package com.unwire.ssg.signer.provider;

import android.content.Context;
import android.security.KeyPairGeneratorSpec;
import com.unwire.ssg.signer.core.Credential;
import com.unwire.ssg.signer.provider.CredentialStore;
import dm.b;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.UnrecoverableEntryException;
import java.util.Calendar;
import java.util.concurrent.CountDownLatch;
import java.util.concurrent.locks.ReadWriteLock;
import java.util.concurrent.locks.ReentrantReadWriteLock;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes4.dex */
class RSAEncryptedCredentialStore extends EncryptedCredentialStore {
    private static final String ANDROID_KEY_STORE = "AndroidKeyStore";
    private static final String KEY_ALGORITHM_RSA = "RSA";
    private static final String RSA_MODE = "RSA/ECB/PKCS1Padding";
    private static final String UTF_8 = "UTF-8";
    private KeyStore.PrivateKeyEntry privateKeyEntry;
    private final CredentialStore storeDelegate;
    private final ReadWriteLock lock = new ReentrantReadWriteLock(true);
    private final CountDownLatch initDoneSignal = new CountDownLatch(1);

    public RSAEncryptedCredentialStore(String str, CredentialStore credentialStore, final Context context) {
        this.storeDelegate = credentialStore;
        final String str2 = str + "_RSA";
        new Thread(new Runnable() { // from class: com.unwire.ssg.signer.provider.RSAEncryptedCredentialStore.1
            @Override // java.lang.Runnable
            public void run() {
                String name = Thread.currentThread().getName();
                Thread.currentThread().setName("RSAEncryptedCredentialStore_init");
                try {
                    try {
                        KeyStore keyStore = KeyStore.getInstance(RSAEncryptedCredentialStore.ANDROID_KEY_STORE);
                        keyStore.load(null);
                        RSAEncryptedCredentialStore.this.privateKeyEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry(str2, null);
                        if (RSAEncryptedCredentialStore.this.privateKeyEntry == null) {
                            RSAEncryptedCredentialStore.this.createSecretKey(str2, context.getApplicationContext());
                            RSAEncryptedCredentialStore.this.privateKeyEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry(str2, null);
                        }
                    } catch (Exception e11) {
                        e11.printStackTrace();
                    }
                } finally {
                    RSAEncryptedCredentialStore.this.initDoneSignal.countDown();
                    Thread.currentThread().setName(name);
                }
            }
        }).start();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void createSecretKey(String str, Context context) throws NoSuchProviderException, NoSuchAlgorithmException, InvalidAlgorithmParameterException {
        Calendar calendar = Calendar.getInstance();
        Calendar calendar2 = Calendar.getInstance();
        calendar2.add(1, 30);
        KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(context).setAlias(str).setSubject(new X500Principal("CN=" + str)).setSerialNumber(BigInteger.TEN).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build();
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(KEY_ALGORITHM_RSA, ANDROID_KEY_STORE);
        keyPairGenerator.initialize(build);
        keyPairGenerator.generateKeyPair();
    }

    private byte[] rsaDecrypt(byte[] bArr) throws NoSuchPaddingException, NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException, UnrecoverableEntryException, KeyStoreException, IOException, InvalidAlgorithmParameterException, BadPaddingException, IllegalBlockSizeException {
        if (this.privateKeyEntry == null) {
            throw new CredentialStore.OperationFailedException("Initialization was incomplete, cannot perform operation");
        }
        Cipher cipher = Cipher.getInstance(RSA_MODE);
        cipher.init(2, this.privateKeyEntry.getPrivateKey());
        return cipher.doFinal(bArr);
    }

    private byte[] rsaEncrypt(byte[] bArr) throws UnrecoverableEntryException, NoSuchAlgorithmException, KeyStoreException, InvalidKeyException, IOException, NoSuchProviderException, NoSuchPaddingException, InvalidAlgorithmParameterException, BadPaddingException, IllegalBlockSizeException {
        if (this.privateKeyEntry == null) {
            throw new CredentialStore.OperationFailedException("Initialization was incomplete, cannot perform operation");
        }
        Cipher cipher = Cipher.getInstance(RSA_MODE);
        cipher.init(1, this.privateKeyEntry.getCertificate().getPublicKey());
        return cipher.doFinal(bArr);
    }

    @Override // com.unwire.ssg.signer.provider.CredentialStore
    public void clear() {
        try {
            this.lock.writeLock().lock();
            this.storeDelegate.clear();
        } finally {
            this.lock.writeLock().unlock();
        }
    }

    @Override // com.unwire.ssg.signer.provider.CredentialStore
    public Credential load() {
        try {
            try {
                this.lock.readLock().lock();
                Credential load = this.storeDelegate.load();
                Credential credential = null;
                if (load != null) {
                    String secret = load.secret();
                    String appInstanceId = load.appInstanceId();
                    if (appInstanceId != null && secret != null) {
                        try {
                            this.initDoneSignal.await();
                        } catch (InterruptedException e11) {
                            e11.printStackTrace();
                        }
                        byte[] rsaDecrypt = rsaDecrypt(b.a(secret));
                        if (rsaDecrypt != null) {
                            credential = new Credential(appInstanceId, new String(rsaDecrypt, UTF_8));
                        }
                    }
                }
                return credential;
            } catch (Exception e12) {
                throw new CredentialStore.OperationFailedException(e12);
            }
        } finally {
            this.lock.readLock().unlock();
        }
    }

    @Override // com.unwire.ssg.signer.provider.CredentialStore
    public void save(Credential credential) {
        try {
            try {
                this.lock.writeLock().lock();
                try {
                    this.initDoneSignal.await();
                } catch (InterruptedException e11) {
                    e11.printStackTrace();
                }
                if (credential == null) {
                    this.storeDelegate.save(null);
                    return;
                }
                byte[] rsaEncrypt = rsaEncrypt(credential.secret().getBytes(UTF_8));
                if (rsaEncrypt != null) {
                    this.storeDelegate.save(new Credential(credential.appInstanceId(), b.c(rsaEncrypt, false)));
                }
            } finally {
                this.lock.writeLock().unlock();
            }
        } catch (Exception e12) {
            throw new CredentialStore.OperationFailedException(e12);
        }
    }
}
