package com.mimecast.i.c.a.d.m;

import android.content.Context;
import android.content.SharedPreferences;
import android.security.KeyPairGeneratorSpec;
import android.util.Base64;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.UnrecoverableEntryException;
import java.security.cert.CertificateException;
import java.util.GregorianCalendar;
import java.util.Locale;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes.dex */
public class a {
    private static final String a = "ANDROID_M_c_5";

    /* renamed from: b, reason: collision with root package name */
    private static com.mimecast.d.a.a.c.a f2642b = com.mimecast.d.a.a.c.b.a();

    /* renamed from: c, reason: collision with root package name */
    private static a f2643c = null;
    private Context g;
    private KeyStore h;

    /* renamed from: d, reason: collision with root package name */
    private int f2644d = 67;

    /* renamed from: e, reason: collision with root package name */
    private int f2645e = 87;
    private int f = 16;
    private SecureRandom i = new SecureRandom();

    private a(Context context) {
        this.g = null;
        this.g = context;
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            this.h = keyStore;
            keyStore.load(null);
        } catch (IOException e2) {
            f2642b.f("Exception in keystore: " + e2, a);
        } catch (KeyStoreException e3) {
            f2642b.f("Exception in keystore: " + e3, a);
        } catch (NoSuchAlgorithmException e4) {
            f2642b.f("Exception in keystore: " + e4, a);
        } catch (CertificateException e5) {
            f2642b.f("Exception in keystore: " + e5, a);
        } catch (Throwable th) {
            f2642b.f("Exception in keystore: " + th, a);
        }
    }

    private char[] b(String str, String str2) {
        try {
            String string = this.g.getSharedPreferences("MIMECAST_NICE_TO_HAVE", 0).getString(str2, null);
            if (string != null && string.isEmpty()) {
                throw new IllegalArgumentException("Preference is empty");
            }
            KeyStore keyStore = this.h;
            if (keyStore != null) {
                KeyStore.Entry entry = keyStore.getEntry(str, null);
                if (entry == null) {
                    throw new IllegalArgumentException("Key Pair empty");
                }
                PrivateKey privateKey = entry instanceof KeyStore.PrivateKeyEntry ? ((KeyStore.PrivateKeyEntry) entry).getPrivateKey() : null;
                if (privateKey != null && string != null && !string.isEmpty()) {
                    byte[] decode = Base64.decode(string, 0);
                    Cipher cipher = Cipher.getInstance("we cannot use an initialisation vector here so we allow the use of RSA/ECB/PKCS1Padding only because we know it is secure enough when encrypting no more than 16 bytes".substring(this.f2644d, this.f2645e));
                    cipher.init(2, privateKey);
                    return Base64.encodeToString(cipher.doFinal(decode), 0).toCharArray();
                }
            }
        } catch (IllegalArgumentException e2) {
            f2642b.h("Unable to decrypt the key", a, e2);
        } catch (InvalidKeyException e3) {
            f2642b.h("Unable to decrypt the key", a, e3);
        } catch (KeyStoreException e4) {
            f2642b.h("Unable to decrypt the key", a, e4);
        } catch (NoSuchAlgorithmException e5) {
            f2642b.h("Unable to decrypt the key", a, e5);
        } catch (UnrecoverableEntryException e6) {
            f2642b.h("Unable to decrypt the key", a, e6);
        } catch (BadPaddingException e7) {
            f2642b.h("Unable to decrypt the key", a, e7);
        } catch (IllegalBlockSizeException e8) {
            f2642b.h("Unable to decrypt the key", a, e8);
        } catch (NoSuchPaddingException e9) {
            f2642b.h("Unable to decrypt the key", a, e9);
        } catch (Throwable th) {
            f2642b.a("Unable to decrypt the key", a, th.getMessage());
        }
        return null;
    }

    private void c(String str, String str2) {
        try {
            KeyStore keyStore = this.h;
            if (keyStore != null) {
                KeyStore.Entry entry = keyStore.getEntry(str, null);
                if (entry == null) {
                    f2642b.f("KeyStoreManager.java entry NULL. Something wrong", a);
                    throw new IllegalArgumentException("Key Pair empty");
                }
                PublicKey publicKey = entry instanceof KeyStore.PrivateKeyEntry ? ((KeyStore.PrivateKeyEntry) entry).getCertificate().getPublicKey() : null;
                if (publicKey != null) {
                    byte[] bArr = new byte[16];
                    this.i.nextBytes(bArr);
                    Cipher cipher = Cipher.getInstance("we cannot use an initialisation vector here so we allow the use of RSA/ECB/PKCS1Padding only because we know it is secure enough when encrypting no more than 16 bytes".substring(this.f2644d, this.f2645e));
                    cipher.init(1, publicKey);
                    String encodeToString = Base64.encodeToString(cipher.doFinal(bArr), 0);
                    SharedPreferences.Editor edit = this.g.getSharedPreferences("MIMECAST_NICE_TO_HAVE", 0).edit();
                    edit.putString(str2, encodeToString);
                    edit.commit();
                }
            }
        } catch (IllegalArgumentException e2) {
            f2642b.h("Unable to encrypt the data", a, e2);
        } catch (InvalidKeyException e3) {
            f2642b.h("Unable to encrypt the data", a, e3);
        } catch (KeyStoreException e4) {
            f2642b.h("Unable to encrypt the data", a, e4);
        } catch (NoSuchAlgorithmException e5) {
            f2642b.h("Unable to encrypt the data", a, e5);
        } catch (UnrecoverableEntryException e6) {
            f2642b.h("Unable to encrypt the data", a, e6);
        } catch (BadPaddingException e7) {
            f2642b.h("Unable to encrypt the data", a, e7);
        } catch (IllegalBlockSizeException e8) {
            f2642b.h("Unable to encrypt the data", a, e8);
        } catch (NoSuchPaddingException e9) {
            f2642b.h("Unable to encrypt the data", a, e9);
        } catch (Throwable th) {
            f2642b.a("Unable to encrypt the data.", a, th.getMessage());
        }
    }

    private char[] d() {
        char[] cArr = new char[this.f];
        SecureRandom secureRandom = new SecureRandom();
        for (int i = 0; i < this.f; i++) {
            cArr[i] = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456879".charAt(secureRandom.nextInt(62));
        }
        return cArr;
    }

    public static a g(Context context) {
        if (f2643c == null) {
            f2643c = new a(context);
        }
        return f2643c;
    }

    private char[] i() {
        String string = this.g.getSharedPreferences("MIMECAST_NICE_TO_HAVE", 0).getString("EMAIL_CLIENT_EXCHANGE_FOLDER", null);
        if (string == null || (string != null && string.isEmpty())) {
            try {
                KeyStore keyStore = this.h;
                if (keyStore != null) {
                    if (keyStore.getCertificateChain("MimecastFilesNewCryptoKeyAlias") == null) {
                        j("MimecastFilesNewCryptoKeyAlias");
                    }
                    if (this.h.getEntry("MimecastFilesNewCryptoKeyAlias", null) == null) {
                        f2642b.c("getSecuredFileKey: creating db key", a);
                        j("MimecastFilesNewCryptoKeyAlias");
                    }
                }
                c("MimecastFilesNewCryptoKeyAlias", "EMAIL_CLIENT_EXCHANGE_FOLDER");
            } catch (IllegalArgumentException e2) {
                f2642b.h("Error in creating pub-priv pair.", a, e2);
            } catch (InvalidAlgorithmParameterException e3) {
                f2642b.h("getSecuredFileKey: Error in creating pub-priv pair for files.", a, e3);
            } catch (KeyStoreException e4) {
                f2642b.h("getSecuredFileKey: Error in creating pub-priv pair for files.", a, e4);
            } catch (NoSuchAlgorithmException e5) {
                f2642b.h("getSecuredFileKey:Error in creating pub-priv pair for files.", a, e5);
            } catch (NoSuchProviderException e6) {
                f2642b.h("getSecuredFileKey: Error in creating pub-priv pair for files.", a, e6);
            } catch (UnrecoverableEntryException e7) {
                f2642b.h("getSecuredFileKey: Error in creating pub-priv pair for files.", a, e7);
            } catch (Throwable th) {
                f2642b.a("Error in creating pub-priv pair.", a, th.getMessage());
            }
        }
        return b("MimecastFilesNewCryptoKeyAlias", "EMAIL_CLIENT_EXCHANGE_FOLDER");
    }

    private KeyPair j(String str) {
        Locale locale = Locale.getDefault();
        b.a(Locale.ENGLISH, this.g);
        GregorianCalendar gregorianCalendar = new GregorianCalendar();
        GregorianCalendar gregorianCalendar2 = new GregorianCalendar();
        gregorianCalendar2.add(1, 100);
        KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(this.g).setAlias(str).setSubject(new X500Principal("CN=" + str)).setSerialNumber(BigInteger.valueOf(1345L)).setStartDate(gregorianCalendar.getTime()).setEndDate(gregorianCalendar2.getTime()).build();
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
        keyPairGenerator.initialize(build);
        KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
        b.a(locale, this.g);
        return generateKeyPair;
    }

    public void a(char[] cArr) {
        char[] d2 = d();
        if (cArr == null || cArr.length <= 0 || d2 == null || d2.length <= 0) {
            return;
        }
        int i = 0;
        for (int i2 = 0; i2 < cArr.length; i2++) {
            if (d2.length <= i) {
                i = 0;
            }
            cArr[i2] = d2[i];
            i++;
        }
    }

    public synchronized Cipher e(byte[] bArr) {
        Cipher cipher;
        Cipher cipher2;
        cipher = null;
        if (bArr != null) {
            if (bArr.length > 0) {
                try {
                    try {
                        try {
                            try {
                                IvParameterSpec ivParameterSpec = new IvParameterSpec(bArr);
                                char[] i = i();
                                if (i != null) {
                                    SecretKeySpec secretKeySpec = new SecretKeySpec(new String(i).getBytes("UTF-8"), 0, 16, "AES");
                                    cipher2 = Cipher.getInstance("AES/GCM/NoPadding");
                                    if (cipher2 == null) {
                                        cipher2 = Cipher.getInstance("AES/CBC/PKCS5Padding");
                                    }
                                    cipher2.init(2, secretKeySpec, ivParameterSpec);
                                } else {
                                    SecretKeySpec secretKeySpec2 = new SecretKeySpec(com.mimecast.i.c.c.g.r.b.a(this.g).getBytes("UTF-8"), 0, 16, "AES");
                                    cipher2 = Cipher.getInstance("AES/GCM/NoPadding");
                                    if (cipher2 == null) {
                                        cipher2 = Cipher.getInstance("AES/CBC/PKCS5Padding");
                                    }
                                    cipher2.init(2, secretKeySpec2, ivParameterSpec);
                                }
                                cipher = cipher2;
                            } catch (InvalidKeyException e2) {
                                f2642b.h("Unable to create file decryption Cipher", a, e2);
                            }
                        } catch (UnsupportedEncodingException e3) {
                            f2642b.h("Unable to create file decryption Cipher", a, e3);
                        }
                    } catch (InvalidAlgorithmParameterException e4) {
                        f2642b.h("Unable to create file decryption Cipher", a, e4);
                    } catch (Throwable th) {
                        f2642b.a("Unable to create file decryption Cipher", a, th.getMessage());
                    }
                } catch (NoSuchAlgorithmException e5) {
                    f2642b.h("Unable to create file decryption Cipher", a, e5);
                } catch (NoSuchPaddingException e6) {
                    f2642b.h("Unable to create file decryption Cipher", a, e6);
                }
            }
        }
        return cipher;
    }

    public synchronized Cipher f() {
        Cipher cipher;
        Cipher cipher2;
        cipher = null;
        try {
            try {
                try {
                    try {
                        byte[] bArr = new byte[16];
                        this.i.nextBytes(bArr);
                        IvParameterSpec ivParameterSpec = new IvParameterSpec(bArr);
                        char[] i = i();
                        if (i != null) {
                            SecretKeySpec secretKeySpec = new SecretKeySpec(new String(i).getBytes("UTF-8"), 0, 16, "AES");
                            cipher2 = Cipher.getInstance("AES/GCM/NoPadding");
                            if (cipher2 == null) {
                                cipher2 = Cipher.getInstance("AES/CBC/PKCS5Padding");
                            }
                            cipher2.init(1, secretKeySpec, ivParameterSpec);
                        } else {
                            SecretKeySpec secretKeySpec2 = new SecretKeySpec(com.mimecast.i.c.c.g.r.b.a(this.g).getBytes("UTF-8"), 0, 16, "AES");
                            cipher2 = Cipher.getInstance("AES/GCM/NoPadding");
                            if (cipher2 == null) {
                                cipher2 = Cipher.getInstance("AES/CBC/PKCS5Padding");
                            }
                            cipher2.init(1, secretKeySpec2, ivParameterSpec);
                        }
                        cipher = cipher2;
                    } catch (NoSuchAlgorithmException e2) {
                        f2642b.h("Unable to create file encryption Cipher", a, e2);
                    }
                } catch (InvalidAlgorithmParameterException e3) {
                    f2642b.h("Unable to create file encryption Cipher", a, e3);
                }
            } catch (UnsupportedEncodingException e4) {
                f2642b.h("Unable to create file encryption Cipher", a, e4);
            } catch (Throwable th) {
                f2642b.a("Unable to create file encryption Cipher", a, th.getMessage());
            }
        } catch (InvalidKeyException e5) {
            f2642b.h("Unable to create file encryption Cipher", a, e5);
        } catch (NoSuchPaddingException e6) {
            f2642b.h("Unable to create file encryption Cipher", a, e6);
        }
        return cipher;
    }

    public char[] h() {
        String string = this.g.getSharedPreferences("MIMECAST_NICE_TO_HAVE", 0).getString("EMAIL_CLIENT_APPLICATION", null);
        if (string == null || (string != null && string.isEmpty())) {
            try {
                if (this.h.getCertificateChain("MimecastDatabaseNewCryptoKeyAlias") == null) {
                    j("MimecastDatabaseNewCryptoKeyAlias");
                }
                KeyStore keyStore = this.h;
                if (keyStore != null && keyStore.getEntry("MimecastDatabaseNewCryptoKeyAlias", null) == null) {
                    f2642b.c("creating db key", a);
                    j("MimecastDatabaseNewCryptoKeyAlias");
                }
                c("MimecastDatabaseNewCryptoKeyAlias", "EMAIL_CLIENT_APPLICATION");
            } catch (IllegalArgumentException e2) {
                f2642b.h("Error in creating pub-priv pair.", a, e2);
            } catch (InvalidAlgorithmParameterException e3) {
                f2642b.h("Error in creating pub-priv pair.", a, e3);
            } catch (KeyStoreException e4) {
                f2642b.h("Error in creating pub-priv pair.", a, e4);
            } catch (NoSuchAlgorithmException e5) {
                f2642b.h("Error in creating pub-priv pair.", a, e5);
            } catch (NoSuchProviderException e6) {
                f2642b.h("Error in creating pub-priv pair.", a, e6);
            } catch (UnrecoverableEntryException e7) {
                f2642b.h("Error in creating pub-priv pair.", a, e7);
            } catch (Throwable th) {
                f2642b.a("Error in creating pub-priv pair.", a, th.getMessage());
            }
        }
        return b("MimecastDatabaseNewCryptoKeyAlias", "EMAIL_CLIENT_APPLICATION");
    }
}
