package com.google.android.libraries.nest.weavekit;

import android.content.Context;
import android.security.KeyPairGeneratorSpec;
import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.SecureRandom;
import java.security.spec.RSAKeyGenParameterSpec;
import java.util.Calendar;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.security.auth.x500.X500Principal;

/* compiled from: PG */
/* loaded from: classes.dex */
public class AndroidSecretKeyWrapper {
    private final KeyStore a = KeyStore.getInstance("AndroidKeyStore");
    private final String b;

    /* JADX INFO: Access modifiers changed from: package-private */
    public AndroidSecretKeyWrapper(String str) throws GeneralSecurityException, IOException {
        this.a.load(null);
        this.b = str;
    }

    private static Cipher a() throws GeneralSecurityException {
        return Cipher.getInstance("RSA/ECB/PKCS1Padding");
    }

    public static void destroyWrappingKey(String str) throws GeneralSecurityException, IOException {
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null);
        if (keyStore.containsAlias(str)) {
            keyStore.deleteEntry(str);
        }
    }

    public static boolean wrappingKeyExists(String str) throws GeneralSecurityException, IOException {
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null);
        return keyStore.containsAlias(str);
    }

    public void createWrappingKey(int i, SecureRandom secureRandom, Context context) throws GeneralSecurityException, IOException {
        Calendar calendar = Calendar.getInstance();
        Calendar calendar2 = Calendar.getInstance();
        calendar2.add(1, 100);
        KeyPairGeneratorSpec.Builder algorithmParameterSpec = new KeyPairGeneratorSpec.Builder(context).setAlias(this.b).setAlgorithmParameterSpec(new RSAKeyGenParameterSpec(i, RSAKeyGenParameterSpec.F4));
        String valueOf = String.valueOf(this.b);
        KeyPairGeneratorSpec build = algorithmParameterSpec.setSubject(new X500Principal(valueOf.length() == 0 ? new String("CN=") : "CN=".concat(valueOf))).setSerialNumber(BigInteger.ONE).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).setKeySize(i).build();
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
        keyPairGenerator.initialize(build, secureRandom);
        keyPairGenerator.generateKeyPair();
    }

    public void destroyWrappingKey() throws GeneralSecurityException, IOException {
        if (this.a.containsAlias(this.b)) {
            this.a.deleteEntry(this.b);
        }
    }

    public SecretKey unwrap(byte[] bArr, String str) throws GeneralSecurityException, IOException {
        KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) this.a.getEntry(this.b, null);
        if (privateKeyEntry == null) {
            throw new KeyStoreException("AndroidSecretKeyWrapper: Wrapping key not found");
        }
        Cipher a = a();
        a.init(4, privateKeyEntry.getPrivateKey());
        return (SecretKey) a.unwrap(bArr, str, 3);
    }

    public byte[] wrap(SecretKey secretKey) throws GeneralSecurityException, IOException {
        KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) this.a.getEntry(this.b, null);
        if (privateKeyEntry == null) {
            throw new KeyStoreException("AndroidSecretKeyWrapper: Wrapping key not found");
        }
        Cipher a = a();
        a.init(3, privateKeyEntry.getCertificate().getPublicKey());
        return a.wrap(secretKey);
    }

    public boolean wrappingKeyExists() throws GeneralSecurityException, IOException {
        return this.a.containsAlias(this.b);
    }
}
