package com.alphero.security;

import android.content.Context;
import android.content.SharedPreferences;
import android.os.Build;
import android.util.Base64;
import com.alphero.security.Encrypter;
import com.alphero.security.exception.EncryptionException;
import com.alphero.security.exception.EncryptionUnsupported;
import com.alphero.security.util.EncryptionExtensions;
import java.security.NoSuchAlgorithmException;
import java.util.UUID;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import kotlin.text.d;

/* loaded from: classes.dex */
public class AppSecretEncrypter extends Encrypter<Encrypter.EncryptionResult, Encrypter.DecryptionResult> {
    private final AesEncrypter delegate;
    private boolean isKeystoreBacked;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public static class FallbackEncrypter extends KeyEncrypter {
        public FallbackEncrypter(SharedPreferences sharedPreferences, String str) throws EncryptionException {
            super(sharedPreferences, str);
        }

        private AesEncrypter createEncrypter(String str) {
            return new AesEncrypter(str).withKeyLength(256).withDerivationSaltLength(8).withDerivationIterations(1000);
        }

        private String getPrefName() {
            return this.keyName + "fb";
        }

        @Override // com.alphero.security.AppSecretEncrypter.KeyEncrypter
        void clear() {
            this.preferenceStore.edit().remove(getPrefName()).commit();
        }

        @Override // com.alphero.security.Encrypter
        public Encrypter.DecryptionResult decrypt(byte[] bArr) throws EncryptionException {
            return createEncrypter(this.preferenceStore.getString(getPrefName(), null)).decrypt(bArr);
        }

        @Override // com.alphero.security.Encrypter
        public Encrypter.EncryptionResult encrypt(byte[] bArr) throws EncryptionException {
            String uuid = UUID.randomUUID().toString();
            this.preferenceStore.edit().putString(getPrefName(), uuid).commit();
            return createEncrypter(uuid).encrypt(bArr);
        }
    }

    /* loaded from: classes.dex */
    public enum FallbackOption {
        FORCE,
        ALLOW,
        DISALLOW
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public static abstract class KeyEncrypter extends Encrypter<Encrypter.EncryptionResult, Encrypter.DecryptionResult> {
        protected final String keyName;
        protected final SharedPreferences preferenceStore;

        KeyEncrypter(SharedPreferences sharedPreferences, String str) throws EncryptionException {
            this.preferenceStore = sharedPreferences;
            this.keyName = str;
        }

        abstract void clear();
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public static class KeystoreKeyEncrypter extends KeyEncrypter {
        private final AndroidKeystoreEncrypter<?> delegate;

        public KeystoreKeyEncrypter(SharedPreferences sharedPreferences, String str, AndroidKeystoreEncrypter<?> androidKeystoreEncrypter) throws EncryptionException {
            super(sharedPreferences, str);
            this.delegate = androidKeystoreEncrypter;
        }

        @Override // com.alphero.security.AppSecretEncrypter.KeyEncrypter
        void clear() {
            this.delegate.clear();
        }

        @Override // com.alphero.security.Encrypter
        public Encrypter.DecryptionResult decrypt(byte[] bArr) throws EncryptionException {
            return this.delegate.decrypt(bArr);
        }

        @Override // com.alphero.security.Encrypter
        public Encrypter.EncryptionResult encrypt(byte[] bArr) throws EncryptionException {
            clear();
            return this.delegate.encrypt(bArr);
        }
    }

    public AppSecretEncrypter(Context context, SharedPreferences sharedPreferences, FallbackOption fallbackOption) throws EncryptionException {
        this.delegate = initEncrypter(context, sharedPreferences, fallbackOption, Build.VERSION.SDK_INT);
    }

    AppSecretEncrypter(Context context, SharedPreferences sharedPreferences, FallbackOption fallbackOption, int i) throws EncryptionException {
        this.delegate = initEncrypter(context, sharedPreferences, fallbackOption, i);
    }

    private KeyEncrypter getEncrypter(Context context, SharedPreferences sharedPreferences, int i) throws EncryptionException {
        String encodeToString = Base64.encodeToString(context.getPackageName().getBytes(d.f2489a), 3);
        if (i == 0) {
            return new FallbackEncrypter(sharedPreferences, encodeToString);
        }
        if (i == 1) {
            return new KeystoreKeyEncrypter(sharedPreferences, encodeToString, new RsaKeystoreEncrypter(context, encodeToString));
        }
        if (i == 2) {
            return new KeystoreKeyEncrypter(sharedPreferences, encodeToString, new AesKeystoreEncrypter(encodeToString));
        }
        throw new IllegalArgumentException("Not implemented: " + i);
    }

    static String getKeyName(String str) {
        return Base64.encodeToString(str.getBytes(d.f2489a), 3);
    }

    private int getLevelForSdk(int i, boolean z) {
        if (z) {
            return 0;
        }
        if (i >= 23) {
            return 2;
        }
        return i >= 18 ? 1 : 0;
    }

    private AesEncrypter initEncrypter(Context context, SharedPreferences sharedPreferences, FallbackOption fallbackOption, int i) throws EncryptionException {
        PRNGFixes.apply();
        return initEncrypter(context, sharedPreferences, fallbackOption, getLevelForSdk(i, fallbackOption == FallbackOption.FORCE), i);
    }

    private AesEncrypter initEncrypter(Context context, SharedPreferences sharedPreferences, FallbackOption fallbackOption, int i, int i2) throws EncryptionException {
        SecretKey generateKey;
        byte[] bArr;
        KeyEncrypter keyEncrypter;
        String str;
        if (i == 0 && fallbackOption == FallbackOption.DISALLOW) {
            throw new EncryptionUnsupported("Use of FallbackEncrypter not allowed");
        }
        boolean z = fallbackOption == FallbackOption.FORCE;
        String keyName = getKeyName(context.getPackageName());
        String str2 = keyName + "el";
        String str3 = keyName + "fr";
        String str4 = keyName + "iv";
        String str5 = keyName + "sdk";
        String str6 = keyName + "fd";
        String string = sharedPreferences.getString(keyName, null);
        if (string == null || "".equals(string)) {
            try {
                try {
                    KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
                    keyGenerator.init(128);
                    generateKey = keyGenerator.generateKey();
                    byte[] generateRandomData = EncryptionExtensions.generateRandomData(16);
                    KeyEncrypter encrypter = getEncrypter(context, sharedPreferences, i);
                    SharedPreferences.Editor edit = sharedPreferences.edit();
                    edit.putString(keyName, encrypter.encrypt(generateKey.getEncoded()).asString());
                    edit.putString(str4, Base64.encodeToString(generateRandomData, 3));
                    edit.putInt(str2, i);
                    edit.putInt(str5, i2);
                    edit.putBoolean(str6, z);
                    edit.apply();
                    bArr = generateRandomData;
                } catch (NoSuchAlgorithmException e) {
                    throw new EncryptionUnsupported(e);
                }
            } catch (EncryptionException e2) {
                if (i > 0) {
                    return initEncrypter(context, sharedPreferences, fallbackOption, i - 1, i2);
                }
                throw e2;
            }
        } else {
            int i3 = sharedPreferences.getInt(str2, -1);
            if (i3 == -1) {
                i3 = Math.min(1, getLevelForSdk(i2, sharedPreferences.getBoolean(str3, false) || !AndroidKeystoreEncrypter.containsAlias(keyName)));
            }
            try {
                KeyEncrypter encrypter2 = getEncrypter(context, sharedPreferences, i3);
                try {
                    generateKey = new SecretKeySpec(encrypter2.decrypt(string).asBytes(), "AES");
                    bArr = Base64.decode(sharedPreferences.getString(str4, null), 3);
                    if (!z) {
                        int i4 = sharedPreferences.getInt(str5, -1);
                        boolean z2 = sharedPreferences.getBoolean(str6, false);
                        if (i > i3 && (i2 != i4 || z != z2)) {
                            SharedPreferences.Editor edit2 = sharedPreferences.edit();
                            try {
                                edit2.putString(keyName, getEncrypter(context, sharedPreferences, i).encrypt(generateKey.getEncoded()).asString());
                                edit2.putInt(str2, i);
                            } catch (EncryptionException unused) {
                            } catch (Throwable th) {
                                edit2.putInt(str5, i2);
                                edit2.commit();
                                throw th;
                            }
                            edit2.putInt(str5, i2);
                            edit2.commit();
                        }
                    }
                } catch (Exception e3) {
                    e = e3;
                    keyEncrypter = encrypter2;
                    str = str3;
                    reset(sharedPreferences, keyName, str4, str);
                    if (keyEncrypter != null) {
                        keyEncrypter.clear();
                    }
                    if (e instanceof EncryptionException) {
                        throw e;
                    }
                    throw new EncryptionException(e);
                }
            } catch (Exception e4) {
                e = e4;
                keyEncrypter = null;
                str = str3;
            }
        }
        this.isKeystoreBacked = i > 0;
        return new AesEncrypter(generateKey).withIv(bArr);
    }

    @Override // com.alphero.security.Encrypter
    public Encrypter.DecryptionResult decrypt(byte[] bArr) throws EncryptionException {
        return this.delegate.decrypt(bArr);
    }

    @Override // com.alphero.security.Encrypter
    public Encrypter.EncryptionResult encrypt(byte[] bArr) throws EncryptionException {
        return this.delegate.encrypt(bArr);
    }

    public boolean isKeystoreBacked() {
        return this.isKeystoreBacked;
    }

    protected void reset(SharedPreferences sharedPreferences, String str, String str2, String str3) {
        SharedPreferences.Editor edit = sharedPreferences.edit();
        edit.remove(str);
        edit.remove(str2);
        edit.remove(str3);
        edit.commit();
    }
}
