package po;

import android.annotation.SuppressLint;
import android.security.keystore.KeyGenParameterSpec;
import android.security.keystore.KeyInfo;
import android.security.keystore.UserNotAuthenticatedException;
import androidx.annotation.NonNull;
import com.oblador.keychain.exceptions.CryptoFailedException;
import com.oblador.keychain.exceptions.KeyStoreAccessException;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.X509EncodedKeySpec;
import java.util.concurrent.atomic.AtomicInteger;
import javax.crypto.NoSuchPaddingException;
import po.a;

/* loaded from: classes3.dex */
public class i extends b {
    @NonNull
    private a.d I(@NonNull String str, @NonNull String str2, @NonNull String str3, @NonNull com.oblador.keychain.f fVar) throws GeneralSecurityException, IOException {
        KeyStore z10 = z();
        if (!z10.containsAlias(str)) {
            s(str, fVar);
        }
        PublicKey generatePublic = KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(z10.getCertificate(str).getPublicKey().getEncoded()));
        return new a.d(n(generatePublic, str3), n(generatePublic, str2), this);
    }

    @NonNull
    protected String H() {
        return "RSA";
    }

    @Override // po.a
    public int b() {
        return 23;
    }

    @Override // po.a
    public boolean c() {
        return true;
    }

    @Override // po.a
    public String f() {
        return "KeystoreRSAECB";
    }

    @Override // po.a
    @NonNull
    public a.d g(@NonNull String str, @NonNull String str2, @NonNull String str3, @NonNull com.oblador.keychain.f fVar) throws CryptoFailedException {
        B(fVar);
        try {
            return I(b.u(str, v()), str3, str2, fVar);
        } catch (KeyStoreAccessException e10) {
            e = e10;
            throw new CryptoFailedException("Could not access Keystore for service " + str, e);
        } catch (IOException e11) {
            throw new CryptoFailedException("I/O error: " + e11.getMessage(), e11);
        } catch (InvalidKeyException e12) {
            e = e12;
            throw new CryptoFailedException("Could not encrypt data for service " + str, e);
        } catch (KeyStoreException e13) {
            e = e13;
            throw new CryptoFailedException("Could not access Keystore for service " + str, e);
        } catch (NoSuchAlgorithmException e14) {
            e = e14;
            throw new CryptoFailedException("Could not encrypt data for service " + str, e);
        } catch (InvalidKeySpecException e15) {
            e = e15;
            throw new CryptoFailedException("Could not encrypt data for service " + str, e);
        } catch (NoSuchPaddingException e16) {
            e = e16;
            throw new CryptoFailedException("Could not encrypt data for service " + str, e);
        } catch (Throwable th2) {
            throw new CryptoFailedException("Unknown error: " + th2.getMessage(), th2);
        }
    }

    @Override // po.a
    @SuppressLint({"NewApi"})
    public void j(@NonNull qo.a aVar, @NonNull String str, @NonNull byte[] bArr, @NonNull byte[] bArr2, @NonNull com.oblador.keychain.f fVar) throws CryptoFailedException {
        Key p10;
        B(fVar);
        String u10 = b.u(str, v());
        Key key = null;
        try {
            try {
                p10 = p(u10, fVar, new AtomicInteger(1));
            } catch (UserNotAuthenticatedException e10) {
                e = e10;
            }
            try {
                aVar.a(new a.c(l(p10, bArr), l(p10, bArr2)), null);
            } catch (UserNotAuthenticatedException e11) {
                e = e11;
                key = p10;
                StringBuilder sb2 = new StringBuilder();
                sb2.append("Unlock of keystore is needed. Error: ");
                sb2.append(e.getMessage());
                aVar.b(new a.b(u10, key, bArr2, bArr));
            }
        } catch (Throwable th2) {
            aVar.a(null, th2);
        }
    }

    @Override // po.b
    @NonNull
    protected Key r(@NonNull KeyGenParameterSpec keyGenParameterSpec) throws GeneralSecurityException {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(H(), "AndroidKeyStore");
        keyPairGenerator.initialize(keyGenParameterSpec);
        return keyPairGenerator.generateKeyPair().getPrivate();
    }

    @Override // po.b
    @NonNull
    protected String w() {
        return "RSA/ECB/PKCS1Padding";
    }

    @Override // po.b
    @NonNull
    @SuppressLint({"NewApi"})
    protected KeyGenParameterSpec.Builder x(@NonNull String str, @NonNull boolean z10) throws GeneralSecurityException {
        return new KeyGenParameterSpec.Builder(str, 3).setBlockModes("ECB").setEncryptionPaddings("PKCS1Padding").setRandomizedEncryptionRequired(true).setUserAuthenticationRequired(true).setUserAuthenticationValidityDurationSeconds(5).setKeySize(z10 ? 512 : 3072);
    }

    @Override // po.b
    @NonNull
    protected KeyInfo y(@NonNull Key key) throws GeneralSecurityException {
        return (KeyInfo) KeyFactory.getInstance(key.getAlgorithm(), "AndroidKeyStore").getKeySpec(key, KeyInfo.class);
    }
}
