package defpackage;

import android.annotation.TargetApi;
import android.content.Context;
import android.security.KeyPairGeneratorSpec;
import com.microsoft.identity.common.adal.internal.AuthenticationConstants;
import com.microsoft.identity.common.internal.util.AndroidKeyStoreUtil;
import com.microsoft.identity.common.java.crypto.key.AES256KeyLoader;
import com.microsoft.identity.common.java.crypto.key.KeyUtil;
import com.microsoft.identity.common.java.exception.ClientException;
import com.microsoft.identity.common.java.platform.AbstractDevicePopManager;
import com.microsoft.identity.common.java.telemetry.ITelemetryCallback;
import com.microsoft.identity.common.java.util.CachedData;
import com.microsoft.identity.common.java.util.FileUtil;
import com.microsoft.identity.common.logging.Logger;
import edu.umd.cs.findbugs.annotations.Nullable;
import java.io.File;
import java.math.BigInteger;
import java.security.KeyPair;
import java.security.spec.AlgorithmParameterSpec;
import java.util.Calendar;
import java.util.Locale;
import java.util.Objects;
import javax.crypto.SecretKey;
import javax.security.auth.x500.X500Principal;
import lombok.NonNull;

@TargetApi(18)
/* loaded from: classes.dex */
public class q5 extends AES256KeyLoader {
    public static final String e = q5.class.getSimpleName() + "#";
    public final Context a;
    public final ITelemetryCallback b;
    public final String c;
    public final CachedData<SecretKey> d = new a();

    /* loaded from: classes.dex */
    public class a extends CachedData<SecretKey> {
        public a() {
        }

        @Override // com.microsoft.identity.common.java.util.CachedData
        /* renamed from: a, reason: merged with bridge method [inline-methods] */
        public SecretKey getData() {
            if (!AndroidKeyStoreUtil.canLoadKey(q5.this.c) || !q5.this.e().exists()) {
                clear();
            }
            return (SecretKey) super.getData();
        }
    }

    public q5(@NonNull String str, @NonNull Context context, @Nullable ITelemetryCallback iTelemetryCallback) {
        Objects.requireNonNull(str, "alias is marked non-null but is null");
        Objects.requireNonNull(context, "context is marked non-null but is null");
        this.c = str;
        this.a = context;
        this.b = iTelemetryCallback;
    }

    public static AlgorithmParameterSpec f(@NonNull Context context, @NonNull String str) {
        Objects.requireNonNull(context, "context is marked non-null but is null");
        Objects.requireNonNull(str, "alias is marked non-null but is null");
        String format = String.format(Locale.ROOT, "CN=%s, OU=%s", str, context.getPackageName());
        Calendar calendar = Calendar.getInstance();
        Calendar calendar2 = Calendar.getInstance();
        calendar2.add(1, 100);
        return new KeyPairGeneratorSpec.Builder(context).setAlias(str).setSubject(new X500Principal(format)).setSerialNumber(BigInteger.ONE).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build();
    }

    public final void c() throws ClientException {
        AndroidKeyStoreUtil.deleteKey(this.c);
        FileUtil.deleteFile(e());
        this.d.clear();
    }

    @NonNull
    public final synchronized KeyPair d() throws ClientException {
        KeyPair generateKeyPair;
        String str = e + ":generateKeyStoreKeyPair";
        try {
            i(str, AuthenticationConstants.TelemetryEvents.KEYSTORE_WRITE_START);
            generateKeyPair = AndroidKeyStoreUtil.generateKeyPair(AbstractDevicePopManager.KeyPairGeneratorAlgorithms.RSA, f(this.a, this.c));
            j(str, AuthenticationConstants.TelemetryEvents.KEYSTORE_WRITE_END, "");
        } catch (ClientException e2) {
            h(str, AuthenticationConstants.TelemetryEvents.KEYSTORE_WRITE_END, e2.toString(), e2);
            throw e2;
        }
        return generateKeyPair;
    }

    public final File e() {
        Context context = this.a;
        return new File(context.getDir(context.getPackageName(), 0), "adalks");
    }

    public final void g(@NonNull String str, @NonNull String str2, boolean z, @NonNull String str3) {
        Objects.requireNonNull(str, "methodTag is marked non-null but is null");
        Objects.requireNonNull(str2, "operationName is marked non-null but is null");
        Objects.requireNonNull(str3, "reason is marked non-null but is null");
        Logger.verbose(str, str2 + ": " + str3);
        ITelemetryCallback iTelemetryCallback = this.b;
        if (iTelemetryCallback != null) {
            iTelemetryCallback.logEvent(str2, Boolean.valueOf(z), str3);
        }
    }

    @Override // com.microsoft.identity.common.java.crypto.key.AbstractSecretKeyLoader
    public SecretKey generateRandomKey() throws ClientException {
        String str = e + ":generateRandomKey";
        SecretKey generateRandomKey = super.generateRandomKey();
        m(generateRandomKey);
        g(str, AuthenticationConstants.TelemetryEvents.KEY_CREATED, false, "New key is generated.");
        Logger.info(str, "New key is generated with thumbprint: " + KeyUtil.getKeyThumbPrint(generateRandomKey));
        return generateRandomKey;
    }

    @Override // com.microsoft.identity.common.java.crypto.key.AbstractSecretKeyLoader
    @NonNull
    public String getAlias() {
        return "KEYSTORE_KEY";
    }

    @Override // com.microsoft.identity.common.java.crypto.key.AbstractSecretKeyLoader
    @NonNull
    public synchronized SecretKey getKey() throws ClientException {
        SecretKey data;
        data = this.d.getData();
        if (data == null) {
            data = l();
        }
        if (data == null) {
            data = generateRandomKey();
        }
        this.d.setData(data);
        return data;
    }

    @Override // com.microsoft.identity.common.java.crypto.key.AbstractSecretKeyLoader
    @NonNull
    public String getKeyTypeIdentifier() {
        return "A001";
    }

    public final void h(@NonNull String str, @NonNull String str2, @NonNull String str3, @Nullable Exception exc) {
        Objects.requireNonNull(str, "methodTag is marked non-null but is null");
        Objects.requireNonNull(str2, "operationName is marked non-null but is null");
        Objects.requireNonNull(str3, "reason is marked non-null but is null");
        Logger.error(str, str2 + " failed: " + str3, exc);
        ITelemetryCallback iTelemetryCallback = this.b;
        if (iTelemetryCallback != null) {
            iTelemetryCallback.logEvent(str2, Boolean.TRUE, str3);
        }
    }

    public final void i(@NonNull String str, @NonNull String str2) {
        Objects.requireNonNull(str, "methodTag is marked non-null but is null");
        Objects.requireNonNull(str2, "operationName is marked non-null but is null");
        Logger.verbose(str, str2 + " started.");
        ITelemetryCallback iTelemetryCallback = this.b;
        if (iTelemetryCallback != null) {
            iTelemetryCallback.logEvent(str2, Boolean.FALSE, "");
        }
    }

    public final void j(@NonNull String str, @NonNull String str2, @NonNull String str3) {
        Objects.requireNonNull(str, "methodTag is marked non-null but is null");
        Objects.requireNonNull(str2, "operationName is marked non-null but is null");
        Objects.requireNonNull(str3, "reason is marked non-null but is null");
        Logger.verbose(str, str2 + " successfully finished: " + str3);
        ITelemetryCallback iTelemetryCallback = this.b;
        if (iTelemetryCallback != null) {
            iTelemetryCallback.logEvent(str2, Boolean.FALSE, str3);
        }
    }

    @Nullable
    public final synchronized KeyPair k() throws ClientException {
        KeyPair readKey;
        String str = e + ":readKeyStoreKeyPair";
        try {
            i(str, AuthenticationConstants.TelemetryEvents.KEYSTORE_READ_START);
            readKey = AndroidKeyStoreUtil.readKey(this.c);
            if (readKey == null) {
                j(str, AuthenticationConstants.TelemetryEvents.KEYSTORE_READ_END, "KeyStore is empty.");
            }
            j(str, AuthenticationConstants.TelemetryEvents.KEYSTORE_READ_END, "KeyStore KeyPair is loaded.");
        } catch (ClientException e2) {
            h(str, AuthenticationConstants.TelemetryEvents.KEYSTORE_READ_END, e2.toString(), e2);
            throw e2;
        }
        return readKey;
    }

    @Nullable
    public SecretKey l() throws ClientException {
        String str = e + ":readSecretKeyFromStorage";
        try {
            KeyPair k = k();
            if (k == null) {
                Logger.info(str, "key does not exist in keystore");
                c();
                return null;
            }
            byte[] readFromFile = FileUtil.readFromFile(e(), 1024);
            if (readFromFile == null) {
                Logger.warn(str, "Key file is empty");
                c();
                return null;
            }
            SecretKey unwrap = AndroidKeyStoreUtil.unwrap(readFromFile, getKeySpecAlgorithm(), k, "RSA/ECB/PKCS1Padding");
            Logger.info(str, "New key is generated with thumbprint: " + KeyUtil.getKeyThumbPrint(unwrap));
            return unwrap;
        } catch (ClientException e2) {
            Logger.warn(str, "Error when loading key from Storage, wipe all existing key data ");
            c();
            throw e2;
        }
    }

    public final void m(@NonNull SecretKey secretKey) throws ClientException {
        Objects.requireNonNull(secretKey, "unencryptedKey is marked non-null but is null");
        String str = e + ":saveSecretKeyToStorage";
        KeyPair k = k();
        if (k == null) {
            Logger.info(str, "No existing keypair. Generating a new one.");
            k = d();
        }
        FileUtil.writeDataToFile(AndroidKeyStoreUtil.wrap(secretKey, k, "RSA/ECB/PKCS1Padding"), e());
    }
}
