package c.b.a.utils;

import android.annotation.TargetApi;
import android.content.Context;
import android.content.SharedPreferences;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.security.keystore.KeyProtection;
import android.util.Base64;
import android.util.Log;
import com.readdle.spark.core.RSMFolderFlag;
import com.readdle.spark.core.utils.RSMKeyChainStoreProtocol;
import g.a;
import java.lang.ref.WeakReference;
import java.math.BigInteger;
import java.nio.ByteBuffer;
import java.nio.charset.StandardCharsets;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.Date;
import java.util.Map;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;
import org.mozilla.javascript.NativeJavaObject;
import org.mozilla.javascript.regexp.NativeRegExp;

/* loaded from: classes.dex */
public class Ba implements RSMKeyChainStoreProtocol {

    /* renamed from: a, reason: collision with root package name */
    public static final IvParameterSpec f2635a = new IvParameterSpec(new byte[]{87, NativeJavaObject.CONVERSION_NONE, -94, 23, -17, NativeRegExp.REOP_STAR, 84, -117, 59, -59, NativeRegExp.REOP_QUANT, -88, -66, 86, -42, 78});

    /* renamed from: b, reason: collision with root package name */
    public WeakReference<Context> f2636b;

    /* renamed from: c, reason: collision with root package name */
    public boolean f2637c = false;

    public Ba(Context context) {
        this.f2636b = null;
        this.f2636b = new WeakReference<>(context);
    }

    public final String a(String str) {
        return f().getString(str, "");
    }

    public final KeyStore.PrivateKeyEntry a(KeyStore keyStore) {
        KeyStore.Entry entry = keyStore.getEntry("SparkKeyPair", null);
        if (entry instanceof KeyStore.PrivateKeyEntry) {
            return (KeyStore.PrivateKeyEntry) entry;
        }
        return null;
    }

    public final PrivateKey a() {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
        Calendar calendar = Calendar.getInstance();
        Date time = calendar.getTime();
        calendar.add(1, 100);
        Date time2 = calendar.getTime();
        Context context = this.f2636b.get();
        if (context == null) {
            throw new Exception("Inconsistency: Context can't be null, try gracefully cleanup resources");
        }
        keyPairGenerator.initialize(new KeyPairGeneratorSpec.Builder(context).setAlias("SparkKeyPair").setKeySize(RSMFolderFlag.IMPORTANT).setSubject(new X500Principal("CN=SparkKeyPair")).setSerialNumber(BigInteger.valueOf(15342890L)).setStartDate(time).setEndDate(time2).build());
        return keyPairGenerator.generateKeyPair().getPrivate();
    }

    public final void a(String str, String str2) {
        f().edit().putString(str, str2).commit();
    }

    public final byte[] a(byte[] bArr) {
        SecretKey g2 = g();
        Cipher cipher = Cipher.getInstance("AES/CBC/Pkcs7Padding");
        cipher.init(1, g2, f2635a);
        return cipher.doFinal(bArr);
    }

    public final SecretKey b() {
        Certificate certificate;
        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
        keyGenerator.init(256);
        SecretKey generateKey = keyGenerator.generateKey();
        byte[] encoded = generateKey.getEncoded();
        KeyStore h = h();
        KeyStore.PrivateKeyEntry a2 = a(h);
        byte[] bArr = null;
        if (a2 != null) {
            certificate = a2.getCertificate();
        } else {
            a();
            KeyStore.PrivateKeyEntry a3 = a(h);
            certificate = a3 != null ? a3.getCertificate() : null;
        }
        if (certificate != null) {
            Cipher cipher = Cipher.getInstance("RSA/ECB/Pkcs1Padding");
            cipher.init(1, certificate);
            bArr = cipher.doFinal(encoded);
        }
        a("SparkSymmetricKey", Base64.encodeToString(bArr, 0));
        a("Version", "21");
        return generateKey;
    }

    public void b(String str, String str2) {
        a(str, Base64.encodeToString(a(str2.getBytes(StandardCharsets.UTF_8)), 0));
    }

    public final byte[] b(String str) {
        String a2 = a(str);
        if (a2.isEmpty()) {
            return null;
        }
        byte[] decode = Base64.decode(a2, 0);
        KeyStore.PrivateKeyEntry a3 = a(h());
        PrivateKey privateKey = a3 != null ? a3.getPrivateKey() : a();
        if (privateKey == null) {
            return null;
        }
        Cipher cipher = Cipher.getInstance("RSA/ECB/Pkcs1Padding");
        cipher.init(2, privateKey);
        return cipher.doFinal(decode);
    }

    public String c(String str) {
        return new String(tryGetData(str).array(), StandardCharsets.UTF_8);
    }

    public final synchronized SecretKey c() {
        if (!a("Version").isEmpty()) {
            return null;
        }
        return b();
    }

    @TargetApi(23)
    public final SecretKey d() {
        KeyGenParameterSpec build = new KeyGenParameterSpec.Builder("SparkSymmetricKey", 3).setKeySize(256).setBlockModes("CBC").setEncryptionPaddings("PKCS7Padding").setRandomizedEncryptionRequired(false).build();
        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", "AndroidKeyStore");
        keyGenerator.init(build);
        SecretKey generateKey = keyGenerator.generateKey();
        a("Version", "23");
        return generateKey;
    }

    public final synchronized SecretKey e() {
        if (!a("Version").isEmpty()) {
            return null;
        }
        return d();
    }

    public final SharedPreferences f() {
        Context context = this.f2636b.get();
        if (context != null) {
            return context.getSharedPreferences("keystore", 0);
        }
        throw new Exception("Inconsistency: Context can't be null, try gracefully cleanup resources");
    }

    public final SecretKey g() {
        String a2 = a("Version");
        if (!(!this.f2637c && Build.VERSION.SDK_INT >= 23)) {
            if (a2.isEmpty()) {
                return c();
            }
            byte[] b2 = b("SparkSymmetricKey");
            if (b2 != null) {
                return new SecretKeySpec(b2, "AES");
            }
            return null;
        }
        if (a2.isEmpty()) {
            return e();
        }
        if (a2.equals("23")) {
            return (SecretKey) h().getKey("SparkSymmetricKey", null);
        }
        if (!a2.equals("21")) {
            return null;
        }
        j();
        return (SecretKey) h().getKey("SparkSymmetricKey", null);
    }

    @Override // com.readdle.spark.core.utils.RSMKeyChainStoreProtocol
    public ArrayList<String> getAllKeys() {
        Map<String, ?> all;
        try {
            all = f().getAll();
        } catch (Exception e2) {
            Log.e("SparkKeyStore", "Error receiving all keys", e2);
        }
        if (all == null) {
            Log.v("SparkKeyStore", "No keys found");
            return new ArrayList<>();
        }
        Log.v("SparkKeyStore", "Get keys count = " + all.size());
        return new ArrayList<>(all.keySet());
    }

    public final KeyStore h() {
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null);
        return keyStore;
    }

    @TargetApi(23)
    public final void i() {
        h().setEntry("SparkSymmetricKey", new KeyStore.SecretKeyEntry(new SecretKeySpec(b("SparkSymmetricKey"), "AES")), new KeyProtection.Builder(3).setBlockModes("CBC").setEncryptionPaddings("PKCS7Padding").setRandomizedEncryptionRequired(false).build());
        a("Version", "23");
        Log.v("SparkKeyStore", "Remove data from SparkKeyStore with key = SparkSymmetricKey");
        f().edit().remove("SparkSymmetricKey").commit();
    }

    @TargetApi(23)
    public final synchronized void j() {
        if (a("Version").equals("21")) {
            i();
        }
    }

    @Override // com.readdle.spark.core.utils.RSMKeyChainStoreProtocol
    public ByteBuffer tryGetData(String str) {
        Log.v("SparkKeyStore", "Try to read data from SparkKeyStore: Key: " + str);
        String a2 = a(str);
        if (a2.isEmpty()) {
            throw new Exception(a.a("No data for key: ", str));
        }
        byte[] decode = Base64.decode(a2, 0);
        SecretKey g2 = g();
        Cipher cipher = Cipher.getInstance("AES/CBC/Pkcs7Padding");
        cipher.init(2, g2, f2635a);
        byte[] doFinal = cipher.doFinal(decode);
        StringBuilder b2 = a.b("Successfully read data from SparkKeyStore: dataCount = ");
        b2.append(doFinal.length);
        Log.v("SparkKeyStore", b2.toString());
        return ByteBuffer.wrap(doFinal);
    }

    @Override // com.readdle.spark.core.utils.RSMKeyChainStoreProtocol
    public void tryRemoveItem(String str) {
        Log.v("SparkKeyStore", "Remove data from SparkKeyStore with key = " + str);
        f().edit().remove(str).commit();
    }

    @Override // com.readdle.spark.core.utils.RSMKeyChainStoreProtocol
    public void trySetData(ByteBuffer byteBuffer, String str) {
        byte[] array = byteBuffer.array();
        Log.v("SparkKeyStore", "Add data to SparkKeyStore with key = " + str + " dataCount: " + array.length);
        a(str, Base64.encodeToString(a(array), 0));
    }
}
