package com.symantec.util;

import android.annotation.SuppressLint;
import android.content.Context;
import android.content.SharedPreferences;
import android.security.keystore.KeyPermanentlyInvalidatedException;
import com.symantec.idsc.IdscPreference;
import com.symantec.idsc.data.type.IdscMessage;
import com.symantec.mobile.idsc.shared.config.ConfigurationManager;
import com.symantec.mobile.idsc.shared.logging.SecureLogger2;
import com.symantec.ping.PingImplement;
import com.symantec.secureenclave.CipherInfo;
import com.symantec.secureenclave.KeyData;
import com.symantec.secureenclave.KeyDataException;
import com.symantec.secureenclave.KeyManager;
import com.symantec.secureenclave.KeySchema;
import com.symantec.secureenclave.SecureBinary;
import io.sentry.android.core.SentryLogcatAdapter;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.logging.Level;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;

/* loaded from: classes5.dex */
public class ResetPasswordKeyUtils {

    /* renamed from: a, reason: collision with root package name */
    private static final String f69440a = "com.symantec.util.ResetPasswordKeyUtils";

    /* renamed from: b, reason: collision with root package name */
    private static Context f69441b;

    private static void a(String str, String str2, String str3) {
        IdscUtils.sendBroadCast(f69441b, str, str2, str3);
    }

    private static KeyData b(String str) {
        KeyData keyData = new KeyData();
        keyData.setAlias(str);
        keyData.setAuthValidityDurationInSeconds(60);
        keyData.setDigest("SHA-256");
        keyData.setKeyStoreProvider("AndroidKeyStore");
        keyData.setKeyGenerationAlgorithm("RSA");
        keyData.setEncryptionPadding("OAEPPadding");
        keyData.setIsUserAuthNeeded(false);
        keyData.setKeySize(2048);
        return keyData;
    }

    private static CipherInfo c(String str) {
        CipherInfo cipherInfo = new CipherInfo();
        cipherInfo.setAlias(str);
        cipherInfo.setKeyStoreProvider("AndroidKeyStore");
        cipherInfo.setEncryptDecryptAlgorithm(KeySchema.ASYMMETRIC_CIPHER_STRING);
        return cipherInfo;
    }

    @SuppressLint({"NewApi"})
    public static byte[] decryptAndFetchKeys(String str, String str2, String str3) throws KeyDataException {
        try {
            return new KeyManager("AndroidKeyStore").asymmetricDecryption(new SecureBinary(android.util.Base64.decode(com.symantec.mobile.idsc.shared.util.Utils.getPreference(str2, str3), 10)), c(str)).getData();
        } catch (KeyPermanentlyInvalidatedException e2) {
            SecureLogger2.log(Level.SEVERE, f69440a, "decryptAndFetchKeys", e2.getMessage());
            deleteVaultKeysOnKeystore(str3, str);
            a(IdscMessage.VAULT_KEYSTORE_MESSAGE, IdscMessage.VAULT_STOREKEYS_FETCH_MESSAGE, e2.getMessage());
            PingImplement.getInstance().sendInstantErrorPing("ResetPasswordKeyUtils", "decryptAndFetchKeys", e2.getMessage() + Arrays.toString(e2.getStackTrace()));
            throw new KeyDataException("Key permanently invalidated");
        } catch (KeyDataException e3) {
            SentryLogcatAdapter.e("Error in decryption", e3.getMessage());
            a(IdscMessage.VAULT_KEYSTORE_MESSAGE, IdscMessage.VAULT_STOREKEYS_DECRYPT_MESSAGE, e3.getMessage());
            throw new KeyDataException("Error in decryption");
        }
    }

    public static String decryptPIN(String str, String str2) {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            SecretKey secretKey = (SecretKey) keyStore.getKey(str, null);
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
            cipher.init(2, secretKey, new IvParameterSpec(android.util.Base64.decode(ConfigurationManager.getInstance().getEncryptionIV(IdscUtils.getPrefKeyUsingNaAccount() + "_IV"), 0)));
            CipherInputStream cipherInputStream = new CipherInputStream(new ByteArrayInputStream(android.util.Base64.decode(str2, 0)), cipher);
            ArrayList arrayList = new ArrayList();
            while (true) {
                int read = cipherInputStream.read();
                if (read == -1) {
                    break;
                }
                arrayList.add(Byte.valueOf((byte) read));
            }
            int size = arrayList.size();
            byte[] bArr = new byte[size];
            for (int i2 = 0; i2 < size; i2++) {
                bArr[i2] = ((Byte) arrayList.get(i2)).byteValue();
            }
            return new String(bArr, 0, size, com.symantec.mobile.safebrowser.Constants.UTF_8);
        } catch (IOException | InvalidAlgorithmParameterException | InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException | CertificateException | NoSuchPaddingException e2) {
            SentryLogcatAdapter.e("decryptPIN", e2.getMessage());
            return null;
        }
    }

    public static void deleteDepricatedAliasIfExist() {
        if (doesVaultKeysExistOnKeystore("com.symantec.idsafe.data." + IdscPreference.getNaGuid(), "com.symantec.idsafe.PasswordKey.npw." + IdscPreference.getNaGuid())) {
            deleteVaultKeysOnKeystore("com.symantec.idsafe.data." + IdscPreference.getNaGuid(), "com.symantec.idsafe.PasswordKey.npw." + IdscPreference.getNaGuid());
        }
        if (doesVaultKeysExistOnKeystore("com.symantec.idsafe.data.npw." + IdscPreference.getNaGuid(), "com.symantec.idsafe.Password.npw." + IdscPreference.getNaGuid())) {
            deleteVaultKeysOnKeystore("com.symantec.idsafe.data.npw." + IdscPreference.getNaGuid(), "com.symantec.idsafe.Password.npw." + IdscPreference.getNaGuid());
        }
    }

    public static void deleteVaultKeysOnKeystore(String str, String str2) {
        try {
            KeyManager keyManager = new KeyManager("AndroidKeyStore");
            if (keyManager.isKeyExist(str2)) {
                keyManager.deleteKey(str2);
            }
            SharedPreferences.Editor edit = f69441b.getSharedPreferences(str, 0).edit();
            edit.clear();
            edit.commit();
            try {
                throw new RuntimeException("DeleteVaultKeysOnKeystore");
            } catch (RuntimeException e2) {
                PingImplement.getInstance().sendInstantErrorPing("ResetPasswordKeyUtils", "DeleteVaultKeysOnKeystore", e2.getMessage() + Arrays.toString(e2.getStackTrace()));
            }
        } catch (Exception e3) {
            SecureLogger2.log(Level.SEVERE, f69440a, "deleteVaultKeysOnKeystore", e3.getMessage());
        }
    }

    public static boolean doesVaultKeysExistOnKeystore(String str, String str2) {
        try {
            if (!new KeyManager("AndroidKeyStore").isKeyExist(str2) || com.symantec.mobile.idsc.shared.util.Utils.getPreference("challengeKey", str).isEmpty() || com.symantec.mobile.idsc.shared.util.Utils.getPreference("encryptionKey", str).isEmpty()) {
                return false;
            }
            return !com.symantec.mobile.idsc.shared.util.Utils.getPreference("obfuscationKey", str).isEmpty();
        } catch (Exception e2) {
            SecureLogger2.log(Level.SEVERE, f69440a, "doesVaultKeysExistOnKeystore", e2.getMessage());
            return false;
        }
    }

    public static boolean encryptAndStoreKeys(byte[] bArr, String str, String str2, String str3) {
        try {
            KeyManager keyManager = new KeyManager("AndroidKeyStore");
            if (!keyManager.isSecureHardwarePresent()) {
                return false;
            }
            if (!keyManager.isKeyExist(str)) {
                keyManager.generateAsymmetricKeyPairWithAuth(b(str));
            }
            com.symantec.mobile.idsc.shared.util.Utils.setPreference(str2, android.util.Base64.encodeToString(keyManager.asymmetricEncryption(new SecureBinary(bArr), c(str), b(str)).getData(), 10), str3);
            return true;
        } catch (KeyDataException e2) {
            SentryLogcatAdapter.e("Error in encryption", e2.getMessage());
            a(IdscMessage.VAULT_KEYSTORE_MESSAGE, IdscMessage.VAULT_STOREKEYS_MESSAGE, e2.getMessage());
            return false;
        }
    }

    public static String getResetVaultAliasName() {
        return "com.symantec.idsafe.Password.npw.v3." + IdscPreference.getNaGuid();
    }

    public static String getResetVaultPreferenceName() {
        return "com.symantec.idsafe.data.npw.v3." + IdscPreference.getNaGuid();
    }

    public static void init(Context context) {
        f69441b = context.getApplicationContext();
    }
}
