package com.lastpass.lpandroid.domain.encryption;

import android.content.Context;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.text.TextUtils;
import android.util.Base64;
import com.lastpass.lpandroid.domain.LpLog;
import com.lastpass.lpandroid.utils.DeviceUtils;
import com.lastpass.lpandroid.utils.Formatting;
import java.io.IOException;
import java.math.BigInteger;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.CertificateException;
import java.util.Calendar;
import javax.crypto.Cipher;
import javax.inject.Inject;
import javax.inject.Named;
import javax.inject.Singleton;
import javax.security.auth.x500.X500Principal;

@Singleton
/* loaded from: classes.dex */
public class KeystoreWrapper {
    private KeyStore a;
    private boolean b = false;

    @Inject
    public KeystoreWrapper(@Named("applicationContext") Context context) {
        this.a = null;
        try {
            this.a = KeyStore.getInstance("AndroidKeyStore");
            this.a.load(null);
            a(context);
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            LpLog.b("TagCryptography", "Cannot validate key store", e);
            LpLog.b(e);
        }
    }

    private synchronized void a(Context context) {
        a(context, "test_key_alias");
        a("test_key_alias");
    }

    private synchronized void a(String str) {
        LpLog.a("TagCryptography", "Validating keystore with " + str);
        try {
            String b = b(str, "test_key_text");
            if (TextUtils.isEmpty(b)) {
                LpLog.b("TagCryptography", "Cannot encrypt string for keystore validation " + str);
            } else {
                String a = a(str, b);
                if (TextUtils.isEmpty(a) || !a.equals("test_key_text")) {
                    LpLog.b("TagCryptography", "Keystore validation content mismatch" + str);
                } else {
                    this.b = true;
                }
            }
        } catch (Exception e) {
            LpLog.b("TagCryptography", "Cannot validate key store with " + str, e);
            LpLog.b(e);
        }
        if (this.b) {
            LpLog.c("TagCryptography", "Key store valid");
        } else {
            LpLog.b("TagCryptography", "Key store invalid");
        }
    }

    public synchronized int a() {
        int i;
        i = -1;
        try {
            if (this.a != null) {
                i = this.a.size();
            }
        } catch (KeyStoreException unused) {
            return -1;
        }
        return i;
    }

    public synchronized String a(String str, String str2) {
        if (TextUtils.isEmpty(str) || TextUtils.isEmpty(str2) || this.a == null) {
            return null;
        }
        try {
            PrivateKey privateKey = (PrivateKey) this.a.getKey(str, null);
            if (privateKey == null) {
                LpLog.f("TagCryptography", "Key alias not found " + str);
                return null;
            }
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            cipher.init(2, privateKey);
            byte[] doFinal = cipher.doFinal(Base64.decode(str2, 0));
            LpLog.a("TagCryptography", "Decrypted data of " + str);
            return Formatting.c(doFinal);
        } catch (Exception e) {
            LpLog.d("TagCryptography", "Cannot decrypt for " + str, e);
            return null;
        }
    }

    public synchronized void a(Context context, String str) {
        if (this.a == null || context == null || TextUtils.isEmpty(str)) {
            return;
        }
        try {
            if (this.a.containsAlias(str)) {
                LpLog.c("TagCryptography", "Key alias already exists " + str);
            } else {
                Calendar calendar = Calendar.getInstance();
                Calendar calendar2 = Calendar.getInstance();
                calendar2.add(1, 10);
                KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
                X500Principal x500Principal = new X500Principal("CN=LastPass, O=LastPass");
                keyPairGenerator.initialize(!DeviceUtils.j() ? new KeyPairGeneratorSpec.Builder(context).setAlias(str).setSubject(x500Principal).setSerialNumber(BigInteger.ONE).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build() : new KeyGenParameterSpec.Builder(str, 3).setCertificateSubject(x500Principal).setEncryptionPaddings("PKCS1Padding").setCertificateSerialNumber(BigInteger.ONE).setCertificateNotBefore(calendar.getTime()).setCertificateNotAfter(calendar2.getTime()).build());
                keyPairGenerator.generateKeyPair();
                LpLog.c("TagCryptography", "Created key pair for " + str);
            }
        } catch (Exception e) {
            LpLog.b(e);
            LpLog.b("TagCryptography", "Cannot create key pair", e);
        }
    }

    public synchronized String b(String str, String str2) {
        if (TextUtils.isEmpty(str) || TextUtils.isEmpty(str2) || this.a == null) {
            return null;
        }
        try {
            PrivateKey privateKey = (PrivateKey) this.a.getKey(str, null);
            PublicKey publicKey = this.a.getCertificate(str).getPublicKey();
            if (privateKey != null && publicKey != null) {
                Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
                cipher.init(1, publicKey);
                byte[] doFinal = cipher.doFinal(Formatting.f(str2));
                LpLog.a("TagCryptography", "Encrypted data of " + str);
                return Base64.encodeToString(doFinal, 2);
            }
            LpLog.f("TagCryptography", "Key alias not found " + str);
            return null;
        } catch (Exception e) {
            LpLog.d("TagCryptography", "Cannot encrypt for " + str, e);
            return null;
        }
    }

    public synchronized boolean b() {
        boolean z;
        if (this.a != null) {
            z = this.b;
        }
        return z;
    }
}
