package com.tozny.e3db.android;

import android.content.Context;
import android.content.SharedPreferences;
import android.os.Build;
import android.util.Log;
import com.tozny.e3db.Base64;
import com.tozny.e3db.android.KeyAuthentication;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.spec.InvalidKeySpecException;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import lib.android.paypal.com.magnessdk.g;

/* loaded from: classes2.dex */
class FSKSWrapper {
    private static final String FSKS = "com.tozny.e3db.crypto.fsks";
    private static final String FSKS_LOC = "com.tozny.e3db.crypto.sys";
    private static final String TAG = "FSKSWrapper";
    private static volatile KeyStore fsKS;
    private static final Object keyStoreCreateLock = new Object();
    private static final Object keyStoreWriteLock = new Object();

    FSKSWrapper() {
    }

    private static void createSecretKeyIfNeeded(Context context, String str, KeyAuthentication keyAuthentication, String str2) {
        try {
            StringBuilder sb = new StringBuilder();
            sb.append("createSecretKeyIfNeeded ");
            sb.append(str);
            sb.append("; ");
            sb.append(keyAuthentication.authenticationType());
            sb.append("; ");
            sb.append(str2 != null);
            Log.d(TAG, sb.toString());
            KeyStore fsks = getFSKS(context);
            if (fsks.containsAlias(str)) {
                return;
            }
            Log.d(TAG, "Creating key.");
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
            keyGenerator.init(256);
            fsks.setEntry(str, new KeyStore.SecretKeyEntry(keyGenerator.generateKey()), getProtectionParameter(keyAuthentication, str2));
            Log.d(TAG, "Key created.");
            saveFSKS(context);
        } catch (KeyStoreException | NoSuchAlgorithmException e) {
            Log.d(TAG, "error (" + e.getClass().getCanonicalName() + "): " + e.getMessage(), e);
            throw new RuntimeException(e);
        }
    }

    private static boolean fileExists(Context context, String str) {
        return new File(context.getFilesDir(), str).exists();
    }

    private static KeyStore getFSKS(Context context) {
        Log.d(TAG, "getFSKS");
        if (fsKS == null) {
            synchronized (keyStoreCreateLock) {
                if (fsKS == null) {
                    try {
                        try {
                            KeyStore keyStore = KeyStore.getInstance("BKS");
                            Log.d(TAG, "Keystore: " + keyStore.getClass().getCanonicalName());
                            if (fileExists(context, FSKS)) {
                                Log.d(TAG, "reading existing keystore");
                                FileInputStream openFileInput = context.openFileInput(FSKS);
                                try {
                                    keyStore.load(openFileInput, getPerf(context, FSKS_LOC).toCharArray());
                                } finally {
                                    try {
                                        Log.d(TAG, "closing existing keystore");
                                        openFileInput.close();
                                    } catch (IOException e) {
                                        Log.d(TAG, e.getMessage(), e);
                                    }
                                }
                            } else {
                                Log.d(TAG, "creating keystore");
                                keyStore.load(null, null);
                                FileOutputStream openFileOutput = context.openFileOutput(FSKS, 0);
                                try {
                                    keyStore.store(openFileOutput, getPerf(context, FSKS_LOC).toCharArray());
                                } finally {
                                    try {
                                        Log.d(TAG, "closing new keystore");
                                        openFileOutput.close();
                                    } catch (IOException e2) {
                                        Log.d(TAG, e2.getMessage(), e2);
                                    }
                                }
                            }
                            fsKS = keyStore;
                        } catch (IOException e3) {
                            e = e3;
                            Log.d(TAG, "error (" + e.getClass().getCanonicalName() + "): " + e.getMessage(), e);
                            throw new RuntimeException(e);
                        }
                    } catch (KeyStoreException e4) {
                        e = e4;
                        Log.d(TAG, "error (" + e.getClass().getCanonicalName() + "): " + e.getMessage(), e);
                        throw new RuntimeException(e);
                    } catch (NoSuchAlgorithmException e5) {
                        e = e5;
                        Log.d(TAG, "error (" + e.getClass().getCanonicalName() + "): " + e.getMessage(), e);
                        throw new RuntimeException(e);
                    } catch (CertificateException e6) {
                        e = e6;
                        Log.d(TAG, "error (" + e.getClass().getCanonicalName() + "): " + e.getMessage(), e);
                        throw new RuntimeException(e);
                    }
                }
            }
        }
        return fsKS;
    }

    private static synchronized String getPerf(Context context, String str) {
        byte[] bArr;
        int i;
        byte[] decodeURL;
        String encodeURL;
        synchronized (FSKSWrapper.class) {
            Log.d(TAG, "getPerf");
            try {
                try {
                    if (fileExists(context, str)) {
                        bArr = new byte[65];
                        FileInputStream openFileInput = context.openFileInput(str);
                        try {
                            if (openFileInput.read(bArr) != 65) {
                                throw new RuntimeException("Invalid perf log");
                            }
                            SharedPreferences sharedPreferences = context.getSharedPreferences(str, 0);
                            i = sharedPreferences.getInt("r", -1);
                            decodeURL = Base64.decodeURL(sharedPreferences.getString(g.bq, null));
                        } finally {
                            try {
                                openFileInput.close();
                            } catch (IOException e) {
                                Log.d(TAG, e.getMessage(), e);
                            }
                        }
                    } else {
                        bArr = CipherManager.getRandomBytes(65);
                        for (int i2 = 0; i2 + 1 < bArr.length; i2 += 2) {
                            byte b = bArr[i2];
                            bArr[i2] = bArr[(i2 % 2 == 1 ? 1 : i2 - (i2 - 1)) + i2];
                            bArr[(i2 % 2 == 1 ? i2 - (i2 - 1) : 1) + i2] = b;
                        }
                        FileOutputStream openFileOutput = context.openFileOutput(str, 0);
                        try {
                            openFileOutput.write(bArr);
                            i = SecureRandom.getInstance("SHA1PRNG").nextInt(1000) + 10000;
                            decodeURL = CipherManager.getRandomBytes(20);
                            SharedPreferences.Editor edit = context.getSharedPreferences(str, 0).edit();
                            edit.putInt("r", i);
                            edit.putString(g.bq, Base64.encodeURL(decodeURL));
                            edit.apply();
                        } finally {
                            try {
                                openFileOutput.close();
                            } catch (IOException e2) {
                                Log.d(TAG, e2.getMessage(), e2);
                            }
                        }
                    }
                    for (int i3 = 0; i3 + 1 < bArr.length; i3 += 2) {
                        byte b2 = bArr[i3];
                        bArr[i3] = bArr[(i3 % 2 == 1 ? 1 : i3 - (i3 - 1)) + i3];
                        bArr[(i3 % 2 == 1 ? i3 - (i3 - 1) : 1) + i3] = b2;
                    }
                    encodeURL = Base64.encodeURL(SecretKeyFactory.getInstance("PBKDF2WITHHMACSHA1").generateSecret(new PBEKeySpec(Base64.encodeURL(bArr).toCharArray(), decodeURL, i, 160)).getEncoded());
                    StringBuilder sb = new StringBuilder();
                    sb.append("returning: ");
                    sb.append(encodeURL != null);
                    Log.d(TAG, sb.toString());
                } catch (IOException e3) {
                    e = e3;
                    Log.d(TAG, "error (" + e.getClass().getCanonicalName() + "): " + e.getMessage(), e);
                    throw new RuntimeException(e);
                }
            } catch (NoSuchAlgorithmException e4) {
                e = e4;
                Log.d(TAG, "error (" + e.getClass().getCanonicalName() + "): " + e.getMessage(), e);
                throw new RuntimeException(e);
            } catch (InvalidKeySpecException e5) {
                e = e5;
                Log.d(TAG, "error (" + e.getClass().getCanonicalName() + "): " + e.getMessage(), e);
                throw new RuntimeException(e);
            }
        }
        return encodeURL;
    }

    private static KeyStore.ProtectionParameter getProtectionParameter(KeyAuthentication keyAuthentication, String str) {
        if (keyAuthentication.authenticationType() == KeyAuthentication.KeyAuthenticationType.PASSWORD) {
            if (str == null || str.trim().length() == 0) {
                throw new IllegalArgumentException("password cannot be blank.");
            }
            return new KeyStore.PasswordProtection(str.toCharArray());
        }
        if (Build.VERSION.SDK_INT == 16 && keyAuthentication.authenticationType() == KeyAuthentication.KeyAuthenticationType.NONE) {
            return new KeyStore.PasswordProtection(null);
        }
        return null;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static SecretKey getSecretKey(Context context, String str, KeyAuthentication keyAuthentication, String str2) throws UnrecoverableKeyException {
        try {
            StringBuilder sb = new StringBuilder();
            sb.append("getSecretKey ");
            sb.append(str);
            sb.append("; ");
            sb.append(keyAuthentication.authenticationType());
            sb.append("; ");
            boolean z = true;
            sb.append(str2 != null);
            Log.d(TAG, sb.toString());
            createSecretKeyIfNeeded(context, str, keyAuthentication, str2);
            Key key = getFSKS(context).getKey(str, str2 == null ? null : str2.toCharArray());
            StringBuilder sb2 = new StringBuilder();
            sb2.append("got key: ");
            if (key == null) {
                z = false;
            }
            sb2.append(z);
            Log.d(TAG, sb2.toString());
            return (SecretKey) key;
        } catch (KeyStoreException | NoSuchAlgorithmException e) {
            Log.d(TAG, "error (" + e.getClass().getCanonicalName() + "): " + e.getMessage(), e);
            throw new RuntimeException(e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void removeSecretKey(Context context, String str) {
        try {
            Log.d(TAG, "removeSecretKey " + str);
            KeyStore fsks = getFSKS(context);
            if (fsks.containsAlias(str)) {
                Log.d(TAG, "deleting key.");
                fsks.deleteEntry(str);
                saveFSKS(context);
            }
        } catch (KeyStoreException e) {
            Log.d(TAG, "error (" + e.getClass().getCanonicalName() + "): " + e.getMessage(), e);
            throw new RuntimeException(e);
        }
    }

    private static void saveFSKS(Context context) {
        Log.d(TAG, "saveFSKS.");
        if (fsKS != null) {
            synchronized (keyStoreWriteLock) {
                try {
                    try {
                        FileOutputStream openFileOutput = context.openFileOutput(FSKS, 0);
                        try {
                            fsKS.store(openFileOutput, getPerf(context, FSKS_LOC).toCharArray());
                            Log.d(TAG, "Saved keystore.");
                        } finally {
                            try {
                                openFileOutput.close();
                            } catch (IOException e) {
                                Log.d(TAG, e.getMessage(), e);
                            }
                        }
                    } catch (IOException e2) {
                        e = e2;
                        Log.d(TAG, "error (" + e.getClass().getCanonicalName() + "): " + e.getMessage(), e);
                        throw new RuntimeException(e);
                    }
                } catch (KeyStoreException e3) {
                    e = e3;
                    Log.d(TAG, "error (" + e.getClass().getCanonicalName() + "): " + e.getMessage(), e);
                    throw new RuntimeException(e);
                } catch (NoSuchAlgorithmException e4) {
                    e = e4;
                    Log.d(TAG, "error (" + e.getClass().getCanonicalName() + "): " + e.getMessage(), e);
                    throw new RuntimeException(e);
                } catch (CertificateException e5) {
                    e = e5;
                    Log.d(TAG, "error (" + e.getClass().getCanonicalName() + "): " + e.getMessage(), e);
                    throw new RuntimeException(e);
                }
            }
        }
    }
}
