package de.acebit.passworddepot.managers.biometry.internal;

import android.content.Context;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import com.google.android.gms.stats.CodePackage;
import com.google.gson.Gson;
import com.microsoft.identity.common.java.crypto.key.AES256KeyLoader;
import de.acebit.passworddepot.dependencies.logger.LoggerFactory;
import de.acebit.passworddepot.managers.SettingsManager;
import java.io.IOException;
import java.lang.reflect.Type;
import java.nio.charset.StandardCharsets;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.UnrecoverableEntryException;
import java.security.cert.CertificateException;
import java.util.ArrayList;
import java.util.List;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.GCMParameterSpec;

/* loaded from: classes4.dex */
public class EncryptedStorage<Type> {
    private static final String ANDROID_KEY_STORE = "AndroidKeyStore";
    private static final String KEY_NAME = "EncryptedAlias";
    private final String dataKey;
    private final Type tokenType;
    private final String vectorKey;

    public EncryptedStorage(String str, String str2, Type type) {
        this.dataKey = str;
        this.vectorKey = str2;
        this.tokenType = type;
    }

    private void clear(Context context) {
        SettingsManager.INSTANCE.saveString(context, this.dataKey, null);
        SettingsManager.INSTANCE.saveString(context, this.vectorKey, null);
    }

    private Cipher getCipher(Context context) {
        try {
            Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
            cipher.init(1, getSecretKey(KEY_NAME));
            return cipher;
        } catch (Exception e) {
            clear(context);
            LoggerFactory.INSTANCE.getLogger().logException(e);
            return null;
        }
    }

    private Cipher getCipherForDecryption(Context context, byte[] bArr) {
        try {
            Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
            cipher.init(2, readSecretKey(KEY_NAME), new GCMParameterSpec(128, bArr));
            return cipher;
        } catch (Exception e) {
            clear(context);
            LoggerFactory.INSTANCE.getLogger().logException(e);
            return null;
        }
    }

    private SecretKey getSecretKey(String str) throws NoSuchProviderException, NoSuchAlgorithmException, InvalidAlgorithmParameterException {
        KeyGenerator keyGenerator = KeyGenerator.getInstance(AES256KeyLoader.AES_ALGORITHM, ANDROID_KEY_STORE);
        keyGenerator.init(new KeyGenParameterSpec.Builder(str, 3).setBlockModes(CodePackage.GCM).setEncryptionPaddings("NoPadding").build());
        return keyGenerator.generateKey();
    }

    private SecretKey readSecretKey(String str) throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException, UnrecoverableEntryException {
        KeyStore keyStore = KeyStore.getInstance(ANDROID_KEY_STORE);
        keyStore.load(null);
        return ((KeyStore.SecretKeyEntry) keyStore.getEntry(str, null)).getSecretKey();
    }

    public List<Type> readAllRecords(Context context) {
        List<Type> list;
        try {
            String string = SettingsManager.INSTANCE.getString(context, this.dataKey, null);
            String string2 = SettingsManager.INSTANCE.getString(context, this.vectorKey, null);
            if (string != null && string2 != null) {
                Cipher cipherForDecryption = getCipherForDecryption(context, Base64.decode(string2, 0));
                if (cipherForDecryption == null) {
                    return null;
                }
                String str = new String(cipherForDecryption.doFinal(Base64.decode(string, 0)), StandardCharsets.UTF_8);
                return (str.isEmpty() || (list = (List) new Gson().fromJson(str, this.tokenType)) == null) ? new ArrayList() : list;
            }
            return new ArrayList();
        } catch (Exception e) {
            clear(context);
            LoggerFactory.INSTANCE.getLogger().logException(e);
            return null;
        }
    }

    public void saveRecords(Context context, List<Type> list) {
        try {
            Cipher cipher = getCipher(context);
            if (cipher == null) {
                return;
            }
            SettingsManager.INSTANCE.saveString(context, this.dataKey, Base64.encodeToString(cipher.doFinal(new Gson().toJson(list).getBytes(StandardCharsets.UTF_8)), 2));
            SettingsManager.INSTANCE.saveString(context, this.vectorKey, Base64.encodeToString(cipher.getIV(), 2));
        } catch (Exception e) {
            clear(context);
            LoggerFactory.INSTANCE.getLogger().logException(e);
        }
    }
}
