package com.keyline.mobile.hub.util;

import android.annotation.SuppressLint;
import android.content.Context;
import android.content.SharedPreferences;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.support.v4.media.e;
import android.text.TextUtils;
import android.util.Base64;
import android.util.Log;
import androidx.annotation.RequiresApi;
import com.google.android.gms.stats.CodePackage;
import com.keyline.mobile.hub.context.MainContext;
import com.keyline.mobile.hub.exception.SecureStoreDataException;
import com.keyline.mobile.hub.log.LogableBase;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SecureRandom;
import java.security.UnrecoverableEntryException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.util.ArrayList;
import java.util.Calendar;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.GCMParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes4.dex */
public class SecureStoreData extends LogableBase {
    private static final String AES_MODE_LESS_THAN_M = "AES/ECB/PKCS7Padding";
    private static final String AES_MODE_M_OR_GREATER = "AES/GCM/NoPadding";
    private static final String ANDROID_KEY_STORE_NAME = "AndroidKeyStore";
    private static final String CHARSET_NAME = "UTF-8";
    private static final String CIPHER_PROVIDER_NAME_ENCRYPTION_DECRYPTION_AES = "BC";
    private static final String CIPHER_PROVIDER_NAME_ENCRYPTION_DECRYPTION_RSA = "AndroidOpenSSL";
    private static final String ENCRYPTED_KEY_NAME = "Keyline-enc-key";
    private static final String FIXED_IV = "d7%n5G$k4Dh<";
    private static final String KEY_ALIAS = "Keyline-key";
    private static final String RSA_ALGORITHM_NAME = "RSA";
    private static final String RSA_MODE = "RSA/ECB/PKCS1Padding";
    private static final String SHARED_PREFERENCE_NAME = "Keyline-enc-keys";
    private static final String TAG = "SecureStore";
    private static final Object s_keyInitLock = new Object();
    private final Context context;
    private boolean isDebug;

    public SecureStoreData(Context context, boolean z) {
        this.isDebug = false;
        this.context = context;
        this.isDebug = z;
    }

    public SecureStoreData(MainContext mainContext) {
        this.isDebug = false;
        this.context = mainContext.getContext();
        this.isDebug = mainContext.isDebug();
    }

    @RequiresApi(api = 18)
    private void generateKeysForAPILessThanM() {
        logDebug(TAG, "generateKeysForAPILessThanM");
        Calendar calendar = Calendar.getInstance();
        Calendar calendar2 = Calendar.getInstance();
        calendar2.add(1, 30);
        KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(this.context).setAlias("Keyline-key").setSubject(new X500Principal("CN=Keyline-key")).setSerialNumber(BigInteger.TEN).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build();
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(RSA_ALGORITHM_NAME, ANDROID_KEY_STORE_NAME);
        keyPairGenerator.initialize(build);
        keyPairGenerator.generateKeyPair();
        saveEncryptedKey();
    }

    private Key getSecretKeyAPILessThanM() {
        logDebug(TAG, "getSecretKeyAPILessThanM");
        String secretKeyFromSharedPreferences = getSecretKeyFromSharedPreferences();
        if (TextUtils.isEmpty(secretKeyFromSharedPreferences)) {
            throw new InvalidKeyException("Saved key missing from shared preferences");
        }
        return new SecretKeySpec(rsaDecryptKey(Base64.decode(secretKeyFromSharedPreferences, 0)), "AES");
    }

    private Key getSecretKeyAPIMorGreater() {
        logDebug(TAG, "getSecretKeyAPIMorGreater");
        KeyStore keyStore = KeyStore.getInstance(ANDROID_KEY_STORE_NAME);
        keyStore.load(null);
        return keyStore.getKey("Keyline-key", null);
    }

    private String getSecretKeyFromSharedPreferences() {
        logDebug(TAG, "getSecretKeyFromSharedPreferences");
        return this.context.getSharedPreferences("Keyline-enc-keys", 0).getString("Keyline-enc-key", null);
    }

    @RequiresApi(api = 18)
    private void initKeys() {
        logDebug(TAG, "initKeys");
        KeyStore keyStore = KeyStore.getInstance(ANDROID_KEY_STORE_NAME);
        keyStore.load(null);
        if (!keyStore.containsAlias("Keyline-key")) {
            initValidKeys();
            return;
        }
        boolean z = false;
        try {
            KeyStore.Entry entry = keyStore.getEntry("Keyline-key", null);
            z = entry instanceof KeyStore.SecretKeyEntry;
            boolean z2 = entry instanceof KeyStore.PrivateKeyEntry;
        } catch (NullPointerException | UnrecoverableKeyException e2) {
            StringBuilder a2 = e.a("Failed to get key store entry: ");
            a2.append(e2.getMessage());
            logError(TAG, a2.toString());
        }
        if (z) {
            return;
        }
        synchronized (s_keyInitLock) {
            removeKeys(keyStore);
            initValidKeys();
        }
    }

    @RequiresApi(api = 18)
    private void initValidKeys() {
        logDebug(TAG, "initValidKeys");
        synchronized (s_keyInitLock) {
            generateKeysForAPIMOrGreater();
        }
    }

    @SuppressLint({"ApplySharedPref"})
    private void removeSavedSharedPreferences() {
        logDebug(TAG, "removeSavedSharedPreferences");
        Log.d(TAG, String.format("Cleared secret key shared preferences `%s`", Boolean.valueOf(this.context.getSharedPreferences("Keyline-enc-keys", 0).edit().clear().commit())));
    }

    private byte[] rsaDecryptKey(byte[] bArr) {
        logDebug(TAG, "rsaDecryptKey");
        KeyStore keyStore = KeyStore.getInstance(ANDROID_KEY_STORE_NAME);
        keyStore.load(null);
        KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry("Keyline-key", null);
        Cipher cipher = Cipher.getInstance(RSA_MODE, CIPHER_PROVIDER_NAME_ENCRYPTION_DECRYPTION_RSA);
        cipher.init(2, privateKeyEntry.getPrivateKey());
        CipherInputStream cipherInputStream = new CipherInputStream(new ByteArrayInputStream(bArr), cipher);
        ArrayList arrayList = new ArrayList();
        while (true) {
            int read = cipherInputStream.read();
            if (read == -1) {
                break;
            }
            arrayList.add(Byte.valueOf((byte) read));
        }
        int size = arrayList.size();
        byte[] bArr2 = new byte[size];
        for (int i = 0; i < size; i++) {
            bArr2[i] = ((Byte) arrayList.get(i)).byteValue();
        }
        return bArr2;
    }

    private byte[] rsaEncryptKey(byte[] bArr) {
        logDebug(TAG, "rsaEncryptKey");
        KeyStore keyStore = KeyStore.getInstance(ANDROID_KEY_STORE_NAME);
        keyStore.load(null);
        KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry("Keyline-key", null);
        Cipher cipher = Cipher.getInstance(RSA_MODE, CIPHER_PROVIDER_NAME_ENCRYPTION_DECRYPTION_RSA);
        cipher.init(1, privateKeyEntry.getCertificate().getPublicKey());
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, cipher);
        cipherOutputStream.write(bArr);
        cipherOutputStream.close();
        return byteArrayOutputStream.toByteArray();
    }

    @SuppressLint({"ApplySharedPref"})
    private void saveEncryptedKey() {
        logDebug(TAG, "saveEncryptedKey");
        SharedPreferences sharedPreferences = this.context.getSharedPreferences("Keyline-enc-keys", 0);
        if (sharedPreferences.getString("Keyline-enc-key", null) == null) {
            byte[] bArr = new byte[16];
            new SecureRandom().nextBytes(bArr);
            String encodeToString = Base64.encodeToString(rsaEncryptKey(bArr), 0);
            SharedPreferences.Editor edit = sharedPreferences.edit();
            edit.putString("Keyline-enc-key", encodeToString);
            if (edit.commit()) {
                Log.d(TAG, "Saved keys successfully");
            } else {
                Log.e(TAG, "Saved keys unsuccessfully");
                throw new IOException("Could not save keys");
            }
        }
    }

    @RequiresApi(api = 18)
    public String decrypt(String str) {
        logDebug(TAG, "decryptData: encText [" + str + "]");
        initKeys();
        if (str == null) {
            throw new IllegalArgumentException("Data to be decrypted must be non null");
        }
        byte[] decode = Base64.decode(str, 0);
        try {
            Cipher cipher = Cipher.getInstance(AES_MODE_M_OR_GREATER);
            cipher.init(2, getSecretKeyAPIMorGreater(), new GCMParameterSpec(128, FIXED_IV.getBytes()));
            String str2 = new String(cipher.doFinal(decode), "UTF-8");
            logDebug(TAG, "decryptData: decText [" + str2 + "]");
            return str2;
        } catch (IOException | InvalidKeyException e2) {
            removeKeys();
            throw e2;
        }
    }

    public String decryptData(String str) {
        try {
            return decrypt(str);
        } catch (IOException | InvalidAlgorithmParameterException | InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | UnrecoverableEntryException | CertificateException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e2) {
            e2.printStackTrace();
            throw SecureStoreDataException.decryptError.setExceptionDetails(e2.getMessage());
        }
    }

    @RequiresApi(api = 18)
    public String encrypt(String str) {
        logDebug(TAG, "encryptData: plainText [" + str + "]");
        initKeys();
        if (str == null) {
            throw new IllegalArgumentException("Data to be decrypted must be non null");
        }
        Cipher cipher = Cipher.getInstance(AES_MODE_M_OR_GREATER);
        cipher.init(1, getSecretKeyAPIMorGreater(), new GCMParameterSpec(128, FIXED_IV.getBytes()));
        String encodeToString = Base64.encodeToString(cipher.doFinal(str.getBytes("UTF-8")), 0);
        logDebug(TAG, "encryptData: encText [" + encodeToString + "]");
        return encodeToString;
    }

    public String encryptData(String str) {
        try {
            return encrypt(str);
        } catch (IOException | InvalidAlgorithmParameterException | InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | UnrecoverableEntryException | CertificateException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e2) {
            e2.printStackTrace();
            throw SecureStoreDataException.ecryptError.setExceptionDetails(e2.getMessage());
        }
    }

    @RequiresApi(api = 23)
    public void generateKeysForAPIMOrGreater() {
        logDebug(TAG, "generateKeysForAPIMOrGreater");
        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", ANDROID_KEY_STORE_NAME);
        keyGenerator.init(new KeyGenParameterSpec.Builder("Keyline-key", 3).setBlockModes(CodePackage.GCM).setEncryptionPaddings("NoPadding").setRandomizedEncryptionRequired(false).build());
        keyGenerator.generateKey();
    }

    @Override // com.keyline.mobile.hub.log.LogableBase
    public boolean isDebugMode() {
        return this.isDebug;
    }

    public void removeKeys() {
        logDebug(TAG, "removeKeys");
        synchronized (s_keyInitLock) {
            KeyStore keyStore = KeyStore.getInstance(ANDROID_KEY_STORE_NAME);
            keyStore.load(null);
            removeKeys(keyStore);
        }
    }

    public void removeKeys(KeyStore keyStore) {
        logDebug(TAG, "removeKeys");
        keyStore.deleteEntry("Keyline-key");
        removeSavedSharedPreferences();
    }
}
