package defpackage;

import android.content.Context;
import android.security.keystore.KeyGenParameterSpec;
import com.vk.core.preference.crypto.EncryptionException;
import defpackage.ed3;
import java.math.BigInteger;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.RSAKeyGenParameterSpec;
import java.util.Calendar;
import java.util.Date;
import java.util.Locale;
import java.util.UUID;
import java.util.concurrent.CountDownLatch;
import java.util.concurrent.Executor;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.locks.ReentrantLock;
import java.util.concurrent.locks.ReentrantReadWriteLock;
import javax.crypto.Cipher;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;
import kotlin.jvm.functions.Function0;
import kotlin.jvm.functions.Function1;
import kotlin.jvm.internal.DefaultConstructorMarker;

/* loaded from: classes2.dex */
public final class gh implements ed3 {
    public static final Cif j = new Cif(null);
    private CountDownLatch a;
    private final Date b;
    private KeyStore d;

    /* renamed from: do, reason: not valid java name */
    private final Date f6965do;

    /* renamed from: for, reason: not valid java name */
    private final ReentrantReadWriteLock f6966for;
    private final Context g;

    /* renamed from: if, reason: not valid java name */
    private final to5 f6967if;
    private Cipher l;

    /* renamed from: try, reason: not valid java name */
    private final ReentrantLock f6968try;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: gh$for, reason: invalid class name */
    /* loaded from: classes2.dex */
    public static final class Cfor extends np5 implements Function0<fjc> {
        public static final Cfor g = new Cfor();

        Cfor() {
            super(0);
        }

        @Override // kotlin.jvm.functions.Function0
        public final /* bridge */ /* synthetic */ fjc invoke() {
            return fjc.f6533if;
        }
    }

    /* renamed from: gh$if, reason: invalid class name */
    /* loaded from: classes2.dex */
    public static final class Cif {
        private Cif() {
        }

        public /* synthetic */ Cif(DefaultConstructorMarker defaultConstructorMarker) {
            this();
        }
    }

    public gh(Context context, Executor executor, final Function1<? super Exception, fjc> function1, to5 to5Var, final Function0<fjc> function0) {
        c35.d(context, "context");
        c35.d(executor, "initExecutor");
        c35.d(function1, "exceptionHandler");
        c35.d(to5Var, "keyStorage");
        c35.d(function0, "masterKeyCreationCallback");
        this.f6967if = to5Var;
        this.f6966for = new ReentrantReadWriteLock();
        this.g = context.getApplicationContext();
        this.a = new CountDownLatch(1);
        this.f6968try = new ReentrantLock();
        Calendar calendar = Calendar.getInstance();
        Date time = calendar.getTime();
        c35.a(time, "getTime(...)");
        this.b = time;
        calendar.add(1, 30);
        Date time2 = calendar.getTime();
        c35.a(time2, "getTime(...)");
        this.f6965do = time2;
        executor.execute(new Runnable() { // from class: fh
            @Override // java.lang.Runnable
            public final void run() {
                gh.l(gh.this, function1, function0);
            }
        });
    }

    public /* synthetic */ gh(Context context, Executor executor, Function1 function1, to5 to5Var, Function0 function0, int i, DefaultConstructorMarker defaultConstructorMarker) {
        this(context, executor, function1, to5Var, (i & 16) != 0 ? Cfor.g : function0);
    }

    private final void d() {
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
            keyPairGenerator.initialize(j());
            keyPairGenerator.generateKeyPair();
        } catch (Exception e) {
            throw new EncryptionException("Failed to generate master key", e);
        }
    }

    private final AlgorithmParameterSpec j() {
        KeyGenParameterSpec build = new KeyGenParameterSpec.Builder("ALIAS_MASTER_KEY", 3).setKeySize(2048).setEncryptionPaddings("PKCS1Padding").setAlgorithmParameterSpec(new RSAKeyGenParameterSpec(2048, RSAKeyGenParameterSpec.F4)).setCertificateSubject(new X500Principal("CN=ALIAS_MASTER_KEY")).setCertificateSerialNumber(BigInteger.valueOf(Math.abs(1301899345))).build();
        c35.a(build, "build(...)");
        return build;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static final void l(gh ghVar, Function1 function1, Function0 function0) {
        c35.d(ghVar, "this$0");
        c35.d(function1, "$exceptionHandler");
        c35.d(function0, "$masterKeyCreationCallback");
        ghVar.a(function1, function0);
    }

    /* renamed from: try, reason: not valid java name */
    private final byte[] m9131try(String str) {
        byte[] mo10668if = this.f6967if.mo10668if(str);
        if (mo10668if == null) {
            ip5.i("No key with alias " + str);
            return null;
        }
        try {
            Cipher cipher = Cipher.getInstance("RSA/NONE/PKCS1Padding");
            KeyStore keyStore = this.d;
            if (keyStore == null) {
                c35.t("keyStore");
                keyStore = null;
            }
            cipher.init(2, keyStore.getKey("ALIAS_MASTER_KEY", null));
            byte[] doFinal = cipher.doFinal(mo10668if);
            c35.b(doFinal);
            return n1f.m14201if(doFinal);
        } catch (Exception e) {
            throw new EncryptionException("Failed to decrypt with master key", e);
        }
    }

    private final boolean v() {
        try {
            KeyStore keyStore = this.d;
            if (keyStore == null) {
                c35.t("keyStore");
                keyStore = null;
            }
            if (keyStore.getKey("ALIAS_MASTER_KEY", null) != null) {
                return true;
            }
        } catch (Exception e) {
            ip5.n(e, "Failed to retrieve master key");
        }
        return false;
    }

    public final void a(Function1<? super Exception, fjc> function1, Function0<fjc> function0) throws EncryptionException {
        CountDownLatch countDownLatch;
        c35.d(function1, "exceptionHandler");
        c35.d(function0, "masterKeyCreationCallback");
        ReentrantReadWriteLock reentrantReadWriteLock = this.f6966for;
        ReentrantReadWriteLock.ReadLock readLock = reentrantReadWriteLock.readLock();
        int i = 0;
        int readHoldCount = reentrantReadWriteLock.getWriteHoldCount() == 0 ? reentrantReadWriteLock.getReadHoldCount() : 0;
        for (int i2 = 0; i2 < readHoldCount; i2++) {
            readLock.unlock();
        }
        ReentrantReadWriteLock.WriteLock writeLock = reentrantReadWriteLock.writeLock();
        writeLock.lock();
        try {
            if (this.a.getCount() == 0) {
                return;
            }
            try {
                try {
                    KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
                    c35.a(keyStore, "getInstance(...)");
                    this.d = keyStore;
                    if (keyStore == null) {
                        c35.t("keyStore");
                        keyStore = null;
                    }
                    keyStore.load(null);
                    Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
                    c35.a(cipher, "getInstance(...)");
                    this.l = cipher;
                    if (!v()) {
                        d();
                        function0.invoke();
                    }
                    countDownLatch = this.a;
                } catch (Exception e) {
                    function1.mo87if(new EncryptionException("Failed to run init", e));
                    countDownLatch = this.a;
                }
                countDownLatch.countDown();
                fjc fjcVar = fjc.f6533if;
                while (i < readHoldCount) {
                    readLock.lock();
                    i++;
                }
                writeLock.unlock();
            } catch (Throwable th) {
                this.a.countDown();
                throw th;
            }
        } finally {
            while (i < readHoldCount) {
                readLock.lock();
                i++;
            }
            writeLock.unlock();
        }
    }

    @Override // defpackage.ed3
    public boolean b(long j2) {
        return this.a.await(j2, TimeUnit.MILLISECONDS);
    }

    @Override // defpackage.ed3
    /* renamed from: for */
    public ed3.Cif mo7686for(String str, byte[] bArr) {
        String B;
        c35.d(str, "keyAlias");
        c35.d(bArr, "data");
        ReentrantReadWriteLock.ReadLock readLock = this.f6966for.readLock();
        readLock.lock();
        try {
            if (this.a.getCount() > 0) {
                throw new EncryptionException("Manager is not initialized");
            }
            if (!v()) {
                throw new EncryptionException("Cannot perform operations without master key");
            }
            fjc fjcVar = fjc.f6533if;
            readLock.unlock();
            byte[] m9131try = m9131try(str);
            Cipher cipher = null;
            if (m9131try == null) {
                String uuid = UUID.randomUUID().toString();
                c35.a(uuid, "toString(...)");
                String lowerCase = uuid.toLowerCase(Locale.ROOT);
                c35.a(lowerCase, "toLowerCase(...)");
                B = bjb.B(lowerCase, "-", "", false, 4, null);
                char[] charArray = B.toCharArray();
                c35.a(charArray, "toCharArray(...)");
                UUID randomUUID = UUID.randomUUID();
                c35.a(randomUUID, "randomUUID(...)");
                try {
                    m9131try = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1").generateSecret(new PBEKeySpec(charArray, fd3.m8364if(randomUUID), 10000, 256)).getEncoded();
                    c35.b(m9131try);
                    try {
                        Cipher cipher2 = Cipher.getInstance("RSA/NONE/PKCS1Padding");
                        KeyStore keyStore = this.d;
                        if (keyStore == null) {
                            c35.t("keyStore");
                            keyStore = null;
                        }
                        cipher2.init(1, keyStore.getCertificate("ALIAS_MASTER_KEY").getPublicKey());
                        byte[] doFinal = cipher2.doFinal(m9131try);
                        c35.b(doFinal);
                        this.f6967if.mo10667for(str, doFinal);
                        c35.d(m9131try, "encodedKey");
                    } catch (Exception e) {
                        throw new EncryptionException("Failed to encrypt with master key", e);
                    }
                } catch (Exception e2) {
                    throw new EncryptionException("Failed to generate key", e2);
                }
            }
            try {
                SecretKeySpec secretKeySpec = new SecretKeySpec(m9131try, "AES");
                ReentrantLock reentrantLock = this.f6968try;
                reentrantLock.lock();
                try {
                    Cipher cipher3 = this.l;
                    if (cipher3 == null) {
                        c35.t("aesCipher");
                        cipher3 = null;
                    }
                    cipher3.init(1, secretKeySpec);
                    Cipher cipher4 = this.l;
                    if (cipher4 == null) {
                        c35.t("aesCipher");
                        cipher4 = null;
                    }
                    byte[] doFinal2 = cipher4.doFinal(bArr);
                    c35.b(doFinal2);
                    Cipher cipher5 = this.l;
                    if (cipher5 == null) {
                        c35.t("aesCipher");
                    } else {
                        cipher = cipher5;
                    }
                    byte[] iv = cipher.getIV();
                    c35.a(iv, "getIV(...)");
                    ed3.Cif cif = new ed3.Cif(doFinal2, iv);
                    reentrantLock.unlock();
                    return cif;
                } catch (Throwable th) {
                    reentrantLock.unlock();
                    throw th;
                }
            } catch (Exception e3) {
                throw new EncryptionException("Failed to encrypt with raw aes key", e3);
            }
        } catch (Throwable th2) {
            readLock.unlock();
            throw th2;
        }
    }

    @Override // defpackage.ed3
    public byte[] g(String str, ed3.Cif cif) {
        c35.d(str, "keyAlias");
        c35.d(cif, "data");
        ReentrantReadWriteLock.ReadLock readLock = this.f6966for.readLock();
        readLock.lock();
        try {
            if (this.a.getCount() > 0) {
                throw new EncryptionException("Manager is not initialized");
            }
            if (!v()) {
                throw new EncryptionException("Cannot perform operations without master key");
            }
            fjc fjcVar = fjc.f6533if;
            readLock.unlock();
            byte[] m9131try = m9131try(str);
            if (m9131try == null) {
                throw new EncryptionException("No key with alias " + str);
            }
            try {
                ReentrantLock reentrantLock = this.f6968try;
                reentrantLock.lock();
                try {
                    SecretKeySpec secretKeySpec = new SecretKeySpec(m9131try, "AES");
                    Cipher cipher = this.l;
                    Cipher cipher2 = null;
                    if (cipher == null) {
                        c35.t("aesCipher");
                        cipher = null;
                    }
                    cipher.init(2, secretKeySpec, new IvParameterSpec(cif.m7688for()));
                    Cipher cipher3 = this.l;
                    if (cipher3 == null) {
                        c35.t("aesCipher");
                    } else {
                        cipher2 = cipher3;
                    }
                    byte[] doFinal = cipher2.doFinal(cif.m7689if());
                    reentrantLock.unlock();
                    c35.b(doFinal);
                    return doFinal;
                } catch (Throwable th) {
                    reentrantLock.unlock();
                    throw th;
                }
            } catch (Exception e) {
                throw new EncryptionException("Failed to decrypt with aes key", e);
            }
        } catch (Throwable th2) {
            readLock.unlock();
            throw th2;
        }
    }

    @Override // defpackage.ed3
    /* renamed from: if */
    public void mo7687if(String str) {
        c35.d(str, "keyAlias");
        this.f6967if.mo10667for(str, null);
    }
}
