package hp.secure.storage;

import android.annotation.SuppressLint;
import android.annotation.TargetApi;
import android.content.Context;
import android.content.SharedPreferences;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.text.TextUtils;
import android.util.Base64;
import android.util.Pair;
import androidx.annotation.NonNull;
import androidx.annotation.Nullable;
import androidx.annotation.RequiresApi;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.lang.ref.WeakReference;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.InvalidParameterException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.CertificateException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Calendar;
import java.util.GregorianCalendar;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.security.auth.x500.X500Principal;
import timber.log.Timber;

@TargetApi(19)
/* loaded from: classes3.dex */
public class SecureStorage implements ISecureStorage {
    private static final String CIPHER_TRANSFORMATION = "RSA/None/PKCS1Padding";
    private static final String DELIMITER = ".";
    private static final String DELIMITER_SEARCH_REGEX = "\\.";
    private static final String KEYGUARD_REQUIRED_KEY = "#!KEYGUARD_REQUIRED!#";
    private static final String KEYSTORE_PROVIDER_ANDROID_KEYSTORE = "AndroidKeyStore";

    @SuppressLint({"InlinedApi"})
    static final String KEY_ALGORITHM;
    private static final int MAX_STORAGE_LOOPS = 100;
    private static final int MAX_STORE_BLOCK_SIZE = 116;
    private static final String RSA_NONE_PKCS1_PADDING = "RSA/None/PKCS1Padding";
    private static final String TYPE_RSA = "RSA";

    @SuppressLint({"QuestionableVariable"})
    private static WeakReference<KeyStore> sKeyStoreInstance;
    final WeakReference<Context> mContext;
    private final SecureStoreKeySpecGenerator mKeySpecGenerator;
    private final String mKeyStoreAlias;
    private final boolean mRequireKeyGuardEnabled;
    private final String mSharedPreferencesFile;

    /* loaded from: classes3.dex */
    public static class Builder {
        final Context mContext;
        String mKeyAlias;
        String mSharedPreferenceFilename;
        boolean mRequireKeyGuard = false;
        SecureStoreKeySpecGenerator mKeySpecGenerator = null;

        public Builder(@NonNull Context context) {
            this.mContext = context;
        }

        @NonNull
        public SecureStorage build() throws InvalidParameterException {
            if (TextUtils.isEmpty(this.mKeyAlias)) {
                throw new InvalidParameterException("KeyAlias is not set");
            }
            return new SecureStorage(this);
        }

        @NonNull
        public Builder setKeyAlias(@NonNull String str) {
            this.mKeyAlias = str;
            return this;
        }

        @NonNull
        public Builder setKeySpecGenerator(@NonNull SecureStoreKeySpecGenerator secureStoreKeySpecGenerator) {
            this.mKeySpecGenerator = secureStoreKeySpecGenerator;
            return this;
        }

        @NonNull
        public Builder setRequireKeyGuard(boolean z) {
            this.mRequireKeyGuard = z;
            return this;
        }

        @NonNull
        public Builder setSharedPreferenceFilename(@NonNull String str) {
            this.mSharedPreferenceFilename = str;
            return this;
        }
    }

    /* loaded from: classes3.dex */
    public static class KeyCollisionException extends Exception {
        KeyCollisionException(@NonNull String str) {
            super(str + " is reserved for use by the library");
        }
    }

    /* loaded from: classes3.dex */
    public static class KeyguardNotEnabledException extends Exception {
        KeyguardNotEnabledException() {
            super("KeyGuard is not enabled");
        }
    }

    /* loaded from: classes3.dex */
    public interface SecureStorageProvider {
        @NonNull
        SecureStorage getKeystore();

        @NonNull
        SecureStorage getKeystore(@Nullable String str);
    }

    /* loaded from: classes3.dex */
    public interface SecureStoreKeySpecGenerator {
        @NonNull
        @RequiresApi(api = 23)
        KeyGenParameterSpec getKeyGenParameterSpec(@NonNull String str);

        @NonNull
        KeyPairGeneratorSpec getKeyPairGeneratorSpec(@NonNull String str) throws NoSuchAlgorithmException;
    }

    static {
        int i = Build.VERSION.SDK_INT;
        KEY_ALGORITHM = TYPE_RSA;
    }

    public SecureStorage(@NonNull Context context, @NonNull String str) {
        this(new Builder(context).setKeyAlias(str));
    }

    public SecureStorage(@NonNull Context context, @NonNull String str, @NonNull String str2) {
        this(new Builder(context).setKeyAlias(str2).setSharedPreferenceFilename(str));
    }

    public SecureStorage(@NonNull Context context, @NonNull String str, @NonNull String str2, boolean z) {
        this(new Builder(context).setKeyAlias(str2).setSharedPreferenceFilename(str).setRequireKeyGuard(z));
    }

    SecureStorage(Builder builder) {
        this.mContext = new WeakReference<>(builder.mContext.getApplicationContext());
        this.mKeyStoreAlias = builder.mKeyAlias;
        this.mSharedPreferencesFile = TextUtils.isEmpty(builder.mSharedPreferenceFilename) ? this.mKeyStoreAlias : builder.mSharedPreferenceFilename;
        this.mRequireKeyGuardEnabled = getSharedPreferencesFile().getBoolean(KEYGUARD_REQUIRED_KEY, builder.mRequireKeyGuard);
        this.mKeySpecGenerator = builder.mKeySpecGenerator != null ? builder.mKeySpecGenerator : new SecureStoreKeySpecGenerator() { // from class: hp.secure.storage.SecureStorage.1
            private Calendar getEndDate() {
                GregorianCalendar gregorianCalendar = new GregorianCalendar();
                gregorianCalendar.add(1, 2);
                return gregorianCalendar;
            }

            private Calendar getStartDate() {
                GregorianCalendar gregorianCalendar = new GregorianCalendar();
                gregorianCalendar.add(12, -1);
                return gregorianCalendar;
            }

            @Override // hp.secure.storage.SecureStorage.SecureStoreKeySpecGenerator
            @NonNull
            @TargetApi(23)
            public KeyGenParameterSpec getKeyGenParameterSpec(@NonNull String str) {
                Timber.d("create new Key", new Object[0]);
                return new KeyGenParameterSpec.Builder(str, 3).setCertificateSubject(new X500Principal("CN=" + str)).setCertificateSerialNumber(BigInteger.valueOf(1337L)).setKeyValidityStart(getStartDate().getTime()).setKeyValidityEnd(getEndDate().getTime()).setEncryptionPaddings("PKCS1Padding").setRandomizedEncryptionRequired(true).build();
            }

            @Override // hp.secure.storage.SecureStorage.SecureStoreKeySpecGenerator
            @NonNull
            @SuppressLint({"WrongConstant"})
            public KeyPairGeneratorSpec getKeyPairGeneratorSpec(@NonNull String str) throws NoSuchAlgorithmException {
                Timber.d("create new Key", new Object[0]);
                return new KeyPairGeneratorSpec.Builder(SecureStorage.this.mContext.get()).setKeyType(SecureStorage.KEY_ALGORITHM).setAlias(str).setSubject(new X500Principal("CN=" + str)).setSerialNumber(BigInteger.valueOf(1337L)).setStartDate(getStartDate().getTime()).setEndDate(getEndDate().getTime()).build();
            }
        };
    }

    private static byte[] getDecryptedValue(PrivateKey privateKey, byte[] bArr) throws InvalidKeyException, IOException, IllegalBlockSizeException, BadPaddingException, NoSuchPaddingException, NoSuchAlgorithmException {
        Cipher cipher = Cipher.getInstance("RSA/None/PKCS1Padding");
        cipher.init(2, privateKey);
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byte[] update = cipher.update(bArr);
        if (update != null) {
            byteArrayOutputStream.write(update);
        }
        byte[] doFinal = cipher.doFinal();
        if (doFinal != null) {
            byteArrayOutputStream.write(doFinal);
        }
        return byteArrayOutputStream.toByteArray();
    }

    private static ArrayList<byte[]> getEncryptedTextList(PublicKey publicKey, byte[] bArr) throws InvalidKeyException, IOException, IllegalBlockSizeException, BadPaddingException, NoSuchAlgorithmException, NoSuchPaddingException {
        ArrayList<byte[]> arrayList = new ArrayList<>();
        Cipher cipher = Cipher.getInstance("RSA/None/PKCS1Padding");
        cipher.init(1, publicKey);
        int blockSize = cipher.getBlockSize();
        if (blockSize <= 0) {
            blockSize = 116;
        }
        int length = bArr.length;
        int i = 0;
        int i2 = 0;
        while (i < length) {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            int i3 = i + blockSize;
            if (i3 > length) {
                i3 = length;
            }
            byte[] update = cipher.update(Arrays.copyOfRange(bArr, i, i3));
            if (update != null) {
                byteArrayOutputStream.write(update);
            }
            byte[] doFinal = cipher.doFinal();
            if (doFinal != null) {
                byteArrayOutputStream.write(doFinal);
            }
            arrayList.add(byteArrayOutputStream.toByteArray());
            i2++;
            if (i2 > 100) {
                return null;
            }
            i = i3;
        }
        return arrayList;
    }

    /* JADX WARN: Removed duplicated region for block: B:17:0x0098 A[Catch: KeyStoreException -> 0x00ae, IllegalStateException | InvalidAlgorithmParameterException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | UnrecoverableEntryException -> 0x00b0, InvalidAlgorithmParameterException -> 0x00b2, NoSuchAlgorithmException -> 0x00b4, NoSuchProviderException -> 0x00b6, IllegalStateException -> 0x00b8, TryCatch #3 {IllegalStateException | InvalidAlgorithmParameterException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | UnrecoverableEntryException -> 0x00b0, blocks: (B:32:0x0009, B:34:0x0011, B:36:0x001e, B:37:0x002f, B:7:0x004f, B:9:0x0055, B:11:0x005f, B:14:0x0067, B:15:0x0090, B:17:0x0098, B:19:0x00a4, B:22:0x006a, B:24:0x0072, B:26:0x007e, B:28:0x0082, B:30:0x008a, B:38:0x0027, B:6:0x0048), top: B:31:0x0009 }] */
    /* JADX WARN: Removed duplicated region for block: B:19:0x00a4 A[Catch: KeyStoreException -> 0x00ae, IllegalStateException | InvalidAlgorithmParameterException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | UnrecoverableEntryException -> 0x00b0, InvalidAlgorithmParameterException -> 0x00b2, NoSuchAlgorithmException -> 0x00b4, NoSuchProviderException -> 0x00b6, IllegalStateException -> 0x00b8, TRY_LEAVE, TryCatch #3 {IllegalStateException | InvalidAlgorithmParameterException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | UnrecoverableEntryException -> 0x00b0, blocks: (B:32:0x0009, B:34:0x0011, B:36:0x001e, B:37:0x002f, B:7:0x004f, B:9:0x0055, B:11:0x005f, B:14:0x0067, B:15:0x0090, B:17:0x0098, B:19:0x00a4, B:22:0x006a, B:24:0x0072, B:26:0x007e, B:28:0x0082, B:30:0x008a, B:38:0x0027, B:6:0x0048), top: B:31:0x0009 }] */
    /* JADX WARN: Removed duplicated region for block: B:22:0x006a A[Catch: KeyStoreException -> 0x00ae, IllegalStateException | InvalidAlgorithmParameterException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | UnrecoverableEntryException -> 0x00b0, InvalidAlgorithmParameterException -> 0x00b2, NoSuchAlgorithmException -> 0x00b4, NoSuchProviderException -> 0x00b6, IllegalStateException -> 0x00b8, TryCatch #3 {IllegalStateException | InvalidAlgorithmParameterException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | UnrecoverableEntryException -> 0x00b0, blocks: (B:32:0x0009, B:34:0x0011, B:36:0x001e, B:37:0x002f, B:7:0x004f, B:9:0x0055, B:11:0x005f, B:14:0x0067, B:15:0x0090, B:17:0x0098, B:19:0x00a4, B:22:0x006a, B:24:0x0072, B:26:0x007e, B:28:0x0082, B:30:0x008a, B:38:0x0027, B:6:0x0048), top: B:31:0x0009 }] */
    /* JADX WARN: Removed duplicated region for block: B:9:0x0055 A[Catch: KeyStoreException -> 0x00ae, IllegalStateException | InvalidAlgorithmParameterException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | UnrecoverableEntryException -> 0x00b0, InvalidAlgorithmParameterException -> 0x00b2, NoSuchAlgorithmException -> 0x00b4, NoSuchProviderException -> 0x00b6, IllegalStateException -> 0x00b8, TryCatch #3 {IllegalStateException | InvalidAlgorithmParameterException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | UnrecoverableEntryException -> 0x00b0, blocks: (B:32:0x0009, B:34:0x0011, B:36:0x001e, B:37:0x002f, B:7:0x004f, B:9:0x0055, B:11:0x005f, B:14:0x0067, B:15:0x0090, B:17:0x0098, B:19:0x00a4, B:22:0x006a, B:24:0x0072, B:26:0x007e, B:28:0x0082, B:30:0x008a, B:38:0x0027, B:6:0x0048), top: B:31:0x0009 }] */
    @android.annotation.SuppressLint({"WrongConstant", "TrulyRandom"})
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private android.util.Pair<java.security.PrivateKey, java.security.PublicKey> getKeyPair(boolean r7) {
        /*
            Method dump skipped, instructions count: 208
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: hp.secure.storage.SecureStorage.getKeyPair(boolean):android.util.Pair");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @NonNull
    public static synchronized KeyStore getKeyStore() throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException {
        KeyStore keyStore;
        synchronized (SecureStorage.class) {
            keyStore = sKeyStoreInstance != null ? sKeyStoreInstance.get() : null;
            if (keyStore == null) {
                keyStore = KeyStore.getInstance("AndroidKeyStore");
                keyStore.load(null, null);
                sKeyStoreInstance = new WeakReference<>(keyStore);
            }
        }
        return keyStore;
    }

    private SharedPreferences getSharedPreferencesFile() {
        return this.mContext.get().getSharedPreferences(this.mSharedPreferencesFile, 0);
    }

    private boolean isReservedKey(@NonNull String str) {
        return ((str.hashCode() == 1922368796 && str.equals(KEYGUARD_REQUIRED_KEY)) ? (char) 0 : (char) 65535) == 0;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void resetKeyStoreInstance() {
        sKeyStoreInstance = null;
    }

    @Override // hp.secure.storage.ISecureStorage
    @TargetApi(19)
    public void delete(@NonNull String str) {
        if (TextUtils.equals(str, KEYGUARD_REQUIRED_KEY)) {
            return;
        }
        SharedPreferences.Editor edit = getSharedPreferencesFile().edit();
        edit.remove(str);
        edit.apply();
    }

    @Override // hp.secure.storage.ISecureStorage
    @Nullable
    @TargetApi(19)
    public SecuredString get(@NonNull String str) {
        String string;
        if (isReservedKey(str)) {
            return new SecuredString(new KeyCollisionException(str));
        }
        if (this.mRequireKeyGuardEnabled && !LockScreenChecker.isKeyguardSecure(this.mContext.get())) {
            return new SecuredString(new KeyguardNotEnabledException());
        }
        Pair<PrivateKey, PublicKey> keyPair = getKeyPair(false);
        if (keyPair == null || (string = getSharedPreferencesFile().getString(str, null)) == null) {
            return null;
        }
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        for (String str2 : string.split("\\.")) {
            try {
                byte[] decryptedValue = getDecryptedValue((PrivateKey) keyPair.first, Base64.decode(str2, 3));
                if (decryptedValue != null) {
                    byteArrayOutputStream.write(decryptedValue);
                }
            } catch (IOException | InvalidKeyException | NoSuchAlgorithmException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e) {
                Timber.e(e);
                return new SecuredString(e);
            }
        }
        return new SecuredString(Utils.toChar(byteArrayOutputStream.toByteArray()));
    }

    @Override // hp.secure.storage.ISecureStorage
    @TargetApi(19)
    public int invalidate() {
        try {
            getKeyStore().deleteEntry(this.mKeyStoreAlias);
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            Timber.e(e, "Could not load keystore file", new Object[0]);
        }
        SharedPreferences sharedPreferencesFile = getSharedPreferencesFile();
        int size = sharedPreferencesFile.getAll().size();
        SharedPreferences.Editor edit = sharedPreferencesFile.edit();
        edit.clear();
        edit.apply();
        return Math.max(0, size - 1);
    }

    @Override // hp.secure.storage.ISecureStorage
    @TargetApi(19)
    public boolean isReady() {
        return getKeyPair(true) != null && (!this.mRequireKeyGuardEnabled || LockScreenChecker.isKeyguardSecure(this.mContext.get()));
    }

    @Override // hp.secure.storage.ISecureStorage
    @TargetApi(19)
    public boolean put(@NonNull String str, @NonNull SecuredString securedString) {
        if (isReservedKey(str)) {
            securedString.setException(new KeyCollisionException(str));
            return false;
        }
        if (this.mRequireKeyGuardEnabled && !LockScreenChecker.isKeyguardSecure(this.mContext.get())) {
            securedString.setException(new KeyguardNotEnabledException());
            return false;
        }
        Pair<PrivateKey, PublicKey> keyPair = getKeyPair(true);
        if (keyPair != null) {
            ArrayList<byte[]> arrayList = null;
            try {
                arrayList = getEncryptedTextList((PublicKey) keyPair.second, Utils.toBytes(securedString.getCharArray()));
            } catch (IOException | InvalidKeyException | NoSuchAlgorithmException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e) {
                Timber.e(e);
                securedString.setException(e);
            }
            if (arrayList != null) {
                StringBuilder sb = new StringBuilder();
                SharedPreferences.Editor edit = getSharedPreferencesFile().edit();
                for (int i = 0; i < arrayList.size(); i++) {
                    byte[] bArr = arrayList.get(i);
                    if (i != 0) {
                        sb.append(".");
                    }
                    sb.append(Base64.encodeToString(bArr, 3));
                }
                edit.putString(str, sb.toString());
                edit.putBoolean(KEYGUARD_REQUIRED_KEY, this.mRequireKeyGuardEnabled);
                edit.apply();
                return true;
            }
        }
        return false;
    }
}
