package com.oblador.keychain.a;

import android.annotation.SuppressLint;
import android.os.Build;
import android.security.keystore.KeyGenParameterSpec;
import android.security.keystore.KeyInfo;
import android.security.keystore.UserNotAuthenticatedException;
import android.util.Log;
import com.oblador.keychain.SecurityLevel;
import com.oblador.keychain.a.e;
import com.oblador.keychain.exceptions.CryptoFailedException;
import com.oblador.keychain.exceptions.KeyStoreAccessException;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.X509EncodedKeySpec;
import java.util.concurrent.atomic.AtomicInteger;
import javax.crypto.NoSuchPaddingException;

/* compiled from: CipherStorageKeystoreRsaEcb.java */
/* loaded from: classes.dex */
public class i extends f {

    /* compiled from: CipherStorageKeystoreRsaEcb.java */
    /* loaded from: classes.dex */
    public static class a implements e.d {

        /* renamed from: a, reason: collision with root package name */
        private e.c f7744a;

        /* renamed from: b, reason: collision with root package name */
        private Throwable f7745b;

        @Override // com.oblador.keychain.a.e.f
        public Throwable a() {
            return this.f7745b;
        }

        @Override // com.oblador.keychain.a.e.d
        public void a(e.b bVar) {
            a(null, new CryptoFailedException("Non interactive decryption mode."));
        }

        @Override // com.oblador.keychain.a.e.d
        public void a(e.c cVar, Throwable th) {
            this.f7744a = cVar;
            this.f7745b = th;
        }

        @Override // com.oblador.keychain.a.e.f
        public e.c getResult() {
            return this.f7744a;
        }
    }

    private e.C0170e b(String str, String str2, String str3, SecurityLevel securityLevel) throws GeneralSecurityException, IOException {
        KeyStore j = j();
        if (!j.containsAlias(str)) {
            a(str, securityLevel);
        }
        PublicKey generatePublic = KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(j.getCertificate(str).getPublicKey().getEncoded()));
        return new e.C0170e(a(generatePublic, str3), a(generatePublic, str2), this);
    }

    @Override // com.oblador.keychain.a.f
    protected KeyInfo a(Key key) throws GeneralSecurityException {
        if (Build.VERSION.SDK_INT >= 23) {
            return (KeyInfo) KeyFactory.getInstance(key.getAlgorithm(), "AndroidKeyStore").getKeySpec(key, KeyInfo.class);
        }
        throw new KeyStoreAccessException("Unsupported API" + Build.VERSION.SDK_INT + " version detected.");
    }

    @Override // com.oblador.keychain.a.e
    public e.C0170e a(String str, String str2, String str3, SecurityLevel securityLevel) throws CryptoFailedException {
        a(securityLevel);
        try {
            return b(f.a(str, h()), str3, str2, securityLevel);
        } catch (KeyStoreAccessException e) {
            e = e;
            throw new CryptoFailedException("Could not access Keystore for service " + str, e);
        } catch (IOException e2) {
            throw new CryptoFailedException("I/O error: " + e2.getMessage(), e2);
        } catch (InvalidKeyException e3) {
            e = e3;
            throw new CryptoFailedException("Could not encrypt data for service " + str, e);
        } catch (KeyStoreException e4) {
            e = e4;
            throw new CryptoFailedException("Could not access Keystore for service " + str, e);
        } catch (NoSuchAlgorithmException e5) {
            e = e5;
            throw new CryptoFailedException("Could not encrypt data for service " + str, e);
        } catch (InvalidKeySpecException e6) {
            e = e6;
            throw new CryptoFailedException("Could not encrypt data for service " + str, e);
        } catch (NoSuchPaddingException e7) {
            e = e7;
            throw new CryptoFailedException("Could not encrypt data for service " + str, e);
        } catch (Throwable th) {
            throw new CryptoFailedException("Unknown error: " + th.getMessage(), th);
        }
    }

    @Override // com.oblador.keychain.a.f
    protected Key a(KeyGenParameterSpec keyGenParameterSpec) throws GeneralSecurityException {
        if (Build.VERSION.SDK_INT >= 23) {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(k(), "AndroidKeyStore");
            keyPairGenerator.initialize(keyGenParameterSpec);
            return keyPairGenerator.generateKeyPair().getPrivate();
        }
        throw new KeyStoreAccessException("Unsupported API" + Build.VERSION.SDK_INT + " version detected.");
    }

    @Override // com.oblador.keychain.a.e
    @SuppressLint({"NewApi"})
    public void a(e.d dVar, String str, byte[] bArr, byte[] bArr2, SecurityLevel securityLevel) throws CryptoFailedException {
        Key key;
        a(securityLevel);
        String a2 = f.a(str, h());
        try {
            try {
                key = a(a2, securityLevel, new AtomicInteger(1));
            } catch (UserNotAuthenticatedException e) {
                e = e;
                key = null;
            }
            try {
                dVar.a(new e.c(a(key, bArr), a(key, bArr2)), null);
            } catch (UserNotAuthenticatedException e2) {
                e = e2;
                Log.d(f.f7734a, "Unlock of keystore is needed. Error: " + e.getMessage(), e);
                dVar.a(new e.b(a2, key, bArr2, bArr));
            }
        } catch (Throwable th) {
            dVar.a(null, th);
        }
    }

    @Override // com.oblador.keychain.a.f
    @SuppressLint({"NewApi"})
    protected KeyGenParameterSpec.Builder b(String str) throws GeneralSecurityException {
        if (Build.VERSION.SDK_INT >= 23) {
            return new KeyGenParameterSpec.Builder(str, 3).setBlockModes("ECB").setEncryptionPaddings("PKCS1Padding").setRandomizedEncryptionRequired(true).setUserAuthenticationRequired(true).setUserAuthenticationValidityDurationSeconds(1).setKeySize(3072);
        }
        throw new KeyStoreAccessException("Unsupported API" + Build.VERSION.SDK_INT + " version detected.");
    }

    @Override // com.oblador.keychain.a.e
    public String b() {
        return "KeystoreRSAECB";
    }

    @Override // com.oblador.keychain.a.e
    public int d() {
        return 23;
    }

    @Override // com.oblador.keychain.a.e
    public boolean e() {
        return true;
    }

    @Override // com.oblador.keychain.a.f
    protected String i() {
        return "RSA/ECB/PKCS1Padding";
    }

    protected String k() {
        return "RSA";
    }
}
