package com.centrify.android.cipher;

import android.app.Application;
import android.content.Context;
import android.support.annotation.NonNull;
import android.text.TextUtils;
import android.util.Base64;
import com.centrify.agent.samsung.utils.LogUtil;
import com.centrify.android.keystore.KeyStoreManager;
import com.centrify.android.keystore.KeyStoreManagerFactory;
import com.centrify.android.utils.KeyStoreUtils;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.X509Certificate;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;

/* loaded from: classes.dex */
public class CipherManagerPreM implements CipherManager {
    public static final int ENCRYPT_TYPE_ID = 2;
    private static final String TAG = CipherManagerPreM.class.getSimpleName();
    private KeyStore mKeyStore;

    public CipherManagerPreM(@NonNull Context context) throws CipherException {
        if (!(context instanceof Application)) {
            throw new RuntimeException("must use an ApplicationContext");
        }
        this.mKeyStore = getKeyStore(context);
        if (this.mKeyStore == null) {
            throw new CipherException("Failed to get keyStore from User cert");
        }
    }

    private KeyStore getKeyStore(@NonNull Context context) {
        return KeyStoreManagerFactory.getKeystoreInstance(context, KeyStoreManagerFactory.KEYSTORE_USE.User_Cert).getCert(KeyStoreManager.USER_CERT, KeyStoreUtils.getSecretInUse(context));
    }

    private X509Certificate getX509Certificate() throws KeyStoreException {
        return KeyStoreUtils.certificateFromPkcs12(this.mKeyStore);
    }

    @Override // com.centrify.android.cipher.CipherManager
    public String decrypt(String str) {
        try {
            if (TextUtils.isEmpty(str) || getX509Certificate() == null) {
                return str;
            }
            Key privateKeyFromPkcs12 = KeyStoreUtils.privateKeyFromPkcs12(this.mKeyStore);
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            cipher.init(2, privateKeyFromPkcs12);
            return new String(cipher.doFinal(Base64.decode(str, 0)));
        } catch (InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e) {
            LogUtil.error(TAG, "decrypt", e);
            return str;
        }
    }

    @Override // com.centrify.android.cipher.CipherManager
    public boolean deleteKey() {
        return false;
    }

    @Override // com.centrify.android.cipher.CipherManager
    public String encrypt(String str) {
        try {
            if (!TextUtils.isEmpty(str)) {
                X509Certificate x509Certificate = getX509Certificate();
                if (x509Certificate != null) {
                    PublicKey publicKey = x509Certificate.getPublicKey();
                    Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
                    cipher.init(1, publicKey);
                    return Base64.encodeToString(cipher.doFinal(str.getBytes()), 0);
                }
                LogUtil.error(TAG, "Failed to encrypt as cert is null");
            }
        } catch (InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e) {
            LogUtil.error(TAG, "encrypt", e);
        }
        return null;
    }

    @Override // com.centrify.android.cipher.CipherManager
    public int getEncryptType() {
        return 2;
    }
}
