package com.tozny.e3db.android;

import android.os.Build;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Log;
import com.google.android.gms.stats.CodePackage;
import com.moovel.rider.ui.SecurityProtectedDialogFragmentKt;
import com.tozny.e3db.android.KeyAuthentication;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;

/* loaded from: classes2.dex */
class AKSWrapper {
    private static final String TAG = "AKSWrapper";

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: com.tozny.e3db.android.AKSWrapper$1, reason: invalid class name */
    /* loaded from: classes2.dex */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$com$tozny$e3db$android$KeyAuthentication$KeyAuthenticationType;

        static {
            int[] iArr = new int[KeyAuthentication.KeyAuthenticationType.values().length];
            $SwitchMap$com$tozny$e3db$android$KeyAuthentication$KeyAuthenticationType = iArr;
            try {
                iArr[KeyAuthentication.KeyAuthenticationType.FINGERPRINT.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                $SwitchMap$com$tozny$e3db$android$KeyAuthentication$KeyAuthenticationType[KeyAuthentication.KeyAuthenticationType.LOCK_SCREEN.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
            try {
                $SwitchMap$com$tozny$e3db$android$KeyAuthentication$KeyAuthenticationType[KeyAuthentication.KeyAuthenticationType.PASSWORD.ordinal()] = 3;
            } catch (NoSuchFieldError unused3) {
            }
            try {
                $SwitchMap$com$tozny$e3db$android$KeyAuthentication$KeyAuthenticationType[KeyAuthentication.KeyAuthenticationType.NONE.ordinal()] = 4;
            } catch (NoSuchFieldError unused4) {
            }
        }
    }

    AKSWrapper() {
    }

    private static void createSecretKeyIfNeeded(String str, KeyAuthentication keyAuthentication) {
        try {
            Log.d(TAG, "createSecretKeyIfNeeded: " + str + "; " + keyAuthentication.authenticationType());
            KeyStore keyStore = KeyStore.getInstance(SecurityProtectedDialogFragmentKt.ANDROID_KEYSTORE);
            keyStore.load(null);
            if (keyStore.containsAlias(str)) {
                return;
            }
            Log.d(TAG, "Creating key.");
            KeyGenParameterSpec.Builder encryptionPaddings = new KeyGenParameterSpec.Builder(str, 3).setBlockModes(CodePackage.GCM).setKeySize(256).setEncryptionPaddings("NoPadding");
            if (Build.VERSION.SDK_INT >= 24) {
                encryptionPaddings.setInvalidatedByBiometricEnrollment(false);
            }
            int i = AnonymousClass1.$SwitchMap$com$tozny$e3db$android$KeyAuthentication$KeyAuthenticationType[keyAuthentication.authenticationType().ordinal()];
            if (i == 1) {
                encryptionPaddings.setUserAuthenticationRequired(true);
            } else if (i == 2) {
                encryptionPaddings.setUserAuthenticationRequired(true).setUserAuthenticationValidityDurationSeconds(keyAuthentication.validUntilSecondsSinceUnlock());
            } else {
                if (i == 3) {
                    throw new IllegalArgumentException("info: Password protection not supported.");
                }
                if (i != 4) {
                    throw new IllegalStateException("Unhandled protection type: " + keyAuthentication.authenticationType());
                }
            }
            KeyGenParameterSpec build = encryptionPaddings.build();
            Log.d(TAG, "Spec built.");
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", SecurityProtectedDialogFragmentKt.ANDROID_KEYSTORE);
            keyGenerator.init(build);
            keyGenerator.generateKey();
            Log.d(TAG, "Key generated.");
        } catch (IOException | InvalidAlgorithmParameterException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | CertificateException e) {
            Log.d(TAG, "error (" + e.getClass().getCanonicalName() + "): " + e.getMessage(), e);
            throw new RuntimeException(e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static SecretKey getSecretKey(String str, KeyAuthentication keyAuthentication) throws UnrecoverableKeyException {
        try {
            Log.d(TAG, "getSecretKey: " + str + ";" + keyAuthentication.authenticationType());
            createSecretKeyIfNeeded(str, keyAuthentication);
            KeyStore keyStore = KeyStore.getInstance(SecurityProtectedDialogFragmentKt.ANDROID_KEYSTORE);
            keyStore.load(null);
            Key key = keyStore.getKey(str, null);
            StringBuilder sb = new StringBuilder();
            sb.append("got key: ");
            sb.append(key != null);
            Log.d(TAG, sb.toString());
            return (SecretKey) key;
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            Log.d(TAG, "error (" + e.getClass().getCanonicalName() + "): " + e.getMessage(), e);
            throw new RuntimeException(e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void removeSecretKey(String str) {
        try {
            Log.d(TAG, "removeSecretKey: " + str);
            KeyStore keyStore = KeyStore.getInstance(SecurityProtectedDialogFragmentKt.ANDROID_KEYSTORE);
            keyStore.load(null);
            if (keyStore.containsAlias(str)) {
                Log.d(TAG, "deleting key.");
                keyStore.deleteEntry(str);
            }
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            Log.d(TAG, "error (" + e.getClass().getCanonicalName() + "): " + e.getMessage(), e);
            throw new RuntimeException(e);
        }
    }
}
