package epic.mychart.android.library.utilities;

import android.security.keystore.KeyGenParameterSpec;
import android.security.keystore.KeyPermanentlyInvalidatedException;
import com.microsoft.identity.common.internal.platform.IDevicePopManager;
import com.oblador.keychain.cipherStorage.CipherStorageKeystoreRsaEcb;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.PublicKey;
import java.security.spec.MGF1ParameterSpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Optional;
import java.util.function.Function;
import javax.crypto.Cipher;
import javax.crypto.spec.OAEPParameterSpec;
import javax.crypto.spec.PSource;
import org.spongycastle.pqc.jcajce.spec.McElieceCCA2KeyGenParameterSpec;

/* loaded from: classes7.dex */
public class n {
    private static KeyStore a;
    private static KeyPairGenerator b;

    public static PublicKey a(String str) {
        try {
            KeyStore d = d();
            d.load(null);
            return KeyFactory.getInstance(CipherStorageKeystoreRsaEcb.ALGORITHM_RSA).generatePublic(new X509EncodedKeySpec(d.getCertificate(str).getPublicKey().getEncoded()));
        } catch (Exception e) {
            throw new Exception("Failed to access public key for " + str, e);
        }
    }

    public static Cipher a() {
        try {
            KeyStore d = d();
            d.load(null);
            Optional map = Optional.ofNullable((KeyStore.PrivateKeyEntry) d.getEntry("MyChart_BiometricTokenKey", null)).map(new Function() { // from class: epic.mychart.android.library.utilities.g1
                @Override // java.util.function.Function
                public final Object apply(Object obj) {
                    return ((KeyStore.PrivateKeyEntry) obj).getPrivateKey();
                }
            });
            if (!map.isPresent()) {
                throw new KeyPermanentlyInvalidatedException("Private Key missing");
            }
            Cipher b2 = b();
            b2.init(2, (Key) map.get());
            return b2;
        } catch (KeyPermanentlyInvalidatedException e) {
            b("MyChart_BiometricTokenKey");
            throw e;
        } catch (Exception e2) {
            throw new Exception("Unable to retrieve biometric login cipher", e2);
        }
    }

    public static void a(String str, boolean z) {
        try {
            KeyStore d = d();
            a = d;
            d.load(null);
            if (a.containsAlias(str)) {
                return;
            }
            b = c();
            KeyGenParameterSpec.Builder keySize = new KeyGenParameterSpec.Builder(str, 3).setBlockModes(CipherStorageKeystoreRsaEcb.BLOCK_MODE_ECB).setEncryptionPaddings("OAEPPadding").setDigests(McElieceCCA2KeyGenParameterSpec.SHA256, McElieceCCA2KeyGenParameterSpec.SHA512).setKeySize(2048);
            keySize.setInvalidatedByBiometricEnrollment(z);
            keySize.setUserAuthenticationRequired(z);
            b.initialize(keySize.build());
            b.generateKeyPair();
        } catch (Exception e) {
            throw new Exception("Failed to create keypair " + str, e);
        }
    }

    public static byte[] a(String str, byte[] bArr) {
        try {
            Cipher b2 = b();
            KeyStore d = d();
            d.load(null);
            KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) d.getEntry(str, null);
            if (privateKeyEntry == null) {
                return null;
            }
            b2.init(2, privateKeyEntry.getPrivateKey());
            return b2.doFinal(bArr);
        } catch (Exception e) {
            throw new Exception("Unable to decrypt using " + str + " private key", e);
        }
    }

    public static byte[] a(String str, byte[] bArr, Cipher cipher) {
        try {
            return cipher.doFinal(bArr);
        } catch (Exception e) {
            throw new Exception("Unable to decrypt using " + str + " private key", e);
        }
    }

    private static Cipher b() {
        return Cipher.getInstance("RSA/ECB/OAEPWithSHA-256AndMGF1Padding");
    }

    public static void b(String str) {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            try {
                keyStore.load(null);
                try {
                    keyStore.deleteEntry(str);
                } catch (KeyStoreException unused) {
                }
            } catch (Exception e) {
                throw new Exception("Failed to load KeyStore", e);
            }
        } catch (KeyStoreException e2) {
            throw new Exception("Failed to get instance of KeyStore", e2);
        }
    }

    public static byte[] b(String str, byte[] bArr) {
        try {
            Cipher b2 = b();
            b2.init(1, a(str), new OAEPParameterSpec(McElieceCCA2KeyGenParameterSpec.SHA256, IDevicePopManager.MGF_1, MGF1ParameterSpec.SHA1, PSource.PSpecified.DEFAULT));
            return b2.doFinal(bArr);
        } catch (Exception e) {
            throw new Exception("Unable to encrypt using " + str + " public key", e);
        }
    }

    private static KeyPairGenerator c() {
        KeyPairGenerator keyPairGenerator = b;
        if (keyPairGenerator != null) {
            return keyPairGenerator;
        }
        try {
            KeyPairGenerator keyPairGenerator2 = KeyPairGenerator.getInstance(CipherStorageKeystoreRsaEcb.ALGORITHM_RSA, "AndroidKeyStore");
            b = keyPairGenerator2;
            return keyPairGenerator2;
        } catch (Exception e) {
            throw new Exception("Failed to get an instance of KeyPairGenerator", e);
        }
    }

    public static KeyStore d() {
        KeyStore keyStore = a;
        if (keyStore != null) {
            return keyStore;
        }
        try {
            KeyStore keyStore2 = KeyStore.getInstance("AndroidKeyStore");
            a = keyStore2;
            return keyStore2;
        } catch (KeyStoreException e) {
            throw new Exception("Failed to get instance of KeyStore", e);
        }
    }
}
