package com.vmware.xsw.settings.providers.internal;

import android.content.Context;
import android.security.KeyPairGeneratorSpec;
import java.math.BigInteger;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.util.Calendar;
import java.util.Date;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;
import kotlin.Metadata;
import kotlin.jvm.internal.Intrinsics;

@Metadata(d1 = {"\u00002\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0002\b\u0002\n\u0002\u0010\u000e\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u0012\n\u0002\b\u0003\n\u0002\u0018\u0002\n\u0000\bÀ\u0002\u0018\u00002\u00020\u0001B\u0007\b\u0002¢\u0006\u0002\u0010\u0002J\u0006\u0010\u0005\u001a\u00020\u0006J\u001a\u0010\u0007\u001a\u00020\u00062\n\u0010\b\u001a\u00060\tj\u0002`\n2\u0006\u0010\u000b\u001a\u00020\fJ\u001a\u0010\r\u001a\u00020\f2\n\u0010\b\u001a\u00060\tj\u0002`\n2\u0006\u0010\u000e\u001a\u00020\u0006J\u0014\u0010\u000f\u001a\u00020\u00102\n\u0010\b\u001a\u00060\tj\u0002`\nH\u0002R\u000e\u0010\u0003\u001a\u00020\u0004X\u0082T¢\u0006\u0002\n\u0000¨\u0006\u0011"}, d2 = {"Lcom/vmware/xsw/settings/providers/internal/MasterKeyFromRSA;", "", "()V", "ALIAS", "", "createSymmetricKey", "Ljavax/crypto/SecretKey;", "decryptSymmetricKey", "appContext", "Landroid/content/Context;", "Lcom/vmware/xsw/settings/providers/AndroidContext;", "cipherText", "", "encryptSymmetricKey", "key", "getOrCreateMasterKey", "Ljava/security/KeyPair;", "EncryptedPreferencesProvider_release"}, k = 1, mv = {1, 5, 1}, xi = 48)
/* loaded from: classes8.dex */
public final class MasterKeyFromRSA {
    private static final String ALIAS = "com.vmware.xsw.settings.providers.EncryptedPreferencesProvider";
    public static final MasterKeyFromRSA INSTANCE = new MasterKeyFromRSA();

    private MasterKeyFromRSA() {
    }

    private final KeyPair getOrCreateMasterKey(Context appContext) {
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null);
        KeyStore.Entry entry = keyStore.getEntry("com.vmware.xsw.settings.providers.EncryptedPreferencesProvider", null);
        if (entry != null && (entry instanceof KeyStore.PrivateKeyEntry)) {
            KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) entry;
            return new KeyPair(privateKeyEntry.getCertificate().getPublicKey(), privateKeyEntry.getPrivateKey());
        }
        KeyPairGeneratorSpec.Builder startDate = new KeyPairGeneratorSpec.Builder(appContext).setAlias("com.vmware.xsw.settings.providers.EncryptedPreferencesProvider").setSubject(new X500Principal("CN=com.vmware.xsw.settings.providers.EncryptedPreferencesProvider")).setSerialNumber(new BigInteger(32, new SecureRandom())).setStartDate(new Date());
        Calendar calendar = Calendar.getInstance();
        calendar.add(1, 99);
        KeyPairGeneratorSpec build = startDate.setEndDate(calendar.getTime()).build();
        Intrinsics.checkNotNullExpressionValue(build, "Builder(appContext)\n            .setAlias(ALIAS)\n            .setSubject(X500Principal(\"CN=$ALIAS\"))\n            .setSerialNumber(BigInteger(32, SecureRandom()))\n            .setStartDate(Date())\n            .setEndDate(Calendar.getInstance().run {\n                add(Calendar.YEAR, 99)\n                time\n            })\n            .build()");
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
        keyPairGenerator.initialize(build);
        KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
        Intrinsics.checkNotNullExpressionValue(generateKeyPair, "getInstance(\"RSA\", \"AndroidKeyStore\").run {\n            initialize(spec)\n            generateKeyPair()\n        }");
        return generateKeyPair;
    }

    public final SecretKey createSymmetricKey() {
        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
        keyGenerator.init(256);
        SecretKey generateKey = keyGenerator.generateKey();
        Intrinsics.checkNotNullExpressionValue(generateKey, "getInstance(\"AES\").run {\n        init(256)\n        generateKey()\n    }");
        return generateKey;
    }

    public final SecretKey decryptSymmetricKey(Context appContext, byte[] cipherText) {
        Intrinsics.checkNotNullParameter(appContext, "appContext");
        Intrinsics.checkNotNullParameter(cipherText, "cipherText");
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
        cipher.init(2, INSTANCE.getOrCreateMasterKey(appContext).getPrivate());
        return new SecretKeySpec(cipher.doFinal(cipherText), "AES");
    }

    public final byte[] encryptSymmetricKey(Context appContext, SecretKey key) {
        Intrinsics.checkNotNullParameter(appContext, "appContext");
        Intrinsics.checkNotNullParameter(key, "key");
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
        cipher.init(1, INSTANCE.getOrCreateMasterKey(appContext).getPublic());
        byte[] doFinal = cipher.doFinal(key.getEncoded());
        Intrinsics.checkNotNullExpressionValue(doFinal, "getInstance(RSA_CIPHER).run {\n            init(Cipher.ENCRYPT_MODE, getOrCreateMasterKey(appContext).public)\n            doFinal(key.encoded)\n        }");
        return doFinal;
    }
}
