package ru.ivi.tools.secure.vault;

import android.content.Context;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import com.google.devtools.build.android.desugar.runtime.ThrowableExtension;
import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.util.GregorianCalendar;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.security.auth.x500.X500Principal;
import ru.ivi.utils.ThreadUtils;

/* loaded from: classes2.dex */
public class SecretKeyWrapper {
    private final Cipher mCipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
    private final KeyPair mPair;

    public SecretKeyWrapper(Context context, String str) throws GeneralSecurityException, IOException {
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null);
        if (!keyStore.containsAlias(str)) {
            generateKeyPair(context, str);
        }
        KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry(str, null);
        this.mPair = new KeyPair(privateKeyEntry.getCertificate().getPublicKey(), privateKeyEntry.getPrivateKey());
    }

    private static void generateKeyPair(final Context context, final String str) {
        ThreadUtils.tryRunWithDeadline(new Runnable(context, str) { // from class: ru.ivi.tools.secure.vault.SecretKeyWrapper$$Lambda$0
            private final Context arg$1;
            private final String arg$2;

            /* JADX INFO: Access modifiers changed from: package-private */
            {
                this.arg$1 = context;
                this.arg$2 = str;
            }

            @Override // java.lang.Runnable
            public void run() {
                SecretKeyWrapper.lambda$generateKeyPair$4$SecretKeyWrapper(this.arg$1, this.arg$2);
            }
        }, ThreadUtils.DEADLINE_BEFORE_ANR_MILLIS);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static final /* synthetic */ void lambda$generateKeyPair$4$SecretKeyWrapper(Context context, String str) {
        GregorianCalendar gregorianCalendar = new GregorianCalendar();
        gregorianCalendar.add(1, 100);
        if (Build.VERSION.SDK_INT >= 18) {
            KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(context).setAlias(str).setSubject(new X500Principal("CN=" + str)).setSerialNumber(BigInteger.ONE).setStartDate(new GregorianCalendar().getTime()).setEndDate(gregorianCalendar.getTime()).build();
            try {
                KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
                keyPairGenerator.initialize(build);
                keyPairGenerator.generateKeyPair();
            } catch (Throwable th) {
                ThrowableExtension.printStackTrace(th);
            }
        }
    }

    public SecretKey unwrap(byte[] bArr) throws GeneralSecurityException {
        this.mCipher.init(4, this.mPair.getPrivate());
        return (SecretKey) this.mCipher.unwrap(bArr, "AES", 3);
    }

    public byte[] wrap(Key key) throws GeneralSecurityException {
        this.mCipher.init(3, this.mPair.getPublic());
        return this.mCipher.wrap(key);
    }
}
