package com.smartsheet.android.crypto;

import android.content.Context;
import android.security.keystore.KeyGenParameterSpec;
import com.microsoft.identity.common.java.crypto.key.KeyUtil;
import com.microsoft.identity.common.java.platform.AbstractDevicePopManager;
import com.smartsheet.android.logger.Logger;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.UnrecoverableEntryException;
import java.security.cert.Certificate;
import java.util.GregorianCalendar;
import javax.crypto.Cipher;
import javax.crypto.NoSuchPaddingException;

/* loaded from: classes3.dex */
public final class PersistentAsymmetricKeyPair {
    public final KeyPair m_keyPair;

    public PersistentAsymmetricKeyPair(KeyPair keyPair) {
        this.m_keyPair = keyPair;
    }

    public static PersistentAsymmetricKeyPair createNew(Context context, KeyStore keyStore, String str) throws KeyStoreException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidAlgorithmParameterException {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(AbstractDevicePopManager.KeyPairGeneratorAlgorithms.RSA, keyStore.getProvider());
        BigInteger valueOf = BigInteger.valueOf(1L);
        GregorianCalendar gregorianCalendar = new GregorianCalendar();
        GregorianCalendar gregorianCalendar2 = new GregorianCalendar();
        gregorianCalendar2.add(1, 100);
        KeyGenParameterSpec.Builder builder = new KeyGenParameterSpec.Builder(str, 15);
        builder.setDigests(KeyUtil.HMAC_KEY_HASH_ALGORITHM, "SHA-512").setEncryptionPaddings("OAEPPadding").setCertificateSerialNumber(valueOf).setCertificateNotBefore(gregorianCalendar.getTime()).setCertificateNotAfter(gregorianCalendar2.getTime());
        keyPairGenerator.initialize(builder.build());
        KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
        try {
            Cipher.getInstance("RSA/NONE/PKCS1Padding").init(3, generateKeyPair.getPublic());
            return new PersistentAsymmetricKeyPair(generateKeyPair);
        } catch (InvalidKeyException e) {
            throw new RuntimeException(e);
        }
    }

    public static PersistentAsymmetricKeyPair doObtain(Context context, KeyStore keyStore, String str, boolean z) throws KeyStoreException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidAlgorithmParameterException {
        KeyStore.Entry entry;
        try {
            try {
                entry = keyStore.getEntry(str, null);
            } catch (NullPointerException unused) {
                entry = null;
            }
            if (entry != null) {
                if (entry instanceof KeyStore.PrivateKeyEntry) {
                    KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) entry;
                    PrivateKey privateKey = privateKeyEntry.getPrivateKey();
                    Certificate certificate = privateKeyEntry.getCertificate();
                    Cipher.getInstance("RSA/NONE/PKCS1Padding").init(3, certificate.getPublicKey());
                    return new PersistentAsymmetricKeyPair(new KeyPair(certificate.getPublicKey(), privateKey));
                }
                throw new InvalidKeyException("Entry with key alias " + str + " is not a private key entry");
            }
        } catch (InvalidKeyException | UnrecoverableEntryException e) {
            Logger.w(e, "Keystore entry " + str + " is corrupted", new Object[0]);
            keyStore.deleteEntry(str);
        }
        if (z) {
            return createNew(context, keyStore, str);
        }
        return null;
    }

    public static PersistentAsymmetricKeyPair obtain(Context context, String str, boolean z) throws EncryptionUnavailableException {
        try {
            return doObtain(context, AndroidKeyStore.get(), str, z);
        } catch (InvalidAlgorithmParameterException | KeyStoreException | NoSuchAlgorithmException | NoSuchPaddingException e) {
            throw new EncryptionUnavailableException(e);
        }
    }

    public Cipher createUnwrapCipher() {
        try {
            Cipher cipher = Cipher.getInstance("RSA/NONE/PKCS1Padding");
            cipher.init(4, this.m_keyPair.getPrivate());
            return cipher;
        } catch (InvalidKeyException | NoSuchAlgorithmException | NoSuchPaddingException e) {
            throw new RuntimeException(e);
        }
    }

    public Cipher createWrapCipher() {
        try {
            Cipher cipher = Cipher.getInstance("RSA/NONE/PKCS1Padding");
            cipher.init(3, this.m_keyPair.getPublic());
            return cipher;
        } catch (InvalidKeyException | NoSuchAlgorithmException | NoSuchPaddingException e) {
            throw new RuntimeException(e);
        }
    }
}
