package defpackage;

import android.annotation.TargetApi;
import android.content.Context;
import android.content.SharedPreferences;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import defpackage.ami;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SecureRandom;
import java.security.UnrecoverableEntryException;
import java.security.cert.CertificateException;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Calendar;
import java.util.List;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.Mac;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.GCMParameterSpec;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes.dex */
public class ary {
    private static final String f = "UTF-8";
    private static final String n = "AES";
    private static final String o = "RSA";
    private static final String p = "ECB";
    private static final String q = "GCM";
    private static final String r = "CBC";
    private static final String s = "PKCS1Padding";
    private static final String t = "PKCS7Padding";
    private static final String u = "NoPadding";
    private static final String v = "HmacSHA256";
    private KeyStore B;
    private SecretKey C;
    private SecretKey D;
    private RSAPublicKey E;
    private RSAPrivateKey F;
    private boolean G;
    private Context H;
    SharedPreferences a;
    private final int b = 2048;
    private final int c = 256;
    private final int d = 256;
    private final int e = 128;
    private final String g = ami.a.a;
    private final String h = "AndroidOpenSSL";
    private final String i = "BC";
    private final String j = "sps_rsa_key";
    private final String k = "sps_aes_key";
    private final String l = "sps_mac_key";
    private final String m = "]";
    private final String w = "RSA/ECB/PKCS1Padding";
    private final String x = "AES/GCM/NoPadding";
    private final String y = "AES/CBC/PKCS7Padding";
    private final String z = v;
    private final String A = "sps_data_in_compat";

    /* loaded from: classes.dex */
    public static class a {
        byte[] a;
        byte[] b;
        byte[] c;

        public a() {
            this.a = null;
            this.b = null;
            this.c = null;
        }

        public a(byte[] bArr, byte[] bArr2, byte[] bArr3) {
            this.a = bArr;
            this.b = bArr2;
            this.c = bArr3;
        }

        public void a(byte[] bArr) {
            this.a = bArr;
        }

        public byte[] a() {
            return this.a;
        }

        public void b(byte[] bArr) {
            this.b = bArr;
        }

        public byte[] b() {
            return this.b;
        }

        public void c(byte[] bArr) {
            this.c = bArr;
        }

        public byte[] c() {
            return this.c;
        }

        byte[] d() {
            byte[] bArr = new byte[this.a.length + this.b.length];
            System.arraycopy(this.a, 0, bArr, 0, this.a.length);
            System.arraycopy(this.b, 0, bArr, this.a.length, this.b.length);
            return bArr;
        }
    }

    /* loaded from: classes.dex */
    public class b extends GeneralSecurityException {
        public b() {
            super("Invalid Mac, failed to verify integrity.");
        }
    }

    public ary(Context context, SharedPreferences sharedPreferences) throws IOException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, NoSuchProviderException, NoSuchPaddingException, CertificateException, KeyStoreException, UnrecoverableEntryException, InvalidKeyException, IllegalStateException {
        this.G = false;
        this.G = sharedPreferences.getBoolean(c("sps_data_in_compat"), Build.VERSION.SDK_INT < 23);
        this.H = context;
        this.a = sharedPreferences;
        b();
        try {
            a(context, sharedPreferences);
        } catch (Exception e) {
            throw e;
        }
    }

    public static String c(String str) throws NoSuchAlgorithmException, UnsupportedEncodingException {
        return c(MessageDigest.getInstance("SHA-256").digest(str.getBytes("UTF-8")));
    }

    static String c(byte[] bArr) {
        StringBuilder sb = new StringBuilder();
        for (byte b2 : bArr) {
            sb.append(String.format("%02X", Byte.valueOf(b2)));
        }
        return sb.toString();
    }

    public static String d(byte[] bArr) {
        return Base64.encodeToString(bArr, 2);
    }

    public static byte[] d(String str) {
        return Base64.decode(str, 2);
    }

    public a a(byte[] bArr) throws NoSuchPaddingException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, IOException, BadPaddingException, IllegalBlockSizeException, NoSuchProviderException, InvalidKeyException, KeyStoreException, UnrecoverableEntryException {
        try {
            return b(bArr);
        } catch (Exception e) {
            throw e;
        }
    }

    @TargetApi(19)
    a a(byte[] bArr, byte[] bArr2) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException, UnsupportedEncodingException {
        Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
        cipher.init(1, this.C, new GCMParameterSpec(128, bArr2));
        a aVar = new a();
        aVar.a = cipher.getIV();
        aVar.b = cipher.doFinal(bArr);
        return aVar;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String a(String str) throws InvalidKeyException, NoSuchAlgorithmException, NoSuchPaddingException, IOException, IllegalBlockSizeException, InvalidAlgorithmParameterException, NoSuchProviderException, BadPaddingException, KeyStoreException, UnrecoverableEntryException {
        if (str == null || str.length() <= 0) {
            return null;
        }
        return c(a(str.getBytes("UTF-8")));
    }

    List<String> a() {
        return Arrays.asList("sps_aes_key", "sps_rsa_key");
    }

    void a(Context context) throws NoSuchProviderException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, KeyStoreException {
        if (this.B.containsAlias("sps_rsa_key")) {
            return;
        }
        Calendar calendar = Calendar.getInstance();
        Calendar calendar2 = Calendar.getInstance();
        calendar2.add(1, 25);
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", ami.a.a);
        keyPairGenerator.initialize(Build.VERSION.SDK_INT >= 19 ? new KeyPairGeneratorSpec.Builder(context).setAlias("sps_rsa_key").setKeySize(2048).setKeyType("RSA").setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).setSerialNumber(BigInteger.ONE).setSubject(new X500Principal("CN = Secured Preference Store, O = Devliving Online")).build() : new KeyPairGeneratorSpec.Builder(context).setAlias("sps_rsa_key").setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).setSerialNumber(BigInteger.ONE).setSubject(new X500Principal("CN = Secured Preference Store, O = Devliving Online")).build());
        keyPairGenerator.generateKeyPair();
    }

    void a(Context context, SharedPreferences sharedPreferences) throws NoSuchPaddingException, InvalidKeyException, NoSuchAlgorithmException, KeyStoreException, UnrecoverableEntryException, NoSuchProviderException, InvalidAlgorithmParameterException, IOException {
        b(context, sharedPreferences);
        a(sharedPreferences);
    }

    void a(SharedPreferences sharedPreferences) throws KeyStoreException, UnrecoverableEntryException, NoSuchAlgorithmException, NoSuchPaddingException, NoSuchProviderException, InvalidKeyException, IOException {
        if (this.G) {
            this.C = d(sharedPreferences);
            this.D = e(sharedPreferences);
        } else if (this.B.containsAlias("sps_aes_key") && this.B.entryInstanceOf("sps_aes_key", KeyStore.SecretKeyEntry.class)) {
            this.C = ((KeyStore.SecretKeyEntry) this.B.getEntry("sps_aes_key", null)).getSecretKey();
        }
    }

    <T extends Exception> boolean a(T t2) {
        return (t2 instanceof KeyStoreException) || (t2 instanceof UnrecoverableEntryException) || (t2 instanceof InvalidKeyException) || (t2 instanceof IllegalStateException) || ((t2 instanceof IOException) && t2.getCause() != null && (t2.getCause() instanceof BadPaddingException));
    }

    public byte[] a(a aVar) throws NoSuchPaddingException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, KeyStoreException, UnrecoverableEntryException, NoSuchProviderException, InvalidKeyException, IOException, BadPaddingException, IllegalBlockSizeException, b {
        try {
            return b(aVar);
        } catch (Exception e) {
            throw e;
        }
    }

    public a b(byte[] bArr) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidKeyException, IOException, BadPaddingException, NoSuchProviderException, IllegalBlockSizeException, InvalidAlgorithmParameterException {
        if (bArr == null || bArr.length <= 0) {
            return null;
        }
        byte[] c = c();
        return this.G ? b(bArr, c) : a(bArr, c);
    }

    a b(byte[] bArr, byte[] bArr2) throws NoSuchPaddingException, NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException, UnsupportedEncodingException, InvalidAlgorithmParameterException {
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding", "BC");
        cipher.init(1, this.C, new IvParameterSpec(bArr2));
        a aVar = new a();
        aVar.a = cipher.getIV();
        aVar.b = cipher.doFinal(bArr);
        aVar.c = e(aVar.d());
        return aVar;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String b(String str) throws IOException, NoSuchPaddingException, InvalidKeyException, NoSuchAlgorithmException, IllegalBlockSizeException, BadPaddingException, b, NoSuchProviderException, InvalidAlgorithmParameterException, KeyStoreException, UnrecoverableEntryException {
        if (str == null || str.length() <= 0) {
            return null;
        }
        byte[] a2 = a(e(str));
        return new String(a2, 0, a2.length, "UTF-8");
    }

    void b() throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException {
        this.B = KeyStore.getInstance(ami.a.a);
        this.B.load(null);
    }

    void b(Context context, SharedPreferences sharedPreferences) throws KeyStoreException, NoSuchProviderException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, UnrecoverableEntryException, NoSuchPaddingException, InvalidKeyException, IOException {
        if (!this.G) {
            d();
            return;
        }
        a(context);
        e();
        b(sharedPreferences);
        c(sharedPreferences);
    }

    boolean b(SharedPreferences sharedPreferences) throws IOException, NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, KeyStoreException, NoSuchProviderException, UnrecoverableEntryException {
        String c = c("sps_aes_key");
        if (sharedPreferences.contains(c)) {
            return false;
        }
        KeyGenerator keyGenerator = KeyGenerator.getInstance(n);
        keyGenerator.init(256);
        boolean commit = sharedPreferences.edit().putString(c, d(f(keyGenerator.generateKey().getEncoded()))).commit();
        sharedPreferences.edit().putBoolean(c("sps_data_in_compat"), true).apply();
        return commit;
    }

    public byte[] b(a aVar) throws IOException, NoSuchPaddingException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, IllegalBlockSizeException, BadPaddingException, b, NoSuchProviderException, InvalidKeyException {
        if (aVar == null || aVar.b == null) {
            return null;
        }
        return this.G ? e(aVar) : d(aVar);
    }

    String c(a aVar) {
        return aVar.c != null ? d(aVar.a) + "]" + d(aVar.b) + "]" + d(aVar.c) : d(aVar.a) + "]" + d(aVar.b);
    }

    boolean c(SharedPreferences sharedPreferences) throws NoSuchPaddingException, InvalidKeyException, NoSuchAlgorithmException, KeyStoreException, NoSuchProviderException, UnrecoverableEntryException, IOException {
        String c = c("sps_mac_key");
        if (sharedPreferences.contains(c)) {
            return false;
        }
        byte[] bArr = new byte[32];
        new SecureRandom().nextBytes(bArr);
        return sharedPreferences.edit().putString(c, d(f(bArr))).commit();
    }

    boolean c(byte[] bArr, byte[] bArr2) throws InvalidKeyException, NoSuchAlgorithmException {
        if (bArr == null || bArr2 == null) {
            return false;
        }
        byte[] e = e(bArr2);
        if (e.length != bArr.length) {
            return false;
        }
        int i = 0;
        for (int i2 = 0; i2 < e.length; i2++) {
            i |= e[i2] ^ bArr[i2];
        }
        return i == 0;
    }

    byte[] c() throws UnsupportedEncodingException {
        byte[] bArr = !this.G ? new byte[12] : new byte[16];
        new SecureRandom().nextBytes(bArr);
        return bArr;
    }

    SecretKey d(SharedPreferences sharedPreferences) throws IOException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, NoSuchPaddingException {
        String string = sharedPreferences.getString(c("sps_aes_key"), null);
        if (string != null) {
            return new SecretKeySpec(g(d(string)), n);
        }
        return null;
    }

    @TargetApi(23)
    boolean d() throws KeyStoreException, NoSuchProviderException, NoSuchAlgorithmException, InvalidAlgorithmParameterException {
        Calendar calendar = Calendar.getInstance();
        Calendar calendar2 = Calendar.getInstance();
        calendar2.add(1, 25);
        if (this.B.containsAlias("sps_aes_key")) {
            return false;
        }
        KeyGenerator keyGenerator = KeyGenerator.getInstance(n, ami.a.a);
        keyGenerator.init(new KeyGenParameterSpec.Builder("sps_aes_key", 3).setCertificateSubject(new X500Principal("CN = Secured Preference Store, O = Devliving Online")).setCertificateSerialNumber(BigInteger.ONE).setKeySize(256).setKeyValidityStart(calendar.getTime()).setKeyValidityEnd(calendar2.getTime()).setBlockModes(q).setEncryptionPaddings(u).setRandomizedEncryptionRequired(false).build());
        keyGenerator.generateKey();
        return true;
    }

    @TargetApi(19)
    byte[] d(a aVar) throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException, UnsupportedEncodingException {
        Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
        cipher.init(2, this.C, new GCMParameterSpec(128, aVar.a));
        return cipher.doFinal(aVar.b);
    }

    a e(String str) {
        a aVar = new a();
        String[] split = str.split("]");
        aVar.a = d(split[0]);
        aVar.b = d(split[1]);
        if (split.length > 2) {
            aVar.c = d(split[2]);
        }
        return aVar;
    }

    SecretKey e(SharedPreferences sharedPreferences) throws IOException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, NoSuchPaddingException {
        String string = sharedPreferences.getString(c("sps_mac_key"), null);
        if (string != null) {
            return new SecretKeySpec(g(d(string)), v);
        }
        return null;
    }

    void e() throws KeyStoreException, UnrecoverableEntryException, NoSuchAlgorithmException {
        if (this.B.containsAlias("sps_rsa_key") && this.B.entryInstanceOf("sps_rsa_key", KeyStore.PrivateKeyEntry.class)) {
            KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) this.B.getEntry("sps_rsa_key", null);
            this.E = (RSAPublicKey) privateKeyEntry.getCertificate().getPublicKey();
            this.F = (RSAPrivateKey) privateKeyEntry.getPrivateKey();
        }
    }

    byte[] e(a aVar) throws UnsupportedEncodingException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, NoSuchPaddingException, InvalidAlgorithmParameterException, BadPaddingException, IllegalBlockSizeException, b {
        if (!c(aVar.c, aVar.d())) {
            throw new b();
        }
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding", "BC");
        cipher.init(2, this.C, new IvParameterSpec(aVar.a));
        return cipher.doFinal(aVar.b);
    }

    byte[] e(byte[] bArr) throws NoSuchAlgorithmException, InvalidKeyException {
        Mac mac = Mac.getInstance(v);
        mac.init(this.D);
        return mac.doFinal(bArr);
    }

    byte[] f(byte[] bArr) throws KeyStoreException, UnrecoverableEntryException, NoSuchAlgorithmException, NoSuchProviderException, NoSuchPaddingException, InvalidKeyException, IOException {
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", "AndroidOpenSSL");
        cipher.init(1, this.E);
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, cipher);
        cipherOutputStream.write(bArr);
        cipherOutputStream.close();
        return byteArrayOutputStream.toByteArray();
    }

    byte[] g(byte[] bArr) throws NoSuchPaddingException, NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException, IOException {
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", "AndroidOpenSSL");
        cipher.init(2, this.F);
        CipherInputStream cipherInputStream = new CipherInputStream(new ByteArrayInputStream(bArr), cipher);
        ArrayList arrayList = new ArrayList();
        while (true) {
            int read = cipherInputStream.read();
            if (read == -1) {
                break;
            }
            arrayList.add(Byte.valueOf((byte) read));
        }
        byte[] bArr2 = new byte[arrayList.size()];
        int i = 0;
        while (true) {
            int i2 = i;
            if (i2 >= bArr2.length) {
                cipherInputStream.close();
                return bArr2;
            }
            bArr2[i2] = ((Byte) arrayList.get(i2)).byteValue();
            i = i2 + 1;
        }
    }
}
