package e.a.a.k.j2;

import android.content.Context;
import android.content.SharedPreferences;
import android.os.Build;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import com.google.android.material.animation.AnimatorSetCompat;
import com.readdle.spark.core.utils.RSMKeyChainStoreProtocol;
import e.a.a.k.k2.e;
import java.nio.ByteBuffer;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.interfaces.RSAPublicKey;
import java.util.ArrayList;
import java.util.Map;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;

/* loaded from: classes.dex */
public class c implements RSMKeyChainStoreProtocol {

    /* renamed from: e, reason: collision with root package name */
    public static final byte[] f468e = {87, 99, -94, 23, -17, 26, 84, -117, 59, -59, 25, -88, -66, 86, -42, 78};
    public static final e.a.a.k.k2.d f = e.a.b(c.class.getSimpleName());
    public final Object a = new Object();
    public final Object b = new Object();
    public KeyStore c = null;
    public final Context d;

    public c(Context context) {
        this.d = context;
    }

    public final byte[] a(byte[] bArr, byte[] bArr2) {
        SecretKey i = i();
        Cipher cipher = Cipher.getInstance("AES/CBC/Pkcs7Padding");
        cipher.init(1, i, new IvParameterSpec(bArr2));
        return cipher.doFinal(bArr);
    }

    public final KeyPair b(String str, Integer num) {
        e.a.a.k.k2.d dVar = f;
        StringBuilder A = e.c.a.a.a.A("Generating RSA key pair for alias, alias hash = ");
        A.append(str.hashCode());
        dVar.f(A.toString());
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
        KeyGenParameterSpec.Builder randomizedEncryptionRequired = new KeyGenParameterSpec.Builder(str, 2).setEncryptionPaddings("PKCS1Padding").setKeySize(num.intValue()).setRandomizedEncryptionRequired(false);
        if (Build.VERSION.SDK_INT >= 28) {
            randomizedEncryptionRequired.setInvalidatedByBiometricEnrollment(false).setUnlockedDeviceRequired(false).setUserAuthenticationValidWhileOnBody(false).setUserConfirmationRequired(false).setUserPresenceRequired(false);
        }
        keyPairGenerator.initialize(randomizedEncryptionRequired.build());
        dVar.f("RSA key pair was successfully generated, alias hash = " + str.hashCode());
        return keyPairGenerator.generateKeyPair();
    }

    public PublicKey c(String str, Integer num) {
        PublicKey publicKey;
        synchronized (this.a) {
            KeyStore keyStore = this.c;
            KeyStore.PrivateKeyEntry privateKeyEntry = null;
            if (keyStore != null) {
                KeyStore.Entry entry = keyStore.getEntry(str, null);
                if (entry instanceof KeyStore.PrivateKeyEntry) {
                    privateKeyEntry = (KeyStore.PrivateKeyEntry) entry;
                }
            }
            if (privateKeyEntry != null) {
                String str2 = "Incorrect request to generate key pair: key with alias = " + str + " already exists and will be at first deleted from AndroidKeyStore and after that regenerated";
                AnimatorSetCompat.M1("SparkKeyStore", str2);
                f.b(str2);
                invalidateKeyPair(str);
            }
            publicKey = b(str, num).getPublic();
        }
        return publicKey;
    }

    public final SecretKey d() {
        e.a.a.k.k2.d dVar = f;
        dVar.f("Generating key for keystore data encryption");
        KeyGenParameterSpec.Builder randomizedEncryptionRequired = new KeyGenParameterSpec.Builder("SparkSymmetricKey", 3).setKeySize(256).setBlockModes("CBC").setEncryptionPaddings("PKCS7Padding").setRandomizedEncryptionRequired(false);
        if (Build.VERSION.SDK_INT >= 28) {
            randomizedEncryptionRequired.setInvalidatedByBiometricEnrollment(false).setUnlockedDeviceRequired(false).setUserAuthenticationValidWhileOnBody(false).setUserConfirmationRequired(false).setUserPresenceRequired(false);
        }
        KeyGenParameterSpec build = randomizedEncryptionRequired.build();
        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", "AndroidKeyStore");
        keyGenerator.init(build);
        SecretKey generateKey = keyGenerator.generateKey();
        m("Version", "23");
        dVar.f("Key for keystore data encryption generated");
        return generateKey;
    }

    public final String e(String str) {
        return e.c.a.a.a.q(str, "_iv");
    }

    public final String f(PublicKey publicKey) {
        return e.c.a.a.a.r("-----BEGIN RSA PUBLIC KEY-----\n", Base64.encodeToString(publicKey.getEncoded(), 0), "\n-----END RSA PUBLIC KEY-----");
    }

    public final SharedPreferences g() {
        return this.d.getSharedPreferences("keystore", 0);
    }

    @Override // com.readdle.spark.core.utils.RSMKeyChainStoreProtocol
    public ArrayList<String> getAllKeys() {
        try {
            Map<String, ?> all = g().getAll();
            if (all == null) {
                f.f("No keys found");
                return new ArrayList<>();
            }
            f.f("Get keys count = " + all.size());
            return new ArrayList<>(all.keySet());
        } catch (Exception e2) {
            e.a.a.k.k2.d dVar = f;
            StringBuilder A = e.c.a.a.a.A("Error receiving all keys, exception type = ");
            A.append(e2.getClass().getName());
            dVar.b(A.toString());
            throw e2;
        }
    }

    /* JADX WARN: Removed duplicated region for block: B:10:0x0019 A[Catch: all -> 0x002b, TryCatch #0 {, blocks: (B:4:0x0006, B:6:0x000b, B:8:0x0013, B:10:0x0019, B:12:0x0025, B:13:0x0027, B:16:0x0029), top: B:3:0x0006 }] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public java.security.interfaces.RSAPublicKey h(java.lang.String r4) {
        /*
            r3 = this;
            r3.k()
            java.lang.Object r0 = r3.a
            monitor-enter(r0)
            java.security.KeyStore r1 = r3.c     // Catch: java.lang.Throwable -> L2b
            r2 = 0
            if (r1 == 0) goto L16
            java.security.KeyStore$Entry r4 = r1.getEntry(r4, r2)     // Catch: java.lang.Throwable -> L2b
            boolean r1 = r4 instanceof java.security.KeyStore.PrivateKeyEntry     // Catch: java.lang.Throwable -> L2b
            if (r1 == 0) goto L16
            java.security.KeyStore$PrivateKeyEntry r4 = (java.security.KeyStore.PrivateKeyEntry) r4     // Catch: java.lang.Throwable -> L2b
            goto L17
        L16:
            r4 = r2
        L17:
            if (r4 == 0) goto L29
            java.security.cert.Certificate r4 = r4.getCertificate()     // Catch: java.lang.Throwable -> L2b
            java.security.PublicKey r4 = r4.getPublicKey()     // Catch: java.lang.Throwable -> L2b
            boolean r1 = r4 instanceof java.security.interfaces.RSAPublicKey     // Catch: java.lang.Throwable -> L2b
            if (r1 == 0) goto L29
            java.security.interfaces.RSAPublicKey r4 = (java.security.interfaces.RSAPublicKey) r4     // Catch: java.lang.Throwable -> L2b
            monitor-exit(r0)     // Catch: java.lang.Throwable -> L2b
            return r4
        L29:
            monitor-exit(r0)     // Catch: java.lang.Throwable -> L2b
            return r2
        L2b:
            r4 = move-exception
            monitor-exit(r0)     // Catch: java.lang.Throwable -> L2b
            throw r4
        */
        throw new UnsupportedOperationException("Method not decompiled: e.a.a.k.j2.c.h(java.lang.String):java.security.interfaces.RSAPublicKey");
    }

    public final SecretKey i() {
        String string = g().getString("Version", "");
        if (!string.isEmpty()) {
            return j(string);
        }
        synchronized (this.b) {
            String string2 = g().getString("Version", "");
            if (string2.isEmpty()) {
                return d();
            }
            return j(string2);
        }
    }

    @Override // com.readdle.spark.core.utils.RSMKeyChainStoreProtocol
    public void invalidateKeyPair(String str) {
        synchronized (this.a) {
            try {
                try {
                    k().deleteEntry(str);
                } catch (Exception e2) {
                    f.b("Error in invalidateKeyPair(), alias = " + str + ", exception = " + e2.getClass().getName());
                    throw e2;
                }
            } catch (Throwable th) {
                throw th;
            }
        }
    }

    public final SecretKey j(String str) {
        if (!str.equals("23")) {
            AnimatorSetCompat.M1("KeyStore", "Bad keystore version = " + str);
        }
        return (SecretKey) k().getKey("SparkSymmetricKey", null);
    }

    public final synchronized KeyStore k() {
        if (this.c == null) {
            e.a.a.k.k2.d dVar = f;
            dVar.f("Loading keystore");
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            this.c = keyStore;
            keyStore.load(null);
            dVar.f("Keystore loaded");
        }
        return this.c;
    }

    public final void l(String str, byte[] bArr) {
        f.f("Saving IV for key = " + str);
        g().edit().putString(str, Base64.encodeToString(bArr, 2)).commit();
    }

    public final void m(String str, String str2) {
        f.f("Saving value for key = " + str);
        g().edit().putString(str, str2).commit();
    }

    @Override // com.readdle.spark.core.utils.RSMKeyChainStoreProtocol
    public ByteBuffer tryDecryptRSAData(String str, ByteBuffer byteBuffer) {
        PrivateKey privateKey;
        try {
            byte[] array = byteBuffer.array();
            e.a.a.k.k2.d dVar = f;
            dVar.f("Trying to decrypt data, size = " + array.length + ", with alias, alias hash = " + str.hashCode());
            Key key = k().getKey(str, null);
            if (key instanceof PrivateKey) {
                dVar.f("RSA key is found");
                privateKey = (PrivateKey) key;
            } else {
                dVar.e("RSA entry is not found");
                privateKey = null;
            }
            if (privateKey == null) {
                dVar.e("RSA entry is not found");
                return null;
            }
            Cipher cipher = Cipher.getInstance("RSA/ECB/Pkcs1Padding");
            cipher.init(2, privateKey);
            byte[] doFinal = cipher.doFinal(array);
            dVar.f("Data decrypted, size = " + doFinal.length);
            return ByteBuffer.wrap(doFinal);
        } catch (Exception e2) {
            e.a.a.k.k2.d dVar2 = f;
            StringBuilder E = e.c.a.a.a.E("Error in tryDecryptRSAData(), alias = ", str, ", exception = ");
            E.append(e2.getClass().getName());
            dVar2.b(E.toString());
            throw e2;
        }
    }

    @Override // com.readdle.spark.core.utils.RSMKeyChainStoreProtocol
    public String tryGeneratePEMPackedRSAPublicKey(String str, Integer num) {
        try {
            f.f("Trying to generate RSA key pair with alias, alias hash = " + str.hashCode());
            return f(c(str, num));
        } catch (Exception e2) {
            e.a.a.k.k2.d dVar = f;
            StringBuilder E = e.c.a.a.a.E("Error in tryGeneratePEMPackedRSAPublicKey(), alias = ", str, ", exception = ");
            E.append(e2.getClass().getName());
            dVar.b(E.toString());
            throw e2;
        }
    }

    @Override // com.readdle.spark.core.utils.RSMKeyChainStoreProtocol
    public ByteBuffer tryGetData(String str) {
        try {
            e.a.a.k.k2.d dVar = f;
            dVar.f("Try to read data from SparkKeyStore: Key: " + str);
            String string = g().getString(str, "");
            String e2 = e(str);
            dVar.f("Getting IV for key = " + e2);
            byte[] decode = Base64.decode(g().getString(e2, ""), 2);
            if (decode.length == 0) {
                decode = f468e;
            }
            if (string.isEmpty()) {
                dVar.f("No data for key: " + str);
                return null;
            }
            byte[] decode2 = Base64.decode(string, 0);
            SecretKey i = i();
            Cipher cipher = Cipher.getInstance("AES/CBC/Pkcs7Padding");
            cipher.init(2, i, new IvParameterSpec(decode));
            byte[] doFinal = cipher.doFinal(decode2);
            dVar.f("Successfully read data from SparkKeyStore: dataCount = " + doFinal.length);
            return ByteBuffer.wrap(doFinal);
        } catch (Exception e3) {
            e.a.a.k.k2.d dVar2 = f;
            StringBuilder E = e.c.a.a.a.E("Error in tryGetData(), key = ", str, ", exception = ");
            E.append(e3.getClass().getName());
            dVar2.b(E.toString());
            throw e3;
        }
    }

    @Override // com.readdle.spark.core.utils.RSMKeyChainStoreProtocol
    public String tryGetPEMPackedRSAPublicKey(String str) {
        try {
            f.f("Trying to get RSA public key, alias hash = " + str.hashCode());
            RSAPublicKey h = h(str);
            if (h != null) {
                return f(h);
            }
            return null;
        } catch (Exception e2) {
            e.a.a.k.k2.d dVar = f;
            StringBuilder E = e.c.a.a.a.E("Error in tryGetPEMPackedRSAPublicKey(), alias = ", str, ", exception = ");
            E.append(e2.getClass().getName());
            dVar.b(E.toString());
            throw e2;
        }
    }

    @Override // com.readdle.spark.core.utils.RSMKeyChainStoreProtocol
    public void tryRemoveItem(String str) {
        f.f("Remove data from SparkKeyStore with key = " + str);
        g().edit().remove(str).commit();
    }

    @Override // com.readdle.spark.core.utils.RSMKeyChainStoreProtocol
    public void trySetData(ByteBuffer byteBuffer, String str) {
        try {
            byte[] array = byteBuffer.array();
            f.f("Add data to SparkKeyStore with key = " + str + " dataCount: " + array.length);
            byte[] bArr = new byte[16];
            new SecureRandom().nextBytes(bArr);
            String encodeToString = Base64.encodeToString(a(array, bArr), 0);
            l(e(str), bArr);
            m(str, encodeToString);
        } catch (Exception e2) {
            e.a.a.k.k2.d dVar = f;
            StringBuilder E = e.c.a.a.a.E("Error in trySetData(), key = ", str, ", data bytes count = ");
            E.append(byteBuffer.array().length);
            E.append(", exception = ");
            E.append(e2.getClass().getName());
            dVar.b(E.toString());
            throw e2;
        }
    }
}
