package com.samsung.android.scloud.keystore;

import android.security.keystore.KeyGenParameterSpec;
import android.security.keystore.KeyProtection;
import com.samsung.android.scloud.common.util.LOG;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.UnrecoverableEntryException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.util.Calendar;
import java.util.Date;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.GCMParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes2.dex */
public final class i {
    public static boolean a(String str) {
        try {
            return i().containsAlias(str);
        } catch (IOException | java.security.KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            androidx.room.util.a.s(e, new StringBuilder("Failed to contains, "), "KeyStoreManager");
            throw e;
        }
    }

    public static byte[] b(SecretKey secretKey, byte[] bArr, byte[] bArr2) {
        try {
            GCMParameterSpec gCMParameterSpec = new GCMParameterSpec(128, bArr);
            Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
            cipher.init(2, secretKey, gCMParameterSpec);
            return cipher.doFinal(bArr2);
        } catch (InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e) {
            LOG.e("CryptoManager", "Failed to decrypt, " + e.getMessage());
            throw e;
        }
    }

    public static byte[] c(SecretKey secretKey, byte[] bArr, byte[] bArr2) {
        try {
            GCMParameterSpec gCMParameterSpec = new GCMParameterSpec(128, bArr);
            Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
            cipher.init(1, secretKey, gCMParameterSpec);
            return cipher.doFinal(bArr2);
        } catch (InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | NoSuchPaddingException e) {
            LOG.e("CryptoManager", "Failed to encrypt, " + e.getMessage());
            throw e;
        }
    }

    public static void d(String str) {
        try {
            Calendar calendar = Calendar.getInstance();
            calendar.add(1, 3);
            KeyGenParameterSpec build = new KeyGenParameterSpec.Builder("com.samsung.android.scloud_DEVICE_KEY_PAIR", 15).setKeySize(2048).setKeyValidityStart(new Date()).setKeyValidityEnd(calendar.getTime()).setDigests("SHA-256").setCertificateSubject(new X500Principal("CN=" + str + ", O=Samsung Electronics, OU=CSP, C=KR")).setEncryptionPaddings("PKCS1Padding").setSignaturePaddings("PKCS1").build();
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
            keyPairGenerator.initialize(build);
            keyPairGenerator.generateKeyPair();
        } catch (InvalidAlgorithmParameterException | NoSuchAlgorithmException | NoSuchProviderException e) {
            LOG.e("KeyStoreManager", "Failed to generate key pair, " + e.getMessage());
            throw e;
        }
    }

    public static Certificate e(String str) {
        try {
            return i().getCertificate(str);
        } catch (IOException | java.security.KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            androidx.room.util.a.s(e, new StringBuilder("Failed to get certificate, "), "KeyStoreManager");
            throw e;
        }
    }

    public static PrivateKey f() {
        try {
            return ((KeyStore.PrivateKeyEntry) i().getEntry("com.samsung.android.scloud_DEVICE_KEY_PAIR", null)).getPrivateKey();
        } catch (IOException | java.security.KeyStoreException | NoSuchAlgorithmException | UnrecoverableEntryException | CertificateException e) {
            androidx.room.util.a.s(e, new StringBuilder("Failed to get private key, "), "KeyStoreManager");
            throw e;
        }
    }

    public static PublicKey g() {
        try {
            return i().getCertificate("com.samsung.android.scloud_DEVICE_KEY_PAIR").getPublicKey();
        } catch (IOException | java.security.KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            androidx.room.util.a.s(e, new StringBuilder("Failed to get public key, "), "KeyStoreManager");
            throw e;
        }
    }

    public static SecretKey h(String str) {
        try {
            KeyStore.SecretKeyEntry secretKeyEntry = (KeyStore.SecretKeyEntry) i().getEntry(str, null);
            if (secretKeyEntry == null) {
                return null;
            }
            return secretKeyEntry.getSecretKey();
        } catch (IOException | java.security.KeyStoreException | NoSuchAlgorithmException | UnrecoverableEntryException | CertificateException e) {
            androidx.room.util.a.s(e, new StringBuilder("Failed to get secret key, "), "KeyStoreManager");
            throw e;
        }
    }

    public static KeyStore i() {
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null, null);
        return keyStore;
    }

    public static void j(String str, Certificate certificate) {
        try {
            i().setCertificateEntry(str, certificate);
        } catch (IOException | java.security.KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            androidx.room.util.a.s(e, new StringBuilder("Failed to set certificate, "), "KeyStoreManager");
            throw e;
        }
    }

    public static void k(String str, SecretKeySpec secretKeySpec) {
        try {
            i().setEntry(str, new KeyStore.SecretKeyEntry(secretKeySpec), new KeyProtection.Builder(3).setBlockModes("GCM").setEncryptionPaddings("NoPadding").setRandomizedEncryptionRequired(false).build());
        } catch (IOException | java.security.KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            androidx.room.util.a.s(e, new StringBuilder("Failed to set secret key, "), "KeyStoreManager");
            throw e;
        }
    }
}
