package com.microsoft.kapp.services.crypto;

import android.annotation.SuppressLint;
import android.content.Context;
import com.microsoft.cargo.util.StreamUtils;
import com.microsoft.kapp.logging.KLog;
import java.io.ByteArrayOutputStream;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.math.BigInteger;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.spec.InvalidKeySpecException;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: classes.dex */
public class CryptoProviderImpl implements CryptoProvider {
    private static final String CIPHER_ALGORITHM = "AES/CBC/PKCS5Padding";
    private static final String CREDENTIAL_KEY_FILE = "credentials.key";
    private static final int IV_LENGTH = 16;
    private static final int OUTPUT_KEY_LENGTH = 256;
    private static final String PASSPHRASE = "12uhd8349129d93489udu934";
    private static final String PBE_ALGORITHM = "PBKDF2WithHmacSHA1";
    public static final int PBE_ITERATION_COUNT = 1000;
    private static final String PROVIDER = "BC";
    private static final String RANDOM_ALGORITHM = "SHA1PRNG";
    private Context mContext;
    private static final String TAG = CryptoProvider.class.getSimpleName();
    private static final Object CREDENTIALS_KEY_LOCK = new Object();

    public CryptoProviderImpl(Context context) {
        this.mContext = context;
    }

    private byte[] fromHex(String str) {
        byte[] bArr = new byte[str.length() / 2];
        for (int i = 0; i < bArr.length; i++) {
            bArr[i] = (byte) Integer.parseInt(str.substring(i * 2, (i * 2) + 2), 16);
        }
        return bArr;
    }

    @SuppressLint({"TrulyRandom"})
    private byte[] generateIv() throws NoSuchAlgorithmException {
        byte[] bArr = new byte[16];
        SecureRandom.getInstance(RANDOM_ALGORITHM).nextBytes(bArr);
        return bArr;
    }

    private SecretKey generateKey(byte[] bArr, char[] cArr) throws NoSuchAlgorithmException, InvalidKeySpecException {
        return SecretKeyFactory.getInstance(PBE_ALGORITHM).generateSecret(new PBEKeySpec(cArr, bArr, 1000, 256));
    }

    private byte[] getGeneratedCryptoKey() {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        FileInputStream fileInputStream = null;
        try {
            synchronized (CREDENTIALS_KEY_LOCK) {
                fileInputStream = this.mContext.openFileInput(CREDENTIAL_KEY_FILE);
                byte[] bArr = new byte[1024];
                while (true) {
                    int read = fileInputStream.read(bArr);
                    if (read == -1) {
                        break;
                    }
                    byteArrayOutputStream.write(bArr, 0, read);
                }
            }
        } catch (FileNotFoundException e) {
            KLog.d(TAG, "unable to get key", e);
        } catch (IOException e2) {
            KLog.d(TAG, "unable to get key", e2);
        } catch (Exception e3) {
            KLog.d(TAG, "unable to get key", e3);
        } finally {
            StreamUtils.closeQuietly(fileInputStream);
            StreamUtils.closeQuietly(byteArrayOutputStream);
        }
        return byteArrayOutputStream.toByteArray();
    }

    @SuppressLint({"TrulyRandom"})
    private byte[] getSalt(boolean z) throws NoSuchAlgorithmException, CryptoException {
        byte[] generatedCryptoKey = getGeneratedCryptoKey();
        if (generatedCryptoKey != null && generatedCryptoKey.length != 0) {
            return generatedCryptoKey;
        }
        if (!z) {
            throw new CryptoException("Stored decryption key not found");
        }
        SecureRandom secureRandom = new SecureRandom();
        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
        keyGenerator.init(256, secureRandom);
        SecretKey generateKey = keyGenerator.generateKey();
        setGeneratedCryptoKey(generateKey.getEncoded());
        return generateKey.getEncoded();
    }

    private void setGeneratedCryptoKey(byte[] bArr) {
        try {
            synchronized (CREDENTIALS_KEY_LOCK) {
                this.mContext.openFileOutput(CREDENTIAL_KEY_FILE, 0).write(bArr);
            }
        } catch (FileNotFoundException e) {
            KLog.e(TAG, "unable to set key", e);
        } catch (IOException e2) {
            KLog.e(TAG, "unable to set key", e2);
        }
    }

    private String toHex(byte[] bArr) {
        String bigInteger = new BigInteger(1, bArr).toString(16);
        int length = (bArr.length * 2) - bigInteger.length();
        return length > 0 ? String.format("%0" + length + "d", 0) + bigInteger : bigInteger;
    }

    @Override // com.microsoft.kapp.services.crypto.CryptoProvider
    public String decrypt(String str) throws CryptoException {
        try {
            SecretKeySpec secretKeySpec = new SecretKeySpec(generateKey(getSalt(false), PASSPHRASE.toCharArray()).getEncoded(), "AES");
            Cipher cipher = Cipher.getInstance(CIPHER_ALGORITHM, PROVIDER);
            String substring = str.substring(0, 32);
            String substring2 = str.substring(32);
            cipher.init(2, secretKeySpec, new IvParameterSpec(fromHex(substring)));
            return new String(cipher.doFinal(fromHex(substring2)), "UTF-8");
        } catch (Exception e) {
            throw new CryptoException("Unable to decrypt", e);
        }
    }

    @Override // com.microsoft.kapp.services.crypto.CryptoProvider
    public String encrypt(String str) throws CryptoException {
        try {
            SecretKeySpec secretKeySpec = new SecretKeySpec(generateKey(getSalt(true), PASSPHRASE.toCharArray()).getEncoded(), "AES");
            byte[] generateIv = generateIv();
            String hex = toHex(generateIv);
            IvParameterSpec ivParameterSpec = new IvParameterSpec(generateIv);
            Cipher cipher = Cipher.getInstance(CIPHER_ALGORITHM, PROVIDER);
            cipher.init(1, secretKeySpec, ivParameterSpec);
            return hex + toHex(cipher.doFinal(str.getBytes("UTF-8")));
        } catch (Exception e) {
            throw new CryptoException("Unable to encrypt", e);
        }
    }
}
