package ru.yandex.money.utils.secure;

import com.yandex.money.api.util.logging.Log;
import java.security.KeyException;
import java.security.KeyStoreException;
import java.util.Arrays;
import ru.yandex.money.App;
import ru.yandex.money.sharedpreferences.ByteArrayPrefField;
import ru.yandex.money.sharedpreferences.SharedPreferencesHelper;
import ru.yandex.money.utils.Arrays2;
import ru.yandex.money.utils.Ciphers;
import ru.yandex.money.utils.logging.Tag;

/* loaded from: classes8.dex */
final class CryptographerImpl implements Cryptographer {
    static final CryptographerImpl INSTANCE = new CryptographerImpl();
    static final int KEY_LENGTH = 32;
    private byte[] initVector0;
    private byte[] masterKey;
    private final Storage storage = new Storage();

    /* loaded from: classes8.dex */
    private static final class Storage extends SharedPreferencesHelper {
        private final ByteArrayPrefField initVector0;

        Storage() {
            super(App.getInstance().getSharedPreferences("secure.v3", 0));
            this.initVector0 = byteArrayField("initVector0", null);
        }

        byte[] getInitVector0() {
            return this.initVector0.get();
        }

        void putInitVector0(byte[] bArr) {
            this.initVector0.put(bArr);
        }
    }

    private CryptographerImpl() {
    }

    private static byte[] check(byte[] bArr) {
        byte[] masterKey = masterKey(bArr);
        if (Arrays.equals(Ciphers.sha256(masterKey), Arrays.copyOfRange(bArr, 32, bArr.length))) {
            return masterKey;
        }
        return null;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static byte[] initVector() {
        return SecureGenerator.randomBytes(16);
    }

    private static byte[] masterData(byte[] bArr) {
        return Arrays2.concat(bArr, Ciphers.sha256(bArr));
    }

    private static byte[] masterKey() {
        return SecureGenerator.randomBytes(32);
    }

    private static byte[] masterKey(byte[] bArr) {
        return Arrays.copyOf(bArr, 32);
    }

    private static byte[] restoreMasterData(KeyRepository keyRepository) {
        try {
            return keyRepository.getKey();
        } catch (KeyException | KeyStoreException e) {
            Log.w(Tag.CREDENTIALS, "error restoring master data", e);
            return null;
        }
    }

    private void throwIfExpired() throws AuthorizationExpiredException {
        if (isExpired()) {
            throw new AuthorizationExpiredException();
        }
    }

    @Override // ru.yandex.money.utils.secure.Cryptographer
    public boolean check(KeyRepository keyRepository) {
        byte[] restoreMasterData = restoreMasterData(keyRepository);
        if (restoreMasterData == null) {
            return false;
        }
        this.initVector0 = this.storage.getInitVector0();
        this.masterKey = check(restoreMasterData);
        return !isExpired();
    }

    @Override // ru.yandex.money.utils.secure.Cryptographer
    public Cryptographer copy() {
        CryptographerImpl cryptographerImpl = new CryptographerImpl();
        cryptographerImpl.masterKey = this.masterKey;
        cryptographerImpl.initVector0 = this.initVector0;
        return cryptographerImpl;
    }

    @Override // ru.yandex.money.utils.secure.Cryptographer
    public byte[] decrypt(byte[] bArr) throws AuthorizationExpiredException {
        throwIfExpired();
        return Ciphers.aesCbcDecrypt(bArr, this.masterKey, this.initVector0);
    }

    @Override // ru.yandex.money.utils.secure.Cryptographer
    public byte[] encrypt(byte[] bArr) throws AuthorizationExpiredException {
        throwIfExpired();
        return Ciphers.aesCbcEncrypt(bArr, this.masterKey, this.initVector0);
    }

    @Override // ru.yandex.money.utils.secure.Cryptographer
    public boolean isExpired() {
        return this.masterKey == null || this.initVector0 == null;
    }

    @Override // ru.yandex.money.utils.secure.Cryptographer
    public boolean isStored() {
        return AccessCodeKeyRepository.containsKey();
    }

    @Override // ru.yandex.money.utils.secure.Cryptographer
    public void release() {
        this.masterKey = null;
        this.initVector0 = null;
    }

    @Override // ru.yandex.money.utils.secure.Cryptographer
    public void reset() {
        release();
        this.storage.clear();
    }

    @Override // ru.yandex.money.utils.secure.Cryptographer
    public void store(ExtraKeyRepository extraKeyRepository) throws AuthorizationExpiredException, KeyException, KeyStoreException {
        throwIfExpired();
        extraKeyRepository.store(masterData(this.masterKey));
    }

    @Override // ru.yandex.money.utils.secure.Cryptographer
    public void store(MainKeyRepository mainKeyRepository) throws KeyException, KeyStoreException {
        this.masterKey = masterKey();
        this.initVector0 = initVector();
        mainKeyRepository.store(masterData(this.masterKey));
        this.storage.putInitVector0(this.initVector0);
    }
}
