package net.juniper.junos.pulse.android.util;

import android.annotation.TargetApi;
import android.content.Context;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.text.TextUtils;
import com.rsa.crypto.AlgorithmStrings;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.util.Date;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes2.dex */
class KeyStoreWrapper {
    private static final String KEYSTORE_PROVIDER_ANDROID_KEYSTORE = "AndroidKeyStore";
    private static final String TAG = "KeyStoreWrapper";
    public static final String TRANSFORMATION = "RSA/ECB/PKCS1Padding";
    public static final String TYPE = "RSA";
    Context mContext;
    KeyStore mKeyStore;
    String mType;
    private static final Date DEFAULT_CERT_NOT_BEFORE = new Date(0);
    private static final Date DEFAULT_CERT_NOT_AFTER = new Date(2461449600000L);

    public KeyStoreWrapper(Context context, String str) {
        this.mContext = context;
        this.mType = TextUtils.isEmpty(str) ? "RSA" : str;
        try {
            this.mKeyStore = createAndroidKeyStore();
        } catch (IOException e) {
            e.printStackTrace();
        } catch (KeyStoreException e2) {
            e2.printStackTrace();
        } catch (NoSuchAlgorithmException e3) {
            e3.printStackTrace();
        } catch (CertificateException e4) {
            e4.printStackTrace();
        }
    }

    private KeyStore createAndroidKeyStore() throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException {
        KeyStore keyStore = KeyStore.getInstance(KEYSTORE_PROVIDER_ANDROID_KEYSTORE);
        keyStore.load(null);
        return keyStore;
    }

    @TargetApi(23)
    private void initGeneratorWithKeyGenParameterSpec(KeyPairGenerator keyPairGenerator, String str) throws InvalidAlgorithmParameterException {
        keyPairGenerator.initialize(new KeyGenParameterSpec.Builder(str, 3).setBlockModes(AlgorithmStrings.ECB).setEncryptionPaddings("PKCS1Padding").setCertificateSubject(new X500Principal("CN=" + str)).build());
    }

    private void initGeneratorWithKeyPairGeneratorSpec(KeyPairGenerator keyPairGenerator, String str) throws InvalidAlgorithmParameterException {
        keyPairGenerator.initialize(new KeyPairGeneratorSpec.Builder(this.mContext).setAlias(str).setSerialNumber(BigInteger.ONE).setSubject(new X500Principal("CN=" + str)).setStartDate(DEFAULT_CERT_NOT_BEFORE).setEndDate(DEFAULT_CERT_NOT_AFTER).build());
    }

    private boolean isMarshmallowAndAbove() {
        return Build.VERSION.SDK_INT >= 23;
    }

    private void removeAndroidKeyStoreKey(String str) throws KeyStoreException {
        this.mKeyStore.deleteEntry(str);
    }

    public KeyPair createAndroidKeyStoreAsymmetricKey(String str) {
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(this.mType, KEYSTORE_PROVIDER_ANDROID_KEYSTORE);
            if (isMarshmallowAndAbove()) {
                initGeneratorWithKeyGenParameterSpec(keyPairGenerator, str);
            } else {
                initGeneratorWithKeyPairGeneratorSpec(keyPairGenerator, str);
            }
            return keyPairGenerator.generateKeyPair();
        } catch (InvalidAlgorithmParameterException unused) {
            Log.w(TAG, "No such provider: AndroidKeyStore");
            return null;
        } catch (NoSuchAlgorithmException e) {
            Log.w(TAG, "RSA not supported", e);
            return null;
        } catch (NoSuchProviderException e2) {
            Log.w(TAG, "Invalid Algorithm Parameter Exception", e2);
            return null;
        }
    }

    public KeyPair getAndroidKeyStoreAsymmetricKeyPair(String str) {
        try {
            Key key = this.mKeyStore.getKey(str, null);
            Certificate certificate = this.mKeyStore.getCertificate(str);
            if (certificate == null) {
                return null;
            }
            PublicKey publicKey = certificate.getPublicKey();
            if (key != null && publicKey != null && (key instanceof PrivateKey)) {
                return new KeyPair(publicKey, (PrivateKey) key);
            }
            return null;
        } catch (KeyStoreException e) {
            e.printStackTrace();
        } catch (NoSuchAlgorithmException e2) {
            e2.printStackTrace();
        } catch (UnrecoverableKeyException e3) {
            e3.printStackTrace();
        }
        return null;
    }
}
