package d.d.c.c.c;

import android.annotation.TargetApi;
import android.content.Context;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import d.d.c.c.c.i;
import f.a0;
import f.q0.t;
import f.x;
import java.math.BigInteger;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.RSAKeyGenParameterSpec;
import java.util.Calendar;
import java.util.Date;
import java.util.UUID;
import java.util.concurrent.CountDownLatch;
import java.util.concurrent.Executor;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.locks.ReentrantLock;
import java.util.concurrent.locks.ReentrantReadWriteLock;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes2.dex */
public final class a implements i {
    private final ReentrantReadWriteLock a;
    private final Context b;

    /* renamed from: c, reason: collision with root package name */
    private final Date f12681c;

    /* renamed from: d, reason: collision with root package name */
    private final Date f12682d;

    /* renamed from: e, reason: collision with root package name */
    private CountDownLatch f12683e;

    /* renamed from: f, reason: collision with root package name */
    private KeyStore f12684f;

    /* renamed from: g, reason: collision with root package name */
    private Cipher f12685g;

    /* renamed from: h, reason: collision with root package name */
    private final ReentrantLock f12686h;

    /* renamed from: i, reason: collision with root package name */
    private final l f12687i;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: d.d.c.c.c.a$a, reason: collision with other inner class name */
    /* loaded from: classes2.dex */
    public static final class C0274a extends f.j0.d.n implements f.j0.c.a<a0> {

        /* renamed from: d, reason: collision with root package name */
        public static final C0274a f12688d = new C0274a();

        C0274a() {
            super(0);
        }

        public final void a() {
        }

        @Override // f.j0.c.a
        public /* bridge */ /* synthetic */ a0 c() {
            a();
            return a0.a;
        }
    }

    /* loaded from: classes.dex */
    static final class b implements Runnable {

        /* renamed from: e, reason: collision with root package name */
        final /* synthetic */ f.j0.c.l f12690e;

        /* renamed from: f, reason: collision with root package name */
        final /* synthetic */ f.j0.c.a f12691f;

        b(f.j0.c.l lVar, f.j0.c.a aVar) {
            this.f12690e = lVar;
            this.f12691f = aVar;
        }

        @Override // java.lang.Runnable
        public final void run() {
            a.this.q(this.f12690e, this.f12691f);
        }
    }

    public a(Context context, Executor executor, f.j0.c.l<? super Exception, a0> lVar, l lVar2, f.j0.c.a<a0> aVar) {
        f.j0.d.m.c(context, "context");
        f.j0.d.m.c(executor, "initExecutor");
        f.j0.d.m.c(lVar, "exceptionHandler");
        f.j0.d.m.c(lVar2, "keyStorage");
        f.j0.d.m.c(aVar, "masterKeyCreationCallback");
        this.f12687i = lVar2;
        this.a = new ReentrantReadWriteLock();
        this.b = context.getApplicationContext();
        this.f12683e = new CountDownLatch(1);
        this.f12686h = new ReentrantLock();
        Calendar calendar = Calendar.getInstance();
        f.j0.d.m.b(calendar, "calendar");
        Date time = calendar.getTime();
        f.j0.d.m.b(time, "calendar.time");
        this.f12681c = time;
        calendar.add(1, 30);
        Date time2 = calendar.getTime();
        f.j0.d.m.b(time2, "calendar.time");
        this.f12682d = time2;
        executor.execute(new b(lVar, aVar));
    }

    public /* synthetic */ a(Context context, Executor executor, f.j0.c.l lVar, l lVar2, f.j0.c.a aVar, int i2, f.j0.d.i iVar) {
        this(context, executor, lVar, lVar2, (i2 & 16) != 0 ? C0274a.f12688d : aVar);
    }

    private final void e() {
        if (this.f12683e.getCount() > 0) {
            throw new h("Manager is not initialized");
        }
        if (!p()) {
            throw new h("Cannot perform operations without master key");
        }
    }

    private final byte[] f(String str) {
        String F;
        byte[] b2;
        String uuid = UUID.randomUUID().toString();
        f.j0.d.m.b(uuid, "UUID.randomUUID().toString()");
        if (uuid == null) {
            throw new x("null cannot be cast to non-null type java.lang.String");
        }
        String lowerCase = uuid.toLowerCase();
        f.j0.d.m.b(lowerCase, "(this as java.lang.String).toLowerCase()");
        F = t.F(lowerCase, "-", "", false, 4, null);
        if (F == null) {
            throw new x("null cannot be cast to non-null type java.lang.String");
        }
        char[] charArray = F.toCharArray();
        f.j0.d.m.b(charArray, "(this as java.lang.String).toCharArray()");
        UUID randomUUID = UUID.randomUUID();
        f.j0.d.m.b(randomUUID, "UUID.randomUUID()");
        b2 = j.b(randomUUID);
        try {
            SecretKey generateSecret = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1").generateSecret(new PBEKeySpec(charArray, b2, 10000, 256));
            f.j0.d.m.b(generateSecret, "skf.generateSecret(spec)");
            byte[] encoded = generateSecret.getEncoded();
            f.j0.d.m.b(encoded, "generatedKey");
            this.f12687i.a(str, n(encoded));
            k.a(encoded);
            return encoded;
        } catch (Exception e2) {
            throw new h("Failed to generate key", e2);
        }
    }

    private final void g() {
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
            keyPairGenerator.initialize(h());
            keyPairGenerator.generateKeyPair();
        } catch (Exception e2) {
            throw new h("Failed to generate master key", e2);
        }
    }

    private final AlgorithmParameterSpec h() {
        return Build.VERSION.SDK_INT >= 23 ? i() : j();
    }

    @TargetApi(23)
    private final AlgorithmParameterSpec i() {
        KeyGenParameterSpec build = new KeyGenParameterSpec.Builder("ALIAS_MASTER_KEY", 3).setKeySize(2048).setEncryptionPaddings("PKCS1Padding").setAlgorithmParameterSpec(new RSAKeyGenParameterSpec(2048, RSAKeyGenParameterSpec.F4)).setCertificateSubject(new X500Principal("CN=ALIAS_MASTER_KEY")).setCertificateSerialNumber(BigInteger.valueOf(Math.abs(1301899345))).build();
        f.j0.d.m.b(build, "KeyGenParameterSpec.Buil…()))\n            .build()");
        return build;
    }

    private final AlgorithmParameterSpec j() {
        KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(this.b).setAlias("ALIAS_MASTER_KEY").setAlgorithmParameterSpec(new RSAKeyGenParameterSpec(2048, RSAKeyGenParameterSpec.F4)).setKeySize(2048).setSubject(new X500Principal("CN=ALIAS_MASTER_KEY")).setSerialNumber(BigInteger.valueOf(Math.abs(1301899345))).setStartDate(this.f12681c).setEndDate(this.f12682d).build();
        f.j0.d.m.b(build, "KeyPairGeneratorSpec.Bui…ate)\n            .build()");
        return build;
    }

    private final byte[] k(byte[] bArr, i.a aVar) {
        try {
            ReentrantLock reentrantLock = this.f12686h;
            reentrantLock.lock();
            try {
                SecretKeySpec secretKeySpec = new SecretKeySpec(bArr, "AES");
                Cipher cipher = this.f12685g;
                if (cipher == null) {
                    f.j0.d.m.k("aesCipher");
                    throw null;
                }
                cipher.init(2, secretKeySpec, new IvParameterSpec(aVar.b()));
                Cipher cipher2 = this.f12685g;
                if (cipher2 == null) {
                    f.j0.d.m.k("aesCipher");
                    throw null;
                }
                byte[] doFinal = cipher2.doFinal(aVar.a());
                f.j0.d.m.b(doFinal, "aesCipher.doFinal(data.data)");
                reentrantLock.unlock();
                f.j0.d.m.b(doFinal, "cipherLock.withLock {\n  …(data.data)\n            }");
                return doFinal;
            } catch (Throwable th) {
                reentrantLock.unlock();
                throw th;
            }
        } catch (Exception e2) {
            throw new h("Failed to decrypt with aes key", e2);
        }
    }

    private final byte[] l(byte[] bArr) {
        try {
            Cipher cipher = Cipher.getInstance("RSA/NONE/PKCS1Padding");
            KeyStore keyStore = this.f12684f;
            if (keyStore == null) {
                f.j0.d.m.k("keyStore");
                throw null;
            }
            cipher.init(2, keyStore.getKey("ALIAS_MASTER_KEY", null));
            byte[] doFinal = cipher.doFinal(bArr);
            f.j0.d.m.b(doFinal, "cipher.doFinal(data)");
            return doFinal;
        } catch (Exception e2) {
            throw new h("Failed to decrypt with master key", e2);
        }
    }

    private final i.a m(byte[] bArr, byte[] bArr2) {
        try {
            SecretKeySpec secretKeySpec = new SecretKeySpec(bArr, "AES");
            ReentrantLock reentrantLock = this.f12686h;
            reentrantLock.lock();
            try {
                Cipher cipher = this.f12685g;
                if (cipher == null) {
                    f.j0.d.m.k("aesCipher");
                    throw null;
                }
                cipher.init(1, secretKeySpec);
                Cipher cipher2 = this.f12685g;
                if (cipher2 == null) {
                    f.j0.d.m.k("aesCipher");
                    throw null;
                }
                byte[] doFinal = cipher2.doFinal(bArr2);
                f.j0.d.m.b(doFinal, "encrypted");
                Cipher cipher3 = this.f12685g;
                if (cipher3 == null) {
                    f.j0.d.m.k("aesCipher");
                    throw null;
                }
                byte[] iv = cipher3.getIV();
                f.j0.d.m.b(iv, "aesCipher.iv");
                return new i.a(doFinal, iv);
            } finally {
                reentrantLock.unlock();
            }
        } catch (Exception e2) {
            throw new h("Failed to encrypt with raw aes key", e2);
        }
    }

    private final byte[] n(byte[] bArr) {
        try {
            Cipher cipher = Cipher.getInstance("RSA/NONE/PKCS1Padding");
            KeyStore keyStore = this.f12684f;
            if (keyStore == null) {
                f.j0.d.m.k("keyStore");
                throw null;
            }
            Certificate certificate = keyStore.getCertificate("ALIAS_MASTER_KEY");
            f.j0.d.m.b(certificate, "keyStore.getCertificate(MASTER_KEY_ALIAS)");
            cipher.init(1, certificate.getPublicKey());
            byte[] doFinal = cipher.doFinal(bArr);
            f.j0.d.m.b(doFinal, "cipher.doFinal(data)");
            return doFinal;
        } catch (Exception e2) {
            throw new h("Failed to encrypt with master key", e2);
        }
    }

    private final byte[] o(String str) {
        byte[] b2 = this.f12687i.b(str);
        if (b2 != null) {
            byte[] l2 = l(b2);
            k.a(l2);
            return l2;
        }
        d.d.e.a.e("No key with alias " + str);
        return null;
    }

    private final boolean p() {
        boolean z = true;
        try {
            KeyStore keyStore = this.f12684f;
            if (keyStore == null) {
                f.j0.d.m.k("keyStore");
                throw null;
            }
            if (keyStore.getKey("ALIAS_MASTER_KEY", null) == null) {
                z = false;
            }
            return z;
        } catch (Exception e2) {
            d.d.e.a.j(e2, "Failed to retrieve master key");
            return false;
        }
    }

    @Override // d.d.c.c.c.i
    public boolean a(long j2) {
        return this.f12683e.await(j2, TimeUnit.MILLISECONDS);
    }

    @Override // d.d.c.c.c.i
    public void b(String str) {
        f.j0.d.m.c(str, "keyAlias");
        this.f12687i.a(str, null);
    }

    @Override // d.d.c.c.c.i
    public byte[] c(String str, i.a aVar) {
        f.j0.d.m.c(str, "keyAlias");
        f.j0.d.m.c(aVar, "data");
        ReentrantReadWriteLock.ReadLock readLock = this.a.readLock();
        readLock.lock();
        try {
            e();
            a0 a0Var = a0.a;
            readLock.unlock();
            byte[] o = o(str);
            if (o != null) {
                return k(o, aVar);
            }
            throw new h("No key with alias " + str);
        } catch (Throwable th) {
            readLock.unlock();
            throw th;
        }
    }

    @Override // d.d.c.c.c.i
    public i.a d(String str, byte[] bArr) {
        f.j0.d.m.c(str, "keyAlias");
        f.j0.d.m.c(bArr, "data");
        ReentrantReadWriteLock.ReadLock readLock = this.a.readLock();
        readLock.lock();
        try {
            e();
            a0 a0Var = a0.a;
            readLock.unlock();
            byte[] o = o(str);
            if (o == null) {
                o = f(str);
            }
            return m(o, bArr);
        } catch (Throwable th) {
            readLock.unlock();
            throw th;
        }
    }

    public final void q(f.j0.c.l<? super Exception, a0> lVar, f.j0.c.a<a0> aVar) throws h {
        CountDownLatch countDownLatch;
        KeyStore keyStore;
        f.j0.d.m.c(lVar, "exceptionHandler");
        f.j0.d.m.c(aVar, "masterKeyCreationCallback");
        ReentrantReadWriteLock reentrantReadWriteLock = this.a;
        ReentrantReadWriteLock.ReadLock readLock = reentrantReadWriteLock.readLock();
        int i2 = 0;
        int readHoldCount = reentrantReadWriteLock.getWriteHoldCount() == 0 ? reentrantReadWriteLock.getReadHoldCount() : 0;
        for (int i3 = 0; i3 < readHoldCount; i3++) {
            readLock.unlock();
        }
        ReentrantReadWriteLock.WriteLock writeLock = reentrantReadWriteLock.writeLock();
        writeLock.lock();
        try {
            try {
                if (this.f12683e.getCount() == 0) {
                    return;
                }
                try {
                    keyStore = KeyStore.getInstance("AndroidKeyStore");
                    f.j0.d.m.b(keyStore, "KeyStore.getInstance(\"AndroidKeyStore\")");
                    this.f12684f = keyStore;
                } catch (Exception e2) {
                    lVar.invoke(new h("Failed to run init", e2));
                    countDownLatch = this.f12683e;
                }
                if (keyStore == null) {
                    f.j0.d.m.k("keyStore");
                    throw null;
                }
                keyStore.load(null);
                Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
                f.j0.d.m.b(cipher, "Cipher.getInstance(AES_CIPHER_SUIT)");
                this.f12685g = cipher;
                if (!p()) {
                    g();
                    aVar.c();
                }
                countDownLatch = this.f12683e;
                countDownLatch.countDown();
                a0 a0Var = a0.a;
                while (i2 < readHoldCount) {
                    readLock.lock();
                    i2++;
                }
                writeLock.unlock();
            } catch (Throwable th) {
                this.f12683e.countDown();
                throw th;
            }
        } finally {
            while (i2 < readHoldCount) {
                readLock.lock();
                i2++;
            }
            writeLock.unlock();
        }
    }
}
