package com.mytheresa.app.mytheresa.services.user.security;

import android.content.Context;
import android.security.KeyPairGeneratorSpec;
import android.util.Base64;
import com.mytheresa.app.mytheresa.app.AppSettings;
import com.mytheresa.app.mytheresa.services.user.security.Crypto;
import com.mytheresa.app.mytheresa.services.user.security.IEncryptionAlgorithm;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.UnrecoverableEntryException;
import java.util.Calendar;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;
import timber.log.Timber;

/* loaded from: classes2.dex */
public class RsaEncryption implements IEncryptionAlgorithm {
    private static final String AES_MODE = "AES/ECB/PKCS7Padding";
    private static final String KEY_ALGORITHM_AES = "AES";
    private static final String KEY_ALGORITHM_RSA = "RSA";
    private static final int KEY_LENGTH_IN_BYTES = 256;
    private static final int KEY_PERIOD_IN_YEARS = 10;
    private static final String PREFIX_SUBJECT_PRINCIPAL = "CN=";
    private static final String PROVIDER_ANDROID_SSL = "AndroidOpenSSL";
    private static final String PROVIDER_BC = "BC";
    private static final String RSA_MODE = "RSA/ECB/PKCS1Padding";
    private static final String UTF_8 = "UTF-8";
    private AppSettings appSettings;
    Crypto crypto;

    public RsaEncryption(Crypto crypto, AppSettings appSettings) {
        this.crypto = crypto;
        this.appSettings = appSettings;
    }

    private void createAesKey(String str) throws Crypto.CryptoException {
        try {
            KeyGenerator keyGenerator = KeyGenerator.getInstance(KEY_ALGORITHM_AES);
            keyGenerator.init(256);
            this.appSettings.writeAesKeyToSettings(rsaEncrypt(keyGenerator.generateKey().getEncoded(), str));
        } catch (NoSuchAlgorithmException e) {
            throw new IEncryptionAlgorithm.AlgorithmException(e);
        }
    }

    private byte[] rsaDecrypt(String str, String str2) throws Crypto.CryptoException {
        Timber.d("rsaDecrypt(%s, %s)", str, str2);
        try {
            KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) this.crypto.getAndroidKeyStore().getEntry(str2, null);
            Cipher cipher = Cipher.getInstance(RSA_MODE, PROVIDER_ANDROID_SSL);
            cipher.init(2, privateKeyEntry.getPrivateKey());
            byte[] doFinal = cipher.doFinal(Base64.decode(str.getBytes(), 0));
            Timber.d("Decrypted Key with RSA: %s -> %s", str, new String(doFinal));
            return doFinal;
        } catch (InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | UnrecoverableEntryException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e) {
            throw new IEncryptionAlgorithm.AlgorithmException(e);
        }
    }

    private String rsaEncrypt(byte[] bArr, String str) throws Crypto.CryptoException {
        Timber.d("rsaEncrypt(%s, %s)", bArr, str);
        try {
            KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) this.crypto.getAndroidKeyStore().getEntry(str, null);
            Cipher cipher = Cipher.getInstance(RSA_MODE, PROVIDER_ANDROID_SSL);
            cipher.init(1, privateKeyEntry.getCertificate().getPublicKey());
            String encodeToString = Base64.encodeToString(cipher.doFinal(bArr), 0);
            Timber.d("Encrypted Key with RSA: %s -> %s", bArr, encodeToString);
            return encodeToString;
        } catch (InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | UnrecoverableEntryException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e) {
            throw new IEncryptionAlgorithm.AlgorithmException(e);
        }
    }

    @Override // com.mytheresa.app.mytheresa.services.user.security.IEncryptionAlgorithm
    public String decrypt(String str, String str2) throws Crypto.CryptoException {
        Timber.d("Decrypt(%s, %s)", str, str2);
        try {
            Cipher cipher = Cipher.getInstance(AES_MODE, PROVIDER_BC);
            cipher.init(2, getKey(str2));
            String str3 = new String(cipher.doFinal(Base64.decode(str.getBytes(), 0)));
            Timber.d("Decrypted: %s -> %s", str, str3);
            return str3;
        } catch (InvalidKeyException | NoSuchAlgorithmException | NoSuchProviderException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e) {
            throw new IEncryptionAlgorithm.AlgorithmException(e);
        }
    }

    @Override // com.mytheresa.app.mytheresa.services.user.security.IEncryptionAlgorithm
    public String encrypt(String str, String str2) throws Crypto.CryptoException {
        Timber.d("Encrypt(%s, %s)", str, str2);
        try {
            Cipher cipher = Cipher.getInstance(AES_MODE, PROVIDER_BC);
            cipher.init(1, getKey(str2));
            String encodeToString = Base64.encodeToString(cipher.doFinal(str.getBytes()), 0);
            Timber.d("Encrypted: %s -> %s", str, encodeToString);
            return encodeToString;
        } catch (InvalidKeyException | NoSuchAlgorithmException | NoSuchProviderException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e) {
            throw new IEncryptionAlgorithm.AlgorithmException(e);
        }
    }

    @Override // com.mytheresa.app.mytheresa.services.user.security.IEncryptionAlgorithm
    public void generateKey(Context context, String str) throws Crypto.CryptoException {
        try {
            if (this.crypto.getAndroidKeyStore().containsAlias(str)) {
                return;
            }
            Calendar calendar = Calendar.getInstance();
            Calendar calendar2 = Calendar.getInstance();
            calendar2.add(1, 10);
            KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(context).setAlias(str).setSubject(new X500Principal(PREFIX_SUBJECT_PRINCIPAL + str)).setSerialNumber(BigInteger.TEN).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build();
            try {
                KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(KEY_ALGORITHM_RSA, "AndroidKeyStore");
                keyPairGenerator.initialize(build);
                keyPairGenerator.generateKeyPair();
                createAesKey(str);
            } catch (IllegalArgumentException | InvalidAlgorithmParameterException | NoSuchAlgorithmException | NoSuchProviderException e) {
                throw new IEncryptionAlgorithm.AlgorithmException(e);
            }
        } catch (KeyStoreException e2) {
            throw new IEncryptionAlgorithm.AlgorithmException(e2);
        }
    }

    @Override // com.mytheresa.app.mytheresa.services.user.security.IEncryptionAlgorithm
    public Key getKey(String str) throws Crypto.CryptoException {
        return new SecretKeySpec(rsaDecrypt(this.appSettings.getAesKeyFromSettings(), str), KEY_ALGORITHM_AES);
    }

    @Override // com.mytheresa.app.mytheresa.services.user.security.IEncryptionAlgorithm
    public void removeKey(String str) throws Crypto.CryptoException {
        try {
            KeyStore androidKeyStore = this.crypto.getAndroidKeyStore();
            if (androidKeyStore.containsAlias(str)) {
                androidKeyStore.deleteEntry(str);
                this.appSettings.clearAesKey();
                Timber.d("removed key: %s", str);
            }
        } catch (KeyStoreException e) {
            throw new IEncryptionAlgorithm.AlgorithmException(e);
        }
    }
}
