package com.unitedinternet.portal.android.lib.authenticator.keymanager;

import android.security.keystore.KeyGenParameterSpec;
import android.security.keystore.KeyProtection;
import com.unitedinternet.portal.android.lib.ExcludeFromJacocoGeneratedReport;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.UnrecoverableEntryException;
import java.security.cert.CertificateException;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import kotlin.Lazy;
import kotlin.LazyKt;
import kotlin.Metadata;
import kotlin.jvm.functions.Function0;
import kotlin.jvm.internal.Intrinsics;
import kotlinx.coroutines.repackaged.net.bytebuddy.description.method.MethodDescription;
import timber.log.Timber;

/* compiled from: KeystoreKeyManager.kt */
@ExcludeFromJacocoGeneratedReport
@Metadata(d1 = {"\u0000*\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0018\u0002\n\u0002\b\u0005\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\b\n\u0000\n\u0002\u0010\u0002\n\u0002\b\u0003\b\u0007\u0018\u0000 \u00122\u00020\u0001:\u0001\u0012B\u0007¢\u0006\u0004\b\u0002\u0010\u0003J\b\u0010\n\u001a\u00020\u000bH\u0002J\n\u0010\f\u001a\u0004\u0018\u00010\u000bH\u0016J\b\u0010\r\u001a\u00020\u000eH\u0016J\u000e\u0010\u000f\u001a\u00020\u00102\u0006\u0010\u0011\u001a\u00020\u000bR\u001b\u0010\u0004\u001a\u00020\u00058BX\u0082\u0084\u0002¢\u0006\f\n\u0004\b\b\u0010\t\u001a\u0004\b\u0006\u0010\u0007¨\u0006\u0013"}, d2 = {"Lcom/unitedinternet/portal/android/lib/authenticator/keymanager/KeystoreKeyManager;", "Lcom/unitedinternet/portal/android/lib/authenticator/keymanager/KeyManager;", MethodDescription.CONSTRUCTOR_INTERNAL_NAME, "()V", "keyStore", "Ljava/security/KeyStore;", "getKeyStore", "()Ljava/security/KeyStore;", "keyStore$delegate", "Lkotlin/Lazy;", "generateKey", "Ljavax/crypto/SecretKey;", "getKey", "getNumberOfSavedKeys", "", "setKey", "", "key", "Companion", "loginlogic_release"}, k = 1, mv = {2, 1, 0}, xi = 48)
/* loaded from: classes5.dex */
public final class KeystoreKeyManager implements KeyManager {
    private static final String ANDROID_KEY_STORE = "AndroidKeyStore";
    private static final String APP_KEY_ALIAS = "mail_key_alias";
    private static final int OUTPUT_KEY_LENGTH = 256;

    /* renamed from: keyStore$delegate, reason: from kotlin metadata */
    private final Lazy keyStore = LazyKt.lazy(new Function0() { // from class: com.unitedinternet.portal.android.lib.authenticator.keymanager.KeystoreKeyManager$$ExternalSyntheticLambda0
        @Override // kotlin.jvm.functions.Function0
        public final Object invoke() {
            KeyStore keyStore_delegate$lambda$0;
            keyStore_delegate$lambda$0 = KeystoreKeyManager.keyStore_delegate$lambda$0();
            return keyStore_delegate$lambda$0;
        }
    });

    private final synchronized SecretKey generateKey() throws NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException {
        SecretKey generateKey;
        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", ANDROID_KEY_STORE);
        keyGenerator.init(new KeyGenParameterSpec.Builder(APP_KEY_ALIAS, 3).setKeySize(256).setRandomizedEncryptionRequired(false).setBlockModes("CBC").setEncryptionPaddings("PKCS7Padding").build());
        generateKey = keyGenerator.generateKey();
        Intrinsics.checkNotNullExpressionValue(generateKey, "generateKey(...)");
        return generateKey;
    }

    private final KeyStore getKeyStore() {
        Object value = this.keyStore.getValue();
        Intrinsics.checkNotNullExpressionValue(value, "getValue(...)");
        return (KeyStore) value;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static final KeyStore keyStore_delegate$lambda$0() {
        return KeyStore.getInstance(ANDROID_KEY_STORE);
    }

    @Override // com.unitedinternet.portal.android.lib.authenticator.keymanager.KeyManager
    public synchronized SecretKey getKey() {
        SecretKey generateKey;
        try {
            if (getNumberOfSavedKeys() > 0) {
                getKeyStore().load(null);
                KeyStore.Entry entry = getKeyStore().getEntry(APP_KEY_ALIAS, null);
                Intrinsics.checkNotNull(entry, "null cannot be cast to non-null type java.security.KeyStore.SecretKeyEntry");
                generateKey = ((KeyStore.SecretKeyEntry) entry).getSecretKey();
            } else {
                generateKey = generateKey();
            }
        } catch (Exception e) {
            if (!(e instanceof CertificateException) && !(e instanceof IOException) && !(e instanceof NoSuchAlgorithmException) && !(e instanceof KeyStoreException) && !(e instanceof UnrecoverableEntryException) && !(e instanceof NoSuchProviderException) && !(e instanceof InvalidAlgorithmParameterException)) {
                throw e;
            }
            Timber.INSTANCE.e(e.getMessage(), "Unrecoverable exception when getting key from KeyStore");
            return null;
        } finally {
        }
        return generateKey;
    }

    @Override // com.unitedinternet.portal.android.lib.authenticator.keymanager.KeyManager
    public int getNumberOfSavedKeys() {
        try {
            getKeyStore().load(null);
            return getKeyStore().size();
        } catch (Exception e) {
            if (!(e instanceof KeyStoreException) && !(e instanceof CertificateException) && !(e instanceof IOException) && !(e instanceof NoSuchAlgorithmException)) {
                throw e;
            }
            Timber.INSTANCE.e(e.getMessage(), "Error fetching the number of keys in keystore...");
            return -1;
        }
    }

    public final synchronized void setKey(SecretKey key) {
        Intrinsics.checkNotNullParameter(key, "key");
        try {
            getKeyStore().load(null);
            getKeyStore().setEntry(APP_KEY_ALIAS, new KeyStore.SecretKeyEntry(key), new KeyProtection.Builder(3).setRandomizedEncryptionRequired(false).setBlockModes("CBC").setEncryptionPaddings("PKCS7Padding").build());
        } catch (Exception e) {
            if (!(e instanceof CertificateException) && !(e instanceof IOException) && !(e instanceof NoSuchAlgorithmException) && !(e instanceof KeyStoreException)) {
                throw e;
            }
            Timber.INSTANCE.e(e, "Error setting private key in the KeyStore", new Object[0]);
        }
    }
}
