package com.microsoft.aad.adal;

import android.content.Context;
import android.util.Base64;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.lang.reflect.Constructor;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.math.BigInteger;
import java.security.DigestException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.MessageDigest;
import java.security.SecureRandom;
import java.security.spec.AlgorithmParameterSpec;
import java.util.Calendar;
import java.util.Date;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.Mac;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes2.dex */
public class p {

    /* renamed from: d, reason: collision with root package name */
    private static final Object f5762d = new Object();

    /* renamed from: e, reason: collision with root package name */
    private static String f5763e;

    /* renamed from: f, reason: collision with root package name */
    private static SecretKey f5764f;

    /* renamed from: g, reason: collision with root package name */
    private static SecretKey f5765g;

    /* renamed from: h, reason: collision with root package name */
    private static SecretKey f5766h;

    /* renamed from: a, reason: collision with root package name */
    private final SecureRandom f5767a = new SecureRandom();

    /* renamed from: b, reason: collision with root package name */
    private KeyPair f5768b;

    /* renamed from: c, reason: collision with root package name */
    private Context f5769c;

    public p(Context context) {
        this.f5769c = context;
    }

    private void a(byte[] bArr, int i8, int i9, byte[] bArr2) {
        if (bArr2.length != i9 - i8) {
            throw new IllegalArgumentException("Unexpected MAC length");
        }
        byte b8 = 0;
        for (int i10 = i8; i10 < i9; i10++) {
            b8 = (byte) (b8 | (bArr2[i10 - i8] ^ bArr[i10]));
        }
        if (b8 != 0) {
            throw new DigestException();
        }
    }

    private void c() {
        Context context = this.f5769c;
        File file = new File(context.getDir(context.getPackageName(), 0), "adalks");
        if (file.exists()) {
            a3.i.n("StorageHelper", "Delete KeyFile");
            file.delete();
        }
    }

    private final SecretKey e() {
        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
        keyGenerator.init(256, this.f5767a);
        return keyGenerator.generateKey();
    }

    private char f() {
        return (char) 99;
    }

    private SecretKey g(String str) {
        if (str.equals("U001")) {
            return k(a3.c.INSTANCE.f());
        }
        if (str.equals("A001")) {
            try {
                return l();
            } catch (Exception e8) {
                a3.i.d("StorageHelper", "Failed to get private key from AndroidKeyStore", "", a3.a.ANDROIDKEYSTORE_FAILED, e8);
            }
        }
        throw new IllegalArgumentException("keyVersion");
    }

    private synchronized KeyPair h() {
        KeyStore.PrivateKeyEntry privateKeyEntry;
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            if (keyStore.containsAlias("AdalKey")) {
                a3.i.n("StorageHelper", "Key entry is available");
            } else {
                a3.i.n("StorageHelper", "Key entry is not available");
                Calendar calendar = Calendar.getInstance();
                Calendar calendar2 = Calendar.getInstance();
                calendar2.add(1, 100);
                String format = String.format("CN=%s, OU=%s", "AdalKey", this.f5769c.getPackageName());
                AlgorithmParameterSpec algorithmParameterSpec = (AlgorithmParameterSpec) i(new X500Principal(format), calendar.getTime(), calendar2.getTime());
                KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
                keyPairGenerator.initialize(algorithmParameterSpec);
                keyPairGenerator.generateKeyPair();
                a3.i.n("StorageHelper", "Key entry is generated for cert " + format);
            }
            a3.i.n("StorageHelper", "Reading Key entry");
            privateKeyEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry("AdalKey", null);
        } catch (Throwable th) {
            throw th;
        }
        return new KeyPair(privateKeyEntry.getCertificate().getPublicKey(), privateKeyEntry.getPrivateKey());
    }

    private Object i(X500Principal x500Principal, Date date, Date date2) {
        try {
            Class<?> cls = Class.forName("android.security.KeyPairGeneratorSpec$Builder");
            Constructor<?> declaredConstructor = cls.getDeclaredConstructor(Context.class);
            declaredConstructor.setAccessible(true);
            try {
                Object newInstance = declaredConstructor.newInstance(this.f5769c);
                Method declaredMethod = cls.getDeclaredMethod("setAlias", String.class);
                Method declaredMethod2 = cls.getDeclaredMethod("setSubject", X500Principal.class);
                Method declaredMethod3 = cls.getDeclaredMethod("setSerialNumber", BigInteger.class);
                Method declaredMethod4 = cls.getDeclaredMethod("setStartDate", Date.class);
                return cls.getDeclaredMethod("build", null).invoke(cls.getDeclaredMethod("setEndDate", Date.class).invoke(declaredMethod4.invoke(declaredMethod3.invoke(declaredMethod2.invoke(declaredMethod.invoke(newInstance, "AdalKey"), x500Principal), BigInteger.ONE), date), date2), null);
            } catch (ClassNotFoundException e8) {
                e = e8;
                a3.i.d("StorageHelper", "android.security.KeyPairGeneratorSpec.Builder is not found", "", a3.a.ANDROIDKEYSTORE_KEYPAIR_GENERATOR_FAILED, e);
                return null;
            } catch (IllegalAccessException e9) {
                e = e9;
                a3.i.d("StorageHelper", "android.security.KeyPairGeneratorSpec.Builder is not accessible", "", a3.a.ANDROIDKEYSTORE_KEYPAIR_GENERATOR_FAILED, e);
                return null;
            } catch (IllegalArgumentException e10) {
                e = e10;
                a3.i.d("StorageHelper", "android.security.KeyPairGeneratorSpec.Builder argument is not valid", "", a3.a.ANDROIDKEYSTORE_KEYPAIR_GENERATOR_FAILED, e);
                return null;
            } catch (InstantiationException e11) {
                e = e11;
                a3.i.d("StorageHelper", "android.security.KeyPairGeneratorSpec.Builder is not instantiated", "", a3.a.ANDROIDKEYSTORE_KEYPAIR_GENERATOR_FAILED, e);
                return null;
            } catch (NoSuchMethodException e12) {
                e = e12;
                a3.i.d("StorageHelper", "android.security.KeyPairGeneratorSpec.Builder is not found", "", a3.a.ANDROIDKEYSTORE_KEYPAIR_GENERATOR_FAILED, e);
                return null;
            } catch (InvocationTargetException e13) {
                e = e13;
                a3.i.d("StorageHelper", "android.security.KeyPairGeneratorSpec.Builder's method invoke failed", "", a3.a.ANDROIDKEYSTORE_KEYPAIR_GENERATOR_FAILED, e);
                return null;
            }
        } catch (ClassNotFoundException e14) {
            e = e14;
        } catch (IllegalAccessException e15) {
            e = e15;
        } catch (IllegalArgumentException e16) {
            e = e16;
        } catch (InstantiationException e17) {
            e = e17;
        } catch (NoSuchMethodException e18) {
            e = e18;
        } catch (InvocationTargetException e19) {
            e = e19;
        }
    }

    private SecretKey j(SecretKey secretKey) {
        byte[] encoded = secretKey.getEncoded();
        return encoded != null ? new SecretKeySpec(MessageDigest.getInstance("SHA256").digest(encoded), "AES") : secretKey;
    }

    private SecretKey k(byte[] bArr) {
        if (bArr != null) {
            return new SecretKeySpec(bArr, "AES");
        }
        throw new IllegalArgumentException("rawBytes");
    }

    private final synchronized SecretKey l() {
        try {
            SecretKey secretKey = f5766h;
            if (secretKey != null) {
                return secretKey;
            }
            Context context = this.f5769c;
            File file = new File(context.getDir(context.getPackageName(), 0), "adalks");
            if (this.f5768b == null) {
                this.f5768b = h();
                a3.i.n("StorageHelper", "Retrived keypair from androidKeyStore");
            }
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            if (!file.exists()) {
                a3.i.n("StorageHelper", "Key file does not exists");
                SecretKey e8 = e();
                a3.i.n("StorageHelper", "Wrapping SecretKey");
                byte[] q8 = q(cipher, e8);
                a3.i.n("StorageHelper", "Writing SecretKey");
                r(file, q8);
                a3.i.n("StorageHelper", "Finished writing SecretKey");
            }
            a3.i.n("StorageHelper", "Reading SecretKey");
            try {
                f5766h = p(cipher, n(file));
                a3.i.n("StorageHelper", "Finished reading SecretKey");
            } catch (Exception unused) {
                a3.i.c("StorageHelper", "Unwrap failed for AndroidKeyStore", "", a3.a.ANDROIDKEYSTORE_FAILED);
                this.f5768b = null;
                f5766h = null;
                c();
                o();
                a3.i.n("StorageHelper", "Removed previous key pair info.");
            }
            return f5766h;
        } catch (Throwable th) {
            throw th;
        }
    }

    private final void m() {
        if (f5764f == null || f5765g == null) {
            synchronized (f5762d) {
                try {
                    if (a3.c.INSTANCE.f() == null) {
                        try {
                            SecretKey l8 = l();
                            f5764f = l8;
                            f5765g = j(l8);
                            f5763e = "A001";
                            return;
                        } catch (Exception e8) {
                            a3.i.d("StorageHelper", "Failed to get private key from AndroidKeyStore", "", a3.a.ANDROIDKEYSTORE_FAILED, e8);
                        }
                    }
                    a3.i.n("StorageHelper", "Encryption will use secret key from Settings");
                    SecretKey k8 = k(a3.c.INSTANCE.f());
                    f5764f = k8;
                    f5765g = j(k8);
                    f5763e = "U001";
                } catch (Throwable th) {
                    throw th;
                }
            }
        }
    }

    private static byte[] n(File file) {
        a3.i.n("StorageHelper", "Reading key data from a file");
        FileInputStream fileInputStream = new FileInputStream(file);
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            byte[] bArr = new byte[1024];
            while (true) {
                int read = fileInputStream.read(bArr);
                if (read == -1) {
                    byte[] byteArray = byteArrayOutputStream.toByteArray();
                    fileInputStream.close();
                    return byteArray;
                }
                byteArrayOutputStream.write(bArr, 0, read);
            }
        } catch (Throwable th) {
            fileInputStream.close();
            throw th;
        }
    }

    private synchronized void o() {
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null);
        keyStore.deleteEntry("AdalKey");
    }

    private SecretKey p(Cipher cipher, byte[] bArr) {
        cipher.init(4, this.f5768b.getPrivate());
        return (SecretKey) cipher.unwrap(bArr, "AES", 3);
    }

    private byte[] q(Cipher cipher, SecretKey secretKey) {
        cipher.init(3, this.f5768b.getPublic());
        return cipher.wrap(secretKey);
    }

    private static void r(File file, byte[] bArr) {
        a3.i.n("StorageHelper", "Writing key data to a file");
        FileOutputStream fileOutputStream = new FileOutputStream(file);
        try {
            fileOutputStream.write(bArr);
        } finally {
            fileOutputStream.close();
        }
    }

    public String b(String str) {
        a3.i.n("StorageHelper", "Starting decryption");
        if (q.a(str)) {
            throw new IllegalArgumentException("Input is empty or null");
        }
        char charAt = str.charAt(0);
        int i8 = charAt - 'a';
        if (i8 <= 0) {
            throw new IllegalArgumentException(String.format("Encode version length: '%s' is not valid, it must be greater of equal to 0", Integer.valueOf(i8)));
        }
        int i9 = charAt - '`';
        if (!str.substring(1, i9).equals("E1")) {
            throw new IllegalArgumentException(String.format("Encode version received was: '%s', Encode version supported is: '%s'", str, "E1"));
        }
        byte[] decode = Base64.decode(str.substring(i9), 0);
        SecretKey g8 = g(new String(decode, 0, 4, "UTF_8"));
        SecretKey j8 = j(g8);
        int length = decode.length;
        int i10 = length - 48;
        int length2 = decode.length - 32;
        int i11 = length - 52;
        if (i10 < 0 || length2 < 0 || i11 < 0) {
            throw new IllegalArgumentException("Given value is smaller than the IV vector and MAC length");
        }
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
        Mac mac = Mac.getInstance("HmacSHA256");
        mac.init(j8);
        mac.update(decode, 0, length2);
        a(decode, length2, decode.length, mac.doFinal());
        cipher.init(2, g8, new IvParameterSpec(decode, i10, 16));
        String str2 = new String(cipher.doFinal(decode, 4, i11), "UTF_8");
        a3.i.n("StorageHelper", "Finished decryption");
        return str2;
    }

    public String d(String str) {
        a3.i.n("StorageHelper", "Starting encryption");
        if (q.a(str)) {
            throw new IllegalArgumentException("Input is empty or null");
        }
        m();
        a3.i.n("StorageHelper", "Encrypt version:" + f5763e);
        byte[] bytes = f5763e.getBytes("UTF_8");
        byte[] bytes2 = str.getBytes("UTF_8");
        byte[] bArr = new byte[16];
        this.f5767a.nextBytes(bArr);
        IvParameterSpec ivParameterSpec = new IvParameterSpec(bArr);
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
        Mac mac = Mac.getInstance("HmacSHA256");
        cipher.init(1, f5764f, ivParameterSpec);
        byte[] doFinal = cipher.doFinal(bytes2);
        mac.init(f5765g);
        mac.update(bytes);
        mac.update(doFinal);
        mac.update(bArr);
        byte[] doFinal2 = mac.doFinal();
        byte[] bArr2 = new byte[bytes.length + doFinal.length + 16 + doFinal2.length];
        System.arraycopy(bytes, 0, bArr2, 0, bytes.length);
        System.arraycopy(doFinal, 0, bArr2, bytes.length, doFinal.length);
        System.arraycopy(bArr, 0, bArr2, bytes.length + doFinal.length, 16);
        System.arraycopy(doFinal2, 0, bArr2, bytes.length + doFinal.length + 16, doFinal2.length);
        String str2 = new String(Base64.encode(bArr2, 2), "UTF_8");
        a3.i.n("StorageHelper", "Finished encryption");
        return f() + "E1" + str2;
    }
}
