package com.android.server.wifi.util;

import android.security.keystore.AndroidKeyStoreProvider;
import android.security.keystore.KeyGenParameterSpec;
import android.text.TextUtils;
import android.util.Log;
import com.android.server.wifi.WifiConfigManager;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.ProviderException;
import java.security.UnrecoverableEntryException;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.GCMParameterSpec;

/* loaded from: classes.dex */
public class WifiConfigStoreEncryptionUtil {
    private final String mDataFileName;
    private Cipher mEncryptCipher;
    private final SecretKey mSecretKeyReference;

    public WifiConfigStoreEncryptionUtil(String str) {
        if (TextUtils.isEmpty(str)) {
            throw new NullPointerException("dataFileName must not be null or the empty string");
        }
        this.mDataFileName = str;
        this.mSecretKeyReference = getOrCreateSecretKey(getKeyAlias());
        try {
            this.mEncryptCipher = Cipher.getInstance("AES/GCM/NoPadding");
        } catch (NoSuchAlgorithmException e) {
            reportException(e, "encrypt could not find the algorithm: AES/GCM/NoPadding");
        } catch (NoSuchPaddingException e2) {
            reportException(e2, "encrypt had a padding exception");
        } catch (Exception e3) {
            reportException(e3, "exception caught");
        }
    }

    private String getKeyAlias() {
        return this.mDataFileName + ".data-encryption-key";
    }

    private SecretKey getOrCreateSecretKey(String str) {
        SecretKey secretKey = null;
        try {
            KeyStore keyStoreForUid = AndroidKeyStoreProvider.getKeyStoreForUid(1010);
            if (!keyStoreForUid.containsAlias(str)) {
                KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", "AndroidKeyStore");
                keyGenerator.init(new KeyGenParameterSpec.Builder(str, 3).setBlockModes("GCM").setEncryptionPaddings("NoPadding").setKeySize(256).setUid(1010).build());
                return keyGenerator.generateKey();
            }
            KeyStore.SecretKeyEntry secretKeyEntry = (KeyStore.SecretKeyEntry) keyStoreForUid.getEntry(str, null);
            if (secretKeyEntry != null) {
                secretKey = secretKeyEntry.getSecretKey();
            } else {
                reportException(new Exception("keystore contains the alias and the secret key entry was null"), "keystore contains the alias and the secret key entry was null");
            }
            return secretKey;
        } catch (InvalidAlgorithmParameterException e) {
            reportException(e, "getOrCreateSecretKey had an invalid algorithm parameter");
            return null;
        } catch (KeyStoreException e2) {
            reportException(e2, "getOrCreateSecretKey cannot find the keystore: AndroidKeyStore");
            return null;
        } catch (NoSuchAlgorithmException e3) {
            reportException(e3, "getOrCreateSecretKey cannot find algorithm");
            return null;
        } catch (NoSuchProviderException e4) {
            reportException(e4, "getOrCreateSecretKey cannot find crypto provider");
            return null;
        } catch (ProviderException e5) {
            reportException(e5, "getOrCreateSecretKey had a provider exception.");
            return null;
        } catch (UnrecoverableEntryException e6) {
            reportException(e6, "getOrCreateSecretKey had an unrecoverable entry exception.");
            return null;
        } catch (Exception e7) {
            reportException(e7, "exception caught");
            return null;
        }
    }

    private void reportException(Exception exc, String str) {
        Log.wtf("WifiConfigStoreEncryptionUtil", "An irrecoverable key store error was encountered: " + str, exc);
    }

    public byte[] decrypt(EncryptedData encryptedData) {
        try {
            Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
            GCMParameterSpec gCMParameterSpec = new GCMParameterSpec(WifiConfigManager.SCAN_CACHE_ENTRIES_TRIM_SIZE, encryptedData.getIv());
            if (this.mSecretKeyReference == null) {
                return null;
            }
            cipher.init(2, this.mSecretKeyReference, gCMParameterSpec);
            return cipher.doFinal(encryptedData.getEncryptedData());
        } catch (InvalidAlgorithmParameterException e) {
            reportException(e, "decrypt had an invalid algorithm parameter");
            return null;
        } catch (InvalidKeyException e2) {
            reportException(e2, "decrypt had an invalid key");
            return null;
        } catch (NoSuchAlgorithmException e3) {
            reportException(e3, "decrypt could not find cipher algorithm AES/GCM/NoPadding");
            return null;
        } catch (BadPaddingException e4) {
            reportException(e4, "decrypt had bad padding");
            return null;
        } catch (IllegalBlockSizeException e5) {
            reportException(e5, "decrypt had a illegal block size");
            return null;
        } catch (NoSuchPaddingException e6) {
            reportException(e6, "decrypt could not find padding algorithm");
            return null;
        } catch (Exception e7) {
            reportException(e7, "exception caught");
            return null;
        }
    }

    public EncryptedData encrypt(byte[] bArr) {
        if (bArr == null || bArr.length == 0) {
            return null;
        }
        EncryptedData encryptedData = null;
        try {
            if (this.mSecretKeyReference != null) {
                this.mEncryptCipher.init(1, this.mSecretKeyReference);
                encryptedData = new EncryptedData(this.mEncryptCipher.doFinal(bArr), this.mEncryptCipher.getIV());
            } else {
                reportException(new Exception("secretKeyReference is null."), "secretKeyReference is null.");
            }
        } catch (InvalidKeyException e) {
            reportException(e, "encrypt received an invalid key");
        } catch (BadPaddingException e2) {
            reportException(e2, "encrypt had a padding problem");
        } catch (IllegalBlockSizeException e3) {
            reportException(e3, "encrypt had an illegal block size");
        } catch (Exception e4) {
            reportException(e4, "exception caught");
        }
        return encryptedData;
    }
}
