package devliving.online.securedpreferencestore;

import android.annotation.TargetApi;
import android.content.Context;
import android.content.SharedPreferences;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import devliving.online.securedpreferencestore.d;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.SecureRandom;
import java.security.UnrecoverableEntryException;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Calendar;
import java.util.List;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.KeyGenerator;
import javax.crypto.Mac;
import javax.crypto.SecretKey;
import javax.crypto.spec.GCMParameterSpec;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;
import org.android.spdy.SpdyProtocol;

/* loaded from: classes.dex */
public class b {

    /* renamed from: a, reason: collision with root package name */
    SharedPreferences f5012a;

    /* renamed from: b, reason: collision with root package name */
    d.b f5013b;
    private final int c = 2048;
    private final int d = 256;
    private final int e = 256;
    private final int f = SpdyProtocol.SLIGHTSSLV2;
    private final String g = "AndroidKeyStore";
    private final String h = "AndroidOpenSSL";
    private final String i = "BC";
    private final String j = "sps_rsa_key";
    private final String k = "sps_aes_key";
    private final String l = "sps_mac_key";
    private final String m = "]";
    private final String n = "RSA/ECB/PKCS1Padding";
    private final String o = "AES/GCM/NoPadding";
    private final String p = "AES/CBC/PKCS7Padding";
    private final String q = "HmacSHA256";
    private final String r = "sps_data_in_compat";
    private KeyStore s;
    private SecretKey t;
    private SecretKey u;
    private RSAPublicKey v;
    private RSAPrivateKey w;
    private boolean x;
    private Context y;

    /* loaded from: classes.dex */
    public static class a {

        /* renamed from: a, reason: collision with root package name */
        byte[] f5014a = null;

        /* renamed from: b, reason: collision with root package name */
        byte[] f5015b = null;
        byte[] c = null;

        byte[] a() {
            byte[] bArr = new byte[this.f5014a.length + this.f5015b.length];
            System.arraycopy(this.f5014a, 0, bArr, 0, this.f5014a.length);
            System.arraycopy(this.f5015b, 0, bArr, this.f5014a.length, this.f5015b.length);
            return bArr;
        }
    }

    /* renamed from: devliving.online.securedpreferencestore.b$b, reason: collision with other inner class name */
    /* loaded from: classes.dex */
    public class C0133b extends GeneralSecurityException {
        public C0133b() {
            super("Invalid Mac, failed to verify integrity.");
        }
    }

    public b(Context context, SharedPreferences sharedPreferences, d.b bVar) {
        boolean z = false;
        this.x = false;
        this.x = sharedPreferences.getBoolean(c("sps_data_in_compat"), Build.VERSION.SDK_INT < 23);
        this.f5013b = bVar;
        this.y = context;
        this.f5012a = sharedPreferences;
        b();
        try {
            a(context, sharedPreferences);
        } catch (Exception e) {
            if (!a((b) e)) {
                throw e;
            }
            z = b((b) e);
        }
        if (z) {
            a(context, sharedPreferences);
        }
    }

    public static String c(String str) {
        return c(MessageDigest.getInstance("SHA-256").digest(str.getBytes("UTF-8")));
    }

    static String c(byte[] bArr) {
        StringBuilder sb = new StringBuilder();
        for (byte b2 : bArr) {
            sb.append(String.format("%02X", Byte.valueOf(b2)));
        }
        return sb.toString();
    }

    public static String d(byte[] bArr) {
        return Base64.encodeToString(bArr, 2);
    }

    public static byte[] d(String str) {
        return Base64.decode(str, 2);
    }

    public a a(byte[] bArr) {
        boolean b2;
        a aVar;
        try {
            aVar = b(bArr);
            b2 = false;
        } catch (Exception e) {
            if (!a((b) e)) {
                throw e;
            }
            b2 = b((b) e);
            aVar = null;
        }
        if (!b2) {
            return aVar;
        }
        a(this.y, this.f5012a);
        return b(bArr);
    }

    @TargetApi(19)
    a a(byte[] bArr, byte[] bArr2) {
        Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
        cipher.init(1, this.t, new GCMParameterSpec(SpdyProtocol.SLIGHTSSLV2, bArr2));
        a aVar = new a();
        aVar.f5014a = cipher.getIV();
        aVar.f5015b = cipher.doFinal(bArr);
        return aVar;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String a(String str) {
        if (str == null || str.length() <= 0) {
            return null;
        }
        return c(a(str.getBytes("UTF-8")));
    }

    List<String> a() {
        return Arrays.asList("sps_aes_key", "sps_rsa_key");
    }

    void a(Context context) {
        KeyPairGeneratorSpec.Builder serialNumber;
        X500Principal x500Principal;
        if (this.s.containsAlias("sps_rsa_key")) {
            return;
        }
        Calendar calendar = Calendar.getInstance();
        Calendar calendar2 = Calendar.getInstance();
        calendar2.add(1, 25);
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
        if (Build.VERSION.SDK_INT >= 19) {
            serialNumber = new KeyPairGeneratorSpec.Builder(context).setAlias("sps_rsa_key").setKeySize(2048).setKeyType("RSA").setEndDate(calendar2.getTime()).setStartDate(calendar.getTime()).setSerialNumber(BigInteger.ONE);
            x500Principal = new X500Principal("CN = Secured Preference Store, O = Devliving Online");
        } else {
            serialNumber = new KeyPairGeneratorSpec.Builder(context).setAlias("sps_rsa_key").setEndDate(calendar2.getTime()).setStartDate(calendar.getTime()).setSerialNumber(BigInteger.ONE);
            x500Principal = new X500Principal("CN = Secured Preference Store, O = Devliving Online");
        }
        keyPairGenerator.initialize(serialNumber.setSubject(x500Principal).build());
        keyPairGenerator.generateKeyPair();
    }

    void a(Context context, SharedPreferences sharedPreferences) {
        b(context, sharedPreferences);
        a(sharedPreferences);
    }

    void a(SharedPreferences sharedPreferences) {
        if (this.x) {
            this.t = d(sharedPreferences);
            this.u = e(sharedPreferences);
        } else if (this.s.containsAlias("sps_aes_key") && this.s.entryInstanceOf("sps_aes_key", KeyStore.SecretKeyEntry.class)) {
            this.t = ((KeyStore.SecretKeyEntry) this.s.getEntry("sps_aes_key", null)).getSecretKey();
        }
    }

    <T extends Exception> boolean a(T t) {
        if ((t instanceof KeyStoreException) || (t instanceof UnrecoverableEntryException) || (t instanceof InvalidKeyException) || (t instanceof IllegalStateException)) {
            return true;
        }
        return (t instanceof IOException) && t.getCause() != null && (t.getCause() instanceof BadPaddingException);
    }

    public byte[] a(a aVar) {
        boolean b2;
        byte[] bArr;
        try {
            bArr = b(aVar);
            b2 = false;
        } catch (Exception e) {
            if (!a((b) e)) {
                throw e;
            }
            b2 = b((b) e);
            bArr = null;
        }
        if (!b2) {
            return bArr;
        }
        a(this.y, this.f5012a);
        return b(aVar);
    }

    public a b(byte[] bArr) {
        if (bArr == null || bArr.length <= 0) {
            return null;
        }
        byte[] c = c();
        return this.x ? b(bArr, c) : a(bArr, c);
    }

    a b(byte[] bArr, byte[] bArr2) {
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding", "BC");
        cipher.init(1, this.t, new IvParameterSpec(bArr2));
        a aVar = new a();
        aVar.f5014a = cipher.getIV();
        aVar.f5015b = cipher.doFinal(bArr);
        aVar.c = e(aVar.a());
        return aVar;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String b(String str) {
        if (str == null || str.length() <= 0) {
            return null;
        }
        byte[] a2 = a(e(str));
        return new String(a2, 0, a2.length, "UTF-8");
    }

    void b() {
        this.s = KeyStore.getInstance("AndroidKeyStore");
        this.s.load(null);
    }

    void b(Context context, SharedPreferences sharedPreferences) {
        if (!this.x) {
            d();
            return;
        }
        a(context);
        e();
        b(sharedPreferences);
        c(sharedPreferences);
    }

    boolean b(SharedPreferences sharedPreferences) {
        String c = c("sps_aes_key");
        if (sharedPreferences.contains(c)) {
            return false;
        }
        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
        keyGenerator.init(256);
        boolean commit = sharedPreferences.edit().putString(c, d(f(keyGenerator.generateKey().getEncoded()))).commit();
        sharedPreferences.edit().putBoolean(c("sps_data_in_compat"), true).apply();
        return commit;
    }

    <T extends Exception> boolean b(T t) {
        return this.f5013b != null && this.f5013b.a(t, this.s, a());
    }

    public byte[] b(a aVar) {
        if (aVar == null || aVar.f5015b == null) {
            return null;
        }
        return this.x ? e(aVar) : d(aVar);
    }

    String c(a aVar) {
        StringBuilder sb;
        byte[] bArr;
        if (aVar.c != null) {
            sb = new StringBuilder();
            sb.append(d(aVar.f5014a));
            sb.append("]");
            sb.append(d(aVar.f5015b));
            sb.append("]");
            bArr = aVar.c;
        } else {
            sb = new StringBuilder();
            sb.append(d(aVar.f5014a));
            sb.append("]");
            bArr = aVar.f5015b;
        }
        sb.append(d(bArr));
        return sb.toString();
    }

    boolean c(SharedPreferences sharedPreferences) {
        String c = c("sps_mac_key");
        if (sharedPreferences.contains(c)) {
            return false;
        }
        byte[] bArr = new byte[32];
        new SecureRandom().nextBytes(bArr);
        return sharedPreferences.edit().putString(c, d(f(bArr))).commit();
    }

    boolean c(byte[] bArr, byte[] bArr2) {
        if (bArr == null || bArr2 == null) {
            return false;
        }
        byte[] e = e(bArr2);
        if (e.length != bArr.length) {
            return false;
        }
        int i = 0;
        for (int i2 = 0; i2 < e.length; i2++) {
            i |= e[i2] ^ bArr[i2];
        }
        return i == 0;
    }

    byte[] c() {
        byte[] bArr = new byte[!this.x ? 12 : 16];
        new SecureRandom().nextBytes(bArr);
        return bArr;
    }

    SecretKey d(SharedPreferences sharedPreferences) {
        String string = sharedPreferences.getString(c("sps_aes_key"), null);
        if (string != null) {
            return new SecretKeySpec(g(d(string)), "AES");
        }
        return null;
    }

    @TargetApi(23)
    boolean d() {
        Calendar calendar = Calendar.getInstance();
        Calendar calendar2 = Calendar.getInstance();
        calendar2.add(1, 25);
        if (this.s.containsAlias("sps_aes_key")) {
            return false;
        }
        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", "AndroidKeyStore");
        keyGenerator.init(new KeyGenParameterSpec.Builder("sps_aes_key", 3).setCertificateSubject(new X500Principal("CN = Secured Preference Store, O = Devliving Online")).setCertificateSerialNumber(BigInteger.ONE).setKeySize(256).setKeyValidityEnd(calendar2.getTime()).setKeyValidityStart(calendar.getTime()).setBlockModes("GCM").setEncryptionPaddings("NoPadding").setRandomizedEncryptionRequired(false).build());
        keyGenerator.generateKey();
        return true;
    }

    @TargetApi(19)
    byte[] d(a aVar) {
        Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
        cipher.init(2, this.t, new GCMParameterSpec(SpdyProtocol.SLIGHTSSLV2, aVar.f5014a));
        return cipher.doFinal(aVar.f5015b);
    }

    a e(String str) {
        a aVar = new a();
        String[] split = str.split("]");
        aVar.f5014a = d(split[0]);
        aVar.f5015b = d(split[1]);
        if (split.length > 2) {
            aVar.c = d(split[2]);
        }
        return aVar;
    }

    SecretKey e(SharedPreferences sharedPreferences) {
        String string = sharedPreferences.getString(c("sps_mac_key"), null);
        if (string != null) {
            return new SecretKeySpec(g(d(string)), "HmacSHA256");
        }
        return null;
    }

    void e() {
        if (this.s.containsAlias("sps_rsa_key") && this.s.entryInstanceOf("sps_rsa_key", KeyStore.PrivateKeyEntry.class)) {
            KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) this.s.getEntry("sps_rsa_key", null);
            this.v = (RSAPublicKey) privateKeyEntry.getCertificate().getPublicKey();
            this.w = (RSAPrivateKey) privateKeyEntry.getPrivateKey();
        }
    }

    byte[] e(a aVar) {
        if (!c(aVar.c, aVar.a())) {
            throw new C0133b();
        }
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding", "BC");
        cipher.init(2, this.t, new IvParameterSpec(aVar.f5014a));
        return cipher.doFinal(aVar.f5015b);
    }

    byte[] e(byte[] bArr) {
        Mac mac = Mac.getInstance("HmacSHA256");
        mac.init(this.u);
        return mac.doFinal(bArr);
    }

    byte[] f(byte[] bArr) {
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", "AndroidOpenSSL");
        cipher.init(1, this.v);
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, cipher);
        cipherOutputStream.write(bArr);
        cipherOutputStream.close();
        return byteArrayOutputStream.toByteArray();
    }

    byte[] g(byte[] bArr) {
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", "AndroidOpenSSL");
        cipher.init(2, this.w);
        CipherInputStream cipherInputStream = new CipherInputStream(new ByteArrayInputStream(bArr), cipher);
        ArrayList arrayList = new ArrayList();
        while (true) {
            int read = cipherInputStream.read();
            if (read == -1) {
                break;
            }
            arrayList.add(Byte.valueOf((byte) read));
        }
        byte[] bArr2 = new byte[arrayList.size()];
        for (int i = 0; i < bArr2.length; i++) {
            bArr2[i] = ((Byte) arrayList.get(i)).byteValue();
        }
        cipherInputStream.close();
        return bArr2;
    }
}
