package com.nmwco.mobility.client.configuration;

import android.content.Context;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import com.nmwco.mobility.client.SharedApplication;
import com.nmwco.mobility.client.gen.MesCfgSettings;
import com.nmwco.mobility.client.gen.NmStatus;
import com.nmwco.mobility.client.nativecode.EncryptionKeyNative;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.spec.AlgorithmParameterSpec;
import java.util.GregorianCalendar;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes.dex */
public class EncryptionKey {
    private static final String KEYSTORE_PROVIDER_ANDROID_KEYSTORE = "AndroidKeyStore";
    private static final String KEY_ALGORITHM_RSA = "RSA";
    private static final String MOBILITY_KEY_ALIAS = "EncryptionKeyAlias";
    private static final String RSA_ECB_PKCS1_PADDING = "RSA/ECB/PKCS1Padding";

    public static int createEncryptionKey() {
        return EncryptionKeyNative.createEncryptionKey();
    }

    private static boolean createKeyInStore(Context context) {
        AlgorithmParameterSpec build;
        try {
            KeyStore keyStore = KeyStore.getInstance(KEYSTORE_PROVIDER_ANDROID_KEYSTORE);
            keyStore.load(null);
            if (((PrivateKey) keyStore.getKey(MOBILITY_KEY_ALIAS, null)) != null && keyStore.getCertificate(MOBILITY_KEY_ALIAS) != null) {
                if (keyStore.getCertificate(MOBILITY_KEY_ALIAS).getPublicKey() != null) {
                    return true;
                }
            }
            if (Build.VERSION.SDK_INT < 23) {
                GregorianCalendar gregorianCalendar = new GregorianCalendar();
                GregorianCalendar gregorianCalendar2 = new GregorianCalendar();
                gregorianCalendar2.add(1, 100);
                build = new KeyPairGeneratorSpec.Builder(context).setAlias(MOBILITY_KEY_ALIAS).setSubject(new X500Principal("CN=EncryptionKeyAlias")).setSerialNumber(BigInteger.valueOf(1337L)).setStartDate(gregorianCalendar.getTime()).setEndDate(gregorianCalendar2.getTime()).build();
            } else {
                build = new KeyGenParameterSpec.Builder(MOBILITY_KEY_ALIAS, 2).setDigests("SHA-256", "SHA-512").setEncryptionPaddings("PKCS1Padding").build();
            }
            try {
                try {
                    KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(KEY_ALGORITHM_RSA, KEYSTORE_PROVIDER_ANDROID_KEYSTORE);
                    keyPairGenerator.initialize(build);
                    keyPairGenerator.generateKeyPair();
                } catch (Exception unused) {
                    return true;
                }
            } catch (InvalidAlgorithmParameterException | NoSuchAlgorithmException | NoSuchProviderException unused2) {
                keyStore.deleteEntry(MOBILITY_KEY_ALIAS);
                return true;
            }
        } catch (Exception unused3) {
            return false;
        }
    }

    public static byte[] decrypt(String str) {
        int i = 1;
        KeyStore keyStore = null;
        while (true) {
            try {
                try {
                    keyStore = KeyStore.getInstance(KEYSTORE_PROVIDER_ANDROID_KEYSTORE);
                    keyStore.load(null);
                    return decrypt((PrivateKey) keyStore.getKey(MOBILITY_KEY_ALIAS, null), str);
                } catch (IOException | InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException | CertificateException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException unused) {
                    if (keyStore != null) {
                        try {
                            keyStore.deleteEntry(MOBILITY_KEY_ALIAS);
                        } catch (Exception unused2) {
                        }
                    }
                }
            } catch (UnrecoverableKeyException e) {
                if (i == 0) {
                    throw e;
                }
                int i2 = i - 1;
                if (i <= 0) {
                    break;
                }
                i = i2;
            }
        }
        return null;
    }

    private static byte[] decrypt(PrivateKey privateKey, String str) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException {
        if (str == null) {
            return null;
        }
        byte[] decode = Base64.decode(str, 0);
        Cipher cipher = Cipher.getInstance(RSA_ECB_PKCS1_PADDING);
        cipher.init(2, privateKey);
        return cipher.doFinal(decode);
    }

    private static String encrypt(PublicKey publicKey, byte[] bArr) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException {
        Cipher cipher = Cipher.getInstance(RSA_ECB_PKCS1_PADDING);
        cipher.init(1, publicKey);
        return Base64.encodeToString(cipher.doFinal(bArr), 0);
    }

    /* JADX WARN: Removed duplicated region for block: B:19:0x005f A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private static java.lang.String encrypt(byte[] r7) {
        /*
            java.lang.String r0 = "EncryptionKeyAlias"
            r1 = 0
            r2 = 0
            java.lang.String r3 = "AndroidKeyStore"
            java.security.KeyStore r3 = java.security.KeyStore.getInstance(r3)     // Catch: java.io.IOException -> L3d java.security.cert.CertificateException -> L3f java.security.KeyStoreException -> L41 javax.crypto.BadPaddingException -> L43 javax.crypto.IllegalBlockSizeException -> L45 javax.crypto.NoSuchPaddingException -> L47 java.security.InvalidKeyException -> L49 java.security.NoSuchAlgorithmException -> L4b
            r3.load(r2)     // Catch: java.io.IOException -> L2d java.security.cert.CertificateException -> L2f java.security.KeyStoreException -> L31 javax.crypto.BadPaddingException -> L33 javax.crypto.IllegalBlockSizeException -> L35 javax.crypto.NoSuchPaddingException -> L37 java.security.InvalidKeyException -> L39 java.security.NoSuchAlgorithmException -> L3b
            java.security.cert.Certificate r4 = r3.getCertificate(r0)     // Catch: java.io.IOException -> L2d java.security.cert.CertificateException -> L2f java.security.KeyStoreException -> L31 javax.crypto.BadPaddingException -> L33 javax.crypto.IllegalBlockSizeException -> L35 javax.crypto.NoSuchPaddingException -> L37 java.security.InvalidKeyException -> L39 java.security.NoSuchAlgorithmException -> L3b
            if (r4 != 0) goto L14
            return r2
        L14:
            java.security.cert.Certificate r4 = r3.getCertificate(r0)     // Catch: java.io.IOException -> L2d java.security.cert.CertificateException -> L2f java.security.KeyStoreException -> L31 javax.crypto.BadPaddingException -> L33 javax.crypto.IllegalBlockSizeException -> L35 javax.crypto.NoSuchPaddingException -> L37 java.security.InvalidKeyException -> L39 java.security.NoSuchAlgorithmException -> L3b
            java.security.PublicKey r4 = r4.getPublicKey()     // Catch: java.io.IOException -> L2d java.security.cert.CertificateException -> L2f java.security.KeyStoreException -> L31 javax.crypto.BadPaddingException -> L33 javax.crypto.IllegalBlockSizeException -> L35 javax.crypto.NoSuchPaddingException -> L37 java.security.InvalidKeyException -> L39 java.security.NoSuchAlgorithmException -> L3b
            if (r4 != 0) goto L28
            com.nmwco.mobility.client.gen.EventCategories r7 = com.nmwco.mobility.client.gen.EventCategories.EV_SRC_NOMAD_SECURITY     // Catch: java.io.IOException -> L2d java.security.cert.CertificateException -> L2f java.security.KeyStoreException -> L31 javax.crypto.BadPaddingException -> L33 javax.crypto.IllegalBlockSizeException -> L35 javax.crypto.NoSuchPaddingException -> L37 java.security.InvalidKeyException -> L39 java.security.NoSuchAlgorithmException -> L3b
            com.nmwco.mobility.client.gen.Messages r4 = com.nmwco.mobility.client.gen.Messages.EV_CONFIG_ENCRYPTION_KEY_NOT_FOUND     // Catch: java.io.IOException -> L2d java.security.cert.CertificateException -> L2f java.security.KeyStoreException -> L31 javax.crypto.BadPaddingException -> L33 javax.crypto.IllegalBlockSizeException -> L35 javax.crypto.NoSuchPaddingException -> L37 java.security.InvalidKeyException -> L39 java.security.NoSuchAlgorithmException -> L3b
            java.lang.Object[] r5 = new java.lang.Object[r1]     // Catch: java.io.IOException -> L2d java.security.cert.CertificateException -> L2f java.security.KeyStoreException -> L31 javax.crypto.BadPaddingException -> L33 javax.crypto.IllegalBlockSizeException -> L35 javax.crypto.NoSuchPaddingException -> L37 java.security.InvalidKeyException -> L39 java.security.NoSuchAlgorithmException -> L3b
            com.nmwco.mobility.client.logging.Log.e(r7, r4, r5)     // Catch: java.io.IOException -> L2d java.security.cert.CertificateException -> L2f java.security.KeyStoreException -> L31 javax.crypto.BadPaddingException -> L33 javax.crypto.IllegalBlockSizeException -> L35 javax.crypto.NoSuchPaddingException -> L37 java.security.InvalidKeyException -> L39 java.security.NoSuchAlgorithmException -> L3b
            return r2
        L28:
            java.lang.String r7 = encrypt(r4, r7)     // Catch: java.io.IOException -> L2d java.security.cert.CertificateException -> L2f java.security.KeyStoreException -> L31 javax.crypto.BadPaddingException -> L33 javax.crypto.IllegalBlockSizeException -> L35 javax.crypto.NoSuchPaddingException -> L37 java.security.InvalidKeyException -> L39 java.security.NoSuchAlgorithmException -> L3b
            return r7
        L2d:
            r7 = move-exception
            goto L4d
        L2f:
            r7 = move-exception
            goto L4d
        L31:
            r7 = move-exception
            goto L4d
        L33:
            r7 = move-exception
            goto L4d
        L35:
            r7 = move-exception
            goto L4d
        L37:
            r7 = move-exception
            goto L4d
        L39:
            r7 = move-exception
            goto L4d
        L3b:
            r7 = move-exception
            goto L4d
        L3d:
            r7 = move-exception
            goto L4c
        L3f:
            r7 = move-exception
            goto L4c
        L41:
            r7 = move-exception
            goto L4c
        L43:
            r7 = move-exception
            goto L4c
        L45:
            r7 = move-exception
            goto L4c
        L47:
            r7 = move-exception
            goto L4c
        L49:
            r7 = move-exception
            goto L4c
        L4b:
            r7 = move-exception
        L4c:
            r3 = r2
        L4d:
            com.nmwco.mobility.client.gen.EventCategories r4 = com.nmwco.mobility.client.gen.EventCategories.EV_SRC_NOMAD_SECURITY
            com.nmwco.mobility.client.gen.Messages r5 = com.nmwco.mobility.client.gen.Messages.EV_CONFIG_ENCRYPTION_FAILED
            r6 = 1
            java.lang.Object[] r6 = new java.lang.Object[r6]
            java.lang.String r7 = r7.getMessage()
            r6[r1] = r7
            com.nmwco.mobility.client.logging.Log.e(r4, r5, r6)
            if (r3 == 0) goto L62
            r3.deleteEntry(r0)     // Catch: java.lang.Exception -> L62
        L62:
            return r2
        */
        throw new UnsupportedOperationException("Method not decompiled: com.nmwco.mobility.client.configuration.EncryptionKey.encrypt(byte[]):java.lang.String");
    }

    public static byte[] getEncryptionKey() {
        String string = Config.getString(MesCfgSettings.MESCFGS_SECRET, (String) null);
        if (string == null) {
            return null;
        }
        return decrypt(string);
    }

    public static void removeEncryptionKey() throws Exception {
        KeyStore keyStore = KeyStore.getInstance(KEYSTORE_PROVIDER_ANDROID_KEYSTORE);
        keyStore.load(null);
        if (keyStore.getCertificate(MOBILITY_KEY_ALIAS) != null) {
            keyStore.deleteEntry(MOBILITY_KEY_ALIAS);
        }
        Config.deleteKey(MesCfgSettings.MESCFGS_SECRET);
    }

    public static int saveEncryptionKey(byte[] bArr) {
        if (!createKeyInStore(SharedApplication.getSharedApplicationContext())) {
            return NmStatus.NM_STAT_ERROR_PARAMETER;
        }
        String encrypt = encrypt(bArr);
        if (encrypt == null) {
            return Integer.MIN_VALUE;
        }
        Config.setString(MesCfgSettings.MESCFGS_SECRET, encrypt);
        return 0;
    }
}
