package com.zoho.applock;

import android.content.Context;
import android.content.SharedPreferences;
import android.os.Build;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import com.zoho.accounts.zohoaccounts.constants.IAMConstants;
import java.nio.charset.Charset;
import java.security.Key;
import java.security.KeyStore;
import java.security.SecureRandom;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.GCMParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;
import kotlin.Metadata;
import kotlin.TypeCastException;
import kotlin.jvm.internal.Intrinsics;
import kotlin.text.Charsets;

/* compiled from: EncryptionManager.kt */
@Metadata(bv = {1, 0, 3}, d1 = {"\u0000D\n\u0000\n\u0002\u0010\u000e\n\u0002\b\u0003\n\u0002\u0010\b\n\u0002\b\u0007\n\u0002\u0010\u0012\n\u0002\b\u0003\n\u0002\u0010\u000b\n\u0000\n\u0002\u0010\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u000b\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\u001a\u0010\u0010\u000e\u001a\u00020\r2\u0006\u0010\u000f\u001a\u00020\rH\u0002\u001a\b\u0010\u0010\u001a\u00020\u0011H\u0007\u001a\u0006\u0010\u0012\u001a\u00020\u0013\u001a(\u0010\u0014\u001a\u00020\u00012\u0006\u0010\u0015\u001a\u00020\u00162\b\u0010\u0017\u001a\u0004\u0018\u00010\u00012\u0006\u0010\u0018\u001a\u00020\u00012\u0006\u0010\u0019\u001a\u00020\u0011\u001a\u0018\u0010\u001a\u001a\u00020\u00012\u0006\u0010\u0017\u001a\u00020\u00012\u0006\u0010\u001b\u001a\u00020\u0001H\u0002\u001a \u0010\u001c\u001a\u00020\u00012\u0006\u0010\u0015\u001a\u00020\u00162\b\u0010\u0017\u001a\u0004\u0018\u00010\u00012\u0006\u0010\u001d\u001a\u00020\u0001\u001a\u0018\u0010\u001e\u001a\u00020\u00012\u0006\u0010\u0017\u001a\u00020\u00012\u0006\u0010\u001b\u001a\u00020\u0001H\u0002\u001a\b\u0010\u001f\u001a\u00020\u0013H\u0003\u001a\u0010\u0010 \u001a\u00020\u00132\u0006\u0010\u0015\u001a\u00020\u0016H\u0003\u001a\b\u0010!\u001a\u00020\"H\u0003\u001a\b\u0010#\u001a\u00020$H\u0003\u001a\u0010\u0010%\u001a\u00020&2\u0006\u0010\u0017\u001a\u00020\u0001H\u0002\u001a\u0010\u0010'\u001a\u00020\u00132\u0006\u0010\u0015\u001a\u00020\u0016H\u0003\"\u000e\u0010\u0000\u001a\u00020\u0001X\u0082T¢\u0006\u0002\n\u0000\"\u000e\u0010\u0002\u001a\u00020\u0001X\u0082T¢\u0006\u0002\n\u0000\"\u000e\u0010\u0003\u001a\u00020\u0001X\u0082T¢\u0006\u0002\n\u0000\"\u000e\u0010\u0004\u001a\u00020\u0005X\u0082T¢\u0006\u0002\n\u0000\"\u000e\u0010\u0006\u001a\u00020\u0001X\u0082T¢\u0006\u0002\n\u0000\"\u000e\u0010\u0007\u001a\u00020\u0005X\u0082T¢\u0006\u0002\n\u0000\"\u000e\u0010\b\u001a\u00020\u0001X\u0082T¢\u0006\u0002\n\u0000\"\u000e\u0010\t\u001a\u00020\u0001X\u0082T¢\u0006\u0002\n\u0000\"\u000e\u0010\n\u001a\u00020\u0001X\u0082T¢\u0006\u0002\n\u0000\"\u000e\u0010\u000b\u001a\u00020\u0001X\u0082T¢\u0006\u0002\n\u0000\"\u000e\u0010\f\u001a\u00020\rX\u0082\u0004¢\u0006\u0002\n\u0000¨\u0006("}, d2 = {"AES_MODE_M", "", EncryptionManager.AndroidKeyStore, "ENCRYPTION_ALGORITHM", "ITERATION_COUNT", "", "KEY_ALIAS", "KEY_LENGTH", "PBE_ALGORITHM", "PROVIDER", EncryptionManager.PUBLIC_IV, "SHARED_PREFERENCE_NAME", "salt", "", "base64Decryption", "value", "checkKeyStoreForKey", "", "clearEncryptionKeysFromKeyStore", "", "decrypt", "context", "Landroid/content/Context;", "defaultKey", "encryptedText", "wasEncryptedUsingDefaultKey", "decryptWithoutKeyStore", IAMConstants.MESSAGE, "encrypt", "input", "encryptWithoutKeyStore", "generateEncryptKey", "generateRandomIV", "getAesKeyFromKS", "Ljava/security/Key;", "getKeyStoreInstance", "Ljava/security/KeyStore;", "getSecretKeyWithoutKeystore", "Ljavax/crypto/SecretKey;", "initializeKeyStoreProperties", "library_release"}, k = 2, mv = {1, 1, 15})
/* loaded from: classes3.dex */
public final class EncryptionManager {
    private static final String AES_MODE_M = "AES/GCM/NoPadding";
    private static final String AndroidKeyStore = "AndroidKeyStore";
    private static final String ENCRYPTION_ALGORITHM = "AES";
    private static final int ITERATION_COUNT = 1000;
    private static final String KEY_ALIAS = "authToken_key";
    private static final int KEY_LENGTH = 256;
    private static final String PBE_ALGORITHM = "PBEWithSHA256And256BitAES-CBC-BC";
    private static final String PROVIDER = "BC";
    private static final String PUBLIC_IV = "PUBLIC_IV";
    private static final String SHARED_PREFERENCE_NAME = "encryption_preference";
    private static final byte[] salt = {10, 2, (byte) 15};

    private static final byte[] base64Decryption(byte[] bArr) {
        byte[] decode = Base64.decode(bArr, 0);
        Intrinsics.checkExpressionValueIsNotNull(decode, "Base64.decode(value, Base64.DEFAULT)");
        return decode;
    }

    public static final boolean checkKeyStoreForKey() {
        if (Build.VERSION.SDK_INT >= 23) {
            return getKeyStoreInstance().containsAlias(KEY_ALIAS);
        }
        return false;
    }

    public static final void clearEncryptionKeysFromKeyStore() {
        if (Build.VERSION.SDK_INT >= 23) {
            KeyStore keyStoreInstance = getKeyStoreInstance();
            if (checkKeyStoreForKey()) {
                keyStoreInstance.deleteEntry(KEY_ALIAS);
            }
        }
    }

    public static final String decrypt(Context context, String str, String encryptedText, boolean z) throws KeyStoreKeyCorruptedException, KeyMismatchOrTextNotEncrypted, DefaultKeyIsNullException {
        Intrinsics.checkParameterIsNotNull(context, "context");
        Intrinsics.checkParameterIsNotNull(encryptedText, "encryptedText");
        try {
            int i = Build.VERSION.SDK_INT;
            if (14 <= i && 22 >= i) {
                if (str != null) {
                    return decryptWithoutKeyStore(str, encryptedText);
                }
                throw new DefaultKeyIsNullException(" passed key is null ");
            }
            if (z) {
                if (str != null) {
                    return decryptWithoutKeyStore(str, encryptedText);
                }
                throw new DefaultKeyIsNullException(" passed key is null ");
            }
            Context applicationContext = context.getApplicationContext();
            Intrinsics.checkExpressionValueIsNotNull(applicationContext, "context.applicationContext");
            initializeKeyStoreProperties(applicationContext);
            String string = context.getApplicationContext().getSharedPreferences(SHARED_PREFERENCE_NAME, 0).getString(PUBLIC_IV, null);
            Cipher cipher = Cipher.getInstance(AES_MODE_M);
            cipher.init(2, getAesKeyFromKS(), new GCMParameterSpec(128, Base64.decode(string, 0)));
            Charset forName = Charset.forName("UTF-8");
            Intrinsics.checkExpressionValueIsNotNull(forName, "Charset.forName(charsetName)");
            byte[] bytes = encryptedText.getBytes(forName);
            Intrinsics.checkExpressionValueIsNotNull(bytes, "(this as java.lang.String).getBytes(charset)");
            byte[] decryptedVal = cipher.doFinal(Base64.decode(bytes, 0));
            Intrinsics.checkExpressionValueIsNotNull(decryptedVal, "decryptedVal");
            return new String(decryptedVal, Charsets.UTF_8);
        } catch (IllegalStateException e) {
            throw new KeyStoreKeyCorruptedException(" user has changed device lock , need to logout the user", e);
        } catch (Exception e2) {
            throw new KeyMismatchOrTextNotEncrypted(" not an encrypted text, or key not same as encryption", e2);
        }
    }

    private static final String decryptWithoutKeyStore(String str, String str2) throws Exception {
        Cipher cipher = Cipher.getInstance(ENCRYPTION_ALGORITHM);
        cipher.init(2, getSecretKeyWithoutKeystore(str));
        Charset forName = Charset.forName("UTF-8");
        Intrinsics.checkExpressionValueIsNotNull(forName, "Charset.forName(charsetName)");
        if (str2 == null) {
            throw new TypeCastException("null cannot be cast to non-null type java.lang.String");
        }
        byte[] bytes = str2.getBytes(forName);
        Intrinsics.checkExpressionValueIsNotNull(bytes, "(this as java.lang.String).getBytes(charset)");
        byte[] result = cipher.doFinal(base64Decryption(bytes));
        Intrinsics.checkExpressionValueIsNotNull(result, "result");
        return new String(result, Charsets.UTF_8);
    }

    public static final String encrypt(Context context, String str, String input) throws KeyStoreKeyCorruptedException, DefaultKeyIsNullException {
        Intrinsics.checkParameterIsNotNull(context, "context");
        Intrinsics.checkParameterIsNotNull(input, "input");
        try {
            int i = Build.VERSION.SDK_INT;
            if (14 <= i && 22 >= i) {
                if (str != null) {
                    return encryptWithoutKeyStore(str, input);
                }
                throw new DefaultKeyIsNullException(" passed key is null");
            }
            Context applicationContext = context.getApplicationContext();
            Intrinsics.checkExpressionValueIsNotNull(applicationContext, "context.applicationContext");
            initializeKeyStoreProperties(applicationContext);
            Cipher cipher = Cipher.getInstance(AES_MODE_M);
            Intrinsics.checkExpressionValueIsNotNull(cipher, "Cipher.getInstance(AES_MODE_M)");
            cipher.init(1, getAesKeyFromKS(), new GCMParameterSpec(128, Base64.decode(context.getApplicationContext().getSharedPreferences(SHARED_PREFERENCE_NAME, 0).getString(PUBLIC_IV, null), 0)));
            Charset forName = Charset.forName("UTF-8");
            Intrinsics.checkExpressionValueIsNotNull(forName, "Charset.forName(charsetName)");
            byte[] bytes = input.getBytes(forName);
            Intrinsics.checkExpressionValueIsNotNull(bytes, "(this as java.lang.String).getBytes(charset)");
            String encodeToString = Base64.encodeToString(cipher.doFinal(bytes), 0);
            Intrinsics.checkExpressionValueIsNotNull(encodeToString, "Base64.encodeToString(en…dedBytes, Base64.DEFAULT)");
            return encodeToString;
        } catch (DefaultKeyIsNullException e) {
            throw new DefaultKeyIsNullException(e.getMessage());
        } catch (Exception e2) {
            throw new KeyStoreKeyCorruptedException(" user has changed device lock , need to logout the user", e2);
        }
    }

    private static final String encryptWithoutKeyStore(String str, String str2) throws Exception {
        Cipher cipher = Cipher.getInstance(ENCRYPTION_ALGORITHM);
        cipher.init(1, getSecretKeyWithoutKeystore(str));
        Charset forName = Charset.forName("UTF-8");
        Intrinsics.checkExpressionValueIsNotNull(forName, "Charset.forName(charsetName)");
        if (str2 == null) {
            throw new TypeCastException("null cannot be cast to non-null type java.lang.String");
        }
        byte[] bytes = str2.getBytes(forName);
        Intrinsics.checkExpressionValueIsNotNull(bytes, "(this as java.lang.String).getBytes(charset)");
        String encodeToString = Base64.encodeToString(cipher.doFinal(bytes), 0);
        Intrinsics.checkExpressionValueIsNotNull(encodeToString, "Base64.encodeToString(result, Base64.DEFAULT)");
        return encodeToString;
    }

    private static final void generateEncryptKey() throws Exception {
        if (checkKeyStoreForKey()) {
            return;
        }
        KeyGenerator keyGenerator = KeyGenerator.getInstance(ENCRYPTION_ALGORITHM, AndroidKeyStore);
        keyGenerator.init(new KeyGenParameterSpec.Builder(KEY_ALIAS, 3).setBlockModes("GCM").setEncryptionPaddings("NoPadding").setRandomizedEncryptionRequired(false).build());
        keyGenerator.generateKey();
    }

    private static final void generateRandomIV(Context context) throws Exception {
        SharedPreferences sharedPreferences = context.getApplicationContext().getSharedPreferences(SHARED_PREFERENCE_NAME, 0);
        if (sharedPreferences.getString(PUBLIC_IV, null) == null) {
            String encodeToString = Base64.encodeToString(new SecureRandom().generateSeed(12), 0);
            SharedPreferences.Editor edit = sharedPreferences.edit();
            edit.putString(PUBLIC_IV, encodeToString);
            edit.apply();
        }
    }

    private static final Key getAesKeyFromKS() throws Exception {
        Key key = getKeyStoreInstance().getKey(KEY_ALIAS, null);
        if (key != null) {
            return (SecretKey) key;
        }
        throw new TypeCastException("null cannot be cast to non-null type javax.crypto.SecretKey");
    }

    private static final KeyStore getKeyStoreInstance() {
        KeyStore keyStore = KeyStore.getInstance(AndroidKeyStore);
        keyStore.load(null);
        Intrinsics.checkExpressionValueIsNotNull(keyStore, "keyStore");
        return keyStore;
    }

    private static final SecretKey getSecretKeyWithoutKeystore(String str) throws Exception {
        if (str == null) {
            throw new TypeCastException("null cannot be cast to non-null type java.lang.String");
        }
        char[] charArray = str.toCharArray();
        Intrinsics.checkExpressionValueIsNotNull(charArray, "(this as java.lang.String).toCharArray()");
        SecretKey key = SecretKeyFactory.getInstance(PBE_ALGORITHM, "BC").generateSecret(new PBEKeySpec(charArray, salt, 1000, 256));
        Intrinsics.checkExpressionValueIsNotNull(key, "key");
        return new SecretKeySpec(key.getEncoded(), PBE_ALGORITHM);
    }

    private static final void initializeKeyStoreProperties(Context context) throws Exception {
        generateEncryptKey();
        Context applicationContext = context.getApplicationContext();
        Intrinsics.checkExpressionValueIsNotNull(applicationContext, "context.applicationContext");
        generateRandomIV(applicationContext);
    }
}
