package com.okta.oidc.storage.security;

import android.content.Context;
import android.security.KeyPairGeneratorSpec;
import android.util.Log;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyPairGenerator;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.util.Calendar;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes2.dex */
class EncryptionManagerAPI18 extends BaseEncryptionManager {
    private static final int RSA_CALENDAR_HOURS_OFFSET = -26;
    private static final int RSA_CALENDAR_MAX_YEARS = 100;
    private static final String TAG = "EncryptionManagerAPI18";

    public EncryptionManagerAPI18(Context context, String str, String str2, boolean z11, boolean z12) {
        super(str, str2);
        this.mKeyStoreAlgorithm = "RSA";
        this.mBlockMode = "ECB";
        this.mEncryptionPadding = "PKCS1Padding";
        this.mTransformationString = this.mKeyStoreAlgorithm + "/" + this.mBlockMode + "/" + this.mEncryptionPadding;
        this.mIsAuthenticateUserRequired = z12;
        prepare(context, z11);
    }

    @Override // com.okta.oidc.storage.security.BaseEncryptionManager
    public boolean generateKeyPair(Context context, KeyPairGenerator keyPairGenerator, String str, int i11, String str2, String str3, boolean z11, byte[] bArr) {
        Calendar calendar = Calendar.getInstance();
        calendar.add(11, RSA_CALENDAR_HOURS_OFFSET);
        Calendar calendar2 = Calendar.getInstance();
        calendar2.add(1, 100);
        try {
            KeyPairGeneratorSpec.Builder endDate = new KeyPairGeneratorSpec.Builder(context).setAlias(str).setSerialNumber(BigInteger.ONE).setSubject(new X500Principal("CN = Secured Preference Store, O = Devliving Online")).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime());
            endDate.setKeySize(i11);
            if (bArr == null || bArr.length <= 0) {
                keyPairGenerator.initialize(endDate.build());
            } else {
                keyPairGenerator.initialize(endDate.build(), new SecureRandom(bArr));
            }
            return true;
        } catch (InvalidAlgorithmParameterException e11) {
            Log.e(TAG, "initialize KeyPairGenerator: ", e11);
            return false;
        }
    }

    @Override // com.okta.oidc.storage.security.BaseEncryptionManager, com.okta.oidc.storage.security.EncryptionManager
    public boolean isHardwareBackedKeyStore() {
        return false;
    }

    @Override // com.okta.oidc.storage.security.EncryptionManager
    public boolean isUserAuthenticatedOnDevice() {
        return true;
    }

    @Override // com.okta.oidc.storage.security.EncryptionManager
    public boolean isValidKeys() {
        try {
            return ((PrivateKey) this.mKeyStore.getKey(this.mKeyAlias, null)) != null;
        } catch (GeneralSecurityException unused) {
            return false;
        }
    }
}
