package org.forgerock.android.auth;

import android.content.Context;
import android.security.KeyPairGeneratorSpec;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.Key;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.spec.RSAKeyGenParameterSpec;
import java.util.Calendar;
import java.util.Date;
import java.util.Random;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes6.dex */
public class KeyStoreManager {
    private static final String CN_FORGE_ROCK = "CN=ForgeRock";
    private static final int KEY_SIZE = 1024;
    private Context context;

    /* loaded from: classes6.dex */
    public static class KeyStoreManagerBuilder {
        private Context context;

        KeyStoreManagerBuilder() {
        }

        public KeyStoreManager build() {
            return new KeyStoreManager(this.context);
        }

        public KeyStoreManagerBuilder context(Context context) {
            if (context == null) {
                throw new NullPointerException("context is marked non-null but is null");
            }
            this.context = context;
            return this;
        }

        public String toString() {
            return "KeyStoreManager.KeyStoreManagerBuilder(context=" + this.context + ")";
        }
    }

    public KeyStoreManager(Context context) {
        this.context = context.getApplicationContext();
    }

    public static KeyStoreManagerBuilder builder() {
        return new KeyStoreManagerBuilder();
    }

    private KeyStore getKeyStore() throws GeneralSecurityException, IOException {
        KeyStore keyStore = KeyStore.getInstance(Encryptor.ANDROID_KEYSTORE);
        keyStore.load(null);
        return keyStore;
    }

    private KeyPairGeneratorSpec getSpec(String str) {
        Calendar calendar = Calendar.getInstance();
        Date time = calendar.getTime();
        calendar.add(1, 10);
        return new KeyPairGeneratorSpec.Builder(this.context).setAlias(str).setSubject(new X500Principal("CN=ForgeRock")).setKeySize(1024).setSerialNumber(new BigInteger(16, new Random())).setStartDate(time).setAlgorithmParameterSpec(new RSAKeyGenParameterSpec(1024, RSAKeyGenParameterSpec.F4)).setEndDate(calendar.getTime()).build();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Certificate getCertificate(String str) throws GeneralSecurityException, IOException {
        return getKeyStore().getCertificate(str);
    }

    public Key getIdentifierKey(String str) throws GeneralSecurityException, IOException {
        KeyStore keyStore = getKeyStore();
        if (keyStore.containsAlias(str)) {
            return keyStore.getCertificate(str).getPublicKey();
        }
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", Encryptor.ANDROID_KEYSTORE);
        keyPairGenerator.initialize(getSpec(str));
        return keyPairGenerator.generateKeyPair().getPublic();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void persist(String str, byte[] bArr) throws GeneralSecurityException, IOException {
        getKeyStore().setCertificateEntry(str, CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(bArr)));
    }
}
