package com.jackhenry.godough.core.util.StorageBundle.Keys;

import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import com.jackhenry.godough.core.GoDoughApp;
import com.jackhenry.godough.core.R;
import com.jackhenry.godough.error.GoDoughException;
import com.jackhenry.godough.utils.JHALogger;
import java.math.BigInteger;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.RSAKeyGenParameterSpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Calendar;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes2.dex */
public class RSAKeyFactory {
    public static final String BIOMETRIC_KEYSTORE_ALIAS = "BIOMETRIC_KEYSTORE_ALIAS";
    public static final String DEFAULT_KEYSTORE_ALIAS = "Default";
    private static final int KEY_AGE_YEARS = 25;
    private static final int RSA_KEY_SIZE = 2048;
    private static final String X500_String = "CN=%1$s, O=Android Authority";
    private String alias;
    private KeyStore keyStore = null;

    public RSAKeyFactory(String str) {
        this.alias = str;
    }

    private AlgorithmParameterSpec genRSAKeySpec(boolean z) {
        Calendar calendar = Calendar.getInstance();
        Calendar calendar2 = Calendar.getInstance();
        calendar2.add(1, 25);
        String string = GoDoughApp.getApp().getString(R.string.app_name);
        RSAKeyGenParameterSpec rSAKeyGenParameterSpec = new RSAKeyGenParameterSpec(2048, RSAKeyGenParameterSpec.F4);
        if (Build.VERSION.SDK_INT < 23) {
            return new KeyPairGeneratorSpec.Builder(GoDoughApp.getApp()).setAlias(this.alias).setSubject(new X500Principal(String.format(X500_String, string))).setKeySize(2048).setSerialNumber(BigInteger.ONE).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build();
        }
        KeyGenParameterSpec.Builder userAuthenticationRequired = new KeyGenParameterSpec.Builder(this.alias, 3).setAlgorithmParameterSpec(rSAKeyGenParameterSpec).setBlockModes("ECB").setCertificateSubject(new X500Principal(String.format(X500_String, string))).setCertificateNotAfter(calendar2.getTime()).setCertificateNotBefore(calendar.getTime()).setCertificateSerialNumber(BigInteger.ONE).setDigests("SHA-256", "SHA-1").setEncryptionPaddings("OAEPPadding").setUserAuthenticationRequired(z);
        if (Build.VERSION.SDK_INT >= 24) {
            userAuthenticationRequired.setInvalidatedByBiometricEnrollment(z);
        }
        return userAuthenticationRequired.build();
    }

    private KeyPair getKeyPair(String str) {
        PrivateKey privateKey = (PrivateKey) getKeyStore().getKey(str, null);
        PublicKey publicKey = getKeyStore().getCertificate(str).getPublicKey();
        return new KeyPair(KeyFactory.getInstance(publicKey.getAlgorithm()).generatePublic(new X509EncodedKeySpec(publicKey.getEncoded())), privateKey);
    }

    private KeyStore getKeyStore() {
        if (this.keyStore == null) {
            this.keyStore = KeyStore.getInstance("AndroidKeyStore");
            try {
                this.keyStore.load(null);
            } catch (Exception e) {
                e.printStackTrace();
                throw new KeyStoreException("Error accessing Android Key Store");
            }
        }
        return this.keyStore;
    }

    public KeyPair initializeKeys(boolean z) {
        try {
            if (getKeyStore().containsAlias(this.alias)) {
                return getKeyPair(this.alias);
            }
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
            JHALogger.warning("Generating Keys");
            AlgorithmParameterSpec genRSAKeySpec = genRSAKeySpec(z);
            if (genRSAKeySpec == null) {
                throw new GoDoughException(GoDoughApp.getApp().getString(R.string.dg_no_account_msg), 1000);
            }
            keyPairGenerator.initialize(genRSAKeySpec);
            return keyPairGenerator.generateKeyPair();
        } catch (Exception e) {
            e.printStackTrace();
            throw new GoDoughException(GoDoughApp.getApp().getString(R.string.dg_no_account_msg), 1000);
        }
    }
}
