package com.samsung.android.kmxservice.sdk.util;

import android.os.Build;
import android.security.keystore.KeyGenParameterSpec;
import android.security.keystore.WrappedKeyEntry;
import android.text.TextUtils;
import android.util.Log;
import androidx.annotation.Nullable;
import androidx.recyclerview.widget.ItemTouchHelper;
import androidx.room.util.a;
import com.microsoft.identity.common.java.crypto.IDevicePopManager;
import com.samsung.android.kmxservice.sdk.e2ee.CryptoProgressListener;
import com.samsung.android.kmxservice.sdk.e2ee.KmxException;
import com.samsung.android.kmxservice.sdk.e2ee.common.KmxErrorHandler;
import com.samsung.android.kmxservice.sdk.e2ee.data.LogTag;
import com.yubico.yubikit.core.fido.CtapException;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.util.Arrays;
import java.util.Formatter;
import javax.crypto.Cipher;
import javax.crypto.CipherOutputStream;
import javax.crypto.spec.GCMParameterSpec;

/* loaded from: classes3.dex */
public class AndroidKeystoreHelper {
    private static final String AEAD_BAD_TAG_EXCEPTION = "AEADBadTagException";
    private static final String ALGORITHM = "AES";
    private static final String BLOCK_MODE = "GCM";
    private static final int CHUNK_SIZE = 65536;
    private static final int CIPHER_MODE_AES_GCM_NOPADDING = 0;
    private static final String ENCRYPTION_PADDING = "NoPadding";
    private static final int GCM_IV_SIZE = 12;
    private static final int GCM_TAG_SIZE_BITS = 128;
    private static final int HEADER_SIZE = 16;
    private static final int IV_BUFFER_SIZE = 16;
    private static final int KMX_FLAG_BLOCK_TYPE_5MB = 80;
    private static final int KMX_FLAG_BLOCK_TYPE_NONE = 0;
    private static final int KMX_FLAG_CHECKSUM = 1;
    private static final String PROVIDER = "AndroidKeyStore";
    private static final int STREAM_CHUNK_SIZE = 65520;
    private static final String TRANSFORMATION = "AES/GCM/NoPadding";
    private static final String TAG = LogTag.getTag("AndroidKeystoreHelper");
    private static String[][] digestList = {new String[]{"SHA-256"}, new String[]{IDevicePopManager.SHA_1}, new String[]{IDevicePopManager.SHA_1, "SHA-256"}};

    /* loaded from: classes3.dex */
    public static class Header {
        private static final int INDEX_BLOCK_TYPE = 4;
        private static final int INDEX_CHECKSUM = 15;
        private static final int INDEX_CIPHER_MODE = 5;
        private final byte[] MAGIC_CODE;
        private byte[] mHeader;

        private Header() {
            this.MAGIC_CODE = new byte[]{69, CtapException.ERR_PIN_BLOCKED, 69, 69};
            this.mHeader = null;
        }

        public /* synthetic */ Header(int i) {
            this();
        }

        public boolean checkMagicCode() {
            int i = 0;
            while (true) {
                byte[] bArr = this.MAGIC_CODE;
                if (i >= bArr.length) {
                    return true;
                }
                if (this.mHeader[i] != bArr[i]) {
                    return false;
                }
                i++;
            }
        }

        public int getBlockType() {
            return this.mHeader[4] & CtapException.ERR_VENDOR_FIRST;
        }

        public byte getChecksum() {
            return this.mHeader[15];
        }

        public int getChecksumFlag() {
            return this.mHeader[4] & 15;
        }

        public int getCipherMode() {
            return this.mHeader[5];
        }

        public byte[] getHeader() {
            return this.mHeader;
        }

        public byte[] makeHeader(int i, int i4) {
            byte[] bArr = new byte[16];
            byte[] bArr2 = this.MAGIC_CODE;
            System.arraycopy(bArr2, 0, bArr, 0, bArr2.length);
            bArr[4] = (byte) i;
            bArr[5] = (byte) i4;
            this.mHeader = bArr;
            setChecksum();
            return bArr;
        }

        public void setChecksum() {
            setChecksumFlag();
            int i = 0;
            for (int i4 = 0; i4 < 15; i4++) {
                i += this.mHeader[i4];
            }
            this.mHeader[15] = (byte) ((~(i & 255)) + 1);
        }

        public void setChecksumFlag() {
            byte[] bArr = this.mHeader;
            bArr[4] = (byte) (bArr[4] | 1);
        }

        public void setHeader(byte[] bArr) {
            this.mHeader = bArr;
        }

        public boolean verifyChecksum() {
            int i = 0;
            for (int i4 = 0; i4 < 16; i4++) {
                i += this.mHeader[i4];
            }
            return (i & 255) == 0;
        }
    }

    public static String bytesToHexString(byte[] bArr) {
        StringBuilder sb = new StringBuilder(bArr.length * 2);
        Formatter formatter = new Formatter(sb);
        for (byte b5 : bArr) {
            formatter.format("%02x", Byte.valueOf(b5));
        }
        return sb.toString();
    }

    public static byte[] decryptData(Key key, byte[] bArr) {
        String str;
        String str2;
        byte[] bArr2 = new byte[12];
        Header header = new Header(0);
        if (key == null) {
            str = TAG;
            str2 = "decryptData failed. no key data.";
        } else {
            if (bArr != null && bArr.length >= 1) {
                try {
                    byte[] bArr3 = new byte[16];
                    System.arraycopy(bArr, 0, bArr3, 0, 16);
                    header.setHeader(bArr3);
                    if (!header.checkMagicCode()) {
                        Log.e(TAG, "decryptData failed. CIPHER_MAGIC_CODE is not correct");
                        return null;
                    }
                    System.arraycopy(bArr, 16, bArr2, 0, 12);
                    Cipher cipher = Cipher.getInstance(TRANSFORMATION);
                    cipher.init(2, key, new GCMParameterSpec(128, bArr2));
                    ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                    CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, cipher);
                    int i = 32;
                    int length = bArr.length - 32;
                    while (length > 65536) {
                        cipherOutputStream.write(bArr, i, 65536);
                        i += 65536;
                        length -= 65536;
                    }
                    cipherOutputStream.write(bArr, i, length);
                    cipherOutputStream.close();
                    byte[] byteArray = byteArrayOutputStream.toByteArray();
                    byteArrayOutputStream.close();
                    return byteArray;
                } catch (Exception e) {
                    KmxErrorHandler.throwIfContain(e, "Invalid operation handle (internal Keystore code: -28", "(decryptData) KEYSTORE_TOO_MANY_OPERATIONS", ItemTouchHelper.Callback.DEFAULT_SWIPE_ANIMATION_DURATION);
                    e.printStackTrace();
                    String str3 = TAG;
                    Log.i(str3, "gcmIv Len : 12 gcmIv : " + bytesToHexString(bArr2));
                    Log.i(str3, "cipherData Len : " + bArr.length + " cipherData : " + bytesToHexString(bArr));
                    if (TextUtils.isEmpty(e.getMessage())) {
                        return null;
                    }
                    if (e.getMessage().contains(AEAD_BAD_TAG_EXCEPTION)) {
                        throw new KmxException(a.n(e, new StringBuilder("DecryptData Exception :")), 107);
                    }
                    throw new KmxException(a.n(e, new StringBuilder("DecryptData Exception :")), 202);
                }
            }
            str = TAG;
            str2 = "decryptData failed. cipherData is null or Empty";
        }
        Log.e(str, str2);
        return null;
    }

    public static boolean decryptStream(Key key, InputStream inputStream, OutputStream outputStream) {
        return decryptStream(key, inputStream, outputStream, null);
    }

    /* JADX WARN: Removed duplicated region for block: B:37:0x01a2  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static boolean decryptStream(java.security.Key r21, java.io.InputStream r22, java.io.OutputStream r23, @androidx.annotation.Nullable com.samsung.android.kmxservice.sdk.e2ee.CryptoProgressListener r24) {
        /*
            Method dump skipped, instructions count: 469
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.samsung.android.kmxservice.sdk.util.AndroidKeystoreHelper.decryptStream(java.security.Key, java.io.InputStream, java.io.OutputStream, com.samsung.android.kmxservice.sdk.e2ee.CryptoProgressListener):boolean");
    }

    public static byte[] encryptData(Key key, byte[] bArr) {
        byte[] bArr2;
        String str;
        String str2;
        byte[] bArr3 = new byte[16];
        int i = 0;
        Header header = new Header(i);
        byte[] bArr4 = null;
        if (key == null) {
            str = TAG;
            str2 = "encryptData failed. no key data.";
        } else {
            if (bArr != null) {
                try {
                    Cipher cipher = Cipher.getInstance(TRANSFORMATION);
                    cipher.init(1, key);
                    ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                    CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, cipher);
                    byte[] iv = cipher.getIV();
                    try {
                        System.arraycopy(iv, 0, bArr3, 0, iv.length);
                        byteArrayOutputStream.write(header.makeHeader(0, 0));
                        byteArrayOutputStream.write(bArr3);
                        int length = bArr.length;
                        while (length > 65536) {
                            cipherOutputStream.write(bArr, i, 65536);
                            i += 65536;
                            length -= 65536;
                        }
                        cipherOutputStream.write(bArr, i, length);
                        cipherOutputStream.close();
                        bArr2 = byteArrayOutputStream.toByteArray();
                    } catch (Exception e) {
                        e = e;
                    }
                    try {
                        byteArrayOutputStream.close();
                    } catch (Exception e3) {
                        e = e3;
                        bArr4 = bArr2;
                        bArr2 = bArr4;
                        bArr4 = iv;
                        KmxErrorHandler.throwIfContain(e, "Invalid operation handle (internal Keystore code: -28", "(encryptData) KEYSTORE_TOO_MANY_OPERATIONS", ItemTouchHelper.Callback.DEFAULT_SWIPE_ANIMATION_DURATION);
                        String str3 = TAG;
                        if (bArr4 != null) {
                            Log.i(str3, "encrypt1 gcmIv Len : " + bArr4.length + " gcmIv : " + bytesToHexString(bArr4));
                        } else {
                            Log.e(str3, "encrypt1 gcmIv is NULL");
                        }
                        if (bArr2 != null) {
                            Log.i(str3, "encrypt2 cipherData Len : " + bArr2.length + " cipherData : " + bytesToHexString(bArr2));
                        } else {
                            Log.e(str3, "encrypt2 cipherData is NULL");
                        }
                        if (!TextUtils.isEmpty(e.getMessage())) {
                            if (e.getMessage().contains(AEAD_BAD_TAG_EXCEPTION)) {
                                throw new KmxException(a.n(e, new StringBuilder("EncryptData Exception :")), 107);
                            }
                            throw new KmxException(a.n(e, new StringBuilder("EncryptData Exception :")), 201);
                        }
                        return bArr2;
                    }
                } catch (Exception e4) {
                    e = e4;
                    bArr2 = null;
                }
                return bArr2;
            }
            str = TAG;
            str2 = "encryptData failed. plainData is null.";
        }
        Log.e(str, str2);
        return null;
    }

    public static boolean encryptStream(Key key, InputStream inputStream, OutputStream outputStream) {
        return encryptStream(key, inputStream, outputStream, null);
    }

    public static boolean encryptStream(Key key, InputStream inputStream, OutputStream outputStream, @Nullable CryptoProgressListener cryptoProgressListener) {
        String str;
        String str2;
        int i = 0;
        if (key == null) {
            str = TAG;
            str2 = "encryptStream failed. no key data.";
        } else if (inputStream == null) {
            str = TAG;
            str2 = "encryptStream failed. inputStream is null";
        } else {
            if (outputStream != null) {
                byte[] bArr = new byte[16];
                byte[] bArr2 = new byte[STREAM_CHUNK_SIZE];
                byte[] bArr3 = new byte[STREAM_CHUNK_SIZE];
                Header header = new Header(i);
                Key key2 = key;
                InputStream inputStream2 = inputStream;
                int i4 = 0;
                int i5 = 0;
                int i6 = 0;
                int i7 = 0;
                Cipher cipher = null;
                boolean z4 = false;
                while (true) {
                    int i8 = i7;
                    try {
                        i7 = inputStream2.read(bArr2, 0, Math.min(5242832 - i, STREAM_CHUNK_SIZE));
                        if (i7 == -1) {
                            break;
                        }
                        if (z4) {
                            try {
                                byte[] update = cipher.update(bArr3, 0, i4);
                                if (update != null) {
                                    i5 += update.length;
                                    outputStream.write(update);
                                }
                            } catch (Exception e) {
                                e = e;
                                KmxErrorHandler.throwIfContain(e, "Invalid operation handle (internal Keystore code: -28", "(encryptStream) KEYSTORE_TOO_MANY_OPERATIONS", ItemTouchHelper.Callback.DEFAULT_SWIPE_ANIMATION_DURATION);
                                e.printStackTrace();
                                String str3 = TAG;
                                Log.e(str3, "encryptStream Exception :" + e.getMessage());
                                Log.e(str3, "encryptStream offset : " + i + " readLen : " + i7);
                                if (TextUtils.isEmpty(e.getMessage())) {
                                    return true;
                                }
                                if (e.getMessage().contains(AEAD_BAD_TAG_EXCEPTION)) {
                                    throw new KmxException(a.n(e, new StringBuilder("EncryptStream Exception :")), 107);
                                }
                                throw new KmxException(a.n(e, new StringBuilder("EncryptStream Exception :")), 201);
                            }
                        }
                        if (i == 0) {
                            Cipher cipher2 = Cipher.getInstance(TRANSFORMATION);
                            cipher2.init(1, key2);
                            byte[] iv = cipher2.getIV();
                            System.arraycopy(iv, 0, bArr, 0, iv.length);
                            outputStream.write(header.makeHeader(80, 0));
                            outputStream.write(bArr);
                            i5 = 32;
                            cipher = cipher2;
                        }
                        i += i7;
                        if (i < 5242832 && i7 >= STREAM_CHUNK_SIZE) {
                            System.arraycopy(bArr2, 0, bArr3, 0, i7);
                            z4 = true;
                            i4 = i7;
                        }
                        z4 = false;
                        byte[] doFinal = cipher.doFinal(bArr2, 0, i7);
                        if (doFinal == null) {
                            Log.e(TAG, "[2] output is NULL");
                        } else {
                            i5 += doFinal.length;
                            i6 += i5;
                            outputStream.write(doFinal);
                            if (cryptoProgressListener != null) {
                                cryptoProgressListener.onProgressChanged(i6);
                            }
                        }
                        key2 = key;
                        inputStream2 = inputStream;
                        i = 0;
                    } catch (Exception e3) {
                        e = e3;
                        i7 = i8;
                    }
                }
                if (!z4) {
                    return true;
                }
                byte[] doFinal2 = cipher.doFinal(bArr3, 0, i4);
                if (doFinal2 == null) {
                    Log.e(TAG, "readLen == -1 output is NULL");
                    return true;
                }
                outputStream.write(doFinal2);
                int length = i5 + doFinal2.length + i6;
                if (cryptoProgressListener == null) {
                    return true;
                }
                cryptoProgressListener.onProgressChanged(length);
                return true;
            }
            str = TAG;
            str2 = "encryptStream failed. outputStream is null";
        }
        Log.e(str, str2);
        return false;
    }

    public static Key getKey(String str) {
        try {
            KeyStore keyStore = KeyStore.getInstance(PROVIDER);
            keyStore.load(null);
            return keyStore.getKey(str, null);
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    public static void removeKey(String str) {
        try {
            KeyStore keyStore = KeyStore.getInstance(PROVIDER);
            keyStore.load(null);
            keyStore.deleteEntry(str);
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    public static boolean secureKeyImport(String str, String str2, byte[] bArr) {
        WrappedKeyEntry wrappedKeyEntry;
        if (bArr == null) {
            Log.e(TAG, "secureKeyImport failed. wrappedKeyBlob is null");
            return false;
        }
        try {
            KeyStore keyStore = KeyStore.getInstance(PROVIDER);
            keyStore.load(null, null);
            int i = 0;
            int i4 = 0;
            while (true) {
                if (i >= 3) {
                    break;
                }
                try {
                    try {
                        String str3 = TAG;
                        Log.i(str3, "[" + i4 + "] digest ?" + Arrays.toString(digestList[i4]));
                        KeyGenParameterSpec build = new KeyGenParameterSpec.Builder(str2, 32).setDigests(digestList[i4]).build();
                        if (Build.VERSION.SDK_INT >= 28) {
                            com.bumptech.glide.load.resource.bitmap.a.D();
                            wrappedKeyEntry = com.bumptech.glide.load.resource.bitmap.a.j(bArr, str2, build);
                        } else {
                            wrappedKeyEntry = null;
                        }
                        keyStore.setEntry(str, wrappedKeyEntry, null);
                        Log.i(str3, "Try cnt :" + i4 + " SUCCESS");
                        break;
                    } catch (KeyStoreException unused) {
                        String str4 = TAG;
                        Log.i(str4, "Fail set entry, Try again with another digest");
                        Log.i(str4, "finally failSetEntry : true | try :" + i4);
                        i4++;
                        i++;
                    }
                } catch (Throwable unused2) {
                    Log.i(TAG, "Try cnt :" + i4 + " SUCCESS");
                }
            }
            if (keyStore.getKey(str, null) != null) {
                Log.i(TAG, "secureKeyImport succeeded for " + str);
                return true;
            }
            Log.i(TAG, "secureKeyImport failed for " + str);
            return false;
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException | CertificateException e) {
            e.printStackTrace();
            return false;
        }
    }

    public byte[] decryptData(String str, byte[] bArr) {
        return decryptData(getKey(str), bArr);
    }

    public boolean decryptStream(String str, InputStream inputStream, OutputStream outputStream) {
        return decryptStream(getKey(str), inputStream, outputStream);
    }

    public byte[] encryptData(String str, byte[] bArr) {
        return encryptData(getKey(str), bArr);
    }

    public boolean encryptStream(String str, InputStream inputStream, OutputStream outputStream) {
        return encryptStream(getKey(str), inputStream, outputStream);
    }
}
