package yw;

import android.content.Context;
import android.content.SharedPreferences;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import com.sdkit.core.logging.domain.LogCategory;
import com.sdkit.core.logging.domain.LogWriterLevel;
import com.sdkit.core.logging.domain.LoggerFactory;
import java.math.BigInteger;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.util.Calendar;
import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;
import kotlin.collections.o;
import kotlin.jvm.internal.Intrinsics;
import org.jetbrains.annotations.NotNull;

/* loaded from: classes2.dex */
public final class b implements f {

    /* renamed from: a, reason: collision with root package name */
    @NotNull
    public final SharedPreferences f86564a;

    /* renamed from: b, reason: collision with root package name */
    @NotNull
    public final sm.d f86565b;

    public b(@NotNull Context context, @NotNull SharedPreferences preferences, @NotNull LoggerFactory loggerFactory) {
        Intrinsics.checkNotNullParameter(context, "context");
        Intrinsics.checkNotNullParameter(preferences, "preferences");
        Intrinsics.checkNotNullParameter(loggerFactory, "loggerFactory");
        this.f86564a = preferences;
        this.f86565b = loggerFactory.get("AesKeyProvider");
    }

    @Override // yw.f
    @NotNull
    public final SecretKeySpec a() {
        SharedPreferences sharedPreferences;
        String str;
        String str2;
        String str3;
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null);
        SharedPreferences sharedPreferences2 = this.f86564a;
        String string = sharedPreferences2.getString("storage_encryption_aes_key", null);
        if (string != null) {
            byte[] input = Base64.decode(string, 0);
            KeyStore.Entry entry = keyStore.getEntry("AssistantSDKStorageRSAKey", null);
            if (entry != null && (entry instanceof KeyStore.PrivateKeyEntry)) {
                Intrinsics.checkNotNullExpressionValue(input, "encryptedAesKey");
                PrivateKey privateKey = ((KeyStore.PrivateKeyEntry) entry).getPrivateKey();
                Intrinsics.checkNotNullExpressionValue(privateKey, "entry.privateKey");
                Intrinsics.checkNotNullParameter(input, "input");
                Intrinsics.checkNotNullParameter(privateKey, "privateKey");
                Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
                cipher.init(2, privateKey);
                byte[] doFinal = cipher.doFinal(input);
                Intrinsics.checkNotNullExpressionValue(doFinal, "cipher.doFinal(input)");
                return new SecretKeySpec(o.h(doFinal, 0, 32), "AES");
            }
            LogCategory logCategory = LogCategory.COMMON;
            sm.d dVar = this.f86565b;
            dVar.f72400b.i("There is no RSA key to decrypt AES key.", null);
            LogWriterLevel logWriterLevel = LogWriterLevel.E;
            int asAndroidLogLevel = logWriterLevel.asAndroidLogLevel();
            sm.e eVar = dVar.f72400b;
            str2 = "AES";
            str = "storage_encryption_aes_key";
            boolean z12 = eVar.f72405a.a(asAndroidLogLevel) == LoggerFactory.LogMode.LOG_ALWAYS;
            boolean a12 = eVar.a(logWriterLevel);
            if (z12 || a12) {
                sharedPreferences = sharedPreferences2;
                sm.g gVar = eVar.f72413i;
                String str4 = dVar.f72399a;
                str3 = "cipher.doFinal(input)";
                String a13 = gVar.a(asAndroidLogLevel, str4, "There is no RSA key to decrypt AES key.", false);
                if (z12) {
                    eVar.f72409e.e(eVar.g(str4), a13, null);
                    eVar.f(logCategory, str4, a13);
                }
                if (a12) {
                    eVar.f72411g.a(str4, a13, logWriterLevel);
                }
            } else {
                sharedPreferences = sharedPreferences2;
                str3 = "cipher.doFinal(input)";
            }
            if (entry != null) {
                keyStore.deleteEntry("AssistantSDKStorageRSAKey");
            }
        } else {
            sharedPreferences = sharedPreferences2;
            str = "storage_encryption_aes_key";
            str2 = "AES";
            str3 = "cipher.doFinal(input)";
        }
        Calendar calendar = Calendar.getInstance();
        Calendar calendar2 = Calendar.getInstance();
        calendar2.add(1, 32);
        BigInteger bigInteger = BigInteger.ONE;
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
        Intrinsics.checkNotNullExpressionValue(keyPairGenerator, "getInstance(\n           …ROID_KEY_STORE,\n        )");
        KeyGenParameterSpec build = new KeyGenParameterSpec.Builder("AssistantSDKStorageRSAKey", 3).setKeySize(512).setCertificateSerialNumber(bigInteger).setCertificateSubject(new X500Principal("CN=AssistantSDKStorageRSAKey")).setDigests("SHA-256").setEncryptionPaddings("PKCS1Padding").setCertificateNotBefore(calendar.getTime()).setCertificateNotAfter(calendar2.getTime()).build();
        Intrinsics.checkNotNullExpressionValue(build, "Builder(\n            RSA…ime)\n            .build()");
        keyPairGenerator.initialize(build);
        KeyPair genKeyPair = keyPairGenerator.genKeyPair();
        Intrinsics.checkNotNullExpressionValue(genKeyPair, "keyPairGenerator.genKeyPair()");
        byte[] input2 = new byte[32];
        new SecureRandom().nextBytes(input2);
        PublicKey publicKey = genKeyPair.getPublic();
        Intrinsics.checkNotNullExpressionValue(publicKey, "newPair.public");
        Intrinsics.checkNotNullParameter(input2, "input");
        Intrinsics.checkNotNullParameter(publicKey, "publicKey");
        Cipher cipher2 = Cipher.getInstance("RSA/ECB/PKCS1Padding");
        cipher2.init(1, publicKey);
        byte[] doFinal2 = cipher2.doFinal(input2);
        Intrinsics.checkNotNullExpressionValue(doFinal2, str3);
        sharedPreferences.edit().putString(str, Base64.encodeToString(doFinal2, 0)).apply();
        return new SecretKeySpec(input2, str2);
    }
}
