package de.vwag.carnet.app.security;

import android.app.KeyguardManager;
import android.content.Context;
import android.os.Build;
import android.security.KeyChain;
import android.security.KeyPairGeneratorSpec;
import de.vwag.carnet.app.utils.AndroidUtils;
import de.vwag.carnet.app.utils.L;
import java.math.BigInteger;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.util.Calendar;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes4.dex */
public class CryptoManager {
    static final int CRYPTO_KEY_SIZE = 2048;
    Context context;
    KeyguardManager keyguardManager;

    private void createPrivateKey() throws Exception {
        Calendar calendar = Calendar.getInstance();
        Calendar calendar2 = Calendar.getInstance();
        calendar2.add(1, 1);
        KeyPairGeneratorSpec.Builder endDate = new KeyPairGeneratorSpec.Builder(this.context).setAlias("car_net_key").setSubject(new X500Principal("CN=de.vwag.carnet.app")).setSerialNumber(BigInteger.ONE).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime());
        if (!isHardwareEncryptionSupported()) {
            endDate.setEncryptionRequired();
        }
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
        keyPairGenerator.initialize(endDate.build());
        keyPairGenerator.generateKeyPair();
    }

    public String encryptPassword(String str) {
        try {
            KeyStore.Entry keyEntry = CryptoUtils.getKeyEntry();
            if (keyEntry == null) {
                L.w("No private key found in android keystore. Create a new one.", new Object[0]);
                if (Build.VERSION.SDK_INT >= 18) {
                    createPrivateKey();
                }
                keyEntry = CryptoUtils.getKeyEntry();
            }
            if (keyEntry instanceof KeyStore.PrivateKeyEntry) {
                return CryptoUtils.encryptText((KeyStore.PrivateKeyEntry) keyEntry, str);
            }
            L.w("Key keyEntry found under alias '%s' is not a private key.", "car_net_key");
            return null;
        } catch (Exception e) {
            L.e(e, "Could not encrypt password.", new Object[0]);
            return null;
        }
    }

    public boolean isDeviceSecured() {
        return AndroidUtils.isMinimumAndroidVersionM() ? this.keyguardManager.isDeviceSecure() : this.keyguardManager.isKeyguardSecure();
    }

    public boolean isHardwareEncryptionSupported() {
        return AndroidUtils.isMinimumAndroidVersionM() ? KeyChain.isBoundKeyAlgorithm("RSA") : KeyChain.isBoundKeyAlgorithm("RSA");
    }
}
