package com.oblador.keychain.cipherStorage;

import android.content.Context;
import android.os.Build;
import android.security.keystore.KeyGenParameterSpec;
import android.security.keystore.KeyInfo;
import android.util.Log;
import com.oblador.keychain.cipherStorage.b;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.Closeable;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.nio.charset.Charset;
import java.security.GeneralSecurityException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.UnrecoverableKeyException;
import java.util.Collections;
import java.util.HashSet;
import java.util.Set;
import java.util.concurrent.atomic.AtomicBoolean;
import java.util.concurrent.atomic.AtomicInteger;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.spec.IvParameterSpec;
import kotlin.Lazy;
import kotlin.Unit;
import kotlin.io.CloseableKt;
import kotlin.jvm.functions.Function0;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.jvm.internal.Intrinsics;
import kotlin.jvm.internal.Lambda;
import kotlin.l;
import kotlin.text.StringsKt__StringsJVMKt;

/* loaded from: classes3.dex */
public abstract class b implements com.oblador.keychain.cipherStorage.a {
    public static final a h = new a(null);
    private static final Charset i;

    /* renamed from: a, reason: collision with root package name */
    private final Context f16148a;

    /* renamed from: b, reason: collision with root package name */
    private final String f16149b;

    /* renamed from: c, reason: collision with root package name */
    private final Object f16150c;
    private final Lazy d;
    private transient AtomicBoolean e;
    private transient Cipher f;
    private transient KeyStore g;

    /* loaded from: classes3.dex */
    public static final class a {
        private a() {
        }

        public /* synthetic */ a(DefaultConstructorMarker defaultConstructorMarker) {
            this();
        }

        public final void a(InputStream input, OutputStream output) {
            Intrinsics.checkNotNullParameter(input, "input");
            Intrinsics.checkNotNullParameter(output, "output");
            byte[] bArr = new byte[16384];
            while (true) {
                int read = input.read(bArr);
                if (read <= 0) {
                    return;
                } else {
                    output.write(bArr, 0, read);
                }
            }
        }

        public final String b(String str, String fallback) {
            Intrinsics.checkNotNullParameter(fallback, "fallback");
            return str == null || str.length() == 0 ? fallback : str;
        }

        public final Charset c() {
            return b.i;
        }
    }

    /* renamed from: com.oblador.keychain.cipherStorage.b$b, reason: collision with other inner class name */
    /* loaded from: classes3.dex */
    public interface InterfaceC0577b {
        void a(Cipher cipher, Key key, InputStream inputStream);
    }

    /* loaded from: classes3.dex */
    public static final class c {

        /* renamed from: a, reason: collision with root package name */
        public static final c f16151a = new c();

        /* renamed from: b, reason: collision with root package name */
        private static final d f16152b = new d() { // from class: com.oblador.keychain.cipherStorage.c
            @Override // com.oblador.keychain.cipherStorage.b.d
            public final void a(Cipher cipher, Key key, OutputStream outputStream) {
                b.c.d(cipher, key, outputStream);
            }
        };

        /* renamed from: c, reason: collision with root package name */
        private static final InterfaceC0577b f16153c = new InterfaceC0577b() { // from class: com.oblador.keychain.cipherStorage.d
            @Override // com.oblador.keychain.cipherStorage.b.InterfaceC0577b
            public final void a(Cipher cipher, Key key, InputStream inputStream) {
                b.c.c(cipher, key, inputStream);
            }
        };

        private c() {
        }

        /* JADX INFO: Access modifiers changed from: private */
        public static final void c(Cipher cipher, Key key, InputStream input) {
            Intrinsics.checkNotNullParameter(cipher, "cipher");
            Intrinsics.checkNotNullParameter(key, "key");
            Intrinsics.checkNotNullParameter(input, "input");
            cipher.init(2, key);
        }

        /* JADX INFO: Access modifiers changed from: private */
        public static final void d(Cipher cipher, Key key, OutputStream output) {
            Intrinsics.checkNotNullParameter(cipher, "cipher");
            Intrinsics.checkNotNullParameter(key, "key");
            Intrinsics.checkNotNullParameter(output, "output");
            cipher.init(1, key);
        }

        public final InterfaceC0577b e() {
            return f16153c;
        }

        public final d f() {
            return f16152b;
        }
    }

    /* loaded from: classes3.dex */
    public interface d {
        void a(Cipher cipher, Key key, OutputStream outputStream);
    }

    /* loaded from: classes3.dex */
    public static final class e {

        /* renamed from: a, reason: collision with root package name */
        public static final e f16154a = new e();

        /* renamed from: b, reason: collision with root package name */
        private static final d f16155b = new d() { // from class: com.oblador.keychain.cipherStorage.e
            @Override // com.oblador.keychain.cipherStorage.b.d
            public final void a(Cipher cipher, Key key, OutputStream outputStream) {
                b.e.d(cipher, key, outputStream);
            }
        };

        /* renamed from: c, reason: collision with root package name */
        private static final InterfaceC0577b f16156c = new InterfaceC0577b() { // from class: com.oblador.keychain.cipherStorage.f
            @Override // com.oblador.keychain.cipherStorage.b.InterfaceC0577b
            public final void a(Cipher cipher, Key key, InputStream inputStream) {
                b.e.c(cipher, key, inputStream);
            }
        };

        private e() {
        }

        /* JADX INFO: Access modifiers changed from: private */
        public static final void c(Cipher cipher, Key key, InputStream input) {
            Intrinsics.checkNotNullParameter(cipher, "cipher");
            Intrinsics.checkNotNullParameter(key, "key");
            Intrinsics.checkNotNullParameter(input, "input");
            cipher.init(2, key, f16154a.g(input));
        }

        /* JADX INFO: Access modifiers changed from: private */
        public static final void d(Cipher cipher, Key key, OutputStream output) {
            Intrinsics.checkNotNullParameter(cipher, "cipher");
            Intrinsics.checkNotNullParameter(key, "key");
            Intrinsics.checkNotNullParameter(output, "output");
            cipher.init(1, key);
            byte[] iv = cipher.getIV();
            output.write(iv, 0, iv.length);
        }

        public final InterfaceC0577b e() {
            return f16156c;
        }

        public final d f() {
            return f16155b;
        }

        public final IvParameterSpec g(InputStream inputStream) {
            Intrinsics.checkNotNullParameter(inputStream, "inputStream");
            byte[] bArr = new byte[16];
            if (inputStream.read(bArr, 0, 16) == 16) {
                return new IvParameterSpec(bArr);
            }
            throw new IOException("Input stream has insufficient data.");
        }

        public final IvParameterSpec h(byte[] bytes) {
            Intrinsics.checkNotNullParameter(bytes, "bytes");
            byte[] bArr = new byte[16];
            if (16 >= bytes.length) {
                throw new IOException("Insufficient length of input data for IV extracting.");
            }
            System.arraycopy(bytes, 0, bArr, 0, 16);
            return new IvParameterSpec(bArr);
        }
    }

    /* loaded from: classes3.dex */
    public final class f implements Closeable {

        /* renamed from: a, reason: collision with root package name */
        private final String f16157a;

        /* renamed from: b, reason: collision with root package name */
        private final Key f16158b;

        /* renamed from: c, reason: collision with root package name */
        final /* synthetic */ b f16159c;

        /* JADX WARN: 'this' call moved to the top of the method (can break code semantics) */
        public f(b bVar, String name) {
            this(bVar, name, bVar.H(name, true));
            Intrinsics.checkNotNullParameter(name, "name");
        }

        public f(b bVar, String name, Key key) {
            Intrinsics.checkNotNullParameter(name, "name");
            Intrinsics.checkNotNullParameter(key, "key");
            this.f16159c = bVar;
            this.f16157a = name;
            this.f16158b = key;
        }

        public final Key a() {
            return this.f16158b;
        }

        @Override // java.io.Closeable, java.lang.AutoCloseable
        public void close() {
            try {
                this.f16159c.e(this.f16157a);
            } catch (com.oblador.keychain.exceptions.c e) {
                Log.w(this.f16159c.B(), "AutoClose remove key failed. Error: " + e.getMessage(), e);
            }
        }
    }

    /* loaded from: classes3.dex */
    static final class g extends Lambda implements Function0 {
        g() {
            super(0);
        }

        @Override // kotlin.jvm.functions.Function0
        public final Boolean invoke() {
            return Boolean.valueOf(Build.VERSION.SDK_INT >= 28 ? b.this.t().getPackageManager().hasSystemFeature("android.hardware.strongbox_keystore") : false);
        }
    }

    static {
        Charset forName = Charset.forName("UTF-8");
        Intrinsics.checkNotNullExpressionValue(forName, "forName(\"UTF-8\")");
        i = forName;
    }

    public b(Context applicationContext) {
        Lazy lazy;
        Intrinsics.checkNotNullParameter(applicationContext, "applicationContext");
        this.f16148a = applicationContext;
        this.f16149b = b.class.getSimpleName();
        this.f16150c = new Object();
        lazy = l.lazy(new g());
        this.d = lazy;
    }

    public final KeyStore A() {
        if (this.g == null) {
            synchronized (this) {
                if (this.g == null) {
                    try {
                        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
                        keyStore.load(null);
                        this.g = keyStore;
                    } catch (Throwable th) {
                        throw new com.oblador.keychain.exceptions.c("Could not access Keystore", th);
                    }
                }
                Unit unit = Unit.f25553a;
            }
        }
        KeyStore keyStore2 = this.g;
        Intrinsics.checkNotNull(keyStore2);
        return keyStore2;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public final String B() {
        return this.f16149b;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public final com.oblador.keychain.f C(Key key) {
        Intrinsics.checkNotNullParameter(key, "key");
        return z(key).isInsideSecureHardware() ? com.oblador.keychain.f.SECURE_HARDWARE : com.oblador.keychain.f.SECURE_SOFTWARE;
    }

    protected final boolean D(Key key, String expectedAlgorithm) {
        boolean equals;
        Intrinsics.checkNotNullParameter(key, "key");
        Intrinsics.checkNotNullParameter(expectedAlgorithm, "expectedAlgorithm");
        equals = StringsKt__StringsJVMKt.equals(key.getAlgorithm(), expectedAlgorithm, true);
        return equals;
    }

    protected final boolean E() {
        return ((Boolean) this.d.getValue()).booleanValue();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public final void F(com.oblador.keychain.f level) {
        Intrinsics.checkNotNullParameter(level, "level");
        if (g().c(level)) {
            return;
        }
        throw new com.oblador.keychain.exceptions.a("Insufficient security level (wants " + level + "; got " + g() + ")");
    }

    protected final Key G(String alias) {
        Intrinsics.checkNotNullParameter(alias, "alias");
        return H(alias, false);
    }

    protected final Key H(String alias, boolean z) {
        Intrinsics.checkNotNullParameter(alias, "alias");
        KeyGenParameterSpec build = y(alias, z).build();
        Intrinsics.checkNotNullExpressionValue(build, "getKeyGenSpecBuilder(alias, isForTesting).build()");
        return r(build);
    }

    protected final Key I(String alias) {
        Intrinsics.checkNotNullParameter(alias, "alias");
        return J(alias, false);
    }

    protected final Key J(String alias, boolean z) {
        KeyGenParameterSpec.Builder isStrongBoxBacked;
        Intrinsics.checkNotNullParameter(alias, "alias");
        int i2 = Build.VERSION.SDK_INT;
        if (i2 >= 28) {
            isStrongBoxBacked = y(alias, z).setIsStrongBoxBacked(true);
            KeyGenParameterSpec build = isStrongBoxBacked.build();
            Intrinsics.checkNotNullExpressionValue(build, "getKeyGenSpecBuilder(ali…ngBoxBacked(true).build()");
            return r(build);
        }
        throw new com.oblador.keychain.exceptions.c("Strong box security keystore is not supported for old API" + i2 + ".");
    }

    protected final boolean K(com.oblador.keychain.f level, Key key) {
        Intrinsics.checkNotNullParameter(level, "level");
        Intrinsics.checkNotNullParameter(key, "key");
        return C(key).c(level);
    }

    @Override // com.oblador.keychain.cipherStorage.a
    public Set a() {
        KeyStore A = A();
        try {
            return new HashSet(Collections.list(A.aliases()));
        } catch (KeyStoreException e2) {
            throw new com.oblador.keychain.exceptions.c("Error accessing aliases in keystore " + A, e2);
        }
    }

    @Override // com.oblador.keychain.cipherStorage.a
    public int b() {
        return ((d() ? 1 : 0) * 1000) + c();
    }

    @Override // com.oblador.keychain.cipherStorage.a
    public void e(String alias) {
        Intrinsics.checkNotNullParameter(alias, "alias");
        String b2 = h.b(alias, v());
        KeyStore A = A();
        try {
            if (A.containsAlias(b2)) {
                A.deleteEntry(b2);
            }
        } catch (GeneralSecurityException unused) {
        }
    }

    @Override // com.oblador.keychain.cipherStorage.a
    public com.oblador.keychain.f g() {
        return com.oblador.keychain.f.SECURE_HARDWARE;
    }

    @Override // com.oblador.keychain.cipherStorage.a
    public boolean j() {
        AtomicBoolean atomicBoolean = this.e;
        if (atomicBoolean != null) {
            Intrinsics.checkNotNull(atomicBoolean);
            return atomicBoolean.get();
        }
        synchronized (this.f16150c) {
            AtomicBoolean atomicBoolean2 = this.e;
            if (atomicBoolean2 != null) {
                Intrinsics.checkNotNull(atomicBoolean2);
                return atomicBoolean2.get();
            }
            this.e = new AtomicBoolean(false);
            f fVar = null;
            try {
                f fVar2 = new f(this, "AndroidKeyStore#supportsSecureHardware");
                try {
                    boolean K = K(com.oblador.keychain.f.SECURE_HARDWARE, fVar2.a());
                    AtomicBoolean atomicBoolean3 = this.e;
                    Intrinsics.checkNotNull(atomicBoolean3);
                    atomicBoolean3.set(K);
                    fVar2.close();
                } catch (Throwable unused) {
                    fVar = fVar2;
                    if (fVar != null) {
                        fVar.close();
                    }
                    Unit unit = Unit.f25553a;
                    AtomicBoolean atomicBoolean4 = this.e;
                    Intrinsics.checkNotNull(atomicBoolean4);
                    return atomicBoolean4.get();
                }
            } catch (Throwable unused2) {
            }
            Unit unit2 = Unit.f25553a;
            AtomicBoolean atomicBoolean42 = this.e;
            Intrinsics.checkNotNull(atomicBoolean42);
            return atomicBoolean42.get();
        }
    }

    public String l(Key key, byte[] bytes) {
        Intrinsics.checkNotNullParameter(key, "key");
        Intrinsics.checkNotNullParameter(bytes, "bytes");
        return m(key, bytes, c.f16151a.e());
    }

    protected String m(Key key, byte[] bytes, InterfaceC0577b interfaceC0577b) {
        Intrinsics.checkNotNullParameter(key, "key");
        Intrinsics.checkNotNullParameter(bytes, "bytes");
        Cipher u = u();
        try {
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bytes);
            try {
                ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                if (interfaceC0577b != null) {
                    try {
                        interfaceC0577b.a(u, key, byteArrayInputStream);
                    } finally {
                    }
                }
                CipherInputStream cipherInputStream = new CipherInputStream(byteArrayInputStream, u);
                try {
                    h.a(cipherInputStream, byteArrayOutputStream);
                    Unit unit = Unit.f25553a;
                    CloseableKt.closeFinally(cipherInputStream, null);
                    byte[] byteArray = byteArrayOutputStream.toByteArray();
                    Intrinsics.checkNotNullExpressionValue(byteArray, "output.toByteArray()");
                    String str = new String(byteArray, i);
                    CloseableKt.closeFinally(byteArrayOutputStream, null);
                    CloseableKt.closeFinally(byteArrayInputStream, null);
                    return str;
                } finally {
                }
            } finally {
            }
        } catch (Throwable th) {
            Log.w(this.f16149b, th.getMessage(), th);
            throw th;
        }
    }

    public byte[] n(Key key, String value) {
        Intrinsics.checkNotNullParameter(key, "key");
        Intrinsics.checkNotNullParameter(value, "value");
        return o(key, value, c.f16151a.f());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public final byte[] o(Key key, String value, d dVar) {
        Intrinsics.checkNotNullParameter(key, "key");
        Intrinsics.checkNotNullParameter(value, "value");
        Cipher u = u();
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            if (dVar != null) {
                try {
                    dVar.a(u, key, byteArrayOutputStream);
                    byteArrayOutputStream.flush();
                } finally {
                }
            }
            CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, u);
            try {
                byte[] bytes = value.getBytes(i);
                Intrinsics.checkNotNullExpressionValue(bytes, "this as java.lang.String).getBytes(charset)");
                cipherOutputStream.write(bytes);
                Unit unit = Unit.f25553a;
                CloseableKt.closeFinally(cipherOutputStream, null);
                byte[] byteArray = byteArrayOutputStream.toByteArray();
                Intrinsics.checkNotNullExpressionValue(byteArray, "output.toByteArray()");
                CloseableKt.closeFinally(byteArrayOutputStream, null);
                return byteArray;
            } finally {
            }
        } catch (Throwable th) {
            Log.e(this.f16149b, th.getMessage(), th);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public final Key p(String safeAlias, com.oblador.keychain.f level, AtomicInteger retries) {
        Key key;
        Intrinsics.checkNotNullParameter(safeAlias, "safeAlias");
        Intrinsics.checkNotNullParameter(level, "level");
        Intrinsics.checkNotNullParameter(retries, "retries");
        do {
            KeyStore A = A();
            if (A.containsAlias(safeAlias)) {
                key = null;
                Key key2 = A.getKey(safeAlias, null);
                if (key2 != null && !D(key2, w())) {
                    Log.w(this.f16149b, "Incompatible key found for alias: " + safeAlias + ". Expected: " + w() + ", Found: " + key2.getAlgorithm() + ".This can happen if you try to overwrite credentials that were previously saved with a different encryption algorithm.");
                    A.deleteEntry(safeAlias);
                    s(safeAlias, level);
                }
            } else {
                s(safeAlias, level);
            }
            key = q(A, safeAlias, retries);
        } while (key == null);
        return key;
    }

    protected final Key q(KeyStore keyStore, String safeAlias, AtomicInteger retry) {
        Intrinsics.checkNotNullParameter(keyStore, "keyStore");
        Intrinsics.checkNotNullParameter(safeAlias, "safeAlias");
        Intrinsics.checkNotNullParameter(retry, "retry");
        try {
            Key key = keyStore.getKey(safeAlias, null);
            if (key != null) {
                return key;
            }
            throw new com.oblador.keychain.exceptions.c("Empty key extracted!");
        } catch (UnrecoverableKeyException e2) {
            if (retry.getAndDecrement() <= 0) {
                throw e2;
            }
            keyStore.deleteEntry(safeAlias);
            return null;
        }
    }

    protected abstract Key r(KeyGenParameterSpec keyGenParameterSpec);

    /* JADX WARN: Removed duplicated region for block: B:11:0x003b  */
    /* JADX WARN: Removed duplicated region for block: B:9:0x003a A[RETURN] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public final void s(java.lang.String r4, com.oblador.keychain.f r5) {
        /*
            r3 = this;
            java.lang.String r0 = "StrongBox security storage is not available."
            java.lang.String r1 = "alias"
            kotlin.jvm.internal.Intrinsics.checkNotNullParameter(r4, r1)
            java.lang.String r1 = "requiredLevel"
            kotlin.jvm.internal.Intrinsics.checkNotNullParameter(r5, r1)
            boolean r1 = r3.E()
            if (r1 == 0) goto L24
            java.security.Key r0 = r3.I(r4)     // Catch: java.security.ProviderException -> L17 java.security.GeneralSecurityException -> L1e
            goto L25
        L17:
            r1 = move-exception
            java.lang.String r2 = r3.f16149b
            android.util.Log.w(r2, r0, r1)
            goto L24
        L1e:
            r1 = move-exception
            java.lang.String r2 = r3.f16149b
            android.util.Log.w(r2, r0, r1)
        L24:
            r0 = 0
        L25:
            if (r0 == 0) goto L2d
            boolean r1 = r3.E()
            if (r1 != 0) goto L31
        L2d:
            java.security.Key r0 = r3.G(r4)     // Catch: java.security.GeneralSecurityException -> L43
        L31:
            kotlin.jvm.internal.Intrinsics.checkNotNull(r0)
            boolean r4 = r3.K(r5, r0)
            if (r4 == 0) goto L3b
            return
        L3b:
            com.oblador.keychain.exceptions.a r4 = new com.oblador.keychain.exceptions.a
            java.lang.String r5 = "Cannot generate keys with required security guarantees"
            r4.<init>(r5)
            throw r4
        L43:
            r4 = move-exception
            java.lang.String r5 = r3.f16149b
            java.lang.String r0 = "Regular security storage is not available."
            android.util.Log.e(r5, r0, r4)
            throw r4
        */
        throw new UnsupportedOperationException("Method not decompiled: com.oblador.keychain.cipherStorage.b.s(java.lang.String, com.oblador.keychain.f):void");
    }

    protected final Context t() {
        return this.f16148a;
    }

    public final Cipher u() {
        if (this.f == null) {
            synchronized (this) {
                if (this.f == null) {
                    this.f = Cipher.getInstance(x());
                }
                Unit unit = Unit.f25553a;
            }
        }
        Cipher cipher = this.f;
        Intrinsics.checkNotNull(cipher);
        return cipher;
    }

    public String v() {
        return h();
    }

    protected abstract String w();

    protected abstract String x();

    protected abstract KeyGenParameterSpec.Builder y(String str, boolean z);

    protected abstract KeyInfo z(Key key);
}
