package jg;

import android.annotation.TargetApi;
import android.content.Context;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyInfo;
import android.util.Base64;
import android.util.Log;
import com.microsoft.identity.common.java.crypto.key.AES256KeyLoader;
import com.microsoft.identity.common.java.platform.AbstractDevicePopManager;
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SecureRandom;
import java.util.GregorianCalendar;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;
import nq.m;

/* compiled from: RMKeyStoreKeyGenerator.kt */
/* loaded from: classes.dex */
public final class a {

    /* renamed from: a, reason: collision with root package name */
    public final Context f8046a;

    /* renamed from: b, reason: collision with root package name */
    public final File f8047b;

    public a(Context context, String str, m mVar) {
        this.f8046a = context;
        this.f8047b = new File(context.getFilesDir(), str);
    }

    @TargetApi(18)
    public String a() throws GeneralSecurityException, IOException {
        Context context = this.f8046a;
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null);
        if (!keyStore.containsAlias("KeyGenerator")) {
            GregorianCalendar gregorianCalendar = new GregorianCalendar();
            GregorianCalendar gregorianCalendar2 = new GregorianCalendar();
            gregorianCalendar2.add(1, 100);
            KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(context).setAlias("KeyGenerator").setSubject(new X500Principal("CN=KeyGenerator")).setSerialNumber(BigInteger.ONE).setStartDate(gregorianCalendar.getTime()).setEndDate(gregorianCalendar2.getTime()).build();
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(AbstractDevicePopManager.KeyPairGeneratorAlgorithms.RSA, "AndroidKeyStore");
            keyPairGenerator.initialize(build);
            keyPairGenerator.generateKeyPair();
        }
        KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry("KeyGenerator", null);
        KeyPair keyPair = new KeyPair(privateKeyEntry.getCertificate().getPublicKey(), privateKeyEntry.getPrivateKey());
        if (!this.f8047b.exists()) {
            byte[] bArr = new byte[64];
            new SecureRandom().nextBytes(bArr);
            SecretKeySpec secretKeySpec = new SecretKeySpec(bArr, 0, 64, AES256KeyLoader.AES_ALGORITHM);
            cipher.init(3, keyPair.getPublic());
            byte[] wrap = cipher.wrap(secretKeySpec);
            FileOutputStream fileOutputStream = new FileOutputStream(this.f8047b);
            try {
                fileOutputStream.write(wrap);
            } finally {
                fileOutputStream.close();
            }
        }
        byte[] a10 = ap.a.a(this.f8047b);
        cipher.init(4, keyPair.getPrivate());
        SecretKey secretKey = (SecretKey) cipher.unwrap(a10, AES256KeyLoader.AES_ALGORITHM, 3);
        try {
            ((KeyInfo) KeyFactory.getInstance(secretKey.getAlgorithm(), "AndroidKeyStore").getKeySpec(secretKey, KeyInfo.class)).isInsideSecureHardware();
        } catch (NoSuchAlgorithmException e10) {
            Log.e("DEBUG", "NoSuchAlgorithmException: " + e10);
        } catch (NoSuchProviderException e11) {
            Log.e("DEBUG", "NoSuchProviderException: " + e11);
        }
        String encodeToString = Base64.encodeToString(secretKey.getEncoded(), 0);
        o3.b.f(encodeToString, "encodeToString(key.encod…                .DEFAULT)");
        return encodeToString;
    }
}
