package com.cybozu.mobile.commons.encrypt;

import android.annotation.TargetApi;
import android.content.Context;
import android.security.keystore.KeyGenParameterSpec;
import io.fabric.sdk.android.services.common.CommonUtils;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.MGF1ParameterSpec;
import javax.crypto.Cipher;
import javax.crypto.spec.OAEPParameterSpec;
import javax.crypto.spec.PSource;

@TargetApi(23)
/* loaded from: classes.dex */
class RSAEncryptor {
    private static final String CIPHER_ALGORITHM = "RSA/ECB/OAEPWithSHA-256AndMGF1Padding";
    private static final String KEY_ALGORITHM = "RSA";
    private static final String KEY_PROVIDER = "AndroidKeyStore";
    private static final int KEY_SIZE = 2048;
    private final String certificateAlias;
    private final KeyStore keyStore;

    /* JADX INFO: Access modifiers changed from: package-private */
    public RSAEncryptor(Context context) {
        this.certificateAlias = certificateAlias(context);
        this.keyStore = prepareKeyStore(context, this.certificateAlias);
    }

    private static String certificateAlias(Context context) {
        return "__#$%#$%" + context.getPackageName() + ".RSAEncryptor.certificateAlias";
    }

    private static AlgorithmParameterSpec createSpec(String str) {
        return new KeyGenParameterSpec.Builder(str, 3).setKeySize(2048).setDigests(CommonUtils.SHA256_INSTANCE, "SHA-512").setEncryptionPaddings("OAEPPadding").build();
    }

    public static int getKeySizeByte() {
        return 256;
    }

    private static KeyStore prepareKeyStore(Context context, String str) {
        KeyStore keyStore;
        Exception e;
        try {
            keyStore = KeyStore.getInstance(KEY_PROVIDER);
        } catch (Exception e2) {
            keyStore = null;
            e = e2;
        }
        try {
            keyStore.load(null);
            if (!keyStore.containsAlias(str) || keyStore.getCertificate(str) == null) {
                KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(KEY_ALGORITHM, KEY_PROVIDER);
                keyPairGenerator.initialize(createSpec(str));
                keyPairGenerator.generateKeyPair();
            }
        } catch (Exception e3) {
            e = e3;
            e.printStackTrace();
            return keyStore;
        }
        return keyStore;
    }

    public byte[] decrypt(byte[] bArr) {
        try {
            PrivateKey privateKey = (PrivateKey) this.keyStore.getKey(this.certificateAlias, null);
            Cipher cipher = Cipher.getInstance(CIPHER_ALGORITHM);
            cipher.init(2, privateKey, new OAEPParameterSpec(CommonUtils.SHA256_INSTANCE, "MGF1", new MGF1ParameterSpec(CommonUtils.SHA1_INSTANCE), PSource.PSpecified.DEFAULT));
            return cipher.doFinal(bArr);
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    public byte[] encrypt(byte[] bArr) {
        try {
            PublicKey publicKey = this.keyStore.getCertificate(this.certificateAlias).getPublicKey();
            Cipher cipher = Cipher.getInstance(CIPHER_ALGORITHM);
            cipher.init(1, publicKey, new OAEPParameterSpec(CommonUtils.SHA256_INSTANCE, "MGF1", new MGF1ParameterSpec(CommonUtils.SHA1_INSTANCE), PSource.PSpecified.DEFAULT));
            return cipher.doFinal(bArr);
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    public void removeCertificate() {
        try {
            if (this.keyStore.containsAlias(this.certificateAlias)) {
                this.keyStore.deleteEntry(this.certificateAlias);
            }
        } catch (KeyStoreException e) {
            e.printStackTrace();
        }
    }
}
