package com.coresuite.android.components.encryption;

import android.content.Context;
import android.content.SharedPreferences;
import androidx.annotation.NonNull;
import androidx.annotation.Nullable;
import com.coresuite.android.components.CoresuiteApplication;
import com.coresuite.android.utilities.JavaUtils;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import junit.framework.Assert;
import utilities.Trace;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes6.dex */
public final class Keychain {
    private static final String CIPHER_AES_TRANSFORMATION = "AES/ECB/PKCS5Padding";
    private static final String RSA_KEY_ALIAS = "coresuite-rsa";
    private static final String SHARED_PREFERENCES_FILE = "coresuite-cipher";
    private static final String SHARED_PREFERENCE_AES_KEY = "537016be-491a-4e70-8d36-62589736c76f";
    private static final String TAG = "Keychain";
    private final SharedPreferences preferences;
    private final AESKeyGenerator generator = new AESKeyGenerator();
    private final ICipherProvider rsaCipherProvider = new RSACipherProvider();
    private KeyStore keystore = getKeystore();

    private Keychain(@NonNull Context context) {
        this.preferences = context.getSharedPreferences(SHARED_PREFERENCES_FILE, 0);
    }

    @Nullable
    private Cipher getCipher(int i) {
        SecretKey createOrGetAESKey = createOrGetAESKey();
        try {
            Cipher cipher = Cipher.getInstance(CIPHER_AES_TRANSFORMATION);
            cipher.init(i, createOrGetAESKey);
            return cipher;
        } catch (InvalidKeyException | NoSuchAlgorithmException | NoSuchPaddingException e) {
            Trace.e(TAG, "Failed to create or initialize Cipher", e);
            return null;
        }
    }

    @Nullable
    private synchronized KeyStore getKeystore() {
        if (this.keystore == null) {
            try {
                Trace.i(TAG, "Keystore reference is null - obtaining instance...");
                KeyStore keyStore = KeyStore.getInstance(RSACipherProvider.KEYSTORE_NAME);
                this.keystore = keyStore;
                keyStore.load(null);
            } catch (IOException e) {
                e = e;
                Trace.e(TAG, "Failed to load the KeyStore", e);
            } catch (KeyStoreException e2) {
                Trace.e(TAG, "Failed to get an instance of the KeyStore", e2);
            } catch (NoSuchAlgorithmException e3) {
                e = e3;
                Trace.e(TAG, "Failed to load the KeyStore", e);
            } catch (CertificateException e4) {
                e = e4;
                Trace.e(TAG, "Failed to load the KeyStore", e);
            }
        }
        try {
            if (this.keystore != null) {
                Trace.i(TAG, "Reloading keystore aliases");
                this.keystore.aliases();
            }
        } catch (KeyStoreException e5) {
            Trace.e(TAG, "Failed to access KeyStore", e5);
        }
        return this.keystore;
    }

    private synchronized boolean hasEncryptedAESKey() {
        return JavaUtils.isNotNullNorEmptyString(this.preferences.getString(SHARED_PREFERENCE_AES_KEY, ""));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static synchronized Keychain newInstance() {
        Keychain keychain;
        synchronized (Keychain.class) {
            keychain = new Keychain(CoresuiteApplication.mContext);
        }
        return keychain;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @NonNull
    public synchronized SecretKey createOrGetAESKey() {
        SecretKey secretKey;
        secretKey = null;
        try {
            if (hasEncryptedAESKey()) {
                String str = TAG;
                Trace.i(str, "Attempting to retrieve existing AES key from preferences");
                String string = this.preferences.getString(SHARED_PREFERENCE_AES_KEY, null);
                Assert.assertNotNull("Encrypted AES key must not be null", string);
                byte[] doFinal = this.rsaCipherProvider.getDecryptCipher(RSA_KEY_ALIAS, this.keystore, CoresuiteApplication.mContext).doFinal(JavaUtils.fromBase64AsByteArray(string));
                Assert.assertNotNull("Decrypted AES key must not be null.", doFinal);
                SecretKey fromByteArray = this.generator.fromByteArray(doFinal);
                Assert.assertNotNull("Failed to generate AES key from byte array", doFinal);
                Trace.i(str, "Successfully retrieved AES key from preferences");
                secretKey = fromByteArray;
            } else {
                String str2 = TAG;
                Trace.i(str2, "Generating AES key...");
                SecretKey generateKey = this.generator.generateKey();
                Trace.i(str2, "Encrypting AES key...");
                Assert.assertTrue("Failed to write AES key to shared preferences", this.preferences.edit().putString(SHARED_PREFERENCE_AES_KEY, JavaUtils.toBase64(this.rsaCipherProvider.getEncryptCipher(RSA_KEY_ALIAS, this.keystore, CoresuiteApplication.mContext).doFinal(generateKey.getEncoded()))).commit());
                secretKey = generateKey;
            }
        } catch (BadPaddingException | IllegalBlockSizeException e) {
            Trace.e(TAG, "Failed to create or get the AES key", e);
        }
        Assert.assertNotNull("Generated or retrieved AES key is null!", secretKey);
        return secretKey;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Nullable
    public Cipher getDecryptCipher() {
        return getCipher(2);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Nullable
    public Cipher getEncryptCipher() {
        return getCipher(1);
    }
}
