package org.jboss.aerogear.android.security.keystore;

import android.content.Context;
import android.content.SharedPreferences;
import java.security.spec.InvalidKeySpecException;
import org.jboss.aerogear.AeroGearCrypto;
import org.jboss.aerogear.android.security.AbstractEncryptionService;
import org.jboss.aerogear.android.security.EncryptionService;
import org.jboss.aerogear.android.security.util.KeyStoreUtils;
import org.jboss.aerogear.crypto.CryptoBox;
import org.jboss.aerogear.crypto.RandomUtils;
import org.jboss.aerogear.crypto.encoders.Encoder;
import org.jboss.aerogear.crypto.encoders.Hex;
import org.jboss.aerogear.crypto.keys.KeyPair;

/* loaded from: classes2.dex */
public class KeyStoreBasedEncryptionEncryptionServices extends AbstractEncryptionService implements EncryptionService {
    private static final String APPLICATION_SALT_KEY = "applicationSALT";
    private static final String TAG = KeyStoreBasedEncryptionEncryptionServices.class.getSimpleName();
    private final Context appContext;
    private final CryptoBox crypto;

    public KeyStoreBasedEncryptionEncryptionServices(KeyStoreBasedEncryptionConfiguration keyStoreBasedEncryptionConfiguration) {
        super(keyStoreBasedEncryptionConfiguration.getContext());
        this.appContext = keyStoreBasedEncryptionConfiguration.getContext();
        this.crypto = getCrypto(this.appContext, keyStoreBasedEncryptionConfiguration);
    }

    private byte[] createKey(KeyStoreUtils keyStoreUtils, String str) {
        KeyPair keyPair = new KeyPair();
        byte[] generateSecret = new CryptoBox().generateSecret(keyPair.getPrivateKey(), keyPair.getPublicKey());
        keyStoreUtils.addEntry(str, generateSecret);
        keyStoreUtils.save();
        return generateSecret;
    }

    private String derive(String str) {
        byte[] bArr = null;
        try {
            bArr = AeroGearCrypto.pbkdf2().encrypt(str, getSalt());
        } catch (InvalidKeySpecException e) {
            e.printStackTrace();
        }
        return Encoder.HEX.encode(bArr);
    }

    private CryptoBox getCrypto(Context context, KeyStoreBasedEncryptionConfiguration keyStoreBasedEncryptionConfiguration) {
        validate(keyStoreBasedEncryptionConfiguration);
        String alias = keyStoreBasedEncryptionConfiguration.getAlias();
        if (alias == null) {
            throw new IllegalArgumentException("Alias in CryptoConfig may not be null");
        }
        KeyStoreUtils keyStoreUtils = new KeyStoreUtils(context, derive(keyStoreBasedEncryptionConfiguration.getPassword()).toCharArray());
        byte[] entry = keyStoreUtils.getEntry(alias);
        return entry != null ? new CryptoBox(entry) : new CryptoBox(createKey(keyStoreUtils, alias));
    }

    private byte[] getSalt() {
        SharedPreferences sharedPreferences = this.appContext.getApplicationContext().getSharedPreferences(TAG, 0);
        if (sharedPreferences.contains(APPLICATION_SALT_KEY)) {
            return new Hex().decode(sharedPreferences.getString(APPLICATION_SALT_KEY, ""));
        }
        SharedPreferences.Editor edit = sharedPreferences.edit();
        byte[] randomBytes = RandomUtils.randomBytes();
        edit.putString(APPLICATION_SALT_KEY, new Hex().encode(randomBytes));
        edit.commit();
        return randomBytes;
    }

    private void validate(KeyStoreBasedEncryptionConfiguration keyStoreBasedEncryptionConfiguration) {
        if (keyStoreBasedEncryptionConfiguration.getAlias() == null) {
            throw new IllegalArgumentException("The alias must not be null");
        }
        if (keyStoreBasedEncryptionConfiguration.getPassword() == null) {
            throw new IllegalArgumentException("The password must not be null");
        }
        if (keyStoreBasedEncryptionConfiguration.getKeyStoreFile() == null) {
            throw new IllegalArgumentException("The keystoreFile must not be null");
        }
    }

    @Override // org.jboss.aerogear.android.security.AbstractEncryptionService
    protected CryptoBox getCryptoInstance() {
        return this.crypto;
    }
}
