package com.cathaypacific.mobile.n;

import android.content.Context;
import android.content.SharedPreferences;
import android.os.Build;
import android.preference.PreferenceManager;
import android.security.KeyPairGeneratorSpec;
import android.util.Base64;
import com.cathaypacific.mobile.CXMobileApplication;
import com.google.devtools.build.android.desugar.runtime.ThrowableExtension;
import java.math.BigInteger;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.util.Calendar;
import javax.crypto.Cipher;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes.dex */
public class af {

    /* renamed from: a, reason: collision with root package name */
    private KeyStore f5072a = null;

    /* renamed from: b, reason: collision with root package name */
    private Context f5073b;

    public af(Context context) {
        this.f5073b = context;
        a(context);
    }

    private byte[] a(byte[] bArr) throws Exception {
        KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) this.f5072a.getEntry("RsaKeyAlias", null);
        Cipher cipher = Build.VERSION.SDK_INT < 23 ? Cipher.getInstance("RSA/ECB/PKCS1Padding", "AndroidOpenSSL") : Cipher.getInstance("RSA/ECB/PKCS1Padding", "AndroidKeyStoreBCWorkaround");
        cipher.init(1, privateKeyEntry.getCertificate().getPublicKey());
        return cipher.doFinal(bArr);
    }

    private void b(Context context) throws Exception {
        Calendar calendar = Calendar.getInstance();
        Calendar calendar2 = Calendar.getInstance();
        calendar2.add(1, 25);
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
        keyPairGenerator.initialize(new KeyPairGeneratorSpec.Builder(context).setAlias("RsaKeyAlias").setEndDate(calendar2.getTime()).setStartDate(calendar.getTime()).setSerialNumber(BigInteger.ONE).setSubject(new X500Principal("CN = CathayPacific, O = CathayPacific")).build());
        keyPairGenerator.generateKeyPair();
    }

    private byte[] b(byte[] bArr) throws Exception {
        KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) this.f5072a.getEntry("RsaKeyAlias", null);
        Cipher cipher = Build.VERSION.SDK_INT < 23 ? Cipher.getInstance("RSA/ECB/PKCS1Padding", "AndroidOpenSSL") : Cipher.getInstance("RSA/ECB/PKCS1Padding", "AndroidKeyStoreBCWorkaround");
        cipher.init(2, privateKeyEntry.getPrivateKey());
        return cipher.doFinal(bArr);
    }

    private void c(Context context) throws Exception {
        this.f5072a = KeyStore.getInstance("AndroidKeyStore");
        this.f5072a.load(null);
        if (this.f5072a.containsAlias("RsaKeyAlias")) {
            return;
        }
        b(context);
    }

    private void d() {
        SharedPreferences defaultSharedPreferences = PreferenceManager.getDefaultSharedPreferences(this.f5073b);
        try {
            String encodeToString = Base64.encodeToString(a(f()), 0);
            SharedPreferences.Editor edit = defaultSharedPreferences.edit();
            edit.putString("TAG_AES_KEY", encodeToString);
            edit.commit();
        } catch (Exception e2) {
            o.a("Failed to RSA encrypt AES key", e2);
            ThrowableExtension.a(e2);
        }
    }

    private void e() {
        if (PreferenceManager.getDefaultSharedPreferences(this.f5073b).getString("TAG_AES_KEY", null) == null) {
            d();
        }
    }

    private byte[] f() {
        byte[] bArr = new byte[64];
        new SecureRandom().nextBytes(bArr);
        return bArr;
    }

    public void a() {
        PreferenceManager.getDefaultSharedPreferences(this.f5073b).edit().remove("TAG_AES_KEY").commit();
    }

    public void a(Context context) {
        try {
            c(context);
        } catch (Exception e2) {
            o.a("Failed to generate RSA keys to keystore ", e2);
            ThrowableExtension.a(e2);
        }
        e();
    }

    public byte[] b() {
        SharedPreferences defaultSharedPreferences = PreferenceManager.getDefaultSharedPreferences(this.f5073b);
        String string = defaultSharedPreferences.getString("TAG_AES_KEY", null);
        if (string == null) {
            e();
            string = defaultSharedPreferences.getString("TAG_AES_KEY", null);
        }
        try {
            return b(Base64.decode(string, 0));
        } catch (Exception e2) {
            o.a("Failed to RSA decrypt AES key", e2);
            return null;
        }
    }

    public byte[] c() {
        a();
        try {
            b(this.f5073b);
        } catch (Exception e2) {
            o.a("Failed to generate RSA keys to keystore ", e2);
            ThrowableExtension.a(e2);
        }
        d();
        if (az.b() == 0) {
            o.l("Encrypted database delete fail");
        }
        CXMobileApplication.n = true;
        return b();
    }
}
