package com.newbalance.loyalty.manager;

import android.content.Context;
import android.content.SharedPreferences;
import android.support.annotation.NonNull;
import android.util.Base64;
import com.newbalance.loyalty.utils.AnalyticsUtil;
import com.newbalance.security.KeyGenerator;
import com.newbalance.security.RSAEncryption;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.Key;
import java.security.KeyStore;
import java.security.ProviderException;
import java.security.cert.X509Certificate;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: classes2.dex */
public class EncryptionManager {
    private static final String KEY_ALGORITHM = "AES";
    private static final String NB_RSA_KEY = "NB_RSA_KEY";
    private static final String PREF_ENCRYPT_KEY = "NB_ENCRYPT_KEY";
    protected static final String PREF_NB = "NEW_BALANCE";
    private Context mContext;

    public EncryptionManager(@NonNull Context context) {
        this.mContext = context;
    }

    public Context getContext() {
        return this.mContext;
    }

    public Key getDefaultAESKey() {
        byte[] rsaDecrypt;
        SharedPreferences sharedPreferences = getContext().getSharedPreferences(PREF_NB, 0);
        String string = sharedPreferences.getString(PREF_ENCRYPT_KEY, null);
        try {
            if (string == null) {
                rsaDecrypt = new KeyGenerator().generateAESEncryptionKey();
                String encodeToString = Base64.encodeToString(new RSAEncryption().rsaEncrypt(rsaDecrypt, getDefaultRSAKeyEntry(false)), 0);
                SharedPreferences.Editor edit = sharedPreferences.edit();
                edit.putString(PREF_ENCRYPT_KEY, encodeToString);
                edit.commit();
            } else {
                rsaDecrypt = new RSAEncryption().rsaDecrypt(Base64.decode(string, 0), getDefaultRSAKeyEntry(false));
            }
            return new SecretKeySpec(rsaDecrypt, KEY_ALGORITHM);
        } catch (IOException | IllegalStateException | GeneralSecurityException | ProviderException e) {
            AnalyticsUtil.getInstance().logException(e);
            return null;
        }
    }

    public KeyStore.PrivateKeyEntry getDefaultRSAKeyEntry(boolean z) throws GeneralSecurityException, ProviderException, IOException {
        KeyGenerator keyGenerator = new KeyGenerator();
        KeyStore keyStore = keyGenerator.getKeyStore();
        if (!keyStore.containsAlias(NB_RSA_KEY)) {
            keyGenerator.generateRSAKeyEntry(getContext(), NB_RSA_KEY);
            return (KeyStore.PrivateKeyEntry) keyStore.getEntry(NB_RSA_KEY, null);
        }
        KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry(NB_RSA_KEY, null);
        X509Certificate x509Certificate = (X509Certificate) privateKeyEntry.getCertificate();
        if (!z) {
            return privateKeyEntry;
        }
        x509Certificate.checkValidity();
        return privateKeyEntry;
    }
}
