package defpackage;

import android.annotation.TargetApi;
import android.content.Context;
import android.util.Base64;
import com.fasterxml.jackson.databind.annotation.JsonPOJOBuilder;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.lang.reflect.Constructor;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.math.BigInteger;
import java.security.DigestException;
import java.security.GeneralSecurityException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SecureRandom;
import java.security.UnrecoverableEntryException;
import java.security.cert.CertificateException;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.InvalidKeySpecException;
import java.util.Calendar;
import java.util.Date;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.Mac;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes2.dex */
public class jm2 {
    public static final Object a = new Object();
    public static String b;
    public static SecretKey c;
    public static SecretKey d;
    public static SecretKey e;
    public final SecureRandom f = new SecureRandom();
    public KeyPair g;
    public Context h;

    public jm2(Context context) throws NoSuchAlgorithmException, NoSuchPaddingException {
        this.h = context;
    }

    public static byte[] g(File file) throws IOException {
        dm2.g("StorageHelper", "Reading key data from a file");
        FileInputStream fileInputStream = new FileInputStream(file);
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            byte[] bArr = new byte[1024];
            while (true) {
                int read = fileInputStream.read(bArr);
                if (read == -1) {
                    return byteArrayOutputStream.toByteArray();
                }
                byteArrayOutputStream.write(bArr, 0, read);
            }
        } finally {
            fileInputStream.close();
        }
    }

    public String a(String str) throws NoSuchAlgorithmException, InvalidKeySpecException, NoSuchPaddingException, KeyStoreException, CertificateException, NoSuchProviderException, InvalidAlgorithmParameterException, UnrecoverableEntryException, IOException, InvalidKeyException, DigestException, IllegalBlockSizeException, BadPaddingException {
        dm2.g("StorageHelper", "Starting decryption");
        if (km2.a(str)) {
            throw new IllegalArgumentException("Input is empty or null");
        }
        int charAt = str.charAt(0) - 'a';
        if (charAt <= 0) {
            throw new IllegalArgumentException(String.format("Encode version length: '%s' is not valid, it must be greater of equal to 0", Integer.valueOf(charAt)));
        }
        int i = charAt + 1;
        if (!str.substring(1, i).equals("E1")) {
            throw new IllegalArgumentException(String.format("Encode version received was: '%s', Encode version supported is: '%s'", str, "E1"));
        }
        byte[] decode = Base64.decode(str.substring(i), 0);
        String str2 = new String(decode, 0, 4, "UTF_8");
        if (str2.equals("U001")) {
            throw new IllegalArgumentException("rawBytes");
        }
        if (str2.equals("A001")) {
            try {
                SecretKey f = f();
                SecretKey e2 = e(f);
                int length = (decode.length - 16) - 32;
                int length2 = decode.length - 32;
                int i2 = length - 4;
                if (length < 0 || length2 < 0 || i2 < 0) {
                    throw new IllegalArgumentException("Given value is smaller than the IV vector and MAC length");
                }
                Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
                Mac mac = Mac.getInstance("HmacSHA256");
                mac.init(e2);
                mac.update(decode, 0, length2);
                byte[] doFinal = mac.doFinal();
                int length3 = decode.length;
                if (doFinal.length != length3 - length2) {
                    throw new IllegalArgumentException("Unexpected MAC length");
                }
                byte b2 = 0;
                for (int i3 = length2; i3 < length3; i3++) {
                    b2 = (byte) (b2 | (doFinal[i3 - length2] ^ decode[i3]));
                }
                if (b2 != 0) {
                    throw new DigestException();
                }
                cipher.init(2, f, new IvParameterSpec(decode, length, 16));
                String str3 = new String(cipher.doFinal(decode, 4, i2), "UTF_8");
                dm2.g("StorageHelper", "Finished decryption");
                return str3;
            } catch (Exception e3) {
                dm2.d("StorageHelper", "Failed to get private key from AndroidKeyStore", "", tk2.ANDROIDKEYSTORE_FAILED, e3);
            }
        }
        throw new IllegalArgumentException("keyVersion");
    }

    public String b(String str) throws NoSuchAlgorithmException, InvalidKeySpecException, InvalidKeyException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException, IOException, NoSuchPaddingException {
        dm2.g("StorageHelper", "Starting encryption");
        if (km2.a(str)) {
            throw new IllegalArgumentException("Input is empty or null");
        }
        if (c == null || d == null) {
            synchronized (a) {
                try {
                    SecretKey f = f();
                    c = f;
                    d = e(f);
                    b = "A001";
                } catch (Exception e2) {
                    dm2.d("StorageHelper", "Failed to get private key from AndroidKeyStore", "", tk2.ANDROIDKEYSTORE_FAILED, e2);
                    dm2.g("StorageHelper", "Encryption will use secret key from Settings");
                    throw new IllegalArgumentException("rawBytes");
                }
            }
        }
        StringBuilder W = xt.W("Encrypt version:");
        W.append(b);
        dm2.g("StorageHelper", W.toString());
        byte[] bytes = b.getBytes("UTF_8");
        byte[] bytes2 = str.getBytes("UTF_8");
        byte[] bArr = new byte[16];
        this.f.nextBytes(bArr);
        IvParameterSpec ivParameterSpec = new IvParameterSpec(bArr);
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
        Mac mac = Mac.getInstance("HmacSHA256");
        cipher.init(1, c, ivParameterSpec);
        byte[] doFinal = cipher.doFinal(bytes2);
        mac.init(d);
        mac.update(bytes);
        mac.update(doFinal);
        mac.update(bArr);
        byte[] doFinal2 = mac.doFinal();
        byte[] bArr2 = new byte[bytes.length + doFinal.length + 16 + doFinal2.length];
        System.arraycopy(bytes, 0, bArr2, 0, bytes.length);
        System.arraycopy(doFinal, 0, bArr2, bytes.length, doFinal.length);
        System.arraycopy(bArr, 0, bArr2, bytes.length + doFinal.length, 16);
        System.arraycopy(doFinal2, 0, bArr2, bytes.length + doFinal.length + 16, doFinal2.length);
        String str2 = new String(Base64.encode(bArr2, 2), "UTF_8");
        dm2.g("StorageHelper", "Finished encryption");
        return ((char) 99) + "E1" + str2;
    }

    @TargetApi(18)
    public final synchronized KeyPair c() throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException, NoSuchProviderException, InvalidAlgorithmParameterException, UnrecoverableEntryException {
        KeyStore.PrivateKeyEntry privateKeyEntry;
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null);
        if (keyStore.containsAlias("AdalKey")) {
            dm2.g("StorageHelper", "Key entry is available");
        } else {
            dm2.g("StorageHelper", "Key entry is not available");
            Calendar calendar = Calendar.getInstance();
            Calendar calendar2 = Calendar.getInstance();
            calendar2.add(1, 100);
            String format = String.format("CN=%s, OU=%s", "AdalKey", this.h.getPackageName());
            AlgorithmParameterSpec algorithmParameterSpec = (AlgorithmParameterSpec) d(new X500Principal(format), calendar.getTime(), calendar2.getTime());
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
            keyPairGenerator.initialize(algorithmParameterSpec);
            keyPairGenerator.generateKeyPair();
            dm2.g("StorageHelper", "Key entry is generated for cert " + format);
        }
        dm2.g("StorageHelper", "Reading Key entry");
        privateKeyEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry("AdalKey", null);
        return new KeyPair(privateKeyEntry.getCertificate().getPublicKey(), privateKeyEntry.getPrivateKey());
    }

    @TargetApi(18)
    public final Object d(X500Principal x500Principal, Date date, Date date2) {
        try {
            Class<?> cls = Class.forName("android.security.KeyPairGeneratorSpec$Builder");
            Constructor<?> declaredConstructor = cls.getDeclaredConstructor(Context.class);
            declaredConstructor.setAccessible(true);
            Object[] objArr = new Object[1];
            try {
                objArr[0] = this.h;
                Object newInstance = declaredConstructor.newInstance(objArr);
                Method declaredMethod = cls.getDeclaredMethod("setAlias", String.class);
                Method declaredMethod2 = cls.getDeclaredMethod("setSubject", X500Principal.class);
                Method declaredMethod3 = cls.getDeclaredMethod("setSerialNumber", BigInteger.class);
                Method declaredMethod4 = cls.getDeclaredMethod("setStartDate", Date.class);
                return cls.getDeclaredMethod(JsonPOJOBuilder.DEFAULT_BUILD_METHOD, new Class[0]).invoke(cls.getDeclaredMethod("setEndDate", Date.class).invoke(declaredMethod4.invoke(declaredMethod3.invoke(declaredMethod2.invoke(declaredMethod.invoke(newInstance, "AdalKey"), x500Principal), BigInteger.ONE), date), date2), new Object[0]);
            } catch (ClassNotFoundException e2) {
                e = e2;
                dm2.d("StorageHelper", "android.security.KeyPairGeneratorSpec.Builder is not found", "", tk2.ANDROIDKEYSTORE_KEYPAIR_GENERATOR_FAILED, e);
                return null;
            } catch (IllegalAccessException e3) {
                e = e3;
                dm2.d("StorageHelper", "android.security.KeyPairGeneratorSpec.Builder is not accessible", "", tk2.ANDROIDKEYSTORE_KEYPAIR_GENERATOR_FAILED, e);
                return null;
            } catch (IllegalArgumentException e4) {
                e = e4;
                dm2.d("StorageHelper", "android.security.KeyPairGeneratorSpec.Builder argument is not valid", "", tk2.ANDROIDKEYSTORE_KEYPAIR_GENERATOR_FAILED, e);
                return null;
            } catch (InstantiationException e5) {
                e = e5;
                dm2.d("StorageHelper", "android.security.KeyPairGeneratorSpec.Builder is not instantiated", "", tk2.ANDROIDKEYSTORE_KEYPAIR_GENERATOR_FAILED, e);
                return null;
            } catch (NoSuchMethodException e6) {
                e = e6;
                dm2.d("StorageHelper", "android.security.KeyPairGeneratorSpec.Builder is not found", "", tk2.ANDROIDKEYSTORE_KEYPAIR_GENERATOR_FAILED, e);
                return null;
            } catch (InvocationTargetException e7) {
                e = e7;
                dm2.d("StorageHelper", "android.security.KeyPairGeneratorSpec.Builder's method invoke failed", "", tk2.ANDROIDKEYSTORE_KEYPAIR_GENERATOR_FAILED, e);
                return null;
            }
        } catch (ClassNotFoundException e8) {
            e = e8;
        } catch (IllegalAccessException e9) {
            e = e9;
        } catch (IllegalArgumentException e10) {
            e = e10;
        } catch (InstantiationException e11) {
            e = e11;
        } catch (NoSuchMethodException e12) {
            e = e12;
        } catch (InvocationTargetException e13) {
            e = e13;
        }
    }

    public final SecretKey e(SecretKey secretKey) throws NoSuchAlgorithmException {
        byte[] encoded = secretKey.getEncoded();
        return encoded != null ? new SecretKeySpec(MessageDigest.getInstance("SHA256").digest(encoded), "AES") : secretKey;
    }

    @TargetApi(18)
    public final synchronized SecretKey f() throws IOException, GeneralSecurityException {
        SecretKey secretKey = e;
        if (secretKey != null) {
            return secretKey;
        }
        Context context = this.h;
        File file = new File(context.getDir(context.getPackageName(), 0), "adalks");
        if (this.g == null) {
            this.g = c();
            dm2.g("StorageHelper", "Retrived keypair from androidKeyStore");
        }
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
        if (!file.exists()) {
            dm2.g("StorageHelper", "Key file does not exists");
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
            keyGenerator.init(256, this.f);
            SecretKey generateKey = keyGenerator.generateKey();
            dm2.g("StorageHelper", "Wrapping SecretKey");
            cipher.init(3, this.g.getPublic());
            byte[] wrap = cipher.wrap(generateKey);
            dm2.g("StorageHelper", "Writing SecretKey");
            dm2.g("StorageHelper", "Writing key data to a file");
            FileOutputStream fileOutputStream = new FileOutputStream(file);
            try {
                fileOutputStream.write(wrap);
                fileOutputStream.close();
                dm2.g("StorageHelper", "Finished writing SecretKey");
            } catch (Throwable th) {
                fileOutputStream.close();
                throw th;
            }
        }
        dm2.g("StorageHelper", "Reading SecretKey");
        try {
            byte[] g = g(file);
            cipher.init(4, this.g.getPrivate());
            e = (SecretKey) cipher.unwrap(g, "AES", 3);
            dm2.g("StorageHelper", "Finished reading SecretKey");
        } catch (Exception unused) {
            dm2.c("StorageHelper", "Unwrap failed for AndroidKeyStore", "", tk2.ANDROIDKEYSTORE_FAILED);
            this.g = null;
            e = null;
            Context context2 = this.h;
            File file2 = new File(context2.getDir(context2.getPackageName(), 0), "adalks");
            if (file2.exists()) {
                dm2.g("StorageHelper", "Delete KeyFile");
                file2.delete();
            }
            synchronized (this) {
                KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
                keyStore.load(null);
                keyStore.deleteEntry("AdalKey");
                dm2.g("StorageHelper", "Removed previous key pair info.");
            }
        }
        return e;
    }
}
