package y8;

import a3.h;
import android.os.Build;
import android.security.keystore.KeyPermanentlyInvalidatedException;
import android.text.TextUtils;
import android.util.Base64;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.MGF1ParameterSpec;
import java.util.ArrayList;
import java.util.Calendar;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.OAEPParameterSpec;
import javax.crypto.spec.PSource;
import javax.crypto.spec.SecretKeySpec;
import t5.k;

/* loaded from: classes.dex */
public final class d {

    /* renamed from: g, reason: collision with root package name */
    public static int f17894g;

    /* renamed from: h, reason: collision with root package name */
    public static final k f17895h = new k((di.a) null, 15);

    /* renamed from: a, reason: collision with root package name */
    public KeyStore f17896a;

    /* renamed from: b, reason: collision with root package name */
    public SecretKeySpec f17897b;

    /* renamed from: c, reason: collision with root package name */
    public IvParameterSpec f17898c;

    /* renamed from: d, reason: collision with root package name */
    public boolean f17899d;

    /* renamed from: e, reason: collision with root package name */
    public m3.b f17900e;

    /* renamed from: f, reason: collision with root package name */
    public c f17901f;

    public d() {
        IvParameterSpec ivParameterSpec;
        KeyStore.PrivateKeyEntry privateKeyEntry;
        c cVar;
        if (this.f17901f == null) {
            this.f17901f = new c(this);
        }
        this.f17899d = Build.VERSION.SDK_INT >= 23 && !g9.d.d().b("dbEncryptionKey", "appLevelPreferences");
        e9.a aVar = e9.a.f7967d;
        StringBuilder o10 = h.o("Using ");
        o10.append(this.f17899d ? "Keystore" : "Legacy");
        o10.append(" encryption system.");
        aVar.h("DBEncryptionService", o10.toString());
        c cVar2 = this.f17901f;
        String str = null;
        if (cVar2 == null) {
            com.wdullaer.materialdatetimepicker.time.e.u1("androidInterface");
            throw null;
        }
        try {
            d dVar = cVar2.f17893b;
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            com.wdullaer.materialdatetimepicker.time.e.c(keyStore, "KeyStore.getInstance(\"AndroidKeyStore\")");
            dVar.f17896a = keyStore;
            a(cVar2.f17893b).load(null, null);
        } catch (Exception e10) {
            e9.a.f7967d.g("DBEncryptionService", 53, "Failed to load Keystore.", e10);
        }
        String g10 = g9.d.d().g("initializationVector", "appLevelPreferences", null);
        if (g10 != null) {
            e9.a.f7967d.o("DBEncryptionService", "Found a legacy Initialization Vector; loading it. Please log out and back in to clear old data.");
            ivParameterSpec = new IvParameterSpec(Base64.decode(g10, 0));
        } else {
            ivParameterSpec = null;
        }
        this.f17898c = ivParameterSpec;
        if (this.f17900e == null) {
            this.f17900e = new m3.b();
        }
        if (this.f17899d) {
            this.f17897b = null;
            return;
        }
        String g11 = g9.d.d().g("dbEncryptionKey", "appLevelPreferences", null);
        try {
            cVar = this.f17901f;
        } catch (Exception unused) {
            privateKeyEntry = null;
        }
        if (cVar == null) {
            com.wdullaer.materialdatetimepicker.time.e.u1("androidInterface");
            throw null;
        }
        privateKeyEntry = cVar.d();
        if (g11 == null || privateKeyEntry == null) {
            if (this.f17901f == null) {
                com.wdullaer.materialdatetimepicker.time.e.u1("androidInterface");
                throw null;
            }
            try {
                KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
                keyGenerator.init(256);
                SecretKey generateKey = keyGenerator.generateKey();
                com.wdullaer.materialdatetimepicker.time.e.c(generateKey, "keyGen.generateKey()");
                g11 = Base64.encodeToString(generateKey.getEncoded(), 0);
                com.wdullaer.materialdatetimepicker.time.e.c(g11, "Base64.encodeToString(se….encoded, Base64.DEFAULT)");
            } catch (NoSuchAlgorithmException e11) {
                e9.a.f7967d.g("DBEncryptionService", 56, "Exception while generating AES Encryption Key", e11);
                byte[] bArr = new byte[32];
                new SecureRandom().nextBytes(bArr);
                g11 = Base64.encodeToString(bArr, 0);
                com.wdullaer.materialdatetimepicker.time.e.c(g11, "Base64.encodeToString(randomBytes, Base64.DEFAULT)");
            }
            d(g11);
        } else if (g9.d.d().c("dbEncryptionUsesKeyStore", "appLevelPreferences", false)) {
            try {
                str = b(g11, g(2));
            } catch (IOException e12) {
                e9.a aVar2 = e9.a.f7967d;
                StringBuilder o11 = h.o("IOException while decrypting key. Android SDK Version: ");
                int i10 = Build.VERSION.SDK_INT;
                o11.append(i10);
                aVar2.g("DBEncryptionService", 54, o11.toString(), e12);
                try {
                    aVar2.o("DBEncryptionService", "fallback: use old RSA algorithm - RSA/ECB/PKCS1Padding, to decrypt key in sharedPref");
                    c cVar3 = this.f17901f;
                    if (cVar3 == null) {
                        com.wdullaer.materialdatetimepicker.time.e.u1("androidInterface");
                        throw null;
                    }
                    KeyStore.PrivateKeyEntry d10 = cVar3.d();
                    if (this.f17900e == null) {
                        com.wdullaer.materialdatetimepicker.time.e.u1("cipherWrapperFactory");
                        throw null;
                    }
                    b bVar = new b("RSA/ECB/PKCS1Padding", 2, d10.getPrivateKey());
                    bVar.b();
                    str = b(g11, bVar);
                    if (i10 >= 23 && g9.d.d().b("dbEncryptionKey", "appLevelPreferences")) {
                        aVar2.a("DBEncryptionService", "set flag to reset DBEncryptionService");
                        g9.d.d().i("RESET_DB_ENCRYPTION_SERVICE_KEY", "appLevelPreferences", true);
                    }
                    aVar2.a("DBEncryptionService", "Got decrypted key by using old RSA algorithm");
                } catch (Exception e13) {
                    e9.a.f7967d.g("DBEncryptionService", 54, "Exception while decrypting key - fallback", e13);
                }
            } catch (Exception e14) {
                e9.a.f7967d.g("DBEncryptionService", 54, "Exception while decrypting key.", e14);
            }
            g11 = str;
        } else {
            d(g11);
        }
        if (g11 == null || g11.length() == 0) {
            e9.a.f7967d.a("DBEncryptionService", "setDbEncryptionKey - key is NullOrEmpty");
            return;
        }
        byte[] decode = Base64.decode(g11, 0);
        decode[0] = (byte) (decode[0] + 1);
        this.f17897b = new SecretKeySpec(decode, "AES");
    }

    public static final /* synthetic */ KeyStore a(d dVar) {
        KeyStore keyStore = dVar.f17896a;
        if (keyStore != null) {
            return keyStore;
        }
        com.wdullaer.materialdatetimepicker.time.e.u1("androidKeyStore");
        throw null;
    }

    public final String b(String str, b bVar) {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(Base64.decode(str, 0));
        Cipher cipher = bVar.f17888b;
        if (cipher == null) {
            com.wdullaer.materialdatetimepicker.time.e.u1("cipher");
            throw null;
        }
        CipherInputStream cipherInputStream = new CipherInputStream(byteArrayInputStream, cipher);
        ArrayList arrayList = new ArrayList();
        while (true) {
            int read = cipherInputStream.read();
            if (read == -1) {
                break;
            }
            arrayList.add(Byte.valueOf((byte) read));
        }
        int size = arrayList.size();
        byte[] bArr = new byte[size];
        for (int i10 = 0; i10 < size; i10++) {
            Object obj = arrayList.get(i10);
            com.wdullaer.materialdatetimepicker.time.e.c(obj, "values[i]");
            bArr[i10] = ((Number) obj).byteValue();
        }
        Charset charset = StandardCharsets.UTF_8;
        com.wdullaer.materialdatetimepicker.time.e.c(charset, "StandardCharsets.UTF_8");
        return new String(bArr, 0, size, charset);
    }

    public final String c(String str) {
        e9.a aVar = e9.a.f7967d;
        aVar.a("DBEncryptionService", "encrypt()");
        if (TextUtils.isEmpty(str)) {
            return str;
        }
        try {
            b f10 = f();
            if (str == null) {
                com.wdullaer.materialdatetimepicker.time.e.t1();
                throw null;
            }
            Charset charset = StandardCharsets.UTF_8;
            com.wdullaer.materialdatetimepicker.time.e.c(charset, "StandardCharsets.UTF_8");
            byte[] bytes = str.getBytes(charset);
            com.wdullaer.materialdatetimepicker.time.e.f(bytes, "(this as java.lang.String).getBytes(charset)");
            byte[] a10 = f10.a(bytes);
            Cipher cipher = f10.f17888b;
            if (cipher == null) {
                com.wdullaer.materialdatetimepicker.time.e.u1("cipher");
                throw null;
            }
            byte[] iv = cipher.getIV();
            com.wdullaer.materialdatetimepicker.time.e.c(iv, "cipher.iv");
            String encodeToString = Base64.encodeToString(a10, 0);
            String encodeToString2 = Base64.encodeToString(iv, 0);
            aVar.m("DBEncryptionService", "Successfully Encrypted block " + aVar.l(encodeToString2));
            f17894g = 0;
            return encodeToString2 + "::" + encodeToString;
        } catch (InvalidKeyException e10) {
            e9.a aVar2 = e9.a.f7967d;
            aVar2.o("DBEncryptionService", "InvalidKeyException " + e10);
            if (Build.VERSION.SDK_INT >= 23 && (e10.getCause() instanceof KeyPermanentlyInvalidatedException)) {
                aVar2.g("DBEncryptionService", 58, "KeyPermanentlyInvalidatedException while Encrypting text.", e10);
                KeyStore keyStore = this.f17896a;
                if (keyStore == null) {
                    com.wdullaer.materialdatetimepicker.time.e.u1("androidKeyStore");
                    throw null;
                }
                keyStore.deleteEntry("androidInfraDbEncKey");
                int i10 = f17894g;
                if (i10 != 0) {
                    return str;
                }
                f17894g = i10 + 1;
                c(str);
            }
            return str;
        } catch (Exception e11) {
            e9.a.f7967d.g("DBEncryptionService", 58, "Exception while Encrypting text.", e11);
            return str;
        }
    }

    public final void d(String str) {
        ByteArrayOutputStream byteArrayOutputStream;
        Cipher cipher;
        c cVar;
        boolean z10 = true;
        try {
            cVar = this.f17901f;
        } catch (Exception e10) {
            e9.a.f7967d.g("DBEncryptionService", 57, "Exception while generating KeyPair.", e10);
        }
        if (cVar == null) {
            com.wdullaer.materialdatetimepicker.time.e.u1("androidInterface");
            throw null;
        }
        if (!a(cVar.f17893b).containsAlias("androidInfraDbEncKey")) {
            Calendar calendar = Calendar.getInstance();
            Calendar calendar2 = Calendar.getInstance();
            calendar2.add(1, 120);
            c cVar2 = this.f17901f;
            if (cVar2 == null) {
                com.wdullaer.materialdatetimepicker.time.e.u1("androidInterface");
                throw null;
            }
            com.wdullaer.materialdatetimepicker.time.e.c(calendar, "start");
            cVar2.e(calendar, calendar2).generateKeyPair();
        }
        try {
            b g10 = g(1);
            byteArrayOutputStream = new ByteArrayOutputStream();
            cipher = g10.f17888b;
        } catch (Exception e11) {
            e9.a.f7967d.g("DBEncryptionService", 55, "Exception while encrypting/saving key.", e11);
            z10 = false;
        }
        if (cipher == null) {
            com.wdullaer.materialdatetimepicker.time.e.u1("cipher");
            throw null;
        }
        CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, cipher);
        Charset charset = StandardCharsets.UTF_8;
        com.wdullaer.materialdatetimepicker.time.e.c(charset, "StandardCharsets.UTF_8");
        byte[] bytes = str.getBytes(charset);
        com.wdullaer.materialdatetimepicker.time.e.f(bytes, "(this as java.lang.String).getBytes(charset)");
        cipherOutputStream.write(bytes);
        cipherOutputStream.close();
        str = Base64.encodeToString(byteArrayOutputStream.toByteArray(), 0);
        g9.d.d().l("dbEncryptionKey", "appLevelPreferences", str);
        g9.d.d().i("dbEncryptionUsesKeyStore", "appLevelPreferences", z10);
    }

    public final b e(AlgorithmParameterSpec algorithmParameterSpec) {
        if (!this.f17899d) {
            if (this.f17900e == null) {
                com.wdullaer.materialdatetimepicker.time.e.u1("cipherWrapperFactory");
                throw null;
            }
            b bVar = new b("AES/GCM/NoPadding", 2, this.f17897b, algorithmParameterSpec);
            bVar.b();
            return bVar;
        }
        c cVar = this.f17901f;
        if (cVar == null) {
            com.wdullaer.materialdatetimepicker.time.e.u1("androidInterface");
            throw null;
        }
        cVar.b();
        if (this.f17900e == null) {
            com.wdullaer.materialdatetimepicker.time.e.u1("cipherWrapperFactory");
            throw null;
        }
        c cVar2 = this.f17901f;
        if (cVar2 == null) {
            com.wdullaer.materialdatetimepicker.time.e.u1("androidInterface");
            throw null;
        }
        SecretKey secretKey = cVar2.f17892a;
        if (secretKey == null) {
            secretKey = cVar2.c();
        }
        b bVar2 = new b("AES/GCM/NoPadding", 2, secretKey, algorithmParameterSpec);
        bVar2.b();
        return bVar2;
    }

    public final b f() {
        if (this.f17900e == null) {
            this.f17900e = new m3.b();
        }
        if (!this.f17899d) {
            if (this.f17900e == null) {
                com.wdullaer.materialdatetimepicker.time.e.u1("cipherWrapperFactory");
                throw null;
            }
            b bVar = new b("AES/GCM/NoPadding", 1, this.f17897b, this.f17898c);
            bVar.b();
            return bVar;
        }
        c cVar = this.f17901f;
        if (cVar == null) {
            com.wdullaer.materialdatetimepicker.time.e.u1("androidInterface");
            throw null;
        }
        cVar.b();
        if (this.f17900e == null) {
            com.wdullaer.materialdatetimepicker.time.e.u1("cipherWrapperFactory");
            throw null;
        }
        c cVar2 = this.f17901f;
        if (cVar2 == null) {
            com.wdullaer.materialdatetimepicker.time.e.u1("androidInterface");
            throw null;
        }
        SecretKey secretKey = cVar2.f17892a;
        if (secretKey == null) {
            secretKey = cVar2.c();
        }
        b bVar2 = new b("AES/GCM/NoPadding", 1, secretKey);
        bVar2.b();
        return bVar2;
    }

    public final b g(int i10) {
        Key key;
        if (i10 == 1) {
            c cVar = this.f17901f;
            if (cVar == null) {
                com.wdullaer.materialdatetimepicker.time.e.u1("androidInterface");
                throw null;
            }
            Certificate certificate = cVar.d().getCertificate();
            com.wdullaer.materialdatetimepicker.time.e.c(certificate, "getKeystoreEntry().certificate");
            key = certificate.getPublicKey();
            com.wdullaer.materialdatetimepicker.time.e.c(key, "getKeystoreEntry().certificate.publicKey");
        } else {
            key = null;
        }
        if (i10 == 2) {
            c cVar2 = this.f17901f;
            if (cVar2 == null) {
                com.wdullaer.materialdatetimepicker.time.e.u1("androidInterface");
                throw null;
            }
            key = cVar2.d().getPrivateKey();
        }
        if (Build.VERSION.SDK_INT < 23) {
            if (this.f17900e == null) {
                com.wdullaer.materialdatetimepicker.time.e.u1("cipherWrapperFactory");
                throw null;
            }
            if (key == null) {
                throw new IllegalArgumentException("Required value was null.".toString());
            }
            b bVar = new b("RSA/ECB/PKCS1Padding", i10, key);
            bVar.b();
            return bVar;
        }
        OAEPParameterSpec oAEPParameterSpec = new OAEPParameterSpec("SHA-256", "MGF1", new MGF1ParameterSpec("SHA-1"), PSource.PSpecified.DEFAULT);
        if (this.f17900e == null) {
            com.wdullaer.materialdatetimepicker.time.e.u1("cipherWrapperFactory");
            throw null;
        }
        if (key == null) {
            throw new IllegalArgumentException("Required value was null.".toString());
        }
        b bVar2 = new b("RSA/ECB/OAEPWithSHA-256AndMGF1Padding", i10, key, oAEPParameterSpec);
        bVar2.b();
        return bVar2;
    }
}
