAS, null);
            if (privateKeyEntry == null) {
                throw new KeyEntryNotFoundException();
            }
            return privateKeyEntry;
        } catch (IOException | GeneralSecurityException e) {
            throw new KeyEntryNotFoundException(e);
        }
    }

    protected Key getPrivateKey() throws KeyEntryNotFoundException {
        return getKeyStoreEntry().getPrivateKey();
    }

    protected Key getPublicKey() throws KeyEntryNotFoundException {
        return getKeyStoreEntry().getCertificate().getPublicKey();
    }

    @SuppressLint({"TrulyRandom"})
    @TargetApi(18)
    protected void init() throws GeneralSecurityException, IOException {
        Calendar calendar = Calendar.getInstance();
        calendar.add(1, 2);
        KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(this.context).setAlias(KEY_STORE_ALIAS).setSubject(new X500Principal(String.format("CN=%s, OU=%s", BuildConfig.APPLICATION_ID, this.context.getPackageName()))).setSerialNumber(BigInteger.ONE).setStartDate(Calendar.getInstance().getTime()).setEndDate(calendar.getTime()).build();
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(KEY_PAIR_ALGORITHM, getAndroidKeyStore().getProvider());
        keyPairGenerator.initialize(build);
        Locale locale = Locale.getDefault();
        try {
            Locale.setDefault(new Locale("en", "US"));
            keyPairGenerator.generateKeyPair();
        } finally {
            Locale.setDefault(locale);
        }
    }

    @Override // com.bosch.sh.ui.android.connect.persistence.encryption.UserCredentialsEncryption
    public boolean isKeyCreated() {
        try {
            KeyStore androidKeyStore = getAndroidKeyStore();
            if (androidKeyStore.containsAlias(KEY_STORE_ALIAS)) {
                return androidKeyStore.isKeyEntry(KEY_STORE_ALIAS);
            }
            return false;
        } catch (IOException | GeneralSecurityException e) {
            throw new IllegalStateException(e);
        }
    }
}
