package com.twofours.surespot.identity;

import android.annotation.TargetApi;
import android.content.Context;
import android.content.SharedPreferences;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import com.google.android.gms.stats.CodePackage;
import com.twofours.surespot.SurespotLog;
import com.twofours.surespot.encryption.EncryptedBytesAndIv;
import com.twofours.surespot.encryption.KeyStoreEncryptionController;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.Iterator;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;

/* loaded from: classes.dex */
public class AndroidMKeystoreController {
    private static final int AUTHENTICATION_DURATION_SECONDS = 900;
    private static final String TAG = "AndroidMKeystoreController";

    public static void destroyMKeystore() {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            ArrayList arrayList = new ArrayList();
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                if (arrayList.contains(nextElement)) {
                    break;
                } else {
                    arrayList.add(nextElement);
                }
            }
            Iterator it2 = arrayList.iterator();
            while (it2.hasNext()) {
                keyStore.deleteEntry((String) it2.next());
            }
        } catch (Exception e) {
            SurespotLog.d(TAG, "Error destroying keystore: " + e.getMessage());
        }
    }

    @TargetApi(23)
    public static SecretKey getSecretKey(String str) throws NoSuchProviderException, NoSuchAlgorithmException, InvalidAlgorithmParameterException {
        if (!IdentityController.USE_PUBLIC_KEYSTORE_M.booleanValue()) {
            return null;
        }
        KeyGenParameterSpec build = new KeyGenParameterSpec.Builder(str, 3).setKeySize(256).setBlockModes(CodePackage.GCM).setEncryptionPaddings("NoPadding").setRandomizedEncryptionRequired(false).setUserAuthenticationRequired(false).build();
        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", "AndroidKeyStore");
        keyGenerator.init(build);
        return keyGenerator.generateKey();
    }

    public static String loadEncryptedPassword(Context context, String str, boolean z) throws InvalidKeyException {
        SharedPreferences sharedPreferences = context.getSharedPreferences(str, 0);
        String string = sharedPreferences.getString("encrypt_pass", null);
        String string2 = sharedPreferences.getString("encrypt_iv", null);
        if (string == null || string2 == null) {
            return null;
        }
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            if (keyStore.containsAlias(str)) {
                byte[] simpleDecrypt = KeyStoreEncryptionController.simpleDecrypt(((KeyStore.SecretKeyEntry) keyStore.getEntry(str, null)).getSecretKey(), Base64.decode(string, 2), Base64.decode(string2, 2));
                if (simpleDecrypt != null) {
                    return new String(simpleDecrypt, "UTF8");
                }
            } else if (z) {
                throw new InvalidKeyException();
            }
        } catch (Exception e) {
            SurespotLog.d(TAG, "Error loading encrypted password: " + e.getMessage());
        }
        return null;
    }

    public static void saveEncryptedPassword(Context context, String str, String str2) throws InvalidKeyException {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            EncryptedBytesAndIv simpleEncrypt = KeyStoreEncryptionController.simpleEncrypt(!keyStore.containsAlias(str) ? getSecretKey(str) : ((KeyStore.SecretKeyEntry) keyStore.getEntry(str, null)).getSecretKey(), str2);
            if (simpleEncrypt == null) {
                SurespotLog.d(TAG, "Unable to save encrypted password to keystore - encryption failed");
                return;
            }
            String encodeToString = Base64.encodeToString(simpleEncrypt.mEncrypted, 2);
            String encodeToString2 = Base64.encodeToString(simpleEncrypt.mIv, 2);
            SharedPreferences.Editor edit = context.getSharedPreferences(str, 0).edit();
            edit.putString("encrypt_pass", encodeToString);
            edit.putString("encrypt_iv", encodeToString2);
            edit.apply();
        } catch (Exception e) {
            SurespotLog.d(TAG, "Error saving encrypted password: " + e.getMessage());
        }
    }
}
