package com.samsung.android.mobileservice.authmigration.crypto;

import android.content.Context;
import android.security.keystore.KeyGenParameterSpec;
import com.bumptech.glide.load.Key;
import com.samsung.android.mobileservice.authmigration.preference.AppBase64Pref;
import com.samsung.android.mobileservice.authmigration.util.Util;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.lang.ref.WeakReference;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SecureRandom;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;

/* loaded from: classes2.dex */
public class AESCryptoBase {
    private static final String ALGORITHM = "AES/CBC/PKCS7PADDING";
    private static final String ANDROID_KEY_STORE = "AndroidKeyStore";
    private static final String SAMSUNG_ACCOUNT_KEY = "com.osp.app.signin_samsung_account_key";
    private static final String TAG = "Auth/AESCryptoBase";
    private WeakReference<Context> mContextRef;

    public AESCryptoBase() {
        Util.getInstance().logI(TAG, "AESCrypto creator !!");
    }

    private byte[] generateInitialValue(Context context) throws NoSuchPaddingException, NoSuchAlgorithmException, UnsupportedEncodingException {
        Util.getInstance().logD(TAG, "aescrypto generating IV for the first time during signin");
        byte[] bArr = new byte[Cipher.getInstance(ALGORITHM).getBlockSize()];
        new SecureRandom().nextBytes(bArr);
        new AppBase64Pref().setBytes(context, Base64.getInstance(), AppBase64Pref.KEY_INITIAL_VALUE, bArr);
        return bArr;
    }

    private byte[] getIV(Context context) throws UnsupportedEncodingException, NoSuchPaddingException, NoSuchAlgorithmException {
        byte[] bytes = new AppBase64Pref().getBytes(context, Base64.getInstance(), AppBase64Pref.KEY_INITIAL_VALUE, null);
        return (bytes == null || bytes.length <= 0) ? generateInitialValue(context) : bytes;
    }

    public String decrypt(Context context, String str) throws Exception {
        if (context == null) {
            return null;
        }
        SecretKey key = getKey(context);
        try {
            byte[] decode = Base64.getInstance().decode(str.getBytes(Key.STRING_CHARSET_NAME));
            Cipher cipher = Cipher.getInstance(ALGORITHM);
            cipher.init(2, key, new IvParameterSpec(getIV(context)));
            if (decode != null) {
                return new String(cipher.doFinal(decode), Key.STRING_CHARSET_NAME);
            }
            return null;
        } catch (Exception e) {
            Util.getInstance().logE(e);
            throw e;
        }
    }

    public String encrypt(String str) throws Exception {
        WeakReference<Context> weakReference = this.mContextRef;
        if (weakReference == null) {
            return null;
        }
        SecretKey key = getKey(weakReference.get());
        try {
            Cipher cipher = Cipher.getInstance(ALGORITHM);
            cipher.init(1, key, new IvParameterSpec(getIV(this.mContextRef.get())));
            return new String(Base64.getInstance().encode(cipher.doFinal(str.getBytes(Key.STRING_CHARSET_NAME))), Key.STRING_CHARSET_NAME);
        } catch (Exception e) {
            Util.getInstance().logE(e);
            throw e;
        }
    }

    protected void generateKey() throws RuntimeException {
        try {
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", ANDROID_KEY_STORE);
            keyGenerator.init(new KeyGenParameterSpec.Builder(SAMSUNG_ACCOUNT_KEY, 3).setBlockModes("CBC").setEncryptionPaddings("PKCS7Padding").setRandomizedEncryptionRequired(false).build());
            keyGenerator.generateKey();
        } catch (InvalidAlgorithmParameterException | NoSuchAlgorithmException | NoSuchProviderException e) {
            Util.getInstance().logE(e);
            throw new RuntimeException("failed initializing key generator", e);
        }
    }

    public SecretKey getKey(Context context) throws RuntimeException {
        try {
            KeyStore keyStore = KeyStore.getInstance(ANDROID_KEY_STORE);
            SecretKey secretKey = null;
            keyStore.load(null);
            try {
                try {
                    SecretKey secretKey2 = (SecretKey) keyStore.getKey(SAMSUNG_ACCOUNT_KEY, null);
                    if (secretKey2 != null) {
                        return secretKey2;
                    }
                    try {
                        Util.getInstance().logD(TAG, "generating key for the first time");
                        generateKey();
                        return (SecretKey) keyStore.getKey(SAMSUNG_ACCOUNT_KEY, null);
                    } catch (UnrecoverableKeyException e) {
                        e = e;
                        secretKey = secretKey2;
                        Util.getInstance().logE(e);
                        handleUnrecoverableKeyException(context, e);
                        return secretKey;
                    }
                } catch (UnrecoverableKeyException e2) {
                    e = e2;
                }
            } catch (KeyStoreException | NoSuchAlgorithmException e3) {
                Util.getInstance().logE(e3);
                throw new RuntimeException("failed initializing key generator", e3);
            }
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e4) {
            Util.getInstance().logE(e4);
            throw new RuntimeException("unable to instantiate key store", e4);
        }
    }

    protected void handleUnrecoverableKeyException(Context context, Exception exc) throws RuntimeException {
        Util.getInstance().logI(TAG, "handleUnrecoverableKeyException: do nothing");
    }

    public void removeIv(Context context) {
        Util.getInstance().logI(TAG, "==========Remove IV==========");
        new AppBase64Pref().removeKey(context, AppBase64Pref.KEY_INITIAL_VALUE);
    }

    public void setContextRef(Context context) {
        this.mContextRef = new WeakReference<>(context);
    }
}
