package org.hisp.dhis.android.core.arch.storage.internal;

import android.content.Context;
import android.content.SharedPreferences;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import android.util.Log;
import java.io.IOException;
import java.math.BigInteger;
import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.spec.AlgorithmParameterSpec;
import java.util.Date;
import java.util.GregorianCalendar;
import java.util.Set;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.security.auth.x500.X500Principal;
import org.hisp.dhis.android.core.maintenance.D2Error;
import org.hisp.dhis.android.core.maintenance.D2ErrorCode;
import org.hisp.dhis.android.core.maintenance.D2ErrorComponent;

/* loaded from: classes6.dex */
public final class AndroidSecureStore implements SecureStore {
    private static final String ALIAS = "dhis_sdk_key";
    private static final Charset CHARSET = StandardCharsets.UTF_8;
    private static final String KEYSTORE_PROVIDER_ANDROID_KEYSTORE = "AndroidKeyStore";
    private static final String KEY_ALGORITHM_RSA = "RSA";
    private static final String KEY_CIPHER_JELLYBEAN_PROVIDER = "AndroidOpenSSL";
    private static final String KEY_CIPHER_MARSHMALLOW_PROVIDER = "AndroidKeyStoreBCWorkaround";
    private static final String PREFERENCES_FILE = "preferences";
    private static final String RSA_ECB_PKCS1_PADDING = "RSA/ECB/PKCS1Padding";
    private final SharedPreferences preferences;

    public AndroidSecureStore(Context context) throws D2Error {
        this.preferences = context.getSharedPreferences(PREFERENCES_FILE, 0);
        try {
            KeyStore keyStore = KeyStore.getInstance(KEYSTORE_PROVIDER_ANDROID_KEYSTORE);
            keyStore.load(null);
            if (((PrivateKey) keyStore.getKey(ALIAS, null)) != null && keyStore.getCertificate(ALIAS) != null) {
                if (keyStore.getCertificate(ALIAS).getPublicKey() != null) {
                    return;
                }
            }
            GregorianCalendar gregorianCalendar = new GregorianCalendar();
            GregorianCalendar gregorianCalendar2 = new GregorianCalendar();
            gregorianCalendar2.add(1, 10);
            AlgorithmParameterSpec build = Build.VERSION.SDK_INT < 23 ? new KeyPairGeneratorSpec.Builder(context).setAlias(ALIAS).setSubject(new X500Principal("CN=dhis_sdk_key")).setSerialNumber(BigInteger.valueOf(1337L)).setStartDate(gregorianCalendar.getTime()).setEndDate(gregorianCalendar2.getTime()).build() : new KeyGenParameterSpec.Builder(ALIAS, 3).setDigests("SHA-256", "SHA-512").setEncryptionPaddings("PKCS1Padding").build();
            try {
                KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(KEY_ALGORITHM_RSA, KEYSTORE_PROVIDER_ANDROID_KEYSTORE);
                keyPairGenerator.initialize(build);
                keyPairGenerator.generateKeyPair();
            } catch (InvalidAlgorithmParameterException | NoSuchAlgorithmException | NoSuchProviderException e) {
                deleteKeyStoreEntry(keyStore, ALIAS);
                throw keyStoreError(e, D2ErrorCode.CANT_INSTANTIATE_KEYSTORE);
            }
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException | CertificateException e2) {
            throw keyStoreError(e2, D2ErrorCode.CANT_ACCESS_KEYSTORE);
        }
    }

    private static byte[] decrypt(PrivateKey privateKey, String str) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException {
        byte[] decode = Base64.decode(str, 0);
        Cipher cipherInstance = getCipherInstance();
        cipherInstance.init(2, privateKey);
        return cipherInstance.doFinal(decode);
    }

    private void deleteKeyStoreEntry(KeyStore keyStore, String str) {
        if (keyStore != null) {
            try {
                keyStore.deleteEntry(str);
            } catch (Exception unused) {
                Log.w("SECURE_STORE", "Cannot deleted entry " + str);
            }
        }
    }

    private static String encrypt(PublicKey publicKey, byte[] bArr) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException {
        Cipher cipherInstance = getCipherInstance();
        cipherInstance.init(1, publicKey);
        return Base64.encodeToString(cipherInstance.doFinal(bArr), 0);
    }

    private static Cipher getCipherInstance() {
        try {
            return Build.VERSION.SDK_INT >= 23 ? Cipher.getInstance(RSA_ECB_PKCS1_PADDING, KEY_CIPHER_MARSHMALLOW_PROVIDER) : Cipher.getInstance(RSA_ECB_PKCS1_PADDING, KEY_CIPHER_JELLYBEAN_PROVIDER);
        } catch (Exception e) {
            throw new RuntimeException("getCipher: Failed to get an instance of Cipher", e);
        }
    }

    private D2Error keyStoreError(Exception exc, D2ErrorCode d2ErrorCode) {
        return D2Error.builder().errorComponent(D2ErrorComponent.SDK).errorCode(d2ErrorCode).errorDescription(exc.getMessage()).originalException(exc).created(new Date()).build();
    }

    @Override // org.hisp.dhis.android.core.arch.storage.internal.KeyValueStore
    public Set<String> getAllKeys() {
        return this.preferences.getAll().keySet();
    }

    /* JADX WARN: Removed duplicated region for block: B:12:0x004e  */
    @Override // org.hisp.dhis.android.core.arch.storage.internal.KeyValueStore
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public java.lang.String getData(java.lang.String r5) {
        /*
            r4 = this;
            r0 = 0
            java.lang.String r1 = "AndroidKeyStore"
            java.security.KeyStore r1 = java.security.KeyStore.getInstance(r1)     // Catch: javax.crypto.BadPaddingException -> L39 javax.crypto.IllegalBlockSizeException -> L3b javax.crypto.NoSuchPaddingException -> L3d java.security.InvalidKeyException -> L3f java.security.UnrecoverableEntryException -> L41 java.io.IOException -> L43 java.security.cert.CertificateException -> L45 java.security.NoSuchAlgorithmException -> L47 java.security.KeyStoreException -> L49
            r1.load(r0)     // Catch: javax.crypto.BadPaddingException -> L39 javax.crypto.IllegalBlockSizeException -> L3b javax.crypto.NoSuchPaddingException -> L3d java.security.InvalidKeyException -> L3f java.security.UnrecoverableEntryException -> L41 java.io.IOException -> L43 java.security.cert.CertificateException -> L45 java.security.NoSuchAlgorithmException -> L47 java.security.KeyStoreException -> L49
            java.lang.String r2 = "dhis_sdk_key"
            java.security.Key r1 = r1.getKey(r2, r0)     // Catch: javax.crypto.BadPaddingException -> L39 javax.crypto.IllegalBlockSizeException -> L3b javax.crypto.NoSuchPaddingException -> L3d java.security.InvalidKeyException -> L3f java.security.UnrecoverableEntryException -> L41 java.io.IOException -> L43 java.security.cert.CertificateException -> L45 java.security.NoSuchAlgorithmException -> L47 java.security.KeyStoreException -> L49
            java.security.PrivateKey r1 = (java.security.PrivateKey) r1     // Catch: javax.crypto.BadPaddingException -> L39 javax.crypto.IllegalBlockSizeException -> L3b javax.crypto.NoSuchPaddingException -> L3d java.security.InvalidKeyException -> L3f java.security.UnrecoverableEntryException -> L41 java.io.IOException -> L43 java.security.cert.CertificateException -> L45 java.security.NoSuchAlgorithmException -> L47 java.security.KeyStoreException -> L49
            android.content.SharedPreferences r2 = r4.preferences     // Catch: javax.crypto.BadPaddingException -> L39 javax.crypto.IllegalBlockSizeException -> L3b javax.crypto.NoSuchPaddingException -> L3d java.security.InvalidKeyException -> L3f java.security.UnrecoverableEntryException -> L41 java.io.IOException -> L43 java.security.cert.CertificateException -> L45 java.security.NoSuchAlgorithmException -> L47 java.security.KeyStoreException -> L49
            java.lang.String r2 = r2.getString(r5, r0)     // Catch: javax.crypto.BadPaddingException -> L39 javax.crypto.IllegalBlockSizeException -> L3b javax.crypto.NoSuchPaddingException -> L3d java.security.InvalidKeyException -> L3f java.security.UnrecoverableEntryException -> L41 java.io.IOException -> L43 java.security.cert.CertificateException -> L45 java.security.NoSuchAlgorithmException -> L47 java.security.KeyStoreException -> L49
            if (r2 != 0) goto L1b
            goto L26
        L1b:
            java.lang.String r0 = new java.lang.String     // Catch: javax.crypto.BadPaddingException -> L27 javax.crypto.IllegalBlockSizeException -> L29 javax.crypto.NoSuchPaddingException -> L2b java.security.InvalidKeyException -> L2d java.security.UnrecoverableEntryException -> L2f java.io.IOException -> L31 java.security.cert.CertificateException -> L33 java.security.NoSuchAlgorithmException -> L35 java.security.KeyStoreException -> L37
            byte[] r1 = decrypt(r1, r2)     // Catch: javax.crypto.BadPaddingException -> L27 javax.crypto.IllegalBlockSizeException -> L29 javax.crypto.NoSuchPaddingException -> L2b java.security.InvalidKeyException -> L2d java.security.UnrecoverableEntryException -> L2f java.io.IOException -> L31 java.security.cert.CertificateException -> L33 java.security.NoSuchAlgorithmException -> L35 java.security.KeyStoreException -> L37
            java.nio.charset.Charset r3 = org.hisp.dhis.android.core.arch.storage.internal.AndroidSecureStore.CHARSET     // Catch: javax.crypto.BadPaddingException -> L27 javax.crypto.IllegalBlockSizeException -> L29 javax.crypto.NoSuchPaddingException -> L2b java.security.InvalidKeyException -> L2d java.security.UnrecoverableEntryException -> L2f java.io.IOException -> L31 java.security.cert.CertificateException -> L33 java.security.NoSuchAlgorithmException -> L35 java.security.KeyStoreException -> L37
            r0.<init>(r1, r3)     // Catch: javax.crypto.BadPaddingException -> L27 javax.crypto.IllegalBlockSizeException -> L29 javax.crypto.NoSuchPaddingException -> L2b java.security.InvalidKeyException -> L2d java.security.UnrecoverableEntryException -> L2f java.io.IOException -> L31 java.security.cert.CertificateException -> L33 java.security.NoSuchAlgorithmException -> L35 java.security.KeyStoreException -> L37
        L26:
            return r0
        L27:
            r0 = move-exception
            goto L4c
        L29:
            r0 = move-exception
            goto L4c
        L2b:
            r0 = move-exception
            goto L4c
        L2d:
            r0 = move-exception
            goto L4c
        L2f:
            r0 = move-exception
            goto L4c
        L31:
            r0 = move-exception
            goto L4c
        L33:
            r0 = move-exception
            goto L4c
        L35:
            r0 = move-exception
            goto L4c
        L37:
            r0 = move-exception
            goto L4c
        L39:
            r1 = move-exception
            goto L4a
        L3b:
            r1 = move-exception
            goto L4a
        L3d:
            r1 = move-exception
            goto L4a
        L3f:
            r1 = move-exception
            goto L4a
        L41:
            r1 = move-exception
            goto L4a
        L43:
            r1 = move-exception
            goto L4a
        L45:
            r1 = move-exception
            goto L4a
        L47:
            r1 = move-exception
            goto L4a
        L49:
            r1 = move-exception
        L4a:
            r2 = r0
            r0 = r1
        L4c:
            if (r2 != 0) goto L50
            java.lang.String r2 = "null"
        L50:
            r1 = 2
            java.lang.Object[] r1 = new java.lang.Object[r1]
            r3 = 0
            r1[r3] = r5
            r5 = 1
            r1[r5] = r2
            java.lang.String r5 = "Couldn't get value from AndroidSecureStore for key: %s and value: %s"
            java.lang.String r5 = java.lang.String.format(r5, r1)
            java.lang.RuntimeException r1 = new java.lang.RuntimeException
            r1.<init>(r5, r0)
            throw r1
        */
        throw new UnsupportedOperationException("Method not decompiled: org.hisp.dhis.android.core.arch.storage.internal.AndroidSecureStore.getData(java.lang.String):java.lang.String");
    }

    @Override // org.hisp.dhis.android.core.arch.storage.internal.KeyValueStore
    public void removeData(String str) {
        SharedPreferences.Editor edit = this.preferences.edit();
        edit.remove(str);
        edit.apply();
    }

    @Override // org.hisp.dhis.android.core.arch.storage.internal.KeyValueStore
    public void setData(String str, String str2) {
        if (str2 == null) {
            return;
        }
        try {
            KeyStore keyStore = KeyStore.getInstance(KEYSTORE_PROVIDER_ANDROID_KEYSTORE);
            keyStore.load(null);
            if (keyStore.getCertificate(ALIAS) == null) {
                throw new RuntimeException("Couldn't find certificate for key: " + str);
            }
            PublicKey publicKey = keyStore.getCertificate(ALIAS).getPublicKey();
            if (publicKey == null) {
                throw new RuntimeException("Couldn't find publicKey for key: " + str);
            }
            String encrypt = encrypt(publicKey, str2.getBytes(CHARSET));
            SharedPreferences.Editor edit = this.preferences.edit();
            edit.putString(str, encrypt);
            edit.apply();
        } catch (IOException | InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | CertificateException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e) {
            throw new RuntimeException("Couldn't store value in AndroidSecureStore for key: " + str, e);
        }
    }
}
