package com.dyson.mobile.android.datastore.secure.datastorecrypt;

import android.annotation.TargetApi;
import android.security.keystore.KeyGenParameterSpec;
import android.support.annotation.NonNull;
import com.dyson.mobile.android.reporting.Logger;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.UnrecoverableEntryException;
import java.security.cert.CertificateException;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.GCMParameterSpec;
import javax.security.auth.x500.X500Principal;

/* compiled from: DataStoreCryptAES.java */
@TargetApi(23)
/* loaded from: classes.dex */
class b implements a {

    /* renamed from: a, reason: collision with root package name */
    private final KeyStore f3732a = c();

    /* renamed from: b, reason: collision with root package name */
    private final String f3733b;

    /* JADX INFO: Access modifiers changed from: package-private */
    public b(@NonNull String str) throws DataStoreCryptException {
        this.f3733b = b(str);
        d();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static boolean a(String str) {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            return keyStore.containsAlias(b(str));
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e2) {
            Logger.a("Failed to check for keystore alias: " + e2.getMessage(), e2);
            return false;
        }
    }

    private static String b() {
        return String.format("%s/%s/%s", "AES", "GCM", "NoPadding");
    }

    private static String b(String str) {
        return String.format("DataStoreCryptAES-%s", str);
    }

    private KeyStore c() throws DataStoreCryptException {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            return keyStore;
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e2) {
            throw new DataStoreCryptException("Failed to load KeyStore: " + e2.getMessage(), e2);
        }
    }

    private void d() throws DataStoreCryptException {
        try {
            if (this.f3732a.containsAlias(this.f3733b)) {
                return;
            }
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", "AndroidKeyStore");
            keyGenerator.init(new KeyGenParameterSpec.Builder(this.f3733b, 3).setCertificateSubject(new X500Principal(String.format("CN=%s, O=Dyson", this.f3733b))).setKeySize(256).setBlockModes("GCM").setEncryptionPaddings("NoPadding").build());
            keyGenerator.generateKey();
        } catch (InvalidAlgorithmParameterException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException e2) {
            throw new DataStoreCryptException("Failed to generate DataStoreCryptAES key: " + e2.getMessage(), e2);
        }
    }

    private SecretKey e() throws KeyStoreException, UnrecoverableEntryException, NoSuchAlgorithmException {
        return ((KeyStore.SecretKeyEntry) this.f3732a.getEntry(this.f3733b, null)).getSecretKey();
    }

    @Override // com.dyson.mobile.android.datastore.secure.datastorecrypt.a
    public com.dyson.mobile.android.datastore.secure.a a(@NonNull byte[] bArr) throws DataStoreCryptException {
        try {
            Cipher cipher = Cipher.getInstance(b());
            cipher.init(1, e());
            return new com.dyson.mobile.android.datastore.secure.a(cipher.doFinal(bArr), cipher.getIV());
        } catch (InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableEntryException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e2) {
            throw new DataStoreCryptException("Failed to encrypt string: " + e2.getMessage(), e2);
        }
    }

    @Override // com.dyson.mobile.android.datastore.secure.datastorecrypt.a
    public void a() throws DataStoreCryptException {
        try {
            if (this.f3732a.containsAlias(this.f3733b)) {
                this.f3732a.deleteEntry(this.f3733b);
            }
        } catch (KeyStoreException e2) {
            throw new DataStoreCryptException("Failed to delete the keystore entry: " + e2.getMessage(), e2);
        }
    }

    @Override // com.dyson.mobile.android.datastore.secure.datastorecrypt.a
    public byte[] a(@NonNull com.dyson.mobile.android.datastore.secure.a aVar) throws DataStoreCryptException {
        try {
            Cipher cipher = Cipher.getInstance(b());
            cipher.init(2, e(), new GCMParameterSpec(128, aVar.b()));
            return cipher.doFinal(aVar.a());
        } catch (InvalidAlgorithmParameterException | InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableEntryException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e2) {
            throw new DataStoreCryptException("Failed to decrypt string: error: " + e2.getMessage() + ", cause: " + e2.getCause(), e2);
        }
    }
}
