package org.jboss.aerogear.android.impl.security;

import android.content.Context;
import android.content.SharedPreferences;
import java.security.spec.InvalidKeySpecException;
import org.jboss.aerogear.AeroGearCrypto;
import org.jboss.aerogear.android.security.CryptoConfig;
import org.jboss.aerogear.android.security.EncryptionService;
import org.jboss.aerogear.android.security.EncryptionServiceType;
import org.jboss.aerogear.crypto.CryptoBox;
import org.jboss.aerogear.crypto.Random;
import org.jboss.aerogear.crypto.encoders.Hex;
import org.jboss.aerogear.crypto.keys.KeyPair;

/* loaded from: classes.dex */
public class PasswordEncryptionServices extends AbstractEncryptionService implements EncryptionService {
    private static final String APPLICATION_SALT_KEY = "applicationSALT";
    private static final String TAG = PasswordEncryptionServices.class.getSimpleName();
    private final Context appContext;
    private final CryptoBox crypto;

    /* loaded from: classes.dex */
    public static class PasswordProtectedKeystoreCryptoConfig implements CryptoConfig {
        private String alias;
        private String keyStoreFile = "default.keystore";
        private String password;

        public String getAlias() {
            return this.alias;
        }

        public String getPassword() {
            return this.password;
        }

        @Override // org.jboss.aerogear.android.security.CryptoConfig
        public EncryptionServiceType getType() {
            return EncryptionServiceTypes.PASSWORD_KEYSTORE;
        }

        public void setAlias(String str) {
            this.alias = str;
        }

        public void setPassword(String str) {
            this.password = str;
        }
    }

    public PasswordEncryptionServices(PasswordProtectedKeystoreCryptoConfig passwordProtectedKeystoreCryptoConfig, Context context) {
        super(context);
        this.appContext = context;
        this.crypto = getCrypto(context, passwordProtectedKeystoreCryptoConfig);
    }

    private byte[] createKey(KeyStoreServices keyStoreServices, String str) {
        KeyPair keyPair = new KeyPair();
        byte[] generateSecret = new CryptoBox().generateSecret(keyPair.getPrivateKey(), keyPair.getPublicKey());
        keyStoreServices.addEntry(str, generateSecret);
        keyStoreServices.save();
        return generateSecret;
    }

    private String derive(String str) {
        byte[] bArr = null;
        try {
            bArr = AeroGearCrypto.pbkdf2().encrypt(str, getSalt());
        } catch (InvalidKeySpecException e) {
            e.printStackTrace();
        }
        return Hex.HEX.encode(bArr);
    }

    private CryptoBox getCrypto(Context context, PasswordProtectedKeystoreCryptoConfig passwordProtectedKeystoreCryptoConfig) {
        validate(passwordProtectedKeystoreCryptoConfig);
        String alias = passwordProtectedKeystoreCryptoConfig.getAlias();
        if (alias == null) {
            throw new IllegalArgumentException("Alias in CryptoConfig may not be null");
        }
        KeyStoreServices keyStoreServices = new KeyStoreServices(context, derive(passwordProtectedKeystoreCryptoConfig.password).toCharArray());
        byte[] entry = keyStoreServices.getEntry(alias);
        return entry != null ? new CryptoBox(entry) : new CryptoBox(createKey(keyStoreServices, alias));
    }

    private byte[] getSalt() {
        SharedPreferences sharedPreferences = this.appContext.getApplicationContext().getSharedPreferences(TAG, 0);
        if (sharedPreferences.contains(APPLICATION_SALT_KEY)) {
            return new Hex().decode(sharedPreferences.getString(APPLICATION_SALT_KEY, ""));
        }
        SharedPreferences.Editor edit = sharedPreferences.edit();
        byte[] randomBytes = new Random().randomBytes();
        edit.putString(APPLICATION_SALT_KEY, new Hex().encode(randomBytes));
        edit.commit();
        return randomBytes;
    }

    private void validate(PasswordProtectedKeystoreCryptoConfig passwordProtectedKeystoreCryptoConfig) {
        if (passwordProtectedKeystoreCryptoConfig.alias == null) {
            throw new IllegalArgumentException("The alias must not be null");
        }
        if (passwordProtectedKeystoreCryptoConfig.password == null) {
            throw new IllegalArgumentException("The password must not be null");
        }
        if (passwordProtectedKeystoreCryptoConfig.keyStoreFile == null) {
            throw new IllegalArgumentException("The keystoreFile must not be null");
        }
    }

    @Override // org.jboss.aerogear.android.impl.security.AbstractEncryptionService
    protected CryptoBox getCryptoInstance() {
        return this.crypto;
    }
}
