package net.juniper.junos.pulse.android.util;

import com.rsa.crypto.AlgorithmStrings;
import java.nio.charset.StandardCharsets;
import java.security.GeneralSecurityException;
import java.security.SecureRandom;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: classes2.dex */
public class SecureKeyDerivation {
    private static final int IV_SIZE = 16;
    private static final int KEY_SIZE = 32;
    private byte[] mRandomIV;
    private byte[] mSaltSecret;

    public SecureKeyDerivation(boolean z) {
        if (z) {
            setSaltSecret(retrieveSalt());
            setRandomIV(retrieveIv());
        }
    }

    private void createRandomKey(byte[] bArr) {
        new SecureRandom().nextBytes(bArr);
    }

    private static byte[] decryptData(byte[] bArr, byte[] bArr2, SecretKey secretKey) {
        return encryptOrDecrypt(bArr, secretKey, bArr2, false);
    }

    private SecretKey deriveKeySecurely(String str, int i2, byte[] bArr) {
        try {
            return new SecretKeySpec(SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1").generateSecret(new PBEKeySpec(str.toCharArray(), bArr, 100, i2 * 8)).getEncoded(), AlgorithmStrings.AES);
        } catch (Exception e2) {
            throw new RuntimeException("Key derivation failed! ", e2);
        }
    }

    private static byte[] encryptData(byte[] bArr, byte[] bArr2, SecretKey secretKey) {
        return encryptOrDecrypt(bArr, secretKey, bArr2, true);
    }

    private static byte[] encryptOrDecrypt(byte[] bArr, SecretKey secretKey, byte[] bArr2, boolean z) {
        try {
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7PADDING");
            cipher.init(z ? 1 : 2, secretKey, new IvParameterSpec(bArr2));
            return cipher.doFinal(bArr);
        } catch (GeneralSecurityException e2) {
            StringBuilder sb = new StringBuilder();
            sb.append("This is unconceivable! ");
            sb.append(z ? "Encryption failed" : "Decryption failed");
            throw new RuntimeException(sb.toString(), e2);
        }
    }

    private byte[] getEncodedBytes(String str) {
        return str.getBytes(StandardCharsets.ISO_8859_1);
    }

    private String getEncodedString(byte[] bArr) {
        return new String(bArr, StandardCharsets.ISO_8859_1);
    }

    private byte[] getRandomIV() {
        return this.mRandomIV;
    }

    private byte[] getSaltSecret() {
        return this.mSaltSecret;
    }

    private byte[] retrieveIv() {
        byte[] bArr = new byte[16];
        createRandomKey(bArr);
        return bArr;
    }

    private byte[] retrieveSalt() {
        byte[] bArr = new byte[32];
        createRandomKey(bArr);
        return bArr;
    }

    private void setRandomIV(byte[] bArr) {
        this.mRandomIV = bArr;
    }

    private void setSaltSecret(byte[] bArr) {
        this.mSaltSecret = bArr;
    }

    public void clear() {
        setRandomIV(null);
        setSaltSecret(null);
    }

    public String getDecryptedData(String str, String str2, String str3, String str4) {
        return getEncodedString(decryptData(getEncodedBytes(str2), getEncodedBytes(str3), deriveKeySecurely(str, 32, getEncodedBytes(str4))));
    }

    public String getEncryptedData(String str, String str2) {
        return getEncodedString(encryptData(getEncodedBytes(str2), getRandomIV(), deriveKeySecurely(str, 32, getSaltSecret())));
    }

    public String getRandomIvEncoded() {
        return getEncodedString(this.mRandomIV);
    }

    public String getSaltSecretEncoded() {
        return getEncodedString(this.mSaltSecret);
    }
}
