package com.samsung.android.service.health.security;

import android.content.Context;
import com.android.tools.r8.GeneratedOutlineSupport;
import com.samsung.android.database.sqlite.SecSQLiteDatabase;
import com.samsung.android.sdk.healthdata.privileged.util.DataUtil;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.Key;
import java.security.KeyException;
import java.security.KeyStore;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.Arrays;
import javax.crypto.BadPaddingException;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;

/* loaded from: classes8.dex */
class AksKeyRepository implements KeyRepository {
    private Context mContext;
    private byte[] mDbKey;
    private static final String TAG = DataUtil.makeTag("AksKeyRepository");
    private static final Object OP_LOCK = new Object();
    private static final Integer RECHECK_RETRY_COUNT = 3;

    /* JADX INFO: Access modifiers changed from: package-private */
    public AksKeyRepository(Context context) {
        this.mContext = context;
    }

    private void checkIvValidity() throws KeyException, IOException, NoSuchAlgorithmException {
        byte[] byteFromFile = KeyOperation.getByteFromFile(this.mContext, "aks_verify_iv");
        if (Arrays.equals(byteFromFile, MessageDigest.getInstance("SHA256").digest(KeyOperation.getIvFromAndroidId(this.mContext)))) {
            return;
        }
        if (byteFromFile.length != 0) {
            throw new KeyException("invalid iv");
        }
        throw new KeyException(GeneratedOutlineSupport.outline125("invalid iv", "(empty)"));
    }

    private void checkKeyValidity(Key key) throws KeyException, IOException, NoSuchAlgorithmException, IllegalBlockSizeException, BadPaddingException, InvalidAlgorithmParameterException, NoSuchPaddingException {
        byte[] cipherMessage = KeyOperation.cipherMessage(this.mContext, KeyOperation.getByteFromFile(this.mContext, "aks_verify"), key, false);
        byte[] digest = MessageDigest.getInstance("SHA256").digest(Arrays.copyOf(cipherMessage, SecSQLiteDatabase.OPEN_FULLMUTEX));
        byte[] bArr = new byte[digest.length];
        System.arraycopy(cipherMessage, cipherMessage.length - digest.length, bArr, 0, digest.length);
        if (!Arrays.equals(digest, bArr)) {
            throw new KeyException("invalid key");
        }
    }

    /* JADX WARN: Code restructure failed: missing block: B:25:0x00ec, code lost:
    
        if (r10 == com.samsung.android.service.health.security.AksKeyRepository.RECHECK_RETRY_COUNT.intValue()) goto L44;
     */
    /* JADX WARN: Code restructure failed: missing block: B:48:0x0181, code lost:
    
        if (r5 == com.samsung.android.service.health.security.AksKeyRepository.RECHECK_RETRY_COUNT.intValue()) goto L55;
     */
    /* JADX WARN: Removed duplicated region for block: B:36:0x0151  */
    /* JADX WARN: Removed duplicated region for block: B:37:0x015a  */
    /* JADX WARN: Removed duplicated region for block: B:39:0x0165 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:45:0x016c A[EDGE_INSN: B:45:0x016c->B:46:0x016c BREAK  A[LOOP:0: B:9:0x0023->B:43:0x0168], SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private java.security.Key createAndStoreKey() {
        /*
            Method dump skipped, instructions count: 438
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.samsung.android.service.health.security.AksKeyRepository.createAndStoreKey():java.security.Key");
    }

    private byte[] getDbKeyFromAksWithValidityCheck() {
        Key keyFromAks = getKeyFromAks();
        if (keyFromAks == null) {
            AksLogger.doAksLogging(this.mContext, "AKS_GETKEY_FAIL", null, null);
            return null;
        }
        try {
            byte[] byteFromFile = KeyOperation.getByteFromFile(this.mContext, "aks");
            if (byteFromFile.length == 0) {
                AksLogger.doAksLogging(this.mContext, "AKS_GETKEY_EMPTY", null, null);
                return null;
            }
            try {
                boolean z = false;
                byte[] cipherMessage = KeyOperation.cipherMessage(this.mContext, byteFromFile, keyFromAks, false);
                if (cipherMessage == null) {
                    AksLogger.doAksLogging(this.mContext, "AKS_GETKEY_EMPTY", null, null);
                } else if (DbChecker.isDbKeyValid(this.mContext, cipherMessage, "AksDiffKey")) {
                    AksLogger.resetAksErrCount(this.mContext, "AKS_RESOTRED");
                    z = true;
                }
                if (z) {
                    return cipherMessage;
                }
            } catch (Exception e) {
                AksLogger.doAksLogging(this.mContext, "AKS_GETKEY_FAIL2", e.getClass().getSimpleName() + ", " + e.getMessage(), null);
            }
            try {
                checkIvValidity();
                checkKeyValidity(keyFromAks);
            } catch (Exception e2) {
                AksLogger.doAksLogging(this.mContext, "AKS_GETKEY_INVALID", GeneratedOutlineSupport.outline110(e2, GeneratedOutlineSupport.outline152("MSG=")), null);
            }
            return null;
        } catch (IOException e3) {
            AksLogger.doAksLogging(this.mContext, "AKS_GETKEY_FAIL1", e3.getClass().getSimpleName() + ", " + e3.getMessage(), null);
            return null;
        }
    }

    private Key getKeyFromAks() {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            return keyStore.getKey("AKS_ALIAS", null);
        } catch (Exception e) {
            Context context = this.mContext;
            StringBuilder outline152 = GeneratedOutlineSupport.outline152("MSG=");
            outline152.append(e.getClass().getSimpleName());
            outline152.append(" ");
            outline152.append(e.getMessage());
            AksLogger.doAksLogging(context, "AKS_GETKEY_ERR", outline152.toString(), null);
            return null;
        }
    }

    private boolean leaveVerificationHint(Key key) {
        byte[] generateRandom = KeyOperation.generateRandom(SecSQLiteDatabase.OPEN_FULLMUTEX);
        try {
            byte[] digest = MessageDigest.getInstance("SHA256").digest(generateRandom);
            byte[] bArr = new byte[generateRandom.length + digest.length];
            System.arraycopy(generateRandom, 0, bArr, 0, generateRandom.length);
            System.arraycopy(digest, 0, bArr, generateRandom.length, digest.length);
            byte[] cipherMessage = KeyOperation.cipherMessage(this.mContext, bArr, key, true);
            if (KeyOperation.saveBytesToFile(this.mContext, MessageDigest.getInstance("SHA256").digest(KeyOperation.getIvFromAndroidId(this.mContext)), "aks_verify_iv") && KeyOperation.saveBytesToFile(this.mContext, cipherMessage, "aks_verify")) {
                checkKeyValidity(key);
                AksLogger.resetAksErrCount(this.mContext, "AKS_KM_SETUP_RESTORED");
                return true;
            }
        } catch (Exception e) {
            Context context = this.mContext;
            StringBuilder outline152 = GeneratedOutlineSupport.outline152("MSG=");
            outline152.append(e.toString());
            outline152.append(",0");
            AksLogger.doAksLogging(context, "AKS_RECHK_FAIL", outline152.toString(), null);
        }
        return false;
    }

    /* JADX WARN: Removed duplicated region for block: B:11:0x00b7  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private byte[] storeKeyAndSetKrm(byte[] r6) {
        /*
            r5 = this;
            java.lang.String r0 = "aks"
            r1 = 0
            if (r6 == 0) goto L6
            goto L20
        L6:
            java.security.Key r6 = com.samsung.android.service.health.security.KeyOperation.createNewDbKey()     // Catch: java.lang.Exception -> L90
            if (r6 != 0) goto L1c
            java.lang.String r6 = com.samsung.android.service.health.security.AksKeyRepository.TAG     // Catch: java.lang.Exception -> L90
            java.lang.String r0 = "Fail to create new key"
            com.samsung.android.sdk.healthdata.privileged.util.DataUtil.LOGD(r6, r0)     // Catch: java.lang.Exception -> L90
            android.content.Context r6 = r5.mContext     // Catch: java.lang.Exception -> L90
            java.lang.String r0 = "AKS_KM_NK_FAIL"
            com.samsung.android.service.health.security.AksLogger.doAksLogging(r6, r0, r1, r1)     // Catch: java.lang.Exception -> L90
            goto Lb4
        L1c:
            byte[] r6 = r6.getEncoded()     // Catch: java.lang.Exception -> L90
        L20:
            if (r6 == 0) goto L88
            int r2 = r6.length     // Catch: java.lang.Exception -> L90
            if (r2 == 0) goto L88
            java.security.Key r2 = r5.createAndStoreKey()     // Catch: java.lang.Exception -> L90
            if (r2 != 0) goto L2d
            goto Lb4
        L2d:
            android.content.Context r3 = r5.mContext     // Catch: java.lang.Exception -> L90
            r4 = 1
            byte[] r3 = com.samsung.android.service.health.security.KeyOperation.cipherMessage(r3, r6, r2, r4)     // Catch: java.lang.Exception -> L90
            if (r3 == 0) goto L80
            int r4 = r3.length     // Catch: java.lang.Exception -> L90
            if (r4 == 0) goto L80
            android.content.Context r4 = r5.mContext     // Catch: java.lang.Exception -> L90
            boolean r4 = com.samsung.android.service.health.security.KeyOperation.saveBytesToFile(r4, r3, r0)     // Catch: java.lang.Exception -> L90
            if (r4 != 0) goto L5d
            android.content.Context r6 = r5.mContext     // Catch: java.lang.Exception -> L90
            java.io.File r6 = r6.getFileStreamPath(r0)     // Catch: java.lang.Exception -> L90
            boolean r6 = r6.delete()     // Catch: java.lang.Exception -> L90
            if (r6 == 0) goto L55
            java.security.KeyException r6 = new java.security.KeyException     // Catch: java.lang.Exception -> L90
            java.lang.String r0 = "fail to save"
            r6.<init>(r0)     // Catch: java.lang.Exception -> L90
            throw r6     // Catch: java.lang.Exception -> L90
        L55:
            java.security.KeyException r6 = new java.security.KeyException     // Catch: java.lang.Exception -> L90
            java.lang.String r0 = "fail to save and delete"
            r6.<init>(r0)     // Catch: java.lang.Exception -> L90
            throw r6     // Catch: java.lang.Exception -> L90
        L5d:
            android.content.Context r4 = r5.mContext     // Catch: java.lang.Exception -> L90
            byte[] r0 = com.samsung.android.service.health.security.KeyOperation.getByteFromFile(r4, r0)     // Catch: java.lang.Exception -> L90
            boolean r0 = java.util.Arrays.equals(r3, r0)     // Catch: java.lang.Exception -> L90
            if (r0 == 0) goto L78
            boolean r0 = r5.leaveVerificationHint(r2)     // Catch: java.lang.Exception -> L90
            if (r0 == 0) goto L70
            goto Lb5
        L70:
            java.security.KeyException r6 = new java.security.KeyException     // Catch: java.lang.Exception -> L90
            java.lang.String r0 = "fail to store key verification hint"
            r6.<init>(r0)     // Catch: java.lang.Exception -> L90
            throw r6     // Catch: java.lang.Exception -> L90
        L78:
            java.security.KeyException r6 = new java.security.KeyException     // Catch: java.lang.Exception -> L90
            java.lang.String r0 = "fail to verify"
            r6.<init>(r0)     // Catch: java.lang.Exception -> L90
            throw r6     // Catch: java.lang.Exception -> L90
        L80:
            java.security.KeyException r6 = new java.security.KeyException     // Catch: java.lang.Exception -> L90
            java.lang.String r0 = "empty"
            r6.<init>(r0)     // Catch: java.lang.Exception -> L90
            throw r6     // Catch: java.lang.Exception -> L90
        L88:
            java.security.KeyException r6 = new java.security.KeyException     // Catch: java.lang.Exception -> L90
            java.lang.String r0 = "empty db"
            r6.<init>(r0)     // Catch: java.lang.Exception -> L90
            throw r6     // Catch: java.lang.Exception -> L90
        L90:
            r6 = move-exception
            android.content.Context r0 = r5.mContext
            java.lang.String r2 = "MSG="
            java.lang.StringBuilder r2 = com.android.tools.r8.GeneratedOutlineSupport.outline152(r2)
            java.lang.Class r3 = r6.getClass()
            java.lang.String r3 = r3.getSimpleName()
            r2.append(r3)
            java.lang.String r6 = r6.getMessage()
            r2.append(r6)
            java.lang.String r6 = r2.toString()
            java.lang.String r2 = "AKS_KM_NK_ERR"
            com.samsung.android.service.health.security.AksLogger.doAksLogging(r0, r2, r6, r1)
        Lb4:
            r6 = r1
        Lb5:
            if (r6 == 0) goto Lc2
            android.content.Context r0 = r5.mContext
            com.samsung.android.service.health.security.KeyRetrievalMode r2 = com.samsung.android.service.health.security.KeyRetrievalMode.AKS_KEYSTORE
            boolean r0 = com.samsung.android.service.health.security.KeyRetrievalMode.set(r0, r2)
            if (r0 != 0) goto Lc2
            return r1
        Lc2:
            return r6
        */
        throw new UnsupportedOperationException("Method not decompiled: com.samsung.android.service.health.security.AksKeyRepository.storeKeyAndSetKrm(byte[]):byte[]");
    }

    public byte[] createAndStore() {
        byte[] storeKeyAndSetKrm;
        synchronized (OP_LOCK) {
            storeKeyAndSetKrm = storeKeyAndSetKrm(null);
        }
        return storeKeyAndSetKrm;
    }

    public byte[] migrate(byte[] bArr, KeyRetrievalMode keyRetrievalMode) {
        byte[] storeKeyAndSetKrm;
        synchronized (OP_LOCK) {
            storeKeyAndSetKrm = storeKeyAndSetKrm(bArr);
        }
        return storeKeyAndSetKrm;
    }

    @Override // com.samsung.android.service.health.security.KeyRepository
    public byte[] retrieve() {
        synchronized (OP_LOCK) {
            if (this.mDbKey == null) {
                this.mDbKey = getDbKeyFromAksWithValidityCheck();
            }
        }
        return this.mDbKey;
    }
}
