package veeva.vault.mobile.coreutil.crypto;

import android.security.keystore.KeyGenParameterSpec;
import com.microsoft.identity.common.internal.platform.DevicePopManager;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.spec.X509EncodedKeySpec;
import javax.crypto.Cipher;
import kotlin.jvm.internal.m;
import kotlin.jvm.internal.q;

/* loaded from: classes2.dex */
public final class c implements b {
    public static final a Companion = new a(null);

    /* renamed from: b, reason: collision with root package name */
    public static final c f21104b = new c();

    /* renamed from: a, reason: collision with root package name */
    public final KeyStore f21105a;

    /* loaded from: classes2.dex */
    public static final class a {
        public a(m mVar) {
        }
    }

    public c() {
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null);
        this.f21105a = keyStore;
    }

    @Override // veeva.vault.mobile.coreutil.crypto.b
    public byte[] a(byte[] bArr, Cipher cipher) {
        q.e(cipher, "cipher");
        byte[] doFinal = cipher.doFinal(bArr);
        q.d(doFinal, "cipher.doFinal(ciphertext)");
        return doFinal;
    }

    @Override // veeva.vault.mobile.coreutil.crypto.b
    public Cipher b(String keyName) {
        q.e(keyName, "keyName");
        Cipher cipher = Cipher.getInstance("RSA/ECB/OAEPPadding");
        q.d(cipher, "getInstance(\"$RSA/$RSA_ENCRYPTION_BLOCK_MODE/$RSA_ENCRYPTION_PADDING\")");
        KeyPair f10 = f(keyName);
        PrivateKey privateKey = f10 == null ? null : f10.getPrivate();
        if (privateKey != null) {
            cipher.init(2, privateKey);
            return cipher;
        }
        throw new IllegalStateException(('[' + keyName + "] not found for decryption").toString());
    }

    @Override // veeva.vault.mobile.coreutil.crypto.b
    public byte[] c(byte[] bArr, Cipher cipher) {
        q.e(cipher, "cipher");
        byte[] doFinal = cipher.doFinal(bArr);
        q.d(doFinal, "cipher.doFinal(plainText)");
        return doFinal;
    }

    @Override // veeva.vault.mobile.coreutil.crypto.b
    public void d(String entry) {
        q.e(entry, "entry");
        this.f21105a.deleteEntry(entry);
    }

    @Override // veeva.vault.mobile.coreutil.crypto.b
    public Cipher e(String keyName, boolean z10) {
        q.e(keyName, "keyName");
        Cipher cipher = Cipher.getInstance("RSA/ECB/OAEPPadding");
        q.d(cipher, "getInstance(\"$RSA/$RSA_ENCRYPTION_BLOCK_MODE/$RSA_ENCRYPTION_PADDING\")");
        KeyPair f10 = f(keyName);
        if (f10 == null) {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(DevicePopManager.KeyPairGeneratorAlgorithms.RSA, "AndroidKeyStore");
            KeyGenParameterSpec.Builder builder = new KeyGenParameterSpec.Builder(keyName, 3);
            builder.setEncryptionPaddings("OAEPPadding");
            builder.setKeySize(2048);
            builder.setDigests("SHA-1");
            builder.setRandomizedEncryptionRequired(true);
            builder.setUserAuthenticationRequired(z10);
            KeyGenParameterSpec build = builder.build();
            q.d(build, "Builder(\n            keyName,\n            KeyProperties.PURPOSE_ENCRYPT or KeyProperties.PURPOSE_DECRYPT\n        ).apply {\n            setEncryptionPaddings(RSA_ENCRYPTION_PADDING)\n            setKeySize(RSA_KEY_SIZE)\n            setDigests(KeyProperties.DIGEST_SHA1)\n            setRandomizedEncryptionRequired(true)\n            setUserAuthenticationRequired(userAuthRequired)\n        }.build()");
            keyPairGenerator.initialize(build);
            f10 = keyPairGenerator.generateKeyPair();
            q.d(f10, "keyPairGenerator.generateKeyPair()");
        }
        PublicKey publicKey = f10.getPublic();
        q.d(publicKey, "getOrCreateKeyPair(keyName, userAuthRequired).public");
        PublicKey generatePublic = KeyFactory.getInstance(publicKey.getAlgorithm()).generatePublic(new X509EncodedKeySpec(publicKey.getEncoded()));
        q.d(generatePublic, "getInstance(this.algorithm).generatePublic(\n    X509EncodedKeySpec(this.encoded)\n)");
        cipher.init(1, generatePublic);
        return cipher;
    }

    public final KeyPair f(String str) {
        KeyStore.Entry entry = this.f21105a.getEntry(str, null);
        if (entry == null) {
            return null;
        }
        return new KeyPair(this.f21105a.getCertificate(str).getPublicKey(), ((KeyStore.PrivateKeyEntry) entry).getPrivateKey());
    }
}
