package android.support.v4.common;

import android.content.Context;
import android.security.KeyPairGeneratorSpec;
import android.util.Base64;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.math.BigInteger;
import java.security.Key;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.util.Calendar;
import java.util.Objects;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes3.dex */
public final class wv5 implements yv5 {
    public static final byte[] c = {15, 54, 13, 32, 1, 50, 29, 18, 27, 34, 25, 44, 1, 2, 3, 5};
    public final Context a;
    public final ua5 b;

    public wv5(Context context, ua5 ua5Var) {
        i0c.e(context, "context");
        i0c.e(ua5Var, "storage");
        this.a = context;
        this.b = ua5Var;
    }

    @Override // android.support.v4.common.yv5
    public Cipher a() {
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
        cipher.init(1, f(), new IvParameterSpec(c));
        i0c.d(cipher, "Cipher.getInstance(AES_M…eterSpec(FIXED_IV))\n    }");
        return cipher;
    }

    @Override // android.support.v4.common.yv5
    public void b() {
        try {
            jc4.a().deleteEntry("ZalandoPasswordKey");
        } catch (KeyStoreException unused) {
        }
        this.b.j("PasswordKey");
    }

    @Override // android.support.v4.common.yv5
    public void c() {
        KeyStore a = jc4.a();
        if (!a.containsAlias("ZalandoPasswordKey")) {
            e();
        } else {
            if (a.getEntry("ZalandoPasswordKey", null) instanceof KeyStore.PrivateKeyEntry) {
                return;
            }
            try {
                jc4.a().deleteEntry("ZalandoPasswordKey");
            } catch (KeyStoreException unused) {
            }
            this.b.j("PasswordKey");
            e();
        }
    }

    @Override // android.support.v4.common.yv5
    public Cipher d() {
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
        cipher.init(2, f(), new IvParameterSpec(c));
        i0c.d(cipher, "Cipher.getInstance(AES_M…eterSpec(FIXED_IV))\n    }");
        return cipher;
    }

    public final void e() {
        Calendar calendar = Calendar.getInstance();
        Calendar calendar2 = Calendar.getInstance();
        calendar2.add(1, 30);
        KeyPairGeneratorSpec.Builder serialNumber = new KeyPairGeneratorSpec.Builder(this.a).setAlias("ZalandoPasswordKey").setSubject(new X500Principal("CN=ZalandoPasswordKey")).setSerialNumber(BigInteger.TEN);
        i0c.d(calendar, "start");
        KeyPairGeneratorSpec.Builder startDate = serialNumber.setStartDate(calendar.getTime());
        i0c.d(calendar2, "end");
        KeyPairGeneratorSpec build = startDate.setEndDate(calendar2.getTime()).build();
        i0c.d(build, "KeyPairGeneratorSpec.Bui…ime)\n            .build()");
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
        keyPairGenerator.initialize(build);
        keyPairGenerator.generateKeyPair();
        byte[] bArr = new byte[16];
        new SecureRandom().nextBytes(bArr);
        KeyStore.Entry entry = jc4.a().getEntry("ZalandoPasswordKey", null);
        Objects.requireNonNull(entry, "null cannot be cast to non-null type java.security.KeyStore.PrivateKeyEntry");
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
        Certificate certificate = ((KeyStore.PrivateKeyEntry) entry).getCertificate();
        i0c.d(certificate, "privateKeyEntry.certificate");
        cipher.init(1, certificate.getPublicKey());
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, cipher);
        cipherOutputStream.write(bArr);
        cipherOutputStream.close();
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        i0c.d(byteArray, "outputStream.toByteArray()");
        this.b.a("PasswordKey", Base64.encodeToString(byteArray, 0));
    }

    public final Key f() {
        byte[] decode = Base64.decode(this.b.k("PasswordKey", ""), 0);
        i0c.d(decode, "encryptedKey");
        KeyStore.Entry entry = jc4.a().getEntry("ZalandoPasswordKey", null);
        Objects.requireNonNull(entry, "null cannot be cast to non-null type java.security.KeyStore.PrivateKeyEntry");
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
        cipher.init(2, ((KeyStore.PrivateKeyEntry) entry).getPrivateKey());
        CipherInputStream cipherInputStream = new CipherInputStream(new ByteArrayInputStream(decode), cipher);
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byte[] bArr = new byte[16];
        for (int read = cipherInputStream.read(bArr); read != -1; read = cipherInputStream.read(bArr)) {
            byteArrayOutputStream.write(bArr, 0, read);
        }
        byteArrayOutputStream.flush();
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        i0c.d(byteArray, "baos.toByteArray()");
        return new SecretKeySpec(byteArray, "AES");
    }
}
