package com.pspdfkit.framework;

import android.annotation.SuppressLint;
import android.annotation.TargetApi;
import android.content.Context;
import android.security.KeyPairGeneratorSpec;
import android.util.Base64;
import android.util.Log;
import androidx.recyclerview.widget.RecyclerView;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.DigestException;
import java.security.GeneralSecurityException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.security.spec.AlgorithmParameterSpec;
import java.util.Calendar;
import java.util.Date;
import java.util.Locale;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.Mac;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes.dex */
public class ng2 implements mg2 {
    public final Context a;
    public KeyPair c;
    public String d;
    public SecretKey e = null;
    public SecretKey f = null;
    public SecretKey g = null;
    public final SecureRandom b = new SecureRandom();

    @SuppressLint({"TrulyRandom"})
    public ng2(Context context) {
        this.a = context.getApplicationContext();
    }

    public String a(String str) throws GeneralSecurityException, IOException {
        Log.v("StorageHelper", "Starting decryption");
        if (pg2.b(str)) {
            throw new IllegalArgumentException("Input is empty or null");
        }
        int charAt = str.charAt(0) - 'a';
        if (charAt <= 0) {
            throw new IllegalArgumentException(String.format("Encode version length: '%s' is not valid, it must be greater of equal to 0", Integer.valueOf(charAt)));
        }
        int i = charAt + 1;
        if (!str.substring(1, i).equals("E1")) {
            throw new IllegalArgumentException(String.format("Encode version received was: '%s', Encode version supported is: '%s'", str, "E1"));
        }
        byte[] decode = Base64.decode(str.substring(i), 0);
        String str2 = new String(decode, 0, 4, "UTF_8");
        Log.v("StorageHelper", "Encrypt version:" + str2);
        SecretKey c = c(str2);
        SecretKey a = a(c);
        int length = (decode.length - 16) + (-32);
        int length2 = decode.length - 32;
        int i2 = length - 4;
        if (length < 0 || length2 < 0 || i2 < 0) {
            throw new IOException("Invalid byte array input for decryption.");
        }
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
        Mac mac = Mac.getInstance("HmacSHA256");
        mac.init(a);
        mac.update(decode, 0, length2);
        byte[] doFinal = mac.doFinal();
        int length3 = decode.length;
        if (doFinal.length != length3 - length2) {
            throw new IllegalArgumentException("Unexpected HMAC length");
        }
        int i3 = length2;
        byte b = 0;
        while (i3 < length3) {
            byte b2 = (byte) (b | (doFinal[i3 - length2] ^ decode[i3]));
            i3++;
            b = b2;
        }
        if (b != 0) {
            throw new DigestException();
        }
        cipher.init(2, c, new IvParameterSpec(decode, length, 16));
        String str3 = new String(cipher.doFinal(decode, 4, i2), "UTF_8");
        Log.v("StorageHelper", "Finished decryption");
        return str3;
    }

    @TargetApi(18)
    public final AlgorithmParameterSpec a(Context context, Date date, Date date2) {
        return new KeyPairGeneratorSpec.Builder(context).setAlias("AdalKey").setSubject(new X500Principal(String.format(Locale.ROOT, "CN=%s, OU=%s", "AdalKey", context.getPackageName()))).setSerialNumber(BigInteger.ONE).setStartDate(date).setEndDate(date2).build();
    }

    public final SecretKey a(SecretKey secretKey) throws NoSuchAlgorithmException {
        byte[] encoded = secretKey.getEncoded();
        return encoded != null ? new SecretKeySpec(MessageDigest.getInstance("SHA256").digest(encoded), "AES") : secretKey;
    }

    @SuppressLint({"GetInstance"})
    @TargetApi(18)
    public final SecretKey a(byte[] bArr) throws GeneralSecurityException {
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
        cipher.init(4, this.c.getPrivate());
        try {
            return (SecretKey) cipher.unwrap(bArr, "AES", 3);
        } catch (IllegalArgumentException e) {
            throw new KeyStoreException(e);
        }
    }

    public final synchronized boolean a() throws GeneralSecurityException, IOException {
        KeyStore keyStore;
        keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null);
        try {
        } catch (NullPointerException e) {
            throw new KeyStoreException(e);
        }
        return keyStore.containsAlias("AdalKey");
    }

    public String b(String str) throws GeneralSecurityException, IOException {
        Log.v("StorageHelper", "Starting encryption");
        if (pg2.b(str)) {
            throw new IllegalArgumentException("Input is empty or null");
        }
        this.e = d();
        this.f = a(this.e);
        StringBuilder a = np.a("Encrypt version:");
        a.append(this.d);
        Log.v("StorageHelper", a.toString());
        byte[] bytes = this.d.getBytes("UTF_8");
        byte[] bytes2 = str.getBytes("UTF_8");
        byte[] bArr = new byte[16];
        this.b.nextBytes(bArr);
        IvParameterSpec ivParameterSpec = new IvParameterSpec(bArr);
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
        Mac mac = Mac.getInstance("HmacSHA256");
        cipher.init(1, this.e, ivParameterSpec);
        byte[] doFinal = cipher.doFinal(bytes2);
        mac.init(this.f);
        mac.update(bytes);
        mac.update(doFinal);
        mac.update(bArr);
        byte[] doFinal2 = mac.doFinal();
        byte[] bArr2 = new byte[bytes.length + doFinal.length + bArr.length + doFinal2.length];
        System.arraycopy(bytes, 0, bArr2, 0, bytes.length);
        System.arraycopy(doFinal, 0, bArr2, bytes.length, doFinal.length);
        System.arraycopy(bArr, 0, bArr2, bytes.length + doFinal.length, bArr.length);
        System.arraycopy(doFinal2, 0, bArr2, bytes.length + doFinal.length + bArr.length, doFinal2.length);
        String str2 = new String(Base64.encode(bArr2, 2), "UTF_8");
        Log.v("StorageHelper", "Finished encryption");
        return ((char) 99) + "E1" + str2;
    }

    @TargetApi(18)
    public final synchronized KeyPair b() throws GeneralSecurityException, IOException {
        KeyPairGenerator keyPairGenerator;
        KeyStore.getInstance("AndroidKeyStore").load(null);
        Log.v("StorageHelper", "Generate KeyPair from AndroidKeyStore");
        Calendar calendar = Calendar.getInstance();
        Calendar calendar2 = Calendar.getInstance();
        calendar2.add(1, 100);
        keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
        keyPairGenerator.initialize(a(this.a, calendar.getTime(), calendar2.getTime()));
        try {
        } catch (IllegalStateException e) {
            throw new KeyStoreException(e);
        }
        return keyPairGenerator.generateKeyPair();
    }

    public final void b(byte[] bArr) throws IOException {
        Log.v("StorageHelper", "Writing key data to a file");
        Context context = this.a;
        FileOutputStream fileOutputStream = new FileOutputStream(new File(context.getDir(context.getPackageName(), 0), "adalks"));
        try {
            fileOutputStream.write(bArr);
        } finally {
            fileOutputStream.close();
        }
    }

    @TargetApi(18)
    public final synchronized SecretKey c() throws GeneralSecurityException, IOException {
        SecretKey a;
        Log.v("StorageHelper", "Reading SecretKey");
        try {
            a = a(e());
            Log.v("StorageHelper", "Finished reading SecretKey");
        } catch (IOException | GeneralSecurityException e) {
            Log.e("StorageHelper", "android_keystore_failed");
            this.c = null;
            Context context = this.a;
            File file = new File(context.getDir(context.getPackageName(), 0), "adalks");
            if (file.exists()) {
                Log.v("StorageHelper", "Delete KeyFile");
                if (!file.delete()) {
                    Log.v("StorageHelper", "Delete KeyFile failed");
                }
            }
            g();
            Log.v("StorageHelper", "Removed previous key pair info.");
            throw e;
        }
        return a;
    }

    /* JADX WARN: Removed duplicated region for block: B:10:0x0028  */
    /* JADX WARN: Removed duplicated region for block: B:22:0x004a A[Catch: all -> 0x0063, TryCatch #0 {, blocks: (B:3:0x0001, B:11:0x002a, B:13:0x002e, B:17:0x0032, B:20:0x0042, B:21:0x0049, B:22:0x004a, B:24:0x0052, B:27:0x005b, B:28:0x0062, B:29:0x0011, B:32:0x001b), top: B:2:0x0001 }] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public final synchronized javax.crypto.SecretKey c(java.lang.String r4) throws java.security.GeneralSecurityException, java.io.IOException {
        /*
            r3 = this;
            monitor-enter(r3)
            int r0 = r4.hashCode()     // Catch: java.lang.Throwable -> L63
            r1 = 1984080(0x1e4650, float:2.780288E-39)
            r2 = 1
            if (r0 == r1) goto L1b
            r1 = 2579900(0x275dbc, float:3.61521E-39)
            if (r0 == r1) goto L11
            goto L25
        L11:
            java.lang.String r0 = "U001"
            boolean r4 = r4.equals(r0)     // Catch: java.lang.Throwable -> L63
            if (r4 == 0) goto L25
            r4 = 0
            goto L26
        L1b:
            java.lang.String r0 = "A001"
            boolean r4 = r4.equals(r0)     // Catch: java.lang.Throwable -> L63
            if (r4 == 0) goto L25
            r4 = 1
            goto L26
        L25:
            r4 = -1
        L26:
            if (r4 == 0) goto L4a
            if (r4 != r2) goto L42
            javax.crypto.SecretKey r4 = r3.g     // Catch: java.lang.Throwable -> L63
            if (r4 == 0) goto L32
            javax.crypto.SecretKey r4 = r3.g     // Catch: java.lang.Throwable -> L63
            monitor-exit(r3)
            return r4
        L32:
            java.security.KeyPair r4 = r3.f()     // Catch: java.lang.Throwable -> L63
            r3.c = r4     // Catch: java.lang.Throwable -> L63
            javax.crypto.SecretKey r4 = r3.c()     // Catch: java.lang.Throwable -> L63
            r3.g = r4     // Catch: java.lang.Throwable -> L63
            javax.crypto.SecretKey r4 = r3.g     // Catch: java.lang.Throwable -> L63
            monitor-exit(r3)
            return r4
        L42:
            java.io.IOException r4 = new java.io.IOException     // Catch: java.lang.Throwable -> L63
            java.lang.String r0 = "Unknown keyVersion."
            r4.<init>(r0)     // Catch: java.lang.Throwable -> L63
            throw r4     // Catch: java.lang.Throwable -> L63
        L4a:
            com.pspdfkit.framework.jg2 r4 = com.pspdfkit.framework.jg2.INSTANCE     // Catch: java.lang.Throwable -> L63
            byte[] r4 = r4.b()     // Catch: java.lang.Throwable -> L63
            if (r4 == 0) goto L5b
            javax.crypto.spec.SecretKeySpec r0 = new javax.crypto.spec.SecretKeySpec     // Catch: java.lang.Throwable -> L63
            java.lang.String r1 = "AES"
            r0.<init>(r4, r1)     // Catch: java.lang.Throwable -> L63
            monitor-exit(r3)
            return r0
        L5b:
            java.lang.IllegalArgumentException r4 = new java.lang.IllegalArgumentException     // Catch: java.lang.Throwable -> L63
            java.lang.String r0 = "rawBytes"
            r4.<init>(r0)     // Catch: java.lang.Throwable -> L63
            throw r4     // Catch: java.lang.Throwable -> L63
        L63:
            r4 = move-exception
            monitor-exit(r3)
            throw r4
        */
        throw new UnsupportedOperationException("Method not decompiled: com.pspdfkit.framework.ng2.c(java.lang.String):javax.crypto.SecretKey");
    }

    public synchronized SecretKey d() throws IOException, GeneralSecurityException {
        return e(jg2.INSTANCE.b() == null ? "A001" : "U001");
    }

    public final synchronized SecretKey d(String str) throws GeneralSecurityException, IOException {
        if ("U001".equals(str)) {
            byte[] b = jg2.INSTANCE.b();
            if (b == null) {
                throw new IllegalArgumentException("rawBytes");
            }
            return new SecretKeySpec(b, "AES");
        }
        try {
            this.g = c(str);
        } catch (IOException | GeneralSecurityException unused) {
            Log.v("StorageHelper", "Key does not exist in AndroidKeyStore, try to generate new keys.");
        }
        if (this.g == null) {
            this.c = b();
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
            keyGenerator.init(RecyclerView.d0.FLAG_TMP_DETACHED, this.b);
            this.g = keyGenerator.generateKey();
            SecretKey secretKey = this.g;
            Log.v("StorageHelper", "Wrap secret key.");
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            cipher.init(3, this.c.getPublic());
            b(cipher.wrap(secretKey));
        }
        return this.g;
    }

    public synchronized SecretKey e(String str) throws IOException, GeneralSecurityException {
        if (this.e != null && this.f != null) {
            return this.e;
        }
        this.d = str;
        return d(this.d);
    }

    public final byte[] e() throws IOException {
        Context context = this.a;
        File file = new File(context.getDir(context.getPackageName(), 0), "adalks");
        if (!file.exists()) {
            throw new IOException("Key file to read does not exist");
        }
        Log.v("StorageHelper", "Reading key data from a file");
        FileInputStream fileInputStream = new FileInputStream(file);
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            byte[] bArr = new byte[RecyclerView.d0.FLAG_ADAPTER_FULLUPDATE];
            while (true) {
                int read = fileInputStream.read(bArr);
                if (read == -1) {
                    return byteArrayOutputStream.toByteArray();
                }
                byteArrayOutputStream.write(bArr, 0, read);
            }
        } finally {
            fileInputStream.close();
        }
    }

    public final synchronized KeyPair f() throws GeneralSecurityException, IOException {
        KeyStore.PrivateKeyEntry privateKeyEntry;
        if (!a()) {
            throw new KeyStoreException("KeyPair entry does not exist.");
        }
        Log.v("StorageHelper", "Reading Key entry");
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null);
        try {
            privateKeyEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry("AdalKey", null);
        } catch (RuntimeException e) {
            throw new KeyStoreException(e);
        }
        return new KeyPair(privateKeyEntry.getCertificate().getPublicKey(), privateKeyEntry.getPrivateKey());
    }

    @TargetApi(18)
    public final synchronized void g() throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null);
        keyStore.deleteEntry("AdalKey");
    }
}
