package de.bmwgroup.odm.techonlysdk.a;

import android.content.Context;
import android.security.keystore.KeyGenParameterSpec;
import de.bmwgroup.odm.techonlysdk.internal.exception.InternalTechOnlyException;
import de.bmwgroup.odm.techonlysdk.logging.DebugLogger;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes2.dex */
public class h0 {

    /* renamed from: d, reason: collision with root package name */
    static final DebugLogger f16117d = DebugLogger.getLogger(h0.class);

    /* renamed from: a, reason: collision with root package name */
    final b f16118a = new b();

    /* renamed from: b, reason: collision with root package name */
    final a f16119b = new a();

    /* renamed from: c, reason: collision with root package name */
    final Context f16120c;

    /* loaded from: classes2.dex */
    static class a {

        /* renamed from: a, reason: collision with root package name */
        private final Cipher f16121a;

        a() {
            try {
                this.f16121a = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            } catch (NoSuchAlgorithmException e2) {
                h0.f16117d.error("The algorithm is not supported", e2);
                throw new InternalTechOnlyException("The Algorithm is not supported", e2);
            } catch (NoSuchPaddingException e3) {
                h0.f16117d.error("The padding is not supported", e3);
                throw new InternalTechOnlyException("The padding is not supported", e3);
            }
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public final void a(Key key, int i2) {
            try {
                this.f16121a.init(i2, key);
            } catch (InvalidKeyException e2) {
                h0.f16117d.error("Encryption failed", e2);
                throw new InternalTechOnlyException("Encryption failed", e2);
            }
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public final byte[] a(byte[] bArr) {
            try {
                return this.f16121a.doFinal(bArr);
            } catch (BadPaddingException e2) {
                h0.f16117d.error("The padding is not supported", e2);
                throw new InternalTechOnlyException("The padding is not supported", e2);
            } catch (IllegalBlockSizeException e3) {
                h0.f16117d.error("The block size is not supported", e3);
                throw new InternalTechOnlyException("The block size is not supported", e3);
            }
        }
    }

    /* loaded from: classes2.dex */
    static class b {

        /* renamed from: a, reason: collision with root package name */
        private final KeyStore f16122a = a();

        b() {
        }

        private static KeyStore a() {
            try {
                KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
                keyStore.load(null);
                return keyStore;
            } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e2) {
                h0.f16117d.error("The key store can not be instantiated", e2);
                throw new InternalTechOnlyException("The key store can not be instantiated", e2);
            }
        }

        /* JADX INFO: Access modifiers changed from: package-private */
        public final KeyPair a(String str) {
            try {
                PrivateKey privateKey = (PrivateKey) this.f16122a.getKey(str, null);
                try {
                    PublicKey publicKey = this.f16122a.getCertificate(str).getPublicKey();
                    if (publicKey == null || privateKey == null) {
                        return null;
                    }
                    return new KeyPair(publicKey, privateKey);
                } catch (KeyStoreException e2) {
                    h0.f16117d.error("Error while getting Public Key", e2);
                    throw new InternalTechOnlyException("Error while getting Public Key", e2);
                }
            } catch (KeyStoreException e3) {
                h0.f16117d.error("Error while getting Private Key", e3);
                throw new InternalTechOnlyException("Error while getting Private Key", e3);
            } catch (NoSuchAlgorithmException e4) {
                h0.f16117d.error("The algorithm is not supported", e4);
                throw new InternalTechOnlyException("The algorithm is not supported", e4);
            } catch (UnrecoverableKeyException e5) {
                h0.f16117d.error("UnrecoverableKeyException", e5);
                throw new InternalTechOnlyException("UnrecoverableKeyException", e5);
            }
        }

        final KeyPair b(String str) {
            try {
                if (this.f16122a.isKeyEntry(str)) {
                    return null;
                }
                try {
                    KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
                    try {
                        keyPairGenerator.initialize(new KeyGenParameterSpec.Builder(str, 3).setBlockModes("ECB").setEncryptionPaddings("PKCS1Padding").setKeySize(4096).build());
                        return keyPairGenerator.generateKeyPair();
                    } catch (InvalidAlgorithmParameterException e2) {
                        h0.f16117d.error("The algorithm is not supported", e2);
                        throw new InternalTechOnlyException("The algorithm is not supported", e2);
                    }
                } catch (NoSuchAlgorithmException e3) {
                    h0.f16117d.error("The algorithm is not supported", e3);
                    throw new InternalTechOnlyException("The algorithm is not supported", e3);
                } catch (NoSuchProviderException e4) {
                    h0.f16117d.error("The provider is not supported", e4);
                    throw new InternalTechOnlyException("The provider is not supported", e4);
                }
            } catch (KeyStoreException e5) {
                h0.f16117d.error("Key Entry check failed", e5);
                throw new InternalTechOnlyException("Key Entry check failed", e5);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public h0(Context context) {
        this.f16120c = context;
        this.f16118a.b("TechOnly_SDK");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final byte[] a() {
        try {
            byte[] c2 = de.bmwgroup.odm.techonlysdk.a.s.a.c("pok.config", this.f16120c);
            f16117d.debug("Returning decrypted POK", new Object[0]);
            KeyPair a2 = this.f16118a.a("TechOnly_SDK");
            if (a2 == null) {
                f16117d.error("No valid key pair available! No decryption possible", new Object[0]);
                throw new InternalTechOnlyException("No valid key pair available! No decryption possible");
            }
            a aVar = this.f16119b;
            aVar.a(a2.getPrivate(), 2);
            return aVar.a(c2);
        } catch (IOException e2) {
            f16117d.debug("No POK available to decrypt", e2);
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final void b() {
        de.bmwgroup.odm.techonlysdk.a.s.a.d("pok.config", this.f16120c);
    }
}
