package com.paloaltonetworks.globalprotect.util;

import android.security.KeyPairGeneratorSpec;
import android.util.Base64;
import com.paloaltonetworks.globalprotect.G;
import java.math.BigInteger;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.MGF1ParameterSpec;
import java.util.Calendar;
import javax.crypto.Cipher;
import javax.crypto.spec.OAEPParameterSpec;
import javax.crypto.spec.PSource;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes.dex */
public class d {
    private static final String d = "globalprotect_key";
    private static final String e = "PanCrypto";
    private static final int f = 245;
    private static d g;

    /* renamed from: a, reason: collision with root package name */
    private KeyStore f1845a;

    /* renamed from: b, reason: collision with root package name */
    private KeyPair f1846b = null;
    private OAEPParameterSpec c = new OAEPParameterSpec("SHA-256", "MGF1", new MGF1ParameterSpec("SHA-1"), PSource.PSpecified.DEFAULT);

    d() {
        this.f1845a = null;
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            this.f1845a = keyStore;
            keyStore.load(null);
            d();
        } catch (Exception e2) {
            Log.LOG_WARNING(e, "failed to init app keystore" + e2.getMessage());
        }
    }

    public static d c() {
        if (g == null) {
            g = new d();
        }
        return g;
    }

    public String a(String str) {
        if (str == null || str.isEmpty()) {
            Log.LOG_DEBUG(e, "empty encrypted string, not valid");
            return null;
        }
        try {
            KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) this.f1845a.getEntry(d, null);
            Cipher cipher = Cipher.getInstance("RSA/ECB/OAEPWithSHA-256AndMGF1Padding");
            cipher.init(2, privateKeyEntry.getPrivateKey(), this.c);
            return new String(cipher.doFinal(Base64.decode(str, 0)));
        } catch (Exception e2) {
            Log.LOG_ERROR(e, "Exception:" + e2.getMessage() + " when doing decryption:" + android.util.Log.getStackTraceString(e2));
            return null;
        }
    }

    public String b(String str) {
        if (str == null || str.isEmpty()) {
            Log.LOG_DEBUG(e, "empty string for encryption");
            return null;
        }
        if (str.length() > f) {
            Log.LOG_DEBUG(e, "text size exceeded limit.");
            return null;
        }
        try {
            RSAPublicKey rSAPublicKey = (RSAPublicKey) ((KeyStore.PrivateKeyEntry) this.f1845a.getEntry(d, null)).getCertificate().getPublicKey();
            Cipher cipher = Cipher.getInstance("RSA/ECB/OAEPWithSHA-256AndMGF1Padding", "AndroidOpenSSL");
            cipher.init(1, rSAPublicKey, this.c);
            return Base64.encodeToString(cipher.doFinal(str.getBytes()), 0);
        } catch (Exception e2) {
            Log.LOG_ERROR(e, "Exception:" + e2.getMessage() + " when doing encryption:" + android.util.Log.getStackTraceString(e2));
            return null;
        }
    }

    public void d() {
        try {
            if (this.f1845a.containsAlias(d)) {
                return;
            }
            Calendar calendar = Calendar.getInstance();
            Calendar calendar2 = Calendar.getInstance();
            calendar2.add(1, 100);
            KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(G.appContext).setAlias(d).setSubject(new X500Principal("CN=GlobalProtect, O=GlobalProtect Orgnization")).setSerialNumber(BigInteger.ONE).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build();
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
            keyPairGenerator.initialize(build);
            this.f1846b = keyPairGenerator.generateKeyPair();
        } catch (Exception e2) {
            Log.LOG_ERROR(e, "Exception:" + e2.getMessage() + " when generating encryption key pair:" + android.util.Log.getStackTraceString(e2));
        }
    }
}
