package defpackage;

import android.content.Context;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.util.Base64;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.DigestException;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.SecureRandom;
import java.security.UnrecoverableKeyException;
import java.util.Calendar;
import java.util.Date;
import java.util.Locale;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.Mac;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes.dex */
public final class j51 {
    public static SecretKey g;
    public KeyPair b;
    public Context c;
    public String d;
    public SecretKey e = null;
    public SecretKey f = null;
    public final SecureRandom a = new SecureRandom();

    public j51(Context context) {
        this.c = context;
    }

    public static byte[] n(File file) {
        b51.q("Reading key data from a file");
        FileInputStream fileInputStream = new FileInputStream(file);
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            byte[] bArr = new byte[1024];
            while (true) {
                int read = fileInputStream.read(bArr);
                if (read == -1) {
                    return byteArrayOutputStream.toByteArray();
                }
                byteArrayOutputStream.write(bArr, 0, read);
            }
        } finally {
            fileInputStream.close();
        }
    }

    public final String b(String str) {
        SecretKey l;
        b51.q("Starting decryption");
        if (c.m0a(str)) {
            throw new IllegalArgumentException("Input is empty or null");
        }
        byte b = 0;
        int charAt = str.charAt(0) - 'a';
        if (charAt <= 0) {
            throw new IllegalArgumentException(String.format("Encode version length: '%s' is not valid, it must be greater of equal to 0", Integer.valueOf(charAt)));
        }
        int i = charAt + 1;
        if (!str.substring(1, i).equals("E1")) {
            throw new IllegalArgumentException(String.format("Encode version received was: '%s', Encode version supported is: '%s'", str, "E1"));
        }
        byte[] decode = Base64.decode(str.substring(i), 0);
        String str2 = new String(decode, 0, 4, "UTF_8");
        b51.q("Encrypt version:" + str2);
        if (str2.equals("U001")) {
            byte[] bArr = (byte[]) d41.m.b.get();
            if (bArr == null) {
                throw new IllegalArgumentException("rawBytes");
            }
            l = new SecretKeySpec(bArr, "AES");
        } else {
            if (!str2.equals("A001")) {
                throw new IllegalArgumentException(cz$EnumUnboxingLocalUtility.m("keyVersion = ", str2));
            }
            if (Build.VERSION.SDK_INT < 18) {
                throw new IllegalArgumentException(String.format("keyVersion '%s' is not supported in this SDK. AndroidKeyStore is supported API18 and above.", str2));
            }
            try {
                l = l();
            } catch (IOException | GeneralSecurityException e) {
                b51.f("Failed to get private key from AndroidKeyStore", "", w31.ANDROIDKEYSTORE_FAILED, e);
                throw e;
            }
        }
        SecretKey j = j(l);
        int length = (decode.length - 16) - 32;
        int length2 = decode.length - 32;
        int i2 = length - 4;
        if (length < 0 || length2 < 0 || i2 < 0) {
            throw new IllegalArgumentException("Given value is smaller than the IV vector and MAC length");
        }
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
        Mac mac = Mac.getInstance("HmacSHA256");
        mac.init(j);
        mac.update(decode, 0, length2);
        byte[] doFinal = mac.doFinal();
        int length3 = decode.length;
        if (doFinal.length != length3 - length2) {
            throw new IllegalArgumentException("Unexpected MAC length");
        }
        for (int i3 = length2; i3 < length3; i3++) {
            b = (byte) (b | (doFinal[i3 - length2] ^ decode[i3]));
        }
        if (b != 0) {
            throw new DigestException();
        }
        cipher.init(2, l, new IvParameterSpec(decode, length, 16));
        String str3 = new String(cipher.doFinal(decode, 4, i2), "UTF_8");
        b51.q("Finished decryption");
        return str3;
    }

    public final String d(String str) {
        b51.q("Starting encryption");
        if (c.m0a(str)) {
            throw new IllegalArgumentException("Input is empty or null");
        }
        m();
        b51.q("Encrypt version:" + this.d);
        byte[] bytes = this.d.getBytes("UTF_8");
        byte[] bytes2 = str.getBytes("UTF_8");
        byte[] bArr = new byte[16];
        this.a.nextBytes(bArr);
        IvParameterSpec ivParameterSpec = new IvParameterSpec(bArr);
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
        Mac mac = Mac.getInstance("HmacSHA256");
        cipher.init(1, this.e, ivParameterSpec);
        byte[] doFinal = cipher.doFinal(bytes2);
        mac.init(this.f);
        mac.update(bytes);
        mac.update(doFinal);
        mac.update(bArr);
        byte[] doFinal2 = mac.doFinal();
        byte[] bArr2 = new byte[bytes.length + doFinal.length + 16 + doFinal2.length];
        System.arraycopy(bytes, 0, bArr2, 0, bytes.length);
        System.arraycopy(doFinal, 0, bArr2, bytes.length, doFinal.length);
        System.arraycopy(bArr, 0, bArr2, bytes.length + doFinal.length, 16);
        System.arraycopy(doFinal2, 0, bArr2, bytes.length + doFinal.length + 16, doFinal2.length);
        String str2 = new String(Base64.encode(bArr2, 2), "UTF_8");
        b51.q("Finished encryption");
        return ((char) 99) + "E1" + str2;
    }

    public final synchronized KeyPair h() {
        String str;
        KeyStore.PrivateKeyEntry privateKeyEntry;
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null);
        try {
            if (keyStore.containsAlias("AdalKey")) {
                str = "Key entry is available";
            } else {
                b51.q("Key entry is not available");
                Calendar calendar = Calendar.getInstance();
                Calendar calendar2 = Calendar.getInstance();
                calendar2.add(1, 100);
                KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
                keyPairGenerator.initialize(i(this.c, calendar.getTime(), calendar2.getTime()));
                try {
                    keyPairGenerator.generateKeyPair();
                    str = "Key entry is generated";
                } catch (IllegalStateException e) {
                    throw new KeyStoreException(e);
                }
            }
            b51.q(str);
            b51.q("Reading Key entry");
            try {
                privateKeyEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry("AdalKey", null);
            } catch (RuntimeException e2) {
                throw new KeyStoreException(e2);
            }
        } catch (NullPointerException e3) {
            throw new KeyStoreException(e3);
        }
        return new KeyPair(privateKeyEntry.getCertificate().getPublicKey(), privateKeyEntry.getPrivateKey());
    }

    /* JADX WARN: Type inference failed for: r1v2, types: [android.security.KeyPairGeneratorSpec$Builder] */
    public final KeyPairGeneratorSpec i(final Context context, Date date, Date date2) {
        return new Object(context) { // from class: android.security.KeyPairGeneratorSpec$Builder
            static {
                throw new NoClassDefFoundError();
            }

            public native /* synthetic */ KeyPairGeneratorSpec build();

            public native /* synthetic */ KeyPairGeneratorSpec$Builder setAlias(String str);

            public native /* synthetic */ KeyPairGeneratorSpec$Builder setEndDate(Date date3);

            public native /* synthetic */ KeyPairGeneratorSpec$Builder setSerialNumber(BigInteger bigInteger);

            public native /* synthetic */ KeyPairGeneratorSpec$Builder setStartDate(Date date3);

            public native /* synthetic */ KeyPairGeneratorSpec$Builder setSubject(X500Principal x500Principal);
        }.setAlias("AdalKey").setSubject(new X500Principal(String.format(Locale.ROOT, "CN=%s, OU=%s", "AdalKey", context.getPackageName()))).setSerialNumber(BigInteger.ONE).setStartDate(date).setEndDate(date2).build();
    }

    public final SecretKey j(SecretKey secretKey) {
        byte[] encoded = secretKey.getEncoded();
        return encoded != null ? new SecretKeySpec(MessageDigest.getInstance("SHA256").digest(encoded), "AES") : secretKey;
    }

    public final synchronized SecretKey l() {
        SecretKey secretKey = g;
        if (secretKey != null) {
            return secretKey;
        }
        Context context = this.c;
        File file = new File(context.getDir(context.getPackageName(), 0), "adalks");
        if (this.b == null) {
            this.b = h();
            b51.q("Retrived keypair from androidKeyStore");
        }
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
        if (!file.exists()) {
            b51.q("Key file does not exists");
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
            keyGenerator.init(256, this.a);
            SecretKey generateKey = keyGenerator.generateKey();
            b51.q("Wrapping SecretKey");
            cipher.init(3, this.b.getPublic());
            byte[] wrap = cipher.wrap(generateKey);
            b51.q("Writing SecretKey");
            b51.q("Writing key data to a file");
            FileOutputStream fileOutputStream = new FileOutputStream(file);
            try {
                fileOutputStream.write(wrap);
                fileOutputStream.close();
                b51.q("Finished writing SecretKey");
            } catch (Throwable th) {
                fileOutputStream.close();
                throw th;
            }
        }
        b51.q("Reading SecretKey");
        try {
            byte[] n = n(file);
            if (n == null || n.length == 0) {
                throw new UnrecoverableKeyException("Couldn't find encrypted key in file");
            }
            g = p(cipher, n);
            b51.q("Finished reading SecretKey");
            return g;
        } catch (IOException | GeneralSecurityException e) {
            b51.f("Unwrap failed for AndroidKeyStore", "", w31.ANDROIDKEYSTORE_FAILED, e);
            this.b = null;
            g = null;
            Context context2 = this.c;
            File file2 = new File(context2.getDir(context2.getPackageName(), 0), "adalks");
            if (file2.exists()) {
                b51.q("Delete KeyFile");
                file2.delete();
            }
            synchronized (this) {
                KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
                keyStore.load(null);
                keyStore.deleteEntry("AdalKey");
                b51.q("Removed previous key pair info.");
                throw e;
            }
        }
    }

    /* JADX WARN: Code restructure failed: missing block: B:18:0x0028, code lost:
    
        defpackage.b51.q("Encryption will use secret key from Settings");
        r1 = new javax.crypto.spec.SecretKeySpec(r0, "AES");
        r4.e = r1;
        r4.f = j(r1);
        r4.d = "U001";
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public final synchronized javax.crypto.SecretKey m() {
        /*
            r4 = this;
            monitor-enter(r4)
            javax.crypto.SecretKey r0 = r4.e     // Catch: java.lang.Throwable -> L62
            if (r0 == 0) goto Lb
            javax.crypto.SecretKey r1 = r4.f     // Catch: java.lang.Throwable -> L62
            if (r1 == 0) goto Lb
            monitor-exit(r4)
            return r0
        Lb:
            d41 r0 = defpackage.d41.m     // Catch: java.lang.Throwable -> L62
            java.util.concurrent.atomic.AtomicReference r0 = r0.b     // Catch: java.lang.Throwable -> L62
            java.lang.Object r0 = r0.get()     // Catch: java.lang.Throwable -> L62
            byte[] r0 = (byte[]) r0     // Catch: java.lang.Throwable -> L62
            if (r0 != 0) goto L26
            int r1 = android.os.Build.VERSION.SDK_INT     // Catch: java.lang.Throwable -> L62
            r2 = 18
            if (r1 < r2) goto L1e
            goto L26
        L1e:
            java.lang.IllegalStateException r0 = new java.lang.IllegalStateException     // Catch: java.lang.Throwable -> L62
            java.lang.String r1 = "Secret key must be provided for API < 18. Use AuthenticationSettings.INSTANCE.setSecretKey()"
            r0.<init>(r1)     // Catch: java.lang.Throwable -> L62
            throw r0     // Catch: java.lang.Throwable -> L62
        L26:
            if (r0 == 0) goto L41
            java.lang.String r1 = "Encryption will use secret key from Settings"
            defpackage.b51.q(r1)     // Catch: java.lang.Throwable -> L62
            javax.crypto.spec.SecretKeySpec r1 = new javax.crypto.spec.SecretKeySpec     // Catch: java.lang.Throwable -> L62
            java.lang.String r2 = "AES"
            r1.<init>(r0, r2)     // Catch: java.lang.Throwable -> L62
            r4.e = r1     // Catch: java.lang.Throwable -> L62
            javax.crypto.SecretKey r0 = r4.j(r1)     // Catch: java.lang.Throwable -> L62
            r4.f = r0     // Catch: java.lang.Throwable -> L62
            java.lang.String r0 = "U001"
            r4.d = r0     // Catch: java.lang.Throwable -> L62
            goto L51
        L41:
            javax.crypto.SecretKey r0 = r4.l()     // Catch: java.security.GeneralSecurityException -> L55 java.io.IOException -> L57 java.lang.Throwable -> L62
            r4.e = r0     // Catch: java.security.GeneralSecurityException -> L55 java.io.IOException -> L57 java.lang.Throwable -> L62
            javax.crypto.SecretKey r0 = r4.j(r0)     // Catch: java.security.GeneralSecurityException -> L55 java.io.IOException -> L57 java.lang.Throwable -> L62
            r4.f = r0     // Catch: java.security.GeneralSecurityException -> L55 java.io.IOException -> L57 java.lang.Throwable -> L62
            java.lang.String r0 = "A001"
            r4.d = r0     // Catch: java.security.GeneralSecurityException -> L55 java.io.IOException -> L57 java.lang.Throwable -> L62
        L51:
            javax.crypto.SecretKey r0 = r4.e     // Catch: java.lang.Throwable -> L62
            monitor-exit(r4)
            return r0
        L55:
            r0 = move-exception
            goto L58
        L57:
            r0 = move-exception
        L58:
            java.lang.String r1 = "Failed to get private key from AndroidKeyStore"
            java.lang.String r2 = ""
            w31 r3 = defpackage.w31.ANDROIDKEYSTORE_FAILED     // Catch: java.lang.Throwable -> L62
            defpackage.b51.f(r1, r2, r3, r0)     // Catch: java.lang.Throwable -> L62
            throw r0     // Catch: java.lang.Throwable -> L62
        L62:
            r0 = move-exception
            monitor-exit(r4)
            throw r0
        */
        throw new UnsupportedOperationException("Method not decompiled: defpackage.j51.m():javax.crypto.SecretKey");
    }

    public final SecretKey p(Cipher cipher, byte[] bArr) {
        cipher.init(4, this.b.getPrivate());
        try {
            return (SecretKey) cipher.unwrap(bArr, "AES", 3);
        } catch (IllegalArgumentException e) {
            throw new KeyStoreException(e);
        }
    }
}
