package com.symantec.secureenclave;

import android.os.Build;
import android.security.keystore.KeyGenParameterSpec;
import android.security.keystore.KeyInfo;
import android.security.keystore.KeyPermanentlyInvalidatedException;
import android.util.Log;
import com.google.android.gms.stats.CodePackage;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PublicKey;
import java.security.UnrecoverableEntryException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.MGF1ParameterSpec;
import java.security.spec.X509EncodedKeySpec;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.GCMParameterSpec;
import javax.crypto.spec.OAEPParameterSpec;
import javax.crypto.spec.PSource;

/* loaded from: classes2.dex */
public class KeyManager {
    private String TAG = KeyManager.class.getName();
    private KeyStore dfr;

    private KeyManager() {
    }

    public KeyManager(String str) throws KeyDataException {
        if (!"AndroidKeyStore".equals(str)) {
            Log.e(this.TAG, KeyDataExceptionType.KEYSTORE_ERROR.toString());
            throw new KeyDataException(KeyDataExceptionType.KEYSTORE_ERROR.getValue());
        }
        try {
            this.dfr = KeyStore.getInstance(str);
            this.dfr.load(null);
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            Log.e(this.TAG, e.getMessage());
            throw new KeyDataException(e.getMessage());
        }
    }

    private boolean a(CipherInfo cipherInfo) throws KeyDataException {
        return isKeyExist(cipherInfo.getAlias()) && this.dfr.getProvider().toString().contains(cipherInfo.getKeyStoreProvider()) && cipherInfo.getEncryptDecryptAlgorithm().equals(KeySchema.SYMMETRIC_CIPHER_STRING) && cipherInfo.getAlias() != null && !cipherInfo.getAlias().trim().isEmpty() && this.dfr != null;
    }

    private boolean a(KeyData keyData) throws KeyDataException {
        if (!this.dfr.getProvider().toString().contains(keyData.getKeyStoreProvider()) || !"RSA".equals(keyData.getKeyGenerationAlgorithm()) || keyData.getEncryptionPadding() == null || keyData.getAlias() == null || keyData.getAlias().trim().isEmpty()) {
            return false;
        }
        if ("SHA-512".equals(keyData.getDigest()) || "SHA-256".equals(keyData.getDigest())) {
            return keyData.getKeySize() == 1024 || keyData.getKeySize() == 2048 || keyData.getKeySize() == 4096;
        }
        return false;
    }

    private boolean b(CipherInfo cipherInfo) throws KeyDataException {
        return isKeyExist(cipherInfo.getAlias()) && this.dfr.getProvider().toString().contains(cipherInfo.getKeyStoreProvider()) && cipherInfo.getEncryptDecryptAlgorithm().equals(KeySchema.ASYMMETRIC_CIPHER_STRING) && cipherInfo.getAlias() != null && !cipherInfo.getAlias().trim().isEmpty() && this.dfr != null;
    }

    public SecureBinary asymmetricDecryption(SecureBinary secureBinary, CipherInfo cipherInfo) throws KeyDataException, KeyPermanentlyInvalidatedException {
        boolean b = b(cipherInfo);
        if (secureBinary == null || !b) {
            StringBuilder sb = new StringBuilder();
            sb.append(KeyDataExceptionType.ASYMMETRIC_DECRYPTION_PARAM_ERROR.getValue());
            sb.append(!b ? " cipherInfo is not Valid" : " cipherText is null");
            throw new KeyDataException(sb.toString());
        }
        try {
            KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) this.dfr.getEntry(cipherInfo.getAlias(), null);
            if (privateKeyEntry == null || privateKeyEntry.getPrivateKey() == null) {
                throw new KeyDataException(KeyDataExceptionType.PRIVATE_KEYENTRY_ERROR.getValue());
            }
            Cipher cipher = Cipher.getInstance(cipherInfo.getEncryptDecryptAlgorithm());
            cipher.init(2, privateKeyEntry.getPrivateKey());
            return new SecureBinary(cipher.doFinal(secureBinary.access()));
        } catch (KeyPermanentlyInvalidatedException e) {
            throw e;
        } catch (InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableEntryException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException unused) {
            throw new KeyDataException(KeyDataExceptionType.ASYMMETRIC_DECRYTION_FAILED.getValue());
        }
    }

    public SecureBinary asymmetricEncryption(SecureBinary secureBinary, CipherInfo cipherInfo, KeyData keyData) throws KeyDataException {
        if (secureBinary == null || !b(cipherInfo) || !a(keyData)) {
            throw new KeyDataException(KeyDataExceptionType.ASYMMETRIC_ENCRYPTION_PARAM_ERROR.getValue());
        }
        try {
            PublicKey publicKey = this.dfr.getCertificate(cipherInfo.getAlias()).getPublicKey();
            if (publicKey == null) {
                Log.e(this.TAG, KeyDataExceptionType.PUBLIC_KEYENTRY_ERROR.toString());
                throw new KeyDataException(KeyDataExceptionType.PUBLIC_KEYENTRY_ERROR.getValue());
            }
            Cipher cipher = Cipher.getInstance(cipherInfo.getEncryptDecryptAlgorithm());
            cipher.init(1, publicKey, new OAEPParameterSpec(keyData.getDigest(), KeySchema.MGF_PARAM, MGF1ParameterSpec.SHA1, PSource.PSpecified.DEFAULT));
            return new SecureBinary(cipher.doFinal(secureBinary.access()));
        } catch (InvalidAlgorithmParameterException | InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e) {
            Log.e(this.TAG, e.getMessage());
            throw new KeyDataException(KeyDataExceptionType.ASYMMETRIC_ENCRYTION_FAILED.getValue());
        }
    }

    public SecureBinary asymmetricEncryptionWithPublicKey(SecureBinary secureBinary, byte[] bArr, CipherInfo cipherInfo, KeyData keyData) throws KeyDataException {
        if (secureBinary == null || !b(cipherInfo) || !a(keyData)) {
            throw new KeyDataException(KeyDataExceptionType.ASYMMETRIC_ENCRYPTION_PARAM_ERROR.getValue());
        }
        try {
            PublicKey generatePublic = KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(bArr));
            if (generatePublic == null) {
                Log.e(this.TAG, KeyDataExceptionType.PUBLIC_KEYENTRY_ERROR.toString());
                throw new KeyDataException(KeyDataExceptionType.PUBLIC_KEYENTRY_ERROR.getValue());
            }
            Cipher cipher = Cipher.getInstance(cipherInfo.getEncryptDecryptAlgorithm());
            cipher.init(1, generatePublic, new OAEPParameterSpec(keyData.getDigest(), KeySchema.MGF_PARAM, MGF1ParameterSpec.SHA512, PSource.PSpecified.DEFAULT));
            return new SecureBinary(cipher.doFinal(secureBinary.access()));
        } catch (InvalidAlgorithmParameterException e) {
            e = e;
            Log.e(this.TAG, e.getMessage());
            throw new KeyDataException(KeyDataExceptionType.ASYMMETRIC_ENCRYTION_FAILED.getValue());
        } catch (InvalidKeyException e2) {
            e = e2;
            Log.e(this.TAG, e.getMessage());
            throw new KeyDataException(KeyDataExceptionType.ASYMMETRIC_ENCRYTION_FAILED.getValue());
        } catch (NoSuchAlgorithmException e3) {
            e = e3;
            Log.e(this.TAG, e.getMessage());
            throw new KeyDataException(KeyDataExceptionType.ASYMMETRIC_ENCRYTION_FAILED.getValue());
        } catch (InvalidKeySpecException e4) {
            e4.printStackTrace();
            throw new KeyDataException(KeyDataExceptionType.ASYMMETRIC_ENCRYTION_FAILED.getValue());
        } catch (BadPaddingException e5) {
            e = e5;
            Log.e(this.TAG, e.getMessage());
            throw new KeyDataException(KeyDataExceptionType.ASYMMETRIC_ENCRYTION_FAILED.getValue());
        } catch (IllegalBlockSizeException e6) {
            e = e6;
            Log.e(this.TAG, e.getMessage());
            throw new KeyDataException(KeyDataExceptionType.ASYMMETRIC_ENCRYTION_FAILED.getValue());
        } catch (NoSuchPaddingException e7) {
            e = e7;
            Log.e(this.TAG, e.getMessage());
            throw new KeyDataException(KeyDataExceptionType.ASYMMETRIC_ENCRYTION_FAILED.getValue());
        }
    }

    public boolean deleteKey(String str) {
        if (str != null && !str.trim().isEmpty()) {
            try {
                this.dfr.deleteEntry(str);
                return true;
            } catch (KeyStoreException e) {
                Log.e(this.TAG, e.getMessage());
            }
        }
        return false;
    }

    public void generateAsymmetricKeyPair(KeyData keyData) throws KeyDataException {
        if (!a(keyData)) {
            throw new KeyDataException(KeyDataExceptionType.ASYMMETRIC_KEYDATA_ERROR.getValue());
        }
        if (isKeyExist(keyData.getAlias())) {
            throw new KeyDataException(KeyDataExceptionType.ASYMMETRIC_KEY_EXISTS.getValue());
        }
        try {
            StringBuilder sb = new StringBuilder();
            sb.append(this.TAG);
            sb.append(KeySchema.TIMER);
            String.valueOf(System.currentTimeMillis());
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(keyData.getKeyGenerationAlgorithm(), keyData.getKeyStoreProvider());
            keyPairGenerator.initialize(new KeyGenParameterSpec.Builder(keyData.getAlias(), 3).setEncryptionPaddings(keyData.getEncryptionPadding()).setKeySize(keyData.getKeySize()).setDigests(keyData.getDigest()).build());
            keyPairGenerator.generateKeyPair();
            StringBuilder sb2 = new StringBuilder();
            sb2.append(this.TAG);
            sb2.append(KeySchema.TIMER);
            String.valueOf(System.currentTimeMillis());
        } catch (InvalidAlgorithmParameterException | NoSuchAlgorithmException | NoSuchProviderException e) {
            Log.e(this.TAG, e.getMessage());
        }
    }

    public void generateAsymmetricKeyPairWithAuth(KeyData keyData) throws KeyDataException {
        if (!a(keyData)) {
            throw new KeyDataException(KeyDataExceptionType.ASYMMETRIC_KEYDATA_ERROR.getValue());
        }
        if (isKeyExist(keyData.getAlias())) {
            throw new KeyDataException(KeyDataExceptionType.ASYMMETRIC_KEY_EXISTS.getValue());
        }
        try {
            StringBuilder sb = new StringBuilder();
            sb.append(this.TAG);
            sb.append(KeySchema.TIMER);
            String.valueOf(System.currentTimeMillis());
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(keyData.getKeyGenerationAlgorithm(), keyData.getKeyStoreProvider());
            KeyGenParameterSpec.Builder builder = new KeyGenParameterSpec.Builder(keyData.getAlias(), 3);
            builder.setEncryptionPaddings(keyData.getEncryptionPadding());
            builder.setKeySize(keyData.getKeySize());
            builder.setDigests(keyData.getDigest());
            builder.setUserAuthenticationRequired(keyData.getIsUserAuthNeeded());
            if (Build.VERSION.SDK_INT >= 24) {
                builder.setInvalidatedByBiometricEnrollment(false);
            }
            keyPairGenerator.initialize(builder.build());
            keyPairGenerator.generateKeyPair();
            StringBuilder sb2 = new StringBuilder();
            sb2.append(this.TAG);
            sb2.append(KeySchema.TIMER);
            String.valueOf(System.currentTimeMillis());
        } catch (InvalidAlgorithmParameterException | NoSuchAlgorithmException | NoSuchProviderException e) {
            Log.e(this.TAG, e.getMessage());
        }
    }

    public void generateSymmetricKey(KeyData keyData) throws KeyDataException {
        if (!(this.dfr.getProvider().toString().contains(keyData.getKeyStoreProvider()) && "AES".equals(keyData.getKeyGenerationAlgorithm()) && "NoPadding".equals(keyData.getEncryptionPadding()) && keyData.getAlias() != null && !keyData.getAlias().trim().isEmpty() && (keyData.getKeySize() == 128 || keyData.getKeySize() == 192 || keyData.getKeySize() == 256))) {
            throw new KeyDataException(KeyDataExceptionType.SYMMETRIC_KEYDATA_ERROR.getValue());
        }
        if (isKeyExist(keyData.getAlias())) {
            throw new KeyDataException(KeyDataExceptionType.ASYMMETRIC_KEY_EXISTS.getValue());
        }
        try {
            StringBuilder sb = new StringBuilder();
            sb.append(this.TAG);
            sb.append(KeySchema.TIMER);
            String.valueOf(System.currentTimeMillis());
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", keyData.getKeyStoreProvider());
            keyGenerator.init(new KeyGenParameterSpec.Builder(keyData.getAlias(), 3).setEncryptionPaddings("NoPadding").setKeySize(keyData.getKeySize()).setBlockModes(CodePackage.GCM).build());
            keyGenerator.generateKey();
            StringBuilder sb2 = new StringBuilder();
            sb2.append(this.TAG);
            sb2.append(KeySchema.TIMER);
            String.valueOf(System.currentTimeMillis());
        } catch (InvalidAlgorithmParameterException | NoSuchAlgorithmException | NoSuchProviderException e) {
            Log.e(this.TAG, e.getMessage());
        }
    }

    public SecureBinary getPublicKey(String str) throws KeyDataException {
        if (str == null || str.trim().isEmpty()) {
            throw new KeyDataException(KeyDataExceptionType.PUBLIC_KEY_ERROR.getValue());
        }
        try {
            return new SecureBinary(this.dfr.getCertificate(str).getPublicKey().getEncoded());
        } catch (KeyStoreException e) {
            Log.e(this.TAG, e.getMessage());
            throw new KeyDataException(KeyDataExceptionType.PUBLIC_KEY_ERROR.getValue());
        }
    }

    public byte[] getSymmetricKey(String str) throws KeyDataException {
        try {
            KeyStore.SecretKeyEntry secretKeyEntry = (KeyStore.SecretKeyEntry) this.dfr.getEntry(str, null);
            if (secretKeyEntry == null || secretKeyEntry.getSecretKey() == null) {
                throw new KeyDataException(KeyDataExceptionType.SECRET_KEYENTRY_ERROR.getValue());
            }
            return secretKeyEntry.getSecretKey().getEncoded();
        } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableEntryException e) {
            new StringBuilder("Exception: ").append(e.getMessage());
            throw new KeyDataException(KeyDataExceptionType.SECRET_KEYENTRY_ERROR.getValue());
        }
    }

    public boolean isKeyExist(String str) {
        if (str != null && !str.trim().isEmpty()) {
            try {
                if (this.dfr.getKey(str, null) != null) {
                    return true;
                }
            } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException e) {
                Log.e(this.TAG, e.getMessage());
            }
        }
        return false;
    }

    public boolean isSecureHardwarePresent() throws KeyDataException {
        try {
            try {
                StringBuilder sb = new StringBuilder();
                sb.append(this.TAG);
                sb.append(KeySchema.TIMER);
                String.valueOf(System.currentTimeMillis());
                KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", "AndroidKeyStore");
                keyGenerator.init(new KeyGenParameterSpec.Builder(KeySchema.ANDROID_KEY_ALIAS, 3).setBlockModes(CodePackage.GCM).setEncryptionPaddings("NoPadding").build());
                SecretKey generateKey = keyGenerator.generateKey();
                if (((KeyInfo) SecretKeyFactory.getInstance(generateKey.getAlgorithm(), "AndroidKeyStore").getKeySpec(generateKey, KeyInfo.class)).isInsideSecureHardware()) {
                    deleteKey(KeySchema.ANDROID_KEY_ALIAS);
                    StringBuilder sb2 = new StringBuilder();
                    sb2.append(this.TAG);
                    sb2.append(KeySchema.TIMER);
                    String.valueOf(System.currentTimeMillis());
                    return true;
                }
                deleteKey(KeySchema.ANDROID_KEY_ALIAS);
                StringBuilder sb3 = new StringBuilder();
                sb3.append(this.TAG);
                sb3.append(KeySchema.TIMER);
                String.valueOf(System.currentTimeMillis());
                return false;
            } catch (Throwable th) {
                deleteKey(KeySchema.ANDROID_KEY_ALIAS);
                StringBuilder sb4 = new StringBuilder();
                sb4.append(this.TAG);
                sb4.append(KeySchema.TIMER);
                String.valueOf(System.currentTimeMillis());
                throw th;
            }
        } catch (InvalidAlgorithmParameterException | NoSuchAlgorithmException | NoSuchProviderException | InvalidKeySpecException e) {
            Log.e(this.TAG, e.getMessage());
            deleteKey(KeySchema.ANDROID_KEY_ALIAS);
            StringBuilder sb5 = new StringBuilder();
            sb5.append(this.TAG);
            sb5.append(KeySchema.TIMER);
            String.valueOf(System.currentTimeMillis());
            throw new KeyDataException(KeyDataExceptionType.SECURE_HARDWARE_EXCEPTION.getValue());
        }
    }

    public SecureBinary symmetricDecryption(SecureBinary secureBinary, byte[] bArr, CipherInfo cipherInfo) throws KeyDataException {
        if (secureBinary == null || bArr == null || !a(cipherInfo)) {
            throw new KeyDataException(KeyDataExceptionType.SYMMETRIC_DECRYPTION_PARAM_ERROR.getValue());
        }
        try {
            KeyStore.SecretKeyEntry secretKeyEntry = (KeyStore.SecretKeyEntry) this.dfr.getEntry(cipherInfo.getAlias(), null);
            if (secretKeyEntry == null || secretKeyEntry.getSecretKey() == null) {
                throw new KeyDataException(KeyDataExceptionType.SECRET_KEYENTRY_ERROR.getValue());
            }
            GCMParameterSpec gCMParameterSpec = new GCMParameterSpec(128, bArr);
            Cipher cipher = Cipher.getInstance(cipherInfo.getEncryptDecryptAlgorithm());
            cipher.init(2, secretKeyEntry.getSecretKey(), gCMParameterSpec);
            return new SecureBinary(cipher.doFinal(secureBinary.access()));
        } catch (InvalidAlgorithmParameterException | InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableEntryException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e) {
            Log.e(this.TAG, e.getMessage());
            throw new KeyDataException(KeyDataExceptionType.SYMMETRIC_DECRYTION_FAILED.getValue());
        }
    }

    public CipherResult symmetricEncryption(SecureBinary secureBinary, CipherInfo cipherInfo) throws KeyDataException {
        if (secureBinary == null || !a(cipherInfo)) {
            throw new KeyDataException(KeyDataExceptionType.SYMMETRIC_ENCRYPTION_PARAM_ERROR.getValue());
        }
        try {
            CipherResult cipherResult = new CipherResult();
            Cipher cipher = Cipher.getInstance(cipherInfo.getEncryptDecryptAlgorithm());
            KeyStore.SecretKeyEntry secretKeyEntry = (KeyStore.SecretKeyEntry) this.dfr.getEntry(cipherInfo.getAlias(), null);
            if (secretKeyEntry == null) {
                throw new KeyDataException(KeyDataExceptionType.SECRET_KEYENTRY_ERROR.getValue());
            }
            cipher.init(1, secretKeyEntry.getSecretKey());
            cipherResult.setIV(new SecureBinary(cipher.getIV()));
            cipherResult.setEncryptedData(new SecureBinary(cipher.doFinal(secureBinary.access())));
            return cipherResult;
        } catch (InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableEntryException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e) {
            Log.e(this.TAG, e.getMessage());
            throw new KeyDataException(KeyDataExceptionType.SYMMETRIC_ENCRYTION_FAILED.getValue());
        }
    }
}
