package com.server.auditor.ssh.client.f.z;

import android.content.SharedPreferences;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import com.amazonaws.mobileconnectors.s3.transferutility.TransferTable;
import com.amazonaws.services.s3.internal.crypto.JceEncryptionConstants;
import com.server.auditor.ssh.client.app.TermiusApplication;
import java.math.BigInteger;
import java.nio.charset.Charset;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.util.GregorianCalendar;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.spec.GCMParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;
import l.p;

/* loaded from: classes2.dex */
public final class f implements com.server.auditor.ssh.client.f.z.d {
    public static final a a = new a(null);

    /* loaded from: classes2.dex */
    public static final class a {
        private a() {
        }

        public /* synthetic */ a(l.y.d.g gVar) {
            this();
        }

        public final byte[] a(String str) {
            l.y.d.k.b(str, "hex");
            int length = str.length();
            byte[] bArr = new byte[length / 2];
            for (int i2 = 0; i2 < length; i2 += 2) {
                bArr[i2 / 2] = (byte) ((Character.digit(str.charAt(i2), 16) << 4) + Character.digit(str.charAt(i2 + 1), 16));
            }
            return bArr;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes2.dex */
    public static final class b extends com.server.auditor.ssh.client.f.x.d {
        private final String a;
        private final String b;
        private KeyStore.PrivateKeyEntry c;
        private final KeyStore d;

        /* renamed from: e, reason: collision with root package name */
        private final com.server.auditor.ssh.client.app.e f3912e;

        public b(KeyStore keyStore, com.server.auditor.ssh.client.app.e eVar) {
            l.y.d.k.b(keyStore, "androidKeyStore");
            l.y.d.k.b(eVar, "keyValueRepository");
            this.d = keyStore;
            this.f3912e = eVar;
            this.a = "termius_secret_key_pair_api21_v1";
            this.b = "RSA/ECB/PKCS1Padding";
        }

        private final String a(byte[] bArr) {
            String encodeToString = Base64.encodeToString(bArr, 2);
            l.y.d.k.a((Object) encodeToString, "Base64.encodeToString(input, Base64.NO_WRAP)");
            return encodeToString;
        }

        private final byte[] b(String str) {
            byte[] decode = Base64.decode(str, 2);
            l.y.d.k.a((Object) decode, "Base64.decode(input, Base64.NO_WRAP)");
            return decode;
        }

        private final Cipher c() {
            Cipher cipher = Cipher.getInstance(this.b);
            KeyStore.PrivateKeyEntry privateKeyEntry = this.c;
            if (privateKeyEntry == null) {
                l.y.d.k.d("keyEntry");
                throw null;
            }
            cipher.init(2, privateKeyEntry.getPrivateKey());
            l.y.d.k.a((Object) cipher, "cipher");
            return cipher;
        }

        private final Cipher d() {
            Cipher cipher = Cipher.getInstance(this.b);
            KeyStore.PrivateKeyEntry privateKeyEntry = this.c;
            if (privateKeyEntry == null) {
                l.y.d.k.d("keyEntry");
                throw null;
            }
            Certificate certificate = privateKeyEntry.getCertificate();
            l.y.d.k.a((Object) certificate, "keyEntry.certificate");
            cipher.init(1, certificate.getPublicKey());
            l.y.d.k.a((Object) cipher, "cipher");
            return cipher;
        }

        @Override // com.server.auditor.ssh.client.f.x.d
        public com.server.auditor.ssh.client.app.e a() {
            return this.f3912e;
        }

        @Override // com.server.auditor.ssh.client.f.x.d
        public void a(String str) {
            l.y.d.k.b(str, TransferTable.COLUMN_KEY);
            a().edit().remove(str).apply();
        }

        @Override // com.server.auditor.ssh.client.f.x.d
        public byte[] a(String str, byte[] bArr) {
            l.y.d.k.b(str, TransferTable.COLUMN_KEY);
            l.y.d.k.b(bArr, "defaultValue");
            String string = a().getString(str, "");
            if (!(string == null || string.length() == 0)) {
                try {
                    bArr = c().doFinal(b(string));
                } catch (Throwable unused) {
                }
                l.y.d.k.a((Object) bArr, "try {\n                  …ltValue\n                }");
            }
            return bArr;
        }

        @Override // com.server.auditor.ssh.client.f.x.d
        public void b() {
            if (!this.d.isKeyEntry(this.a)) {
                KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
                GregorianCalendar gregorianCalendar = new GregorianCalendar();
                GregorianCalendar gregorianCalendar2 = new GregorianCalendar();
                gregorianCalendar2.add(1, 20);
                KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(TermiusApplication.e()).setAlias(this.a).setSubject(new X500Principal("CN=" + this.a)).setKeySize(3072).setStartDate(gregorianCalendar.getTime()).setEndDate(gregorianCalendar2.getTime()).setSerialNumber(BigInteger.valueOf(1337L)).build();
                l.y.d.k.a((Object) build, "KeyPairGeneratorSpec.Bui…                 .build()");
                keyPairGenerator.initialize(build);
                keyPairGenerator.genKeyPair();
            }
            KeyStore.Entry entry = this.d.getEntry(this.a, null);
            if (entry == null) {
                throw new p("null cannot be cast to non-null type java.security.KeyStore.PrivateKeyEntry");
            }
            this.c = (KeyStore.PrivateKeyEntry) entry;
            d();
        }

        @Override // com.server.auditor.ssh.client.f.x.d
        public void b(String str, byte[] bArr) {
            l.y.d.k.b(str, TransferTable.COLUMN_KEY);
            l.y.d.k.b(bArr, "value");
            byte[] doFinal = d().doFinal(bArr);
            SharedPreferences.Editor edit = a().edit();
            l.y.d.k.a((Object) doFinal, "encrypted");
            edit.putString(str, a(doFinal)).apply();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes2.dex */
    public static final class c extends com.server.auditor.ssh.client.f.x.d {
        private final String a;
        private final String b;
        private final a c;
        private KeyStore.SecretKeyEntry d;

        /* renamed from: e, reason: collision with root package name */
        private final KeyStore f3913e;

        /* renamed from: f, reason: collision with root package name */
        private final com.server.auditor.ssh.client.app.e f3914f;

        /* loaded from: classes2.dex */
        public static final class a {
            private final int a = 1;

            public final l.k<byte[], byte[]> a(byte[] bArr) {
                byte[] a;
                byte[] a2;
                l.y.d.k.b(bArr, "input");
                byte b = bArr[0];
                int i2 = this.a;
                a = l.t.h.a(bArr, i2, i2 + b);
                a2 = l.t.h.a(bArr, this.a + b, bArr.length);
                return new l.k<>(a, a2);
            }

            public final byte[] a(byte[] bArr, byte[] bArr2) {
                byte[] a;
                byte[] a2;
                byte[] a3;
                l.y.d.k.b(bArr, "input");
                l.y.d.k.b(bArr2, "iv");
                a = l.t.h.a(new byte[0], (byte) bArr2.length);
                a2 = l.t.h.a(a, bArr2);
                a3 = l.t.h.a(a2, bArr);
                return a3;
            }
        }

        public c(KeyStore keyStore, com.server.auditor.ssh.client.app.e eVar) {
            l.y.d.k.b(keyStore, "androidKeyStore");
            l.y.d.k.b(eVar, "keyValueRepository");
            this.f3913e = keyStore;
            this.f3914f = eVar;
            this.a = "termius_secret_key_api23_v1";
            this.b = "AES/GCM/NoPadding";
            this.c = new a();
        }

        private final Cipher a(byte[] bArr) {
            Cipher cipher = Cipher.getInstance(this.b);
            GCMParameterSpec gCMParameterSpec = new GCMParameterSpec(128, bArr);
            KeyStore.SecretKeyEntry secretKeyEntry = this.d;
            if (secretKeyEntry == null) {
                l.y.d.k.d("keyEntry");
                throw null;
            }
            cipher.init(2, secretKeyEntry.getSecretKey(), gCMParameterSpec);
            l.y.d.k.a((Object) cipher, "cipher");
            return cipher;
        }

        private final String b(byte[] bArr) {
            String encodeToString = Base64.encodeToString(bArr, 2);
            l.y.d.k.a((Object) encodeToString, "Base64.encodeToString(input, Base64.NO_WRAP)");
            return encodeToString;
        }

        private final byte[] b(String str) {
            byte[] decode = Base64.decode(str, 2);
            l.y.d.k.a((Object) decode, "Base64.decode(input, Base64.NO_WRAP)");
            return decode;
        }

        private final Cipher c() {
            Cipher cipher = Cipher.getInstance(this.b);
            KeyStore.SecretKeyEntry secretKeyEntry = this.d;
            if (secretKeyEntry == null) {
                l.y.d.k.d("keyEntry");
                throw null;
            }
            cipher.init(1, secretKeyEntry.getSecretKey());
            l.y.d.k.a((Object) cipher, "cipher");
            return cipher;
        }

        @Override // com.server.auditor.ssh.client.f.x.d
        public com.server.auditor.ssh.client.app.e a() {
            return this.f3914f;
        }

        @Override // com.server.auditor.ssh.client.f.x.d
        public void a(String str) {
            l.y.d.k.b(str, TransferTable.COLUMN_KEY);
            a().edit().remove(str).apply();
        }

        @Override // com.server.auditor.ssh.client.f.x.d
        public byte[] a(String str, byte[] bArr) {
            l.y.d.k.b(str, TransferTable.COLUMN_KEY);
            l.y.d.k.b(bArr, "defaultValue");
            String string = a().getString(str, "");
            if (!(string == null || string.length() == 0)) {
                try {
                    l.k<byte[], byte[]> a2 = this.c.a(b(string));
                    bArr = a(a2.a()).doFinal(a2.b());
                } catch (Throwable unused) {
                }
                l.y.d.k.a((Object) bArr, "try {\n                  …ltValue\n                }");
            }
            return bArr;
        }

        @Override // com.server.auditor.ssh.client.f.x.d
        public void b() {
            if (Build.VERSION.SDK_INT < 23) {
                throw new IllegalStateException("AES cipher in AndroidKeyStore supports only on Android M and above.");
            }
            if (!this.f3913e.isKeyEntry(this.a)) {
                KeyGenerator keyGenerator = KeyGenerator.getInstance(JceEncryptionConstants.SYMMETRIC_KEY_ALGORITHM, "AndroidKeyStore");
                KeyGenParameterSpec build = new KeyGenParameterSpec.Builder(this.a, 3).setBlockModes("GCM").setEncryptionPaddings("NoPadding").setKeySize(256).build();
                l.y.d.k.a((Object) build, "KeyGenParameterSpec.Buil…                 .build()");
                keyGenerator.init(build);
                keyGenerator.generateKey();
            }
            KeyStore.Entry entry = this.f3913e.getEntry(this.a, null);
            if (entry == null) {
                throw new p("null cannot be cast to non-null type java.security.KeyStore.SecretKeyEntry");
            }
            this.d = (KeyStore.SecretKeyEntry) entry;
            c();
        }

        @Override // com.server.auditor.ssh.client.f.x.d
        public void b(String str, byte[] bArr) {
            l.y.d.k.b(str, TransferTable.COLUMN_KEY);
            l.y.d.k.b(bArr, "value");
            Cipher c = c();
            byte[] doFinal = c.doFinal(bArr);
            a aVar = this.c;
            l.y.d.k.a((Object) doFinal, "encrypted");
            byte[] iv = c.getIV();
            l.y.d.k.a((Object) iv, "cipher.iv");
            a().edit().putString(str, b(aVar.a(doFinal, iv))).apply();
        }
    }

    /* loaded from: classes2.dex */
    private static final class d {
        private final String a = "encrypted_storage_api_int";

        public final com.server.auditor.ssh.client.f.x.d a(KeyStore keyStore, com.server.auditor.ssh.client.app.e eVar, int i2) {
            int i3;
            com.server.auditor.ssh.client.f.x.d c0122f;
            l.y.d.k.b(eVar, "keyValueRepository");
            try {
                if (eVar.contains(this.a)) {
                    i3 = eVar.getInt(this.a, i2);
                } else {
                    eVar.edit().putInt(this.a, i2).apply();
                    i3 = i2;
                }
                if (i3 > i2) {
                    com.crystalnix.terminal.utils.f.a.b.a(new com.server.auditor.ssh.client.f.x.c("Actual sdk version is lower than currently uses " + i3 + '/' + i2 + '.'));
                }
                if (i3 != 0 && keyStore != null) {
                    c0122f = i3 < 23 ? new b(keyStore, eVar) : new c(keyStore, eVar);
                    c0122f.b();
                    return c0122f;
                }
                c0122f = new C0122f(eVar);
                c0122f.b();
                return c0122f;
            } catch (Throwable th) {
                com.crystalnix.terminal.utils.f.a.b.a(th);
                eVar.edit().putInt(this.a, 0).apply();
                C0122f c0122f2 = new C0122f(eVar);
                c0122f2.b();
                return c0122f2;
            }
        }
    }

    /* loaded from: classes2.dex */
    private static final class e extends com.server.auditor.ssh.client.f.e {
        private final byte[] c;

        /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
        public e(byte[] bArr) {
            super(null);
            l.y.d.k.b(bArr, TransferTable.COLUMN_KEY);
            this.c = bArr;
        }

        @Override // com.server.auditor.ssh.client.f.w.e
        public String a(String str) {
            l.y.d.k.b(str, "text");
            throw new IllegalStateException("Local encryption is not available.");
        }

        @Override // com.server.auditor.ssh.client.f.w.e
        public String b(String str) {
            l.y.d.k.b(str, "text");
            try {
                SecretKeySpec secretKeySpec = new SecretKeySpec(this.c, JceEncryptionConstants.SYMMETRIC_KEY_ALGORITHM);
                String a = a(Base64.decode(str, 0), secretKeySpec, secretKeySpec);
                l.y.d.k.a((Object) a, "decryptString(\n         …cretKey\n                )");
                return a;
            } catch (Exception unused) {
                return "";
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* renamed from: com.server.auditor.ssh.client.f.z.f$f, reason: collision with other inner class name */
    /* loaded from: classes2.dex */
    public static final class C0122f extends com.server.auditor.ssh.client.f.x.d {
        private final com.server.auditor.ssh.client.app.e a;

        public C0122f(com.server.auditor.ssh.client.app.e eVar) {
            l.y.d.k.b(eVar, "keyValueRepository");
            this.a = eVar;
        }

        private final String a(byte[] bArr) {
            String encodeToString = Base64.encodeToString(bArr, 2);
            l.y.d.k.a((Object) encodeToString, "Base64.encodeToString(input, Base64.NO_WRAP)");
            return encodeToString;
        }

        private final byte[] b(String str) {
            byte[] decode = Base64.decode(str, 2);
            l.y.d.k.a((Object) decode, "Base64.decode(input, Base64.NO_WRAP)");
            return decode;
        }

        @Override // com.server.auditor.ssh.client.f.x.d
        public com.server.auditor.ssh.client.app.e a() {
            return this.a;
        }

        @Override // com.server.auditor.ssh.client.f.x.d
        public void a(String str) {
            l.y.d.k.b(str, TransferTable.COLUMN_KEY);
            a().edit().remove(str).apply();
        }

        @Override // com.server.auditor.ssh.client.f.x.d
        public byte[] a(String str, byte[] bArr) {
            l.y.d.k.b(str, TransferTable.COLUMN_KEY);
            l.y.d.k.b(bArr, "defaultValue");
            String string = a().getString(str, "");
            if (!(string == null || string.length() == 0)) {
                try {
                } catch (Throwable unused) {
                    return bArr;
                }
            }
            return b(string);
        }

        @Override // com.server.auditor.ssh.client.f.x.d
        public void b() {
        }

        @Override // com.server.auditor.ssh.client.f.x.d
        public void b(String str, byte[] bArr) {
            l.y.d.k.b(str, TransferTable.COLUMN_KEY);
            l.y.d.k.b(bArr, "value");
            a().edit().putString(str, a(bArr)).apply();
        }
    }

    @Override // com.server.auditor.ssh.client.f.z.d
    public void a(KeyStore keyStore, com.server.auditor.ssh.client.app.e eVar, com.server.auditor.ssh.client.app.e eVar2) {
        l.y.d.k.b(eVar, "encryptionKeyValueRepository");
        l.y.d.k.b(eVar2, "mainKeyValueRepository");
        com.server.auditor.ssh.client.f.x.d a2 = new d().a(keyStore, eVar, Build.VERSION.SDK_INT);
        SharedPreferences.Editor edit = eVar2.edit();
        String string = eVar2.getString("local_secret_key", "");
        if (!(string == null || string.length() == 0)) {
            a2.b("local_secret_key", a.a(string));
            edit.remove("local_secret_key");
        }
        String string2 = eVar2.getString("remote_secret_key", "");
        if (!(string2 == null || string2.length() == 0)) {
            a2.b("remote_secret_key", a.a(string2));
            edit.remove("remote_secret_key");
        }
        String string3 = eVar2.getString("remote_hmac_secret_key", "");
        if (!(string3 == null || string3.length() == 0)) {
            a2.b("remote_hmac_secret_key", a.a(string3));
            edit.remove("remote_hmac_secret_key");
        }
        String string4 = eVar2.getString("SA_KEY", "");
        if (!(string4 == null || string4.length() == 0)) {
            Charset charset = l.e0.d.a;
            if (string4 == null) {
                throw new p("null cannot be cast to non-null type java.lang.String");
            }
            byte[] bytes = string4.getBytes(charset);
            l.y.d.k.a((Object) bytes, "(this as java.lang.String).getBytes(charset)");
            a2.b("api_authorization", bytes);
            edit.remove("SA_KEY");
        }
        String string5 = eVar2.getString("SA_USERNAME", "");
        if (!(string5 == null || string5.length() == 0)) {
            Charset charset2 = l.e0.d.a;
            if (string5 == null) {
                throw new p("null cannot be cast to non-null type java.lang.String");
            }
            byte[] bytes2 = string5.getBytes(charset2);
            l.y.d.k.a((Object) bytes2, "(this as java.lang.String).getBytes(charset)");
            a2.b("api_username", bytes2);
            edit.remove("SA_USERNAME");
        }
        String string6 = eVar2.getString("SA_SALT", "");
        if (!(string6 == null || string6.length() == 0)) {
            Charset charset3 = l.e0.d.a;
            if (string6 == null) {
                throw new p("null cannot be cast to non-null type java.lang.String");
            }
            byte[] bytes3 = string6.getBytes(charset3);
            l.y.d.k.a((Object) bytes3, "(this as java.lang.String).getBytes(charset)");
            a2.b("api_salt", bytes3);
            edit.remove("SA_SALT");
        }
        String string7 = eVar2.getString("SA_HMAC_SALT", "");
        if (!(string7 == null || string7.length() == 0)) {
            Charset charset4 = l.e0.d.a;
            if (string7 == null) {
                throw new p("null cannot be cast to non-null type java.lang.String");
            }
            byte[] bytes4 = string7.getBytes(charset4);
            l.y.d.k.a((Object) bytes4, "(this as java.lang.String).getBytes(charset)");
            a2.b("api_hmac_salt", bytes4);
            edit.remove("SA_HMAC_SALT");
        }
        String string8 = eVar2.getString("pin_screen_intent_code", "");
        if (!(string8 == null || string8.length() == 0)) {
            Charset charset5 = l.e0.d.a;
            if (string8 == null) {
                throw new p("null cannot be cast to non-null type java.lang.String");
            }
            byte[] bytes5 = string8.getBytes(charset5);
            l.y.d.k.a((Object) bytes5, "(this as java.lang.String).getBytes(charset)");
            a2.b("pin_screen_intent_code", bytes5);
            edit.remove("pin_screen_intent_code");
        }
        String string9 = eVar2.getString("pin_screen_lock_code", "");
        if (!(string9 == null || string9.length() == 0)) {
            Charset charset6 = l.e0.d.a;
            if (string9 == null) {
                throw new p("null cannot be cast to non-null type java.lang.String");
            }
            byte[] bytes6 = string9.getBytes(charset6);
            l.y.d.k.a((Object) bytes6, "(this as java.lang.String).getBytes(charset)");
            a2.b("pin_screen_lock_code", bytes6);
            edit.remove("pin_screen_lock_code");
        }
        if (!(string == null || string.length() == 0)) {
            e eVar3 = new e(a.a(string));
            String string10 = eVar2.getString("key_access_s3", "");
            if (!(string10 == null || string10.length() == 0)) {
                String b2 = eVar3.b(string10);
                Charset charset7 = l.e0.d.a;
                if (b2 == null) {
                    throw new p("null cannot be cast to non-null type java.lang.String");
                }
                byte[] bytes7 = b2.getBytes(charset7);
                l.y.d.k.a((Object) bytes7, "(this as java.lang.String).getBytes(charset)");
                a2.b("aws_access_key", bytes7);
                edit.remove("key_access_s3");
            }
            String string11 = eVar2.getString("key_secret_s3", "");
            if (!(string11 == null || string11.length() == 0)) {
                String b3 = eVar3.b(string11);
                Charset charset8 = l.e0.d.a;
                if (b3 == null) {
                    throw new p("null cannot be cast to non-null type java.lang.String");
                }
                byte[] bytes8 = b3.getBytes(charset8);
                l.y.d.k.a((Object) bytes8, "(this as java.lang.String).getBytes(charset)");
                a2.b("aws_secret_key", bytes8);
                edit.remove("key_secret_s3");
            }
            String string12 = eVar2.getString("key_aws_bucket_name", "");
            if (!(string12 == null || string12.length() == 0)) {
                String b4 = eVar3.b(string12);
                Charset charset9 = l.e0.d.a;
                if (b4 == null) {
                    throw new p("null cannot be cast to non-null type java.lang.String");
                }
                byte[] bytes9 = b4.getBytes(charset9);
                l.y.d.k.a((Object) bytes9, "(this as java.lang.String).getBytes(charset)");
                a2.b("aws_s3_bucket_name", bytes9);
                edit.remove("key_aws_bucket_name");
            }
        }
        String string13 = eVar2.getString("fcm_push_token", "");
        if (!(string13 == null || string13.length() == 0)) {
            Charset charset10 = l.e0.d.a;
            if (string13 == null) {
                throw new p("null cannot be cast to non-null type java.lang.String");
            }
            byte[] bytes10 = string13.getBytes(charset10);
            l.y.d.k.a((Object) bytes10, "(this as java.lang.String).getBytes(charset)");
            a2.b("fcm_push_token", bytes10);
            edit.remove("fcm_push_token");
        }
        edit.apply();
    }
}
