package com.wework.mobile.api.services.security;

import android.content.Context;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import h.m.a.f;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.spec.AlgorithmParameterSpec;
import java.util.Calendar;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.security.auth.x500.X500Principal;

@Deprecated
/* loaded from: classes2.dex */
public class WeKeyStore {
    private static final int AES_KEY_SIZE = 256;
    private static final String ALGORITHM = "RSA";
    private static final String PROVIDER = "AndroidKeyStore";
    private static final int RSA_KEY_SIZE = 4096;
    private final String alias;
    private final Context context;
    private final KeyStore keyStore;

    public WeKeyStore(String str, Context context) {
        this.alias = str;
        this.context = context;
        KeyStore keyStore = KeyStore.getInstance(PROVIDER);
        this.keyStore = keyStore;
        keyStore.load(null);
    }

    public SecretKey createSecretKey(String str) {
        KeyGenerator keyGenerator = KeyGenerator.getInstance(str);
        keyGenerator.init(256);
        return keyGenerator.generateKey();
    }

    public KeyPair getKeyPair() {
        AlgorithmParameterSpec build;
        if (this.keyStore.containsAlias(this.alias)) {
            Certificate certificate = this.keyStore.getCertificate(this.alias);
            if (certificate != null) {
                return new KeyPair(certificate.getPublicKey(), (PrivateKey) this.keyStore.getKey(this.alias, null));
            }
            throw new GeneralSecurityException("Keystore contains alias but certificate is invalid");
        }
        Calendar calendar = Calendar.getInstance();
        Calendar calendar2 = Calendar.getInstance();
        calendar2.add(1, 1);
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(ALGORITHM, PROVIDER);
        if (Build.VERSION.SDK_INT >= 23) {
            build = new KeyGenParameterSpec.Builder(this.alias, 3).setBlockModes("ECB").setKeySize(4096).setCertificateSerialNumber(BigInteger.ONE).setCertificateSubject(new X500Principal(String.format("CN=%s CA Certificate", this.alias))).setCertificateNotBefore(calendar.getTime()).setCertificateNotAfter(calendar2.getTime()).setEncryptionPaddings("PKCS1Padding").build();
        } else {
            KeyPairGeneratorSpec.Builder endDate = new KeyPairGeneratorSpec.Builder(this.context).setAlias(this.alias).setSerialNumber(BigInteger.ONE).setSubject(new X500Principal(String.format("CN=%s CA Certificate", this.alias))).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime());
            endDate.setKeySize(4096);
            build = endDate.build();
        }
        keyPairGenerator.initialize(build);
        KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
        if (generateKeyPair.getPublic() != null) {
            return generateKeyPair;
        }
        throw new GeneralSecurityException("KeyPair public key is invalid");
    }

    public void removeAsymmetricKeyPair() {
        KeyStore keyStore = this.keyStore;
        if (keyStore != null) {
            try {
                keyStore.deleteEntry(this.alias);
            } catch (KeyStoreException e2) {
                f.e(e2, e2.getMessage(), new Object[0]);
            }
        }
    }
}
