package com.oblador.keychain.cipherStorage;

import android.os.Build;
import android.security.keystore.KeyGenParameterSpec;
import android.security.keystore.KeyInfo;
import android.security.keystore.UserNotAuthenticatedException;
import android.util.Log;
import com.facebook.react.bridge.ReactApplicationContext;
import com.oblador.keychain.cipherStorage.a;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPairGenerator;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.KeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.concurrent.atomic.AtomicInteger;
import javax.crypto.NoSuchPaddingException;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.jvm.internal.Intrinsics;

/* loaded from: classes3.dex */
public final class i extends b {
    public static final a j = new a(null);
    private static final String k = "RSA/ECB/PKCS1Padding";

    /* loaded from: classes3.dex */
    public static final class a {
        private a() {
        }

        public /* synthetic */ a(DefaultConstructorMarker defaultConstructorMarker) {
            this();
        }
    }

    /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
    public i(ReactApplicationContext reactContext) {
        super(reactContext);
        Intrinsics.checkNotNullParameter(reactContext, "reactContext");
    }

    private final a.d L(String str, String str2, String str3) {
        Certificate certificate = A().getCertificate(str);
        if (certificate != null) {
            PublicKey key = KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(certificate.getPublicKey().getEncoded()));
            Intrinsics.checkNotNullExpressionValue(key, "key");
            return new a.d(n(key, str3), n(key, str2), this);
        }
        throw new GeneralSecurityException("Certificate is null for alias " + str);
    }

    @Override // com.oblador.keychain.cipherStorage.a
    public int c() {
        return 23;
    }

    @Override // com.oblador.keychain.cipherStorage.a
    public boolean d() {
        return true;
    }

    @Override // com.oblador.keychain.cipherStorage.a
    public void f(com.oblador.keychain.decryptionHandler.a handler, String alias, byte[] username, byte[] password, com.oblador.keychain.f level) {
        Key p;
        Intrinsics.checkNotNullParameter(handler, "handler");
        Intrinsics.checkNotNullParameter(alias, "alias");
        Intrinsics.checkNotNullParameter(username, "username");
        Intrinsics.checkNotNullParameter(password, "password");
        Intrinsics.checkNotNullParameter(level, "level");
        F(level);
        String b2 = b.h.b(alias, v());
        Key key = null;
        try {
            try {
                p = p(b2, level, new AtomicInteger(1));
            } catch (UserNotAuthenticatedException e) {
                e = e;
            }
            try {
                handler.c(new a.c(l(p, username), l(p, password), null, 4, null), null);
            } catch (UserNotAuthenticatedException e2) {
                e = e2;
                key = p;
                Log.d(B(), "Unlock of keystore is needed. Error: " + e.getMessage(), e);
                Intrinsics.checkNotNull(key);
                handler.b(new a.b(b2, key, password, username));
            }
        } catch (Throwable th) {
            handler.c(null, th);
        }
    }

    @Override // com.oblador.keychain.cipherStorage.a
    public String h() {
        return "KeystoreRSAECB";
    }

    @Override // com.oblador.keychain.cipherStorage.a
    public a.d i(String alias, String username, String password, com.oblador.keychain.f level) {
        Intrinsics.checkNotNullParameter(alias, "alias");
        Intrinsics.checkNotNullParameter(username, "username");
        Intrinsics.checkNotNullParameter(password, "password");
        Intrinsics.checkNotNullParameter(level, "level");
        F(level);
        String b2 = b.h.b(alias, v());
        try {
            p(b2, level, new AtomicInteger(1));
            return L(b2, password, username);
        } catch (Exception e) {
            if (e instanceof NoSuchAlgorithmException ? true : e instanceof InvalidKeySpecException ? true : e instanceof NoSuchPaddingException ? true : e instanceof InvalidKeyException) {
                throw new com.oblador.keychain.exceptions.a("Could not encrypt data for service " + alias, e);
            }
            if (e instanceof KeyStoreException ? true : e instanceof com.oblador.keychain.exceptions.c) {
                throw new com.oblador.keychain.exceptions.a("Could not access Keystore for service " + alias, e);
            }
            if (e instanceof IOException) {
                throw new com.oblador.keychain.exceptions.a("I/O error: " + e.getMessage(), e);
            }
            throw new com.oblador.keychain.exceptions.a("Unknown error: " + e.getMessage(), e);
        }
    }

    @Override // com.oblador.keychain.cipherStorage.b
    protected Key r(KeyGenParameterSpec spec) {
        Intrinsics.checkNotNullParameter(spec, "spec");
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(w(), "AndroidKeyStore");
        keyPairGenerator.initialize(spec);
        PrivateKey privateKey = keyPairGenerator.generateKeyPair().getPrivate();
        Intrinsics.checkNotNullExpressionValue(privateKey, "generator.generateKeyPair().private");
        return privateKey;
    }

    @Override // com.oblador.keychain.cipherStorage.b
    protected String w() {
        return "RSA";
    }

    @Override // com.oblador.keychain.cipherStorage.b
    protected String x() {
        return k;
    }

    @Override // com.oblador.keychain.cipherStorage.b
    protected KeyGenParameterSpec.Builder y(String alias, boolean z) {
        Intrinsics.checkNotNullParameter(alias, "alias");
        int i = Build.VERSION.SDK_INT;
        KeyGenParameterSpec.Builder keySize = new KeyGenParameterSpec.Builder(alias, 3).setBlockModes("ECB").setEncryptionPaddings("PKCS1Padding").setRandomizedEncryptionRequired(true).setUserAuthenticationRequired(true).setKeySize(z ? 512 : 2048);
        Intrinsics.checkNotNullExpressionValue(keySize, "Builder(alias, purposes)…     .setKeySize(keySize)");
        if (i >= 30) {
            keySize.setUserAuthenticationParameters(5, 2);
        } else {
            keySize.setUserAuthenticationValidityDurationSeconds(5);
        }
        return keySize;
    }

    @Override // com.oblador.keychain.cipherStorage.b
    protected KeyInfo z(Key key) {
        Intrinsics.checkNotNullParameter(key, "key");
        KeySpec keySpec = KeyFactory.getInstance(key.getAlgorithm(), "AndroidKeyStore").getKeySpec(key, KeyInfo.class);
        Intrinsics.checkNotNullExpressionValue(keySpec, "factory.getKeySpec(key, KeyInfo::class.java)");
        return (KeyInfo) keySpec;
    }
}
