package i8;

import android.annotation.TargetApi;
import android.content.Context;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.security.keystore.KeyPermanentlyInvalidatedException;
import android.text.TextUtils;
import android.util.Base64;
import android.util.Log;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.math.BigInteger;
import java.nio.charset.Charset;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.InvalidKeySpecException;
import java.util.ArrayList;
import java.util.Calendar;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes.dex */
public class f {

    /* renamed from: a, reason: collision with root package name */
    public final h f7269a;

    /* renamed from: b, reason: collision with root package name */
    public KeyGenerator f7270b;

    /* renamed from: c, reason: collision with root package name */
    public KeyStore f7271c;

    /* renamed from: d, reason: collision with root package name */
    public Cipher f7272d;

    public f(h hVar) {
        this.f7269a = hVar;
        try {
            this.f7272d = Cipher.getInstance("AES/CBC/PKCS7Padding");
        } catch (NoSuchAlgorithmException | NoSuchPaddingException e10) {
            StringBuilder a10 = android.support.v4.media.b.a("Failed to get an instance of Cipher :");
            a10.append(e10.getClass().getSimpleName());
            q("f", a10.toString(), e10);
        }
        if (Build.VERSION.SDK_INT >= 23) {
            try {
                this.f7270b = KeyGenerator.getInstance("AES", "AndroidKeyStore");
            } catch (NoSuchAlgorithmException | NoSuchProviderException e11) {
                StringBuilder a11 = android.support.v4.media.b.a("Failed to get an instance of KeyGenerator : ");
                a11.append(e11.getClass().getSimpleName());
                q("f", a11.toString(), e11);
            }
        }
        try {
            this.f7271c = KeyStore.getInstance("AndroidKeyStore");
        } catch (KeyStoreException e12) {
            StringBuilder a12 = android.support.v4.media.b.a("Failed to get an instance of KeyStore :");
            a12.append(e12.getClass().getSimpleName());
            q("f", a12.toString(), e12);
        }
    }

    public static String n(String str) {
        byte[] bArr;
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
            messageDigest.update(str.getBytes());
            for (int i10 = 0; i10 < 1000; i10++) {
                messageDigest.update(messageDigest.digest());
            }
            bArr = messageDigest.digest();
        } catch (NoSuchAlgorithmException e10) {
            q("f", e10.getClass().getSimpleName(), e10);
            bArr = null;
        }
        return Base64.encodeToString(bArr, 0).trim();
    }

    public static void q(String str, String str2, Exception exc) {
        if (a.f7253h) {
            Log.e(str, str2, exc);
        }
    }

    @TargetApi(23)
    public h8.c a(e eVar, String str) {
        int ordinal = eVar.ordinal();
        if (ordinal == 1) {
            this.f7270b.init(new KeyGenParameterSpec.Builder(str, 3).setBlockModes("CBC").setUserAuthenticationRequired(true).setEncryptionPaddings("PKCS7Padding").build());
            return new h8.c(this.f7270b.generateKey(), null);
        }
        if (ordinal == 2) {
            this.f7270b.init(new KeyGenParameterSpec.Builder(str, 3).setBlockModes("CBC").setUserAuthenticationRequired(true).setUserAuthenticationValidityDurationSeconds(62).setEncryptionPaddings("PKCS7Padding").build());
            return new h8.c(this.f7270b.generateKey(), null);
        }
        if (ordinal == 3) {
            this.f7270b.init(new KeyGenParameterSpec.Builder(str, 3).setBlockModes("CBC").setEncryptionPaddings("PKCS7Padding").build());
            return new h8.c(this.f7270b.generateKey(), null);
        }
        throw new InvalidAlgorithmParameterException(eVar + " does not need to create secret key");
    }

    public final String b(v1.c cVar, SecretKey secretKey) {
        if (cVar != null && !TextUtils.isEmpty((String) cVar.f15083a) && !TextUtils.isEmpty((String) cVar.f15084b)) {
            byte[] decode = Base64.decode((String) cVar.f15084b, 0);
            byte[] decode2 = Base64.decode((String) cVar.f15083a, 0);
            this.f7272d.init(2, secretKey, new IvParameterSpec(decode));
            try {
                return new String(this.f7272d.doFinal(decode2), "UTF-8");
            } catch (UnsupportedEncodingException e10) {
                q("f", e10.getClass().getSimpleName(), e10);
            }
        }
        return null;
    }

    @TargetApi(23)
    public String c(v1.c cVar, String str) {
        SecretKey m10 = m(str);
        if (m10 != null) {
            return b(cVar, m10);
        }
        throw new KeyPermanentlyInvalidatedException("key missing from KeyStore");
    }

    public String d(v1.c cVar, String str) {
        if (TextUtils.isEmpty((String) cVar.f15083a)) {
            return null;
        }
        byte[] decode = Base64.decode((String) cVar.f15083a, 0);
        this.f7271c.load(null);
        KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) this.f7271c.getEntry(str, null);
        if (privateKeyEntry == null) {
            return null;
        }
        RSAPrivateKey rSAPrivateKey = (RSAPrivateKey) privateKeyEntry.getPrivateKey();
        Cipher cipher = Build.VERSION.SDK_INT >= 23 ? Cipher.getInstance("RSA/ECB/PKCS1Padding") : Cipher.getInstance("RSA/ECB/PKCS1Padding", "AndroidOpenSSL");
        cipher.init(2, rSAPrivateKey);
        CipherInputStream cipherInputStream = new CipherInputStream(new ByteArrayInputStream(decode), cipher);
        ArrayList arrayList = new ArrayList();
        while (true) {
            int read = cipherInputStream.read();
            if (read == -1) {
                break;
            }
            arrayList.add(Byte.valueOf((byte) read));
        }
        int size = arrayList.size();
        byte[] bArr = new byte[size];
        for (int i10 = 0; i10 < size; i10++) {
            bArr[i10] = ((Byte) arrayList.get(i10)).byteValue();
        }
        return new String(bArr, 0, size, Charset.forName("UTF-8"));
    }

    public String e(v1.c cVar, String str) {
        if (TextUtils.isEmpty(str)) {
            StringBuilder a10 = android.support.v4.media.b.a("Pin used to create secret key should not be ");
            a10.append(str != null ? "empty" : "null");
            throw new InvalidAlgorithmParameterException(a10.toString());
        }
        char[] charArray = str.toCharArray();
        String string = this.f7269a.a().getString("saltToGenerateSecretkeySaveTag", null);
        if (TextUtils.isEmpty(string)) {
            StringBuilder a11 = android.support.v4.media.b.a("Salt used to create secret key in persistence is ");
            a11.append(string != null ? "empty" : "null");
            throw new InvalidAlgorithmParameterException(a11.toString());
        }
        try {
            return b(cVar, new SecretKeySpec(k(charArray, Base64.decode(string.trim(), 0)).getEncoded(), "AES"));
        } catch (InvalidKeySpecException e10) {
            q("f", e10.getClass().getSimpleName(), e10);
            throw new InvalidAlgorithmParameterException(e10.getCause());
        }
    }

    public boolean f(String str) {
        try {
            KeyStore keyStore = this.f7271c;
            if (keyStore == null) {
                return false;
            }
            keyStore.load(null);
            this.f7271c.deleteEntry(str);
            return true;
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e10) {
            StringBuilder a10 = android.support.v4.media.b.a("Failed to delete SecretKey in KeyStore ");
            a10.append(e10.getClass().getSimpleName());
            q("f", a10.toString(), e10);
            return false;
        }
    }

    public final v1.c g(String str, h8.c cVar) {
        SecretKey secretKey = cVar.f7208a;
        String str2 = cVar.f7209b;
        p(secretKey);
        byte[] iv = this.f7272d.getIV();
        byte[] bArr = new byte[0];
        try {
            bArr = str.getBytes("UTF-8");
        } catch (UnsupportedEncodingException e10) {
            q("f", e10.getClass().getSimpleName(), e10);
        }
        return new v1.c(Base64.encodeToString(this.f7272d.doFinal(bArr), 0), Base64.encodeToString(iv, 0), str2);
    }

    @TargetApi(23)
    public v1.c h(String str, e eVar, String str2) {
        return g(str, a(eVar, str2));
    }

    public v1.c i(String str, Context context, String str2) {
        this.f7271c.load(null);
        Calendar calendar = Calendar.getInstance();
        Calendar calendar2 = Calendar.getInstance();
        calendar2.add(1, 1);
        KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(context).setAlias(str2).setSubject(new X500Principal(androidx.appcompat.widget.a.b("CN=", str2))).setSerialNumber(BigInteger.ONE).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build();
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
        keyPairGenerator.initialize(build);
        keyPairGenerator.generateKeyPair();
        RSAPublicKey rSAPublicKey = (RSAPublicKey) ((KeyStore.PrivateKeyEntry) this.f7271c.getEntry(str2, null)).getCertificate().getPublicKey();
        Cipher cipher = Build.VERSION.SDK_INT >= 23 ? Cipher.getInstance("RSA/ECB/PKCS1Padding") : Cipher.getInstance("RSA/ECB/PKCS1Padding", "AndroidOpenSSL");
        cipher.init(1, rSAPublicKey);
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, cipher);
        cipherOutputStream.write(str.getBytes(Charset.forName("UTF-8")));
        cipherOutputStream.close();
        return new v1.c(Base64.encodeToString(byteArrayOutputStream.toByteArray(), 0), "", "");
    }

    public v1.c j(String str, String str2) {
        if (TextUtils.isEmpty(str2)) {
            StringBuilder a10 = android.support.v4.media.b.a("Pin used to create secret key should not be ");
            a10.append(str2 == null ? "null" : "empty");
            throw new InvalidAlgorithmParameterException(a10.toString());
        }
        char[] charArray = str2.toCharArray();
        byte[] bArr = new byte[32];
        new SecureRandom().nextBytes(bArr);
        String trim = Base64.encodeToString(bArr, 0).trim();
        try {
            p(k(charArray, bArr));
            byte[] iv = this.f7272d.getIV();
            byte[] bArr2 = new byte[0];
            try {
                bArr2 = str.getBytes("UTF-8");
            } catch (UnsupportedEncodingException e10) {
                q("f", e10.getClass().getSimpleName(), e10);
            }
            return new v1.c(Base64.encodeToString(this.f7272d.doFinal(bArr2), 0), Base64.encodeToString(iv, 0), trim);
        } catch (InvalidKeySpecException e11) {
            q("f", e11.getClass().getSimpleName(), e11);
            throw new InvalidAlgorithmParameterException(e11.getCause());
        }
    }

    public final SecretKey k(char[] cArr, byte[] bArr) {
        SecretKeyFactory secretKeyFactory;
        try {
            secretKeyFactory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
        } catch (NoSuchAlgorithmException e10) {
            q("f", e10.getClass().getSimpleName(), e10);
            e10.printStackTrace();
            secretKeyFactory = null;
        }
        return secretKeyFactory.generateSecret(new PBEKeySpec(cArr, bArr, 1000, 256));
    }

    public byte[] l() {
        byte[] bArr = new byte[32];
        new SecureRandom().nextBytes(bArr);
        return bArr;
    }

    @TargetApi(18)
    public SecretKey m(String str) {
        this.f7271c.load(null);
        return (SecretKey) this.f7271c.getKey(str, null);
    }

    public void o(SecretKey secretKey, byte[] bArr) {
        this.f7272d.init(2, secretKey, new IvParameterSpec(bArr));
    }

    public void p(SecretKey secretKey) {
        this.f7272d.init(1, secretKey);
    }
}
