package com.concur.mobile.security.crypto.impl;

import android.content.Context;
import android.content.res.Configuration;
import android.content.res.Resources;
import android.security.KeyPairGeneratorSpec;
import android.util.Base64;
import com.concur.mobile.sdk.core.utils.Log;
import com.concur.mobile.security.crypto.KeyStoreFailureException;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.Key;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.util.Calendar;
import java.util.Locale;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes4.dex */
public class KeyStoreHelper {
    private static final String CLS_TAG = "com.concur.mobile.security.crypto.impl.KeyStoreHelper";
    private final String DEFAULT_PASS_KEY_ALIAS;
    private Context context;
    private boolean isAndroidKeystoreAvailable;
    private KeyStore keyStore;

    /* JADX INFO: Access modifiers changed from: package-private */
    public KeyStoreHelper(Context context, String str) {
        this.DEFAULT_PASS_KEY_ALIAS = "vault." + str + ".master_key";
        this.context = context;
        try {
            this.keyStore = KeyStore.getInstance("AndroidKeyStore");
            this.keyStore.load(null);
            this.isAndroidKeystoreAvailable = true;
        } catch (Throwable th) {
            Log.e(CLS_TAG, "Android KeyStore drooled: " + th.getMessage(), th);
            this.isAndroidKeystoreAvailable = false;
        }
    }

    private Key createNewRSAKey(String str) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException {
        Locale locale = Locale.getDefault();
        try {
            setLocale(Locale.ENGLISH);
            Calendar calendar = Calendar.getInstance();
            Calendar calendar2 = Calendar.getInstance();
            calendar2.add(1, 10);
            KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(this.context).setAlias(str).setSubject(new X500Principal(String.format("CN=%s, O=%s", str, this.context.getApplicationContext().getPackageName()))).setSerialNumber(BigInteger.ONE).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build();
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
            keyPairGenerator.initialize(build);
            return keyPairGenerator.generateKeyPair().getPublic();
        } finally {
            setLocale(locale);
        }
    }

    private String getPasswordWithAlias(String str) {
        Key publicKey;
        try {
            if (this.keyStore.containsAlias(str)) {
                try {
                    publicKey = ((KeyStore.PrivateKeyEntry) this.keyStore.getEntry(str, null)).getCertificate().getPublicKey();
                } catch (Throwable unused) {
                    publicKey = ((KeyStore.PrivateKeyEntry) this.keyStore.getEntry(str, null)).getCertificate().getPublicKey();
                }
            } else {
                publicKey = createNewRSAKey(str);
            }
            return Base64.encodeToString(MessageDigest.getInstance("SHA-256").digest(publicKey.getEncoded()), 0);
        } catch (Throwable th) {
            Log.e("KeyStoreHelper", "Password generator failed", th);
            return null;
        }
    }

    private void resetKeyStore() throws KeyStoreException {
        if (this.keyStore.containsAlias(this.DEFAULT_PASS_KEY_ALIAS)) {
            this.keyStore.deleteEntry(this.DEFAULT_PASS_KEY_ALIAS);
        }
    }

    private void setLocale(Locale locale) {
        Locale.setDefault(locale);
        Resources resources = this.context.getResources();
        Configuration configuration = resources.getConfiguration();
        configuration.locale = locale;
        resources.updateConfiguration(configuration, resources.getDisplayMetrics());
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String getAutoUnlockPassword() {
        if (this.isAndroidKeystoreAvailable) {
            return getPasswordWithAlias(this.DEFAULT_PASS_KEY_ALIAS);
        }
        return null;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void reset() {
        if (this.isAndroidKeystoreAvailable) {
            try {
                resetKeyStore();
            } catch (KeyStoreException e) {
                throw new KeyStoreFailureException(e);
            }
        }
    }
}
