package com.arlo.app.fingerprint.encrypter;

import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import com.arlo.app.utils.AppSingleton;
import com.arlo.app.utils.Constants;
import com.arlo.app.utils.extension.any.AnyKt;
import com.arlo.logger.ArloLog;
import java.math.BigInteger;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.security.spec.AlgorithmParameterSpec;
import java.util.Calendar;
import javax.security.auth.x500.X500Principal;
import kotlin.Metadata;
import kotlin.jvm.internal.Intrinsics;

/* compiled from: RsaKeyHolder.kt */
@Metadata(d1 = {"\u0000D\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u000e\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0010\b\n\u0002\b\u0003\n\u0002\u0010\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\u0018\u0000 \u00192\u00020\u0001:\u0001\u0019B\u0015\u0012\u0006\u0010\u0002\u001a\u00020\u0003\u0012\u0006\u0010\u0004\u001a\u00020\u0005¢\u0006\u0002\u0010\u0006J\b\u0010\u0015\u001a\u00020\u0016H\u0002J\b\u0010\u0017\u001a\u00020\u0018H\u0002R\u000e\u0010\u0004\u001a\u00020\u0005X\u0082\u0004¢\u0006\u0002\n\u0000R\u0010\u0010\u0007\u001a\u0004\u0018\u00010\bX\u0082\u0004¢\u0006\u0002\n\u0000R\u0013\u0010\t\u001a\u0004\u0018\u00010\n8F¢\u0006\u0006\u001a\u0004\b\u000b\u0010\fR\u0013\u0010\r\u001a\u0004\u0018\u00010\u000e8F¢\u0006\u0006\u001a\u0004\b\u000f\u0010\u0010R\u0011\u0010\u0011\u001a\u00020\u00128F¢\u0006\u0006\u001a\u0004\b\u0013\u0010\u0014¨\u0006\u001a"}, d2 = {"Lcom/arlo/app/fingerprint/encrypter/RsaKeyHolder;", "", "androidKeyStore", "Ljava/security/KeyStore;", "keyAlias", "", "(Ljava/security/KeyStore;Ljava/lang/String;)V", "keyEntry", "Ljava/security/KeyStore$PrivateKeyEntry;", "privateKey", "Ljava/security/PrivateKey;", "getPrivateKey", "()Ljava/security/PrivateKey;", "publicKey", "Ljava/security/PublicKey;", "getPublicKey", "()Ljava/security/PublicKey;", "size", "", "getSize", "()I", "generateNewKey", "", "getKeyPairParameterSpec", "Ljava/security/spec/AlgorithmParameterSpec;", "Companion", "app_prodRelease"}, k = 1, mv = {1, 5, 1}, xi = 48)
/* loaded from: classes.dex */
public final class RsaKeyHolder {
    private static final int CERTIFICATE_TTL_YEARS = 1;
    private final String keyAlias;
    private final KeyStore.PrivateKeyEntry keyEntry;

    public RsaKeyHolder(KeyStore androidKeyStore, String keyAlias) {
        Intrinsics.checkNotNullParameter(androidKeyStore, "androidKeyStore");
        Intrinsics.checkNotNullParameter(keyAlias, "keyAlias");
        this.keyAlias = keyAlias;
        KeyStore.PrivateKeyEntry privateKeyEntry = null;
        try {
            if (!androidKeyStore.containsAlias(keyAlias)) {
                generateNewKey();
            }
            KeyStore.Entry entry = androidKeyStore.getEntry(keyAlias, null);
            if (entry instanceof KeyStore.PrivateKeyEntry) {
                privateKeyEntry = (KeyStore.PrivateKeyEntry) entry;
            }
        } catch (KeyStoreException e) {
            ArloLog arloLog = ArloLog.INSTANCE;
            ArloLog.e$default(AnyKt.getTAG(this), "Could not obtain key pair", e, false, null, 24, null);
            privateKeyEntry = (KeyStore.PrivateKeyEntry) null;
        }
        this.keyEntry = privateKeyEntry;
    }

    private final void generateNewKey() {
        AlgorithmParameterSpec keyPairParameterSpec = getKeyPairParameterSpec();
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", Constants.Security.ANDROID_KEY_STORE_PROVIDER);
        keyPairGenerator.initialize(keyPairParameterSpec);
        keyPairGenerator.genKeyPair();
    }

    private final AlgorithmParameterSpec getKeyPairParameterSpec() {
        Calendar calendar = Calendar.getInstance();
        Calendar calendar2 = Calendar.getInstance();
        calendar2.add(1, 1);
        if (Build.VERSION.SDK_INT >= 23) {
            KeyGenParameterSpec build = new KeyGenParameterSpec.Builder(this.keyAlias, 3).setBlockModes("ECB").setEncryptionPaddings("PKCS1Padding").build();
            Intrinsics.checkNotNullExpressionValue(build, "{\n            KeyGenParameterSpec.Builder(keyAlias, KeyProperties.PURPOSE_ENCRYPT or KeyProperties.PURPOSE_DECRYPT)\n                    .setBlockModes(KeyProperties.BLOCK_MODE_ECB)\n                    .setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_RSA_PKCS1)\n                    .build()\n        }");
            return build;
        }
        KeyPairGeneratorSpec build2 = new KeyPairGeneratorSpec.Builder(AppSingleton.getInstance().getApplicationContext()).setAlias(this.keyAlias).setKeySize(2048).setSubject(new X500Principal("CN=Arlo, O=Android Authority")).setSerialNumber(BigInteger.ONE).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build();
        Intrinsics.checkNotNullExpressionValue(build2, "{\n          KeyPairGeneratorSpec.Builder(AppSingleton.getInstance().applicationContext)\n                    .setAlias(keyAlias)\n                    .setKeySize(Constants.Security.RSA_SIZE)\n                    .setSubject(X500Principal(\"CN=Arlo, O=Android Authority\"))\n                    .setSerialNumber(BigInteger.ONE)\n                    .setStartDate(start.time)\n                    .setEndDate(end.time)\n                    .build()\n        }");
        return build2;
    }

    public final PrivateKey getPrivateKey() {
        KeyStore.PrivateKeyEntry privateKeyEntry = this.keyEntry;
        if (privateKeyEntry == null) {
            return null;
        }
        return privateKeyEntry.getPrivateKey();
    }

    public final PublicKey getPublicKey() {
        Certificate certificate;
        KeyStore.PrivateKeyEntry privateKeyEntry = this.keyEntry;
        if (privateKeyEntry == null || (certificate = privateKeyEntry.getCertificate()) == null) {
            return null;
        }
        return certificate.getPublicKey();
    }

    public final int getSize() {
        return 2048;
    }
}
