package ru.ivi.tools.secure.vault;

import android.content.Context;
import android.security.keystore.KeyGenParameterSpec;
import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.util.GregorianCalendar;
import java.util.concurrent.Callable;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.security.auth.x500.X500Principal;
import ru.ivi.statistics.ExtStatisticMethods$$ExternalSyntheticLambda1;
import ru.ivi.tools.NamedThreadFactory;
import ru.ivi.utils.ThreadUtils;

@Deprecated
/* loaded from: classes3.dex */
public class SecretKeyWrapper {
    private static final String ANDROID_KEYSTORE = "AndroidKeyStore";
    private static final String RSA_MODE = "RSA/ECB/PKCS1Padding";
    private static final ExecutorService SERIAL_EXECUTOR = Executors.newSingleThreadExecutor(new NamedThreadFactory("secret key wrapper serial executor"));
    private final Cipher mCipher = Cipher.getInstance(RSA_MODE);
    private final KeyPair mPair;

    public SecretKeyWrapper(Context context, String str) throws GeneralSecurityException, IOException {
        KeyStore keyStore = KeyStore.getInstance(ANDROID_KEYSTORE);
        keyStore.load(null);
        if (!keyStore.containsAlias(str)) {
            generateKeyPair(context, str);
        }
        KeyStore.PrivateKeyEntry entry = getEntry(str, keyStore);
        this.mPair = new KeyPair(entry.getCertificate().getPublicKey(), entry.getPrivateKey());
    }

    private static <T> T executeSerially(Callable<T> callable) {
        return (T) ThreadUtils.runBlocking(callable, SERIAL_EXECUTOR);
    }

    private static void generateKeyPair(Context context, final String str) {
        ThreadUtils.tryRunWithDeadline(new Runnable() { // from class: ru.ivi.tools.secure.vault.SecretKeyWrapper$$ExternalSyntheticLambda0
            @Override // java.lang.Runnable
            public final void run() {
                SecretKeyWrapper.lambda$generateKeyPair$0(str);
            }
        });
    }

    private static KeyStore.PrivateKeyEntry getEntry(final String str, final KeyStore keyStore) throws GeneralSecurityException {
        return (KeyStore.PrivateKeyEntry) executeSerially(new Callable() { // from class: ru.ivi.tools.secure.vault.SecretKeyWrapper$$ExternalSyntheticLambda2
            @Override // java.util.concurrent.Callable
            public final Object call() {
                KeyStore.PrivateKeyEntry lambda$getEntry$3;
                lambda$getEntry$3 = SecretKeyWrapper.lambda$getEntry$3(keyStore, str);
                return lambda$getEntry$3;
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static /* synthetic */ void lambda$generateKeyPair$0(String str) {
        GregorianCalendar gregorianCalendar = new GregorianCalendar();
        GregorianCalendar gregorianCalendar2 = new GregorianCalendar();
        gregorianCalendar2.add(1, 100);
        KeyGenParameterSpec build = new KeyGenParameterSpec.Builder(str, 3).setCertificateSubject(new X500Principal(ExtStatisticMethods$$ExternalSyntheticLambda1.m("CN=", str))).setCertificateSerialNumber(BigInteger.ONE).setCertificateNotBefore(gregorianCalendar.getTime()).setCertificateNotAfter(gregorianCalendar2.getTime()).setEncryptionPaddings("PKCS1Padding").setRandomizedEncryptionRequired(false).build();
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", ANDROID_KEYSTORE);
            keyPairGenerator.initialize(build);
            keyPairGenerator.generateKeyPair();
        } catch (Throwable th) {
            th.printStackTrace();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static /* synthetic */ KeyStore.PrivateKeyEntry lambda$getEntry$3(KeyStore keyStore, String str) throws Exception {
        return (KeyStore.PrivateKeyEntry) keyStore.getEntry(str, null);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public /* synthetic */ SecretKey lambda$unwrap$2(byte[] bArr) throws Exception {
        this.mCipher.init(4, this.mPair.getPrivate());
        return (SecretKey) this.mCipher.unwrap(bArr, "AES", 3);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public /* synthetic */ byte[] lambda$wrap$1(Key key) throws Exception {
        this.mCipher.init(3, this.mPair.getPublic());
        return this.mCipher.wrap(key);
    }

    public SecretKey unwrap(final byte[] bArr) throws GeneralSecurityException {
        return (SecretKey) executeSerially(new Callable() { // from class: ru.ivi.tools.secure.vault.SecretKeyWrapper$$ExternalSyntheticLambda1
            @Override // java.util.concurrent.Callable
            public final Object call() {
                SecretKey lambda$unwrap$2;
                lambda$unwrap$2 = SecretKeyWrapper.this.lambda$unwrap$2(bArr);
                return lambda$unwrap$2;
            }
        });
    }

    public byte[] wrap(final Key key) throws GeneralSecurityException {
        return (byte[]) executeSerially(new Callable() { // from class: ru.ivi.tools.secure.vault.SecretKeyWrapper$$ExternalSyntheticLambda3
            @Override // java.util.concurrent.Callable
            public final Object call() {
                byte[] lambda$wrap$1;
                lambda$wrap$1 = SecretKeyWrapper.this.lambda$wrap$1(key);
                return lambda$wrap$1;
            }
        });
    }
}
