package defpackage;

import android.content.Context;
import android.security.keystore.KeyGenParameterSpec;
import defpackage.sm1;
import java.math.BigInteger;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.RSAKeyGenParameterSpec;
import java.util.Calendar;
import java.util.Date;
import java.util.Locale;
import java.util.UUID;
import java.util.concurrent.CountDownLatch;
import java.util.concurrent.Executor;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.locks.ReentrantLock;
import java.util.concurrent.locks.ReentrantReadWriteLock;
import javax.crypto.Cipher;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes2.dex */
public final class qa implements sm1 {
    public static final n i = new n(null);

    /* renamed from: do, reason: not valid java name */
    private CountDownLatch f3953do;
    private final ReentrantReadWriteLock g;
    private final Date h;
    private final pa3 n;
    private KeyStore q;
    private Cipher r;
    private final Date v;
    private final Context w;
    private final ReentrantLock x;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes2.dex */
    public static final class g extends jb3 implements q82<g47> {
        public static final g w = new g();

        g() {
            super(0);
        }

        @Override // defpackage.q82
        public final /* bridge */ /* synthetic */ g47 w() {
            return g47.n;
        }
    }

    /* loaded from: classes2.dex */
    public static final class n {
        private n() {
        }

        public /* synthetic */ n(f71 f71Var) {
            this();
        }
    }

    public qa(Context context, Executor executor, final s82<? super Exception, g47> s82Var, pa3 pa3Var, final q82<g47> q82Var) {
        ex2.q(context, "context");
        ex2.q(executor, "initExecutor");
        ex2.q(s82Var, "exceptionHandler");
        ex2.q(pa3Var, "keyStorage");
        ex2.q(q82Var, "masterKeyCreationCallback");
        this.n = pa3Var;
        this.g = new ReentrantReadWriteLock();
        this.w = context.getApplicationContext();
        this.f3953do = new CountDownLatch(1);
        this.x = new ReentrantLock();
        Calendar calendar = Calendar.getInstance();
        Date time = calendar.getTime();
        ex2.m2077do(time, "calendar.time");
        this.h = time;
        calendar.add(1, 30);
        Date time2 = calendar.getTime();
        ex2.m2077do(time2, "calendar.time");
        this.v = time2;
        executor.execute(new Runnable() { // from class: pa
            @Override // java.lang.Runnable
            public final void run() {
                qa.r(qa.this, s82Var, q82Var);
            }
        });
    }

    public /* synthetic */ qa(Context context, Executor executor, s82 s82Var, pa3 pa3Var, q82 q82Var, int i2, f71 f71Var) {
        this(context, executor, s82Var, pa3Var, (i2 & 16) != 0 ? g.w : q82Var);
    }

    /* renamed from: for, reason: not valid java name */
    private final AlgorithmParameterSpec m3633for() {
        KeyGenParameterSpec build = new KeyGenParameterSpec.Builder("ALIAS_MASTER_KEY", 3).setKeySize(2048).setEncryptionPaddings("PKCS1Padding").setAlgorithmParameterSpec(new RSAKeyGenParameterSpec(2048, RSAKeyGenParameterSpec.F4)).setCertificateSubject(new X500Principal("CN=ALIAS_MASTER_KEY")).setCertificateSerialNumber(BigInteger.valueOf(Math.abs(1301899345))).build();
        ex2.m2077do(build, "Builder(MASTER_KEY_ALIAS…()))\n            .build()");
        return build;
    }

    private final void i() {
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
            keyPairGenerator.initialize(m3633for());
            keyPairGenerator.generateKeyPair();
        } catch (Exception e) {
            throw new rm1("Failed to generate master key", e);
        }
    }

    /* renamed from: new, reason: not valid java name */
    private final boolean m3634new() {
        try {
            KeyStore keyStore = this.q;
            if (keyStore == null) {
                ex2.m("keyStore");
                keyStore = null;
            }
            if (keyStore.getKey("ALIAS_MASTER_KEY", null) != null) {
                return true;
            }
        } catch (Exception e) {
            gb3.f(e, "Failed to retrieve master key");
        }
        return false;
    }

    private final void q() {
        if (this.f3953do.getCount() > 0) {
            throw new rm1("Manager is not initialized");
        }
        if (!m3634new()) {
            throw new rm1("Cannot perform operations without master key");
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static final void r(qa qaVar, s82 s82Var, q82 q82Var) {
        ex2.q(qaVar, "this$0");
        ex2.q(s82Var, "$exceptionHandler");
        ex2.q(q82Var, "$masterKeyCreationCallback");
        qaVar.m3635do(s82Var, q82Var);
    }

    private final byte[] x(String str) {
        byte[] n2 = this.n.n(str);
        if (n2 == null) {
            gb3.m2242new("No key with alias " + str);
            return null;
        }
        try {
            Cipher cipher = Cipher.getInstance("RSA/NONE/PKCS1Padding");
            KeyStore keyStore = this.q;
            if (keyStore == null) {
                ex2.m("keyStore");
                keyStore = null;
            }
            cipher.init(2, keyStore.getKey("ALIAS_MASTER_KEY", null));
            byte[] doFinal = cipher.doFinal(n2);
            ex2.m2077do(doFinal, "{\n            val cipher…r.doFinal(data)\n        }");
            ex2.q(doFinal, "encodedKey");
            return doFinal;
        } catch (Exception e) {
            throw new rm1("Failed to decrypt with master key", e);
        }
    }

    /* renamed from: do, reason: not valid java name */
    public final void m3635do(s82<? super Exception, g47> s82Var, q82<g47> q82Var) throws rm1 {
        ex2.q(s82Var, "exceptionHandler");
        ex2.q(q82Var, "masterKeyCreationCallback");
        ReentrantReadWriteLock reentrantReadWriteLock = this.g;
        ReentrantReadWriteLock.ReadLock readLock = reentrantReadWriteLock.readLock();
        int i2 = 0;
        int readHoldCount = reentrantReadWriteLock.getWriteHoldCount() == 0 ? reentrantReadWriteLock.getReadHoldCount() : 0;
        for (int i3 = 0; i3 < readHoldCount; i3++) {
            readLock.unlock();
        }
        ReentrantReadWriteLock.WriteLock writeLock = reentrantReadWriteLock.writeLock();
        writeLock.lock();
        try {
            if (this.f3953do.getCount() == 0) {
                return;
            }
            try {
                try {
                    KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
                    ex2.m2077do(keyStore, "getInstance(\"AndroidKeyStore\")");
                    this.q = keyStore;
                    if (keyStore == null) {
                        ex2.m("keyStore");
                        keyStore = null;
                    }
                    keyStore.load(null);
                    Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
                    ex2.m2077do(cipher, "getInstance(AES_CIPHER_SUIT)");
                    this.r = cipher;
                    if (!m3634new()) {
                        i();
                        q82Var.w();
                    }
                } catch (Exception e) {
                    s82Var.invoke(new rm1("Failed to run init", e));
                }
                this.f3953do.countDown();
                g47 g47Var = g47.n;
                while (i2 < readHoldCount) {
                    readLock.lock();
                    i2++;
                }
                writeLock.unlock();
            } catch (Throwable th) {
                this.f3953do.countDown();
                throw th;
            }
        } finally {
            while (i2 < readHoldCount) {
                readLock.lock();
                i2++;
            }
            writeLock.unlock();
        }
    }

    @Override // defpackage.sm1
    public sm1.n g(String str, byte[] bArr) {
        String c;
        ex2.q(str, "keyAlias");
        ex2.q(bArr, "data");
        ReentrantReadWriteLock.ReadLock readLock = this.g.readLock();
        readLock.lock();
        try {
            q();
            g47 g47Var = g47.n;
            readLock.unlock();
            byte[] x = x(str);
            Cipher cipher = null;
            if (x == null) {
                String uuid = UUID.randomUUID().toString();
                ex2.m2077do(uuid, "randomUUID().toString()");
                String lowerCase = uuid.toLowerCase(Locale.ROOT);
                ex2.m2077do(lowerCase, "this as java.lang.String).toLowerCase(Locale.ROOT)");
                c = me6.c(lowerCase, "-", "", false, 4, null);
                char[] charArray = c.toCharArray();
                ex2.m2077do(charArray, "this as java.lang.String).toCharArray()");
                UUID randomUUID = UUID.randomUUID();
                ex2.m2077do(randomUUID, "randomUUID()");
                try {
                    x = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1").generateSecret(new PBEKeySpec(charArray, tm1.n(randomUUID), 10000, 256)).getEncoded();
                    ex2.m2077do(x, "generatedKey");
                    try {
                        Cipher cipher2 = Cipher.getInstance("RSA/NONE/PKCS1Padding");
                        KeyStore keyStore = this.q;
                        if (keyStore == null) {
                            ex2.m("keyStore");
                            keyStore = null;
                        }
                        cipher2.init(1, keyStore.getCertificate("ALIAS_MASTER_KEY").getPublicKey());
                        byte[] doFinal = cipher2.doFinal(x);
                        ex2.m2077do(doFinal, "{\n            val cipher…r.doFinal(data)\n        }");
                        this.n.g(str, doFinal);
                        ex2.q(x, "encodedKey");
                    } catch (Exception e) {
                        throw new rm1("Failed to encrypt with master key", e);
                    }
                } catch (Exception e2) {
                    throw new rm1("Failed to generate key", e2);
                }
            }
            try {
                SecretKeySpec secretKeySpec = new SecretKeySpec(x, "AES");
                ReentrantLock reentrantLock = this.x;
                reentrantLock.lock();
                try {
                    Cipher cipher3 = this.r;
                    if (cipher3 == null) {
                        ex2.m("aesCipher");
                        cipher3 = null;
                    }
                    cipher3.init(1, secretKeySpec);
                    Cipher cipher4 = this.r;
                    if (cipher4 == null) {
                        ex2.m("aesCipher");
                        cipher4 = null;
                    }
                    byte[] doFinal2 = cipher4.doFinal(bArr);
                    ex2.m2077do(doFinal2, "encrypted");
                    Cipher cipher5 = this.r;
                    if (cipher5 == null) {
                        ex2.m("aesCipher");
                    } else {
                        cipher = cipher5;
                    }
                    byte[] iv = cipher.getIV();
                    ex2.m2077do(iv, "aesCipher.iv");
                    return new sm1.n(doFinal2, iv);
                } finally {
                    reentrantLock.unlock();
                }
            } catch (Exception e3) {
                throw new rm1("Failed to encrypt with raw aes key", e3);
            }
        } catch (Throwable th) {
            readLock.unlock();
            throw th;
        }
    }

    @Override // defpackage.sm1
    public boolean h(long j) {
        return this.f3953do.await(j, TimeUnit.MILLISECONDS);
    }

    @Override // defpackage.sm1
    public void n(String str) {
        ex2.q(str, "keyAlias");
        this.n.g(str, null);
    }

    @Override // defpackage.sm1
    public byte[] w(String str, sm1.n nVar) {
        ex2.q(str, "keyAlias");
        ex2.q(nVar, "data");
        ReentrantReadWriteLock.ReadLock readLock = this.g.readLock();
        readLock.lock();
        try {
            q();
            g47 g47Var = g47.n;
            readLock.unlock();
            byte[] x = x(str);
            if (x == null) {
                throw new rm1("No key with alias " + str);
            }
            try {
                ReentrantLock reentrantLock = this.x;
                reentrantLock.lock();
                try {
                    SecretKeySpec secretKeySpec = new SecretKeySpec(x, "AES");
                    Cipher cipher = this.r;
                    Cipher cipher2 = null;
                    if (cipher == null) {
                        ex2.m("aesCipher");
                        cipher = null;
                    }
                    cipher.init(2, secretKeySpec, new IvParameterSpec(nVar.g()));
                    Cipher cipher3 = this.r;
                    if (cipher3 == null) {
                        ex2.m("aesCipher");
                    } else {
                        cipher2 = cipher3;
                    }
                    byte[] doFinal = cipher2.doFinal(nVar.n());
                    reentrantLock.unlock();
                    ex2.m2077do(doFinal, "{\n            cipherLock…)\n            }\n        }");
                    return doFinal;
                } catch (Throwable th) {
                    reentrantLock.unlock();
                    throw th;
                }
            } catch (Exception e) {
                throw new rm1("Failed to decrypt with aes key", e);
            }
        } catch (Throwable th2) {
            readLock.unlock();
            throw th2;
        }
    }
}
