package com.ca.mas.core.security;

import android.content.Context;
import android.util.Log;
import ch.qos.logback.core.AsyncAppenderBase;
import com.ca.mas.core.util.KeyUtilsAsymmetric;
import com.ca.mas.core.util.KeyUtilsSymmetric;
import com.ca.mas.foundation.MAS;
import java.security.PrivateKey;
import java.security.PublicKey;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: classes2.dex */
public abstract class KeyStoreKeyStorageProvider implements KeyStorageProvider {
    private static final String ASYM_KEY_ALIAS = "ASYM_KEY";
    private static final String RSA_ECB_PKCS1_PADDING = "RSA/ECB/PKCS1PADDING";
    private static final int VALIDITY_SECONDS = 7200;
    private Context context;

    public KeyStoreKeyStorageProvider(Context context) {
        this.context = context.getApplicationContext();
    }

    private SecretKey decryptSecretKey(byte[] bArr) {
        try {
            PrivateKey rsaPrivateKey = KeyUtilsAsymmetric.getRsaPrivateKey(ASYM_KEY_ALIAS);
            Cipher cipher = Cipher.getInstance(RSA_ECB_PKCS1_PADDING);
            cipher.init(2, rsaPrivateKey);
            return new SecretKeySpec(cipher.doFinal(bArr), "AES");
        } catch (Exception e10) {
            if (MAS.DEBUG) {
                Log.e(MAS.TAG, "Error while decrypting SecretKey", e10);
            }
            throw new RuntimeException("Error while decrypting SecretKey", e10);
        }
    }

    private byte[] encryptSecretKey(SecretKey secretKey) {
        try {
            PublicKey rsaPublicKey = KeyUtilsAsymmetric.getRsaPublicKey(ASYM_KEY_ALIAS);
            if (rsaPublicKey == null) {
                KeyUtilsAsymmetric.generateRsaPrivateKey(ASYM_KEY_ALIAS, String.format("CN=%s, OU=%s", ASYM_KEY_ALIAS, "com.ca"), false, false, -1, false);
                rsaPublicKey = KeyUtilsAsymmetric.getRsaPublicKey(ASYM_KEY_ALIAS);
            }
            Cipher cipher = Cipher.getInstance(RSA_ECB_PKCS1_PADDING);
            cipher.init(1, rsaPublicKey);
            return cipher.doFinal(secretKey.getEncoded());
        } catch (Exception e10) {
            if (MAS.DEBUG) {
                Log.e(MAS.TAG, "Error while encrypting SecretKey", e10);
            }
            throw new RuntimeException("Error while encrypting SecretKey", e10);
        }
    }

    abstract boolean deleteSecretKeyLocally(String str);

    public Context getContext() {
        return this.context;
    }

    abstract byte[] getEncryptedSecretKey(String str);

    @Override // com.ca.mas.core.security.KeyStorageProvider
    public SecretKey getKey(String str, boolean z10) {
        SecretKey retrieveKey = KeyUtilsSymmetric.retrieveKey(str);
        if (retrieveKey != null) {
            return retrieveKey;
        }
        byte[] encryptedSecretKey = getEncryptedSecretKey(str);
        if (encryptedSecretKey != null) {
            try {
                retrieveKey = decryptSecretKey(encryptedSecretKey);
            } catch (Exception e10) {
                if (MAS.DEBUG) {
                    Log.e(MAS.TAG, "Error while decrypting SecretKey, deleting it", e10);
                }
                deleteSecretKeyLocally(str);
            }
        }
        if (retrieveKey == null) {
            return z10 ? KeyUtilsSymmetric.generateKey(str, "AES", AsyncAppenderBase.DEFAULT_QUEUE_SIZE, false, true, VALIDITY_SECONDS, false) : KeyUtilsSymmetric.generateKey(str, "AES", AsyncAppenderBase.DEFAULT_QUEUE_SIZE, false, false, -1, false);
        }
        KeyUtilsSymmetric.storeKeyAndroidN(str, retrieveKey, false, -1, false);
        deleteSecretKeyLocally(str);
        return retrieveKey;
    }

    @Override // com.ca.mas.core.security.KeyStorageProvider
    public boolean removeKey(String str) {
        KeyUtilsSymmetric.deleteKey(str);
        deleteSecretKeyLocally(str);
        return true;
    }

    abstract boolean storeSecretKeyLocally(String str, byte[] bArr);
}
