package com.microsoft.appcenter.utils.crypto;

import android.content.Context;
import android.util.Base64;
import coil.request.CachePolicy$EnumUnboxingLocalUtility;
import coil.util.Contexts;
import com.android.billingclient.api.QueryProductDetailsParams;
import com.android.billingclient.api.zzo;
import java.nio.ByteBuffer;
import java.security.InvalidKeyException;
import java.security.KeyStore;
import java.security.MessageDigest;
import java.security.cert.CertificateExpiredException;
import java.util.Date;
import java.util.LinkedHashMap;
import javax.crypto.Cipher;
import javax.crypto.Mac;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import okio.Path;

/* loaded from: classes.dex */
public final class CryptoUtils {
    public static final Path.Companion DEFAULT_CRYPTO_FACTORY = new Path.Companion(0);
    public static CryptoUtils sInstance;
    public final int mApiLevel;
    public final Context mContext;
    public final Path.Companion mCryptoFactory;
    public final LinkedHashMap mCryptoHandlers;
    public final KeyStore mKeyStore;

    /* loaded from: classes.dex */
    public final class CryptoHandlerEntry {
        public int mAliasIndex;
        public final CryptoHandler mCryptoHandler;

        public CryptoHandlerEntry(int i, Path.Companion companion) {
            this.mAliasIndex = i;
            this.mCryptoHandler = companion;
        }
    }

    /* loaded from: classes.dex */
    public final class DecryptedData {
        public String mDecryptedData;
        public String mNewEncryptedData;

        public /* synthetic */ DecryptedData() {
        }

        public DecryptedData(String str, String str2) {
            this.mDecryptedData = str;
            this.mNewEncryptedData = str2;
        }

        public final QueryProductDetailsParams.Product build() {
            if ("first_party".equals(this.mNewEncryptedData)) {
                throw new IllegalArgumentException("Serialized doc id must be provided for first party products.");
            }
            if (this.mDecryptedData == null) {
                throw new IllegalArgumentException("Product id must be provided.");
            }
            if (this.mNewEncryptedData != null) {
                return new QueryProductDetailsParams.Product(this);
            }
            throw new IllegalArgumentException("Product type must be provided.");
        }
    }

    /* JADX WARN: Removed duplicated region for block: B:13:0x004a A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:17:0x0030 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public CryptoUtils(android.content.Context r5) {
        /*
            r4 = this;
            okio.Path$Companion r0 = com.microsoft.appcenter.utils.crypto.CryptoUtils.DEFAULT_CRYPTO_FACTORY
            int r1 = android.os.Build.VERSION.SDK_INT
            java.lang.String r2 = "AppCenter"
            r4.<init>()
            java.util.LinkedHashMap r3 = new java.util.LinkedHashMap
            r3.<init>()
            r4.mCryptoHandlers = r3
            android.content.Context r5 = r5.getApplicationContext()
            r4.mContext = r5
            r4.mCryptoFactory = r0
            r4.mApiLevel = r1
            r5 = 0
            java.lang.String r0 = "AndroidKeyStore"
            java.security.KeyStore r0 = java.security.KeyStore.getInstance(r0)     // Catch: java.lang.Exception -> L26
            r0.load(r5)     // Catch: java.lang.Exception -> L25
            goto L2c
        L25:
            r5 = r0
        L26:
            java.lang.String r0 = "Cannot use secure keystore on this device."
            coil.util.Contexts.error(r2, r0)
            r0 = r5
        L2c:
            r4.mKeyStore = r0
            if (r0 == 0) goto L48
            okio.Path$Companion r5 = new okio.Path$Companion     // Catch: java.lang.Exception -> L43
            r1 = 1
            r5.<init>(r1)     // Catch: java.lang.Exception -> L43
            r4.registerHandler(r5)     // Catch: java.lang.Exception -> L43
            okio.Path$Companion r5 = new okio.Path$Companion     // Catch: java.lang.Exception -> L43
            r1 = 2
            r5.<init>(r1)     // Catch: java.lang.Exception -> L43
            r4.registerHandler(r5)     // Catch: java.lang.Exception -> L43
            goto L48
        L43:
            java.lang.String r5 = "Cannot use modern encryption on this device."
            coil.util.Contexts.error(r2, r5)
        L48:
            if (r0 == 0) goto L59
            okio.Path$Companion r5 = new okio.Path$Companion     // Catch: java.lang.Exception -> L54
            r0 = 3
            r5.<init>(r0)     // Catch: java.lang.Exception -> L54
            r4.registerHandler(r5)     // Catch: java.lang.Exception -> L54
            goto L59
        L54:
            java.lang.String r5 = "Cannot use old encryption on this device."
            coil.util.Contexts.error(r2, r5)
        L59:
            okio.Path$Companion r5 = new okio.Path$Companion
            r0 = 4
            r5.<init>(r0)
            java.util.LinkedHashMap r0 = r4.mCryptoHandlers
            java.lang.String r1 = r5.getAlgorithm()
            com.microsoft.appcenter.utils.crypto.CryptoUtils$CryptoHandlerEntry r2 = new com.microsoft.appcenter.utils.crypto.CryptoUtils$CryptoHandlerEntry
            r3 = 0
            r2.<init>(r3, r5)
            r0.put(r1, r2)
            return
        */
        throw new UnsupportedOperationException("Method not decompiled: com.microsoft.appcenter.utils.crypto.CryptoUtils.<init>(android.content.Context):void");
    }

    public static String getAlias(int i, CryptoHandler cryptoHandler) {
        StringBuilder m22m = CachePolicy$EnumUnboxingLocalUtility.m22m("appcenter.", i, ".");
        m22m.append(((Path.Companion) cryptoHandler).getAlgorithm());
        return m22m.toString();
    }

    public final DecryptedData decrypt(String str) {
        String[] split = str.split(":");
        CryptoHandlerEntry cryptoHandlerEntry = split.length == 2 ? (CryptoHandlerEntry) this.mCryptoHandlers.get(split[0]) : null;
        CryptoHandler cryptoHandler = cryptoHandlerEntry == null ? null : cryptoHandlerEntry.mCryptoHandler;
        if (cryptoHandler == null) {
            Contexts.error("AppCenter", "Failed to decrypt data.");
            return new DecryptedData(str, null);
        }
        try {
            try {
                return getDecryptedData(cryptoHandler, cryptoHandlerEntry.mAliasIndex, split[1]);
            } catch (Exception unused) {
                return getDecryptedData(cryptoHandler, cryptoHandlerEntry.mAliasIndex ^ 1, split[1]);
            }
        } catch (Exception unused2) {
            Contexts.error("AppCenter", "Failed to decrypt data.");
            return new DecryptedData(str, null);
        }
    }

    public final String encrypt(String str) {
        KeyStore keyStore = this.mKeyStore;
        Path.Companion companion = this.mCryptoFactory;
        try {
            CryptoHandlerEntry cryptoHandlerEntry = (CryptoHandlerEntry) this.mCryptoHandlers.values().iterator().next();
            CryptoHandler cryptoHandler = cryptoHandlerEntry.mCryptoHandler;
            try {
                int i = cryptoHandlerEntry.mAliasIndex;
                KeyStore.Entry entry = null;
                if (keyStore != null) {
                    entry = keyStore.getEntry(getAlias(i, cryptoHandler), null);
                }
                Path.Companion companion2 = (Path.Companion) cryptoHandler;
                return companion2.getAlgorithm() + ":" + Base64.encodeToString(companion2.encrypt(companion, this.mApiLevel, entry, str.getBytes("UTF-8")), 0);
            } catch (InvalidKeyException e) {
                if (!(e.getCause() instanceof CertificateExpiredException) && !"android.security.keystore.KeyExpiredException".equals(e.getClass().getName())) {
                    throw e;
                }
                Contexts.debug("AppCenter", "Alias expired: " + cryptoHandlerEntry.mAliasIndex);
                int i2 = cryptoHandlerEntry.mAliasIndex ^ 1;
                cryptoHandlerEntry.mAliasIndex = i2;
                String alias = getAlias(i2, cryptoHandler);
                if (keyStore.containsAlias(alias)) {
                    Contexts.debug("AppCenter", "Deleting alias: " + alias);
                    keyStore.deleteEntry(alias);
                }
                Contexts.debug("AppCenter", "Creating alias: " + alias);
                ((Path.Companion) cryptoHandler).generateKey(companion, alias, this.mContext);
                return encrypt(str);
            }
        } catch (Exception unused) {
            Contexts.error("AppCenter", "Failed to encrypt data.");
            return str;
        }
    }

    public final DecryptedData getDecryptedData(CryptoHandler cryptoHandler, int i, String str) {
        KeyStore keyStore = this.mKeyStore;
        KeyStore.Entry entry = keyStore == null ? null : keyStore.getEntry(getAlias(i, cryptoHandler), null);
        byte[] decode = Base64.decode(str, 0);
        int i2 = ((Path.Companion) cryptoHandler).$r8$classId;
        Path.Companion companion = this.mCryptoFactory;
        switch (i2) {
            case 1:
                ByteBuffer wrap = ByteBuffer.wrap(decode);
                int i3 = wrap.get();
                if (i3 != 16) {
                    throw new IllegalArgumentException("Invalid IV length.");
                }
                byte[] bArr = new byte[i3];
                wrap.get(bArr);
                int i4 = wrap.get();
                if (i4 != 32) {
                    throw new IllegalArgumentException("Invalid MAC length.");
                }
                byte[] bArr2 = new byte[i4];
                wrap.get(bArr2);
                byte[] bArr3 = new byte[wrap.remaining()];
                wrap.get(bArr3);
                SecretKey secretKey = ((KeyStore.SecretKeyEntry) entry).getSecretKey();
                byte[] subkey = Path.Companion.getSubkey(secretKey, 32);
                SecretKeySpec secretKeySpec = new SecretKeySpec(Path.Companion.getSubkey(secretKey, 16), "HmacSHA256");
                Mac mac = Mac.getInstance("HmacSHA256");
                mac.init(secretKeySpec);
                mac.update(bArr);
                mac.update(bArr3);
                if (!MessageDigest.isEqual(mac.doFinal(), bArr2)) {
                    throw new SecurityException("Could not authenticate MAC value.");
                }
                zzo cipher = companion.getCipher("AES/CBC/PKCS7Padding", null);
                ((Cipher) cipher.zza).init(2, new SecretKeySpec(subkey, "AES"), new IvParameterSpec(bArr));
                decode = ((Cipher) cipher.zza).doFinal(bArr3);
                break;
            case 2:
                zzo cipher2 = companion.getCipher("AES/CBC/PKCS7Padding", "AndroidKeyStoreBCWorkaround");
                int blockSize = ((Cipher) cipher2.zza).getBlockSize();
                ((Cipher) cipher2.zza).init(2, ((KeyStore.SecretKeyEntry) entry).getSecretKey(), new IvParameterSpec(decode, 0, blockSize));
                decode = ((Cipher) cipher2.zza).doFinal(decode, blockSize, decode.length - blockSize);
                break;
            case 3:
                zzo cipher3 = companion.getCipher("RSA/ECB/PKCS1Padding", this.mApiLevel < 23 ? "AndroidOpenSSL" : "AndroidKeyStoreBCWorkaround");
                ((Cipher) cipher3.zza).init(2, ((KeyStore.PrivateKeyEntry) entry).getPrivateKey());
                decode = ((Cipher) cipher3.zza).doFinal(decode);
                break;
        }
        String str2 = new String(decode, "UTF-8");
        return new DecryptedData(str2, cryptoHandler != ((CryptoHandlerEntry) this.mCryptoHandlers.values().iterator().next()).mCryptoHandler ? encrypt(str2) : null);
    }

    public final void registerHandler(Path.Companion companion) {
        int i = 0;
        String alias = getAlias(0, companion);
        String alias2 = getAlias(1, companion);
        KeyStore keyStore = this.mKeyStore;
        Date creationDate = keyStore.getCreationDate(alias);
        Date creationDate2 = keyStore.getCreationDate(alias2);
        if (creationDate2 != null && creationDate2.after(creationDate)) {
            i = 1;
            alias = alias2;
        }
        LinkedHashMap linkedHashMap = this.mCryptoHandlers;
        if (linkedHashMap.isEmpty() && !keyStore.containsAlias(alias)) {
            Contexts.debug("AppCenter", "Creating alias: " + alias);
            companion.generateKey(this.mCryptoFactory, alias, this.mContext);
        }
        Contexts.debug("AppCenter", "Using " + alias);
        linkedHashMap.put(companion.getAlgorithm(), new CryptoHandlerEntry(i, companion));
    }
}
