package com.vk.core.preference.crypto;

import android.content.Context;
import android.security.keystore.KeyGenParameterSpec;
import com.vk.core.preference.crypto.d;
import com.vk.log.L;
import io.appmetrica.analytics.AppMetricaDefaultValues;
import java.math.BigInteger;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.RSAKeyGenParameterSpec;
import java.util.Calendar;
import java.util.Date;
import java.util.Locale;
import java.util.UUID;
import java.util.concurrent.CountDownLatch;
import java.util.concurrent.Executor;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.locks.ReentrantLock;
import java.util.concurrent.locks.ReentrantReadWriteLock;
import javax.crypto.Cipher;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;
import kotlin.jvm.functions.Function0;
import kotlin.jvm.functions.Function1;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.jvm.internal.Lambda;
import kotlin.text.t;
import sp0.q;

/* loaded from: classes5.dex */
public final class AesEncryptionManager implements d {

    /* renamed from: j, reason: collision with root package name */
    public static final a f74232j = new a(null);

    /* renamed from: a, reason: collision with root package name */
    private final f f74233a;

    /* renamed from: b, reason: collision with root package name */
    private final ReentrantReadWriteLock f74234b;

    /* renamed from: c, reason: collision with root package name */
    private final Context f74235c;

    /* renamed from: d, reason: collision with root package name */
    private final Date f74236d;

    /* renamed from: e, reason: collision with root package name */
    private final Date f74237e;

    /* renamed from: f, reason: collision with root package name */
    private CountDownLatch f74238f;

    /* renamed from: g, reason: collision with root package name */
    private KeyStore f74239g;

    /* renamed from: h, reason: collision with root package name */
    private Cipher f74240h;

    /* renamed from: i, reason: collision with root package name */
    private final ReentrantLock f74241i;

    /* loaded from: classes5.dex */
    public static final class a {
        private a() {
        }

        public /* synthetic */ a(DefaultConstructorMarker defaultConstructorMarker) {
            this();
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes5.dex */
    public static final class sakcjss extends Lambda implements Function0<q> {
        public static final sakcjss C = new sakcjss();

        sakcjss() {
            super(0);
        }

        @Override // kotlin.jvm.functions.Function0
        public final /* bridge */ /* synthetic */ q invoke() {
            return q.f213232a;
        }
    }

    public AesEncryptionManager(Context context, Executor initExecutor, final Function1<? super Exception, q> exceptionHandler, f keyStorage, final Function0<q> masterKeyCreationCallback) {
        kotlin.jvm.internal.q.j(context, "context");
        kotlin.jvm.internal.q.j(initExecutor, "initExecutor");
        kotlin.jvm.internal.q.j(exceptionHandler, "exceptionHandler");
        kotlin.jvm.internal.q.j(keyStorage, "keyStorage");
        kotlin.jvm.internal.q.j(masterKeyCreationCallback, "masterKeyCreationCallback");
        this.f74233a = keyStorage;
        this.f74234b = new ReentrantReadWriteLock();
        this.f74235c = context.getApplicationContext();
        this.f74238f = new CountDownLatch(1);
        this.f74241i = new ReentrantLock();
        Calendar calendar = Calendar.getInstance();
        Date time = calendar.getTime();
        kotlin.jvm.internal.q.i(time, "getTime(...)");
        this.f74236d = time;
        calendar.add(1, 30);
        Date time2 = calendar.getTime();
        kotlin.jvm.internal.q.i(time2, "getTime(...)");
        this.f74237e = time2;
        initExecutor.execute(new Runnable() { // from class: com.vk.core.preference.crypto.a
            @Override // java.lang.Runnable
            public final void run() {
                AesEncryptionManager.h(AesEncryptionManager.this, exceptionHandler, masterKeyCreationCallback);
            }
        });
    }

    public /* synthetic */ AesEncryptionManager(Context context, Executor executor, Function1 function1, f fVar, Function0 function0, int i15, DefaultConstructorMarker defaultConstructorMarker) {
        this(context, executor, function1, fVar, (i15 & 16) != 0 ? sakcjss.C : function0);
    }

    private final void g() {
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
            keyPairGenerator.initialize(j());
            keyPairGenerator.generateKeyPair();
        } catch (Exception e15) {
            throw new EncryptionException("Failed to generate master key", e15);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static final void h(AesEncryptionManager this$0, Function1 exceptionHandler, Function0 masterKeyCreationCallback) {
        kotlin.jvm.internal.q.j(this$0, "this$0");
        kotlin.jvm.internal.q.j(exceptionHandler, "$exceptionHandler");
        kotlin.jvm.internal.q.j(masterKeyCreationCallback, "$masterKeyCreationCallback");
        this$0.f(exceptionHandler, masterKeyCreationCallback);
    }

    private final byte[] i(String str) {
        byte[] bArr = this.f74233a.get(str);
        if (bArr == null) {
            L.n("No key with alias " + str);
            return null;
        }
        try {
            Cipher cipher = Cipher.getInstance("RSA/NONE/PKCS1Padding");
            KeyStore keyStore = this.f74239g;
            if (keyStore == null) {
                kotlin.jvm.internal.q.B("keyStore");
                keyStore = null;
            }
            cipher.init(2, keyStore.getKey("ALIAS_MASTER_KEY", null));
            byte[] encodedKey = cipher.doFinal(bArr);
            kotlin.jvm.internal.q.g(encodedKey);
            kotlin.jvm.internal.q.j(encodedKey, "encodedKey");
            return encodedKey;
        } catch (Exception e15) {
            throw new EncryptionException("Failed to decrypt with master key", e15);
        }
    }

    private final AlgorithmParameterSpec j() {
        KeyGenParameterSpec build = new KeyGenParameterSpec.Builder("ALIAS_MASTER_KEY", 3).setKeySize(2048).setEncryptionPaddings("PKCS1Padding").setAlgorithmParameterSpec(new RSAKeyGenParameterSpec(2048, RSAKeyGenParameterSpec.F4)).setCertificateSubject(new X500Principal("CN=ALIAS_MASTER_KEY")).setCertificateSerialNumber(BigInteger.valueOf(Math.abs(1301899345))).build();
        kotlin.jvm.internal.q.i(build, "build(...)");
        return build;
    }

    private final boolean k() {
        try {
            KeyStore keyStore = this.f74239g;
            if (keyStore == null) {
                kotlin.jvm.internal.q.B("keyStore");
                keyStore = null;
            }
            return keyStore.getKey("ALIAS_MASTER_KEY", null) != null;
        } catch (Exception e15) {
            L.y(e15, "Failed to retrieve master key");
            return false;
        }
    }

    @Override // com.vk.core.preference.crypto.d
    public boolean a(long j15) {
        return this.f74238f.await(j15, TimeUnit.MILLISECONDS);
    }

    @Override // com.vk.core.preference.crypto.d
    public byte[] b(String keyAlias, d.a data) {
        kotlin.jvm.internal.q.j(keyAlias, "keyAlias");
        kotlin.jvm.internal.q.j(data, "data");
        ReentrantReadWriteLock.ReadLock readLock = this.f74234b.readLock();
        readLock.lock();
        try {
            if (this.f74238f.getCount() > 0) {
                throw new EncryptionException("Manager is not initialized");
            }
            if (!k()) {
                throw new EncryptionException("Cannot perform operations without master key");
            }
            q qVar = q.f213232a;
            readLock.unlock();
            byte[] i15 = i(keyAlias);
            if (i15 == null) {
                throw new EncryptionException("No key with alias " + keyAlias);
            }
            try {
                ReentrantLock reentrantLock = this.f74241i;
                reentrantLock.lock();
                try {
                    SecretKeySpec secretKeySpec = new SecretKeySpec(i15, "AES");
                    Cipher cipher = this.f74240h;
                    Cipher cipher2 = null;
                    if (cipher == null) {
                        kotlin.jvm.internal.q.B("aesCipher");
                        cipher = null;
                    }
                    cipher.init(2, secretKeySpec, new IvParameterSpec(data.b()));
                    Cipher cipher3 = this.f74240h;
                    if (cipher3 == null) {
                        kotlin.jvm.internal.q.B("aesCipher");
                    } else {
                        cipher2 = cipher3;
                    }
                    byte[] doFinal = cipher2.doFinal(data.a());
                    reentrantLock.unlock();
                    kotlin.jvm.internal.q.g(doFinal);
                    return doFinal;
                } catch (Throwable th5) {
                    reentrantLock.unlock();
                    throw th5;
                }
            } catch (Exception e15) {
                throw new EncryptionException("Failed to decrypt with aes key", e15);
            }
        } catch (Throwable th6) {
            readLock.unlock();
            throw th6;
        }
    }

    @Override // com.vk.core.preference.crypto.d
    public void c(String keyAlias) {
        kotlin.jvm.internal.q.j(keyAlias, "keyAlias");
        this.f74233a.a(keyAlias, null);
    }

    @Override // com.vk.core.preference.crypto.d
    public d.a d(String keyAlias, byte[] data) {
        String K;
        kotlin.jvm.internal.q.j(keyAlias, "keyAlias");
        kotlin.jvm.internal.q.j(data, "data");
        ReentrantReadWriteLock.ReadLock readLock = this.f74234b.readLock();
        readLock.lock();
        try {
            if (this.f74238f.getCount() > 0) {
                throw new EncryptionException("Manager is not initialized");
            }
            if (!k()) {
                throw new EncryptionException("Cannot perform operations without master key");
            }
            q qVar = q.f213232a;
            readLock.unlock();
            byte[] encodedKey = i(keyAlias);
            Cipher cipher = null;
            if (encodedKey == null) {
                String uuid = UUID.randomUUID().toString();
                kotlin.jvm.internal.q.i(uuid, "toString(...)");
                String lowerCase = uuid.toLowerCase(Locale.ROOT);
                kotlin.jvm.internal.q.i(lowerCase, "toLowerCase(...)");
                K = t.K(lowerCase, "-", "", false, 4, null);
                char[] charArray = K.toCharArray();
                kotlin.jvm.internal.q.i(charArray, "toCharArray(...)");
                UUID randomUUID = UUID.randomUUID();
                kotlin.jvm.internal.q.i(randomUUID, "randomUUID(...)");
                try {
                    encodedKey = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1").generateSecret(new PBEKeySpec(charArray, e.a(randomUUID), AppMetricaDefaultValues.DEFAULT_MAX_REPORTS_COUNT_UPPER_BOUND, 256)).getEncoded();
                    kotlin.jvm.internal.q.g(encodedKey);
                    try {
                        Cipher cipher2 = Cipher.getInstance("RSA/NONE/PKCS1Padding");
                        KeyStore keyStore = this.f74239g;
                        if (keyStore == null) {
                            kotlin.jvm.internal.q.B("keyStore");
                            keyStore = null;
                        }
                        cipher2.init(1, keyStore.getCertificate("ALIAS_MASTER_KEY").getPublicKey());
                        byte[] doFinal = cipher2.doFinal(encodedKey);
                        kotlin.jvm.internal.q.g(doFinal);
                        this.f74233a.a(keyAlias, doFinal);
                        kotlin.jvm.internal.q.j(encodedKey, "encodedKey");
                    } catch (Exception e15) {
                        throw new EncryptionException("Failed to encrypt with master key", e15);
                    }
                } catch (Exception e16) {
                    throw new EncryptionException("Failed to generate key", e16);
                }
            }
            try {
                SecretKeySpec secretKeySpec = new SecretKeySpec(encodedKey, "AES");
                ReentrantLock reentrantLock = this.f74241i;
                reentrantLock.lock();
                try {
                    Cipher cipher3 = this.f74240h;
                    if (cipher3 == null) {
                        kotlin.jvm.internal.q.B("aesCipher");
                        cipher3 = null;
                    }
                    cipher3.init(1, secretKeySpec);
                    Cipher cipher4 = this.f74240h;
                    if (cipher4 == null) {
                        kotlin.jvm.internal.q.B("aesCipher");
                        cipher4 = null;
                    }
                    byte[] doFinal2 = cipher4.doFinal(data);
                    kotlin.jvm.internal.q.g(doFinal2);
                    Cipher cipher5 = this.f74240h;
                    if (cipher5 == null) {
                        kotlin.jvm.internal.q.B("aesCipher");
                    } else {
                        cipher = cipher5;
                    }
                    byte[] iv5 = cipher.getIV();
                    kotlin.jvm.internal.q.i(iv5, "getIV(...)");
                    d.a aVar = new d.a(doFinal2, iv5);
                    reentrantLock.unlock();
                    return aVar;
                } catch (Throwable th5) {
                    reentrantLock.unlock();
                    throw th5;
                }
            } catch (Exception e17) {
                throw new EncryptionException("Failed to encrypt with raw aes key", e17);
            }
        } catch (Throwable th6) {
            readLock.unlock();
            throw th6;
        }
    }

    public final void f(Function1<? super Exception, q> exceptionHandler, Function0<q> masterKeyCreationCallback) {
        CountDownLatch countDownLatch;
        kotlin.jvm.internal.q.j(exceptionHandler, "exceptionHandler");
        kotlin.jvm.internal.q.j(masterKeyCreationCallback, "masterKeyCreationCallback");
        ReentrantReadWriteLock reentrantReadWriteLock = this.f74234b;
        ReentrantReadWriteLock.ReadLock readLock = reentrantReadWriteLock.readLock();
        int i15 = 0;
        int readHoldCount = reentrantReadWriteLock.getWriteHoldCount() == 0 ? reentrantReadWriteLock.getReadHoldCount() : 0;
        for (int i16 = 0; i16 < readHoldCount; i16++) {
            readLock.unlock();
        }
        ReentrantReadWriteLock.WriteLock writeLock = reentrantReadWriteLock.writeLock();
        writeLock.lock();
        try {
            if (this.f74238f.getCount() == 0) {
                return;
            }
            try {
                try {
                    KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
                    kotlin.jvm.internal.q.i(keyStore, "getInstance(...)");
                    this.f74239g = keyStore;
                    if (keyStore == null) {
                        kotlin.jvm.internal.q.B("keyStore");
                        keyStore = null;
                    }
                    keyStore.load(null);
                    Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
                    kotlin.jvm.internal.q.i(cipher, "getInstance(...)");
                    this.f74240h = cipher;
                    if (!k()) {
                        g();
                        masterKeyCreationCallback.invoke();
                    }
                    countDownLatch = this.f74238f;
                } catch (Exception e15) {
                    exceptionHandler.invoke(new EncryptionException("Failed to run init", e15));
                    countDownLatch = this.f74238f;
                }
                countDownLatch.countDown();
                q qVar = q.f213232a;
                while (i15 < readHoldCount) {
                    readLock.lock();
                    i15++;
                }
                writeLock.unlock();
            } catch (Throwable th5) {
                this.f74238f.countDown();
                throw th5;
            }
        } finally {
            while (i15 < readHoldCount) {
                readLock.lock();
                i15++;
            }
            writeLock.unlock();
        }
    }
}
