package com.amazonaws.internal.keyvaluestore;

import android.content.Context;
import android.content.SharedPreferences;
import android.security.KeyPairGeneratorSpec;
import com.amazonaws.logging.Log;
import com.amazonaws.logging.LogFactory;
import com.amazonaws.util.Base64;
import java.math.BigInteger;
import java.security.Key;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.util.Calendar;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;
import p237l9lL6.L96;

@L96(api = 18)
/* loaded from: classes2.dex */
public class KeyProvider18 implements KeyProvider {

    /* renamed from: Ll69查l66, reason: contains not printable characters */
    public static final Log f13738Ll69l66 = LogFactory.L9(KeyProvider18.class);

    /* renamed from: LlLL69L9查, reason: contains not printable characters */
    public static final String f13739LlLL69L9 = "AndroidKeyStore";

    /* renamed from: L查6, reason: contains not printable characters */
    public static final String f13740L6 = "RSA/ECB/PKCS1Padding";

    /* renamed from: L查l查查, reason: contains not printable characters */
    public static final String f13741Ll = "AndroidOpenSSL";

    /* renamed from: ll查L, reason: contains not printable characters */
    public static final String f13742llL = "RSA";

    /* renamed from: l查查9lL6, reason: contains not printable characters */
    public static final int f13743l9lL6 = 256;

    /* renamed from: 查9l99l9, reason: contains not printable characters */
    public static final String f137449l99l9 = "AES";

    /* renamed from: 查l, reason: contains not printable characters */
    public static final String f13745l = "AesGcmNoPadding18-encrypted-encryption-key";

    /* renamed from: 查查Llll69, reason: contains not printable characters */
    public static final String f13746Llll69 = ".rsaKeyStoreAlias";

    /* renamed from: L9, reason: collision with root package name */
    public Context f35467L9;

    /* renamed from: lLll, reason: collision with root package name */
    public SecureRandom f35468lLll;

    /* renamed from: 查LL, reason: contains not printable characters */
    public SharedPreferences f13747LL;

    public KeyProvider18(Context context, SharedPreferences sharedPreferences) {
        this.f35467L9 = context;
        this.f13747LL = sharedPreferences;
    }

    @Override // com.amazonaws.internal.keyvaluestore.KeyProvider
    public synchronized Key L9(String str) throws KeyNotFoundException {
        byte[] m21087Ll69l66;
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            if (!keyStore.containsAlias(str)) {
                throw new KeyNotFoundException("The RSA Key identified by the alias: " + str + " cannot be found in AndroidKeyStore");
            }
            if (!this.f13747LL.contains(f13745l)) {
                throw new KeyNotFoundException("SharedPreferences does not have the key for keyAlias: AesGcmNoPadding18-encrypted-encryption-key");
            }
            f13738Ll69l66.lLll("Loading the encryption key from SharedPreferences");
            String string = this.f13747LL.getString(f13745l, null);
            if (string == null) {
                throw new KeyNotFoundException("Unable to retrieve the encrypted AES Key identified by AesGcmNoPadding18-encrypted-encryption-key from the SharedPreferences.");
            }
            byte[] decode = Base64.decode(string);
            if (decode == null || decode.length == 0) {
                throw new KeyNotFoundException("Unable to Base64 decode the encrypted AES key identified by: AesGcmNoPadding18-encrypted-encryption-key");
            }
            m21087Ll69l66 = m21087Ll69l66(str, decode);
            if (m21087Ll69l66 == null || m21087Ll69l66.length == 0) {
                throw new KeyNotFoundException("Unable to RSA decrypt the encrypted AES key identified by: AesGcmNoPadding18-encrypted-encryption-key using the RSA key identified by keyAlias: " + str);
            }
        } catch (Exception e) {
            throw new KeyNotFoundException("Error occurred while accessing AndroidKeyStore to retrieve the key for keyAlias: " + str, e);
        }
        return new SecretKeySpec(m21087Ll69l66, "AES");
    }

    /* renamed from: Ll69查l66, reason: contains not printable characters */
    public final byte[] m21087Ll69l66(String str, byte[] bArr) {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry(str, null);
            Cipher cipher = Cipher.getInstance(f13740L6, f13741Ll);
            cipher.init(2, privateKeyEntry.getPrivateKey());
            return cipher.doFinal(bArr);
        } catch (Exception e) {
            f13738Ll69l66.mo21097llL("Exception occurred while decrypting the encrypted AES key. ", e);
            return null;
        }
    }

    @Override // com.amazonaws.internal.keyvaluestore.KeyProvider
    public synchronized Key lLll(String str) throws KeyNotGeneratedException {
        SecretKey generateKey;
        try {
            KeyStore.getInstance("AndroidKeyStore").load(null);
            Calendar calendar = Calendar.getInstance();
            Calendar calendar2 = Calendar.getInstance();
            calendar2.add(1, 30);
            KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(this.f35467L9).setAlias(str).setSubject(new X500Principal("CN=" + str)).setSerialNumber(BigInteger.TEN).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build();
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
            keyPairGenerator.initialize(build);
            keyPairGenerator.generateKeyPair();
            try {
                this.f35468lLll = new SecureRandom();
                KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
                keyGenerator.init(256, this.f35468lLll);
                generateKey = keyGenerator.generateKey();
                if (generateKey == null) {
                    throw new KeyNotGeneratedException("Error in generating the AES encryption key for the alias: AesGcmNoPadding18-encrypted-encryption-key");
                }
                byte[] encoded = generateKey.getEncoded();
                if (encoded == null || encoded.length == 0) {
                    throw new KeyNotGeneratedException("Error in generating the AES encryption key for the alias: AesGcmNoPadding18-encrypted-encryption-key");
                }
                byte[] m210889l99l9 = m210889l99l9(str, encoded);
                if (m210889l99l9 == null || m210889l99l9.length == 0) {
                    throw new KeyNotGeneratedException("Error in RSA encrypting the AES encryption key for the AES keyAlias: AesGcmNoPadding18-encrypted-encryption-key using the rsaKeyAlias: " + str);
                }
                String encodeAsString = Base64.encodeAsString(m210889l99l9);
                if (encodeAsString == null) {
                    throw new KeyNotGeneratedException("Error in Base64 encoding of the Encrypted AES key for the AES keyAlias: AesGcmNoPadding18-encrypted-encryption-key using the rsaKeyAlias: " + str);
                }
                this.f13747LL.edit().putString(f13745l, encodeAsString).apply();
                f13738Ll69l66.mo21098l9lL6("Generated and saved the Encrypted AES encryption key for the AES keyAlias: AesGcmNoPadding18-encrypted-encryption-key to SharedPreferences.");
            } catch (Exception e) {
                throw new KeyNotGeneratedException("Error in generating the AES key and RSA encrypting the AES key using the rsaKeyAlias: " + str + " in AndroidKeyStore", e);
            }
        } catch (Exception e2) {
            throw new KeyNotGeneratedException("Error in generating the RSA Encryption key for the rsaKeyAlias: " + str + " in AndroidKeyStore", e2);
        }
        return generateKey;
    }

    /* renamed from: 查9l99l9, reason: contains not printable characters */
    public final byte[] m210889l99l9(String str, byte[] bArr) {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry(str, null);
            Cipher cipher = Cipher.getInstance(f13740L6, f13741Ll);
            cipher.init(1, privateKeyEntry.getCertificate().getPublicKey());
            return cipher.doFinal(bArr);
        } catch (Exception e) {
            f13738Ll69l66.mo21095L6("Exception occurred while encrypting data. " + e.getMessage());
            return null;
        }
    }

    @Override // com.amazonaws.internal.keyvaluestore.KeyProvider
    /* renamed from: 查LL */
    public synchronized void mo21086LL(String str) {
        try {
            this.f13747LL.edit().remove(f13745l).apply();
        } catch (Exception e) {
            f13738Ll69l66.mo21097llL("Error in deleting the encrypted AES key identified by AesGcmNoPadding18-encrypted-encryption-key from SharedPreferences.", e);
        }
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            keyStore.deleteEntry(str);
        } catch (Exception e2) {
            f13738Ll69l66.mo21097llL("Error in deleting the RSA Key identified by the keyAlias: " + str + " from AndroidKeyStore", e2);
        }
    }
}
