package com.zalora.security;

import android.annotation.SuppressLint;
import android.content.Context;
import android.content.SharedPreferences;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import com.adjust.sdk.Constants;
import com.zalora.security.ZaloraSecurityResources;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.InvalidKeySpecException;
import java.util.Arrays;
import java.util.GregorianCalendar;
import java.util.concurrent.locks.ReentrantReadWriteLock;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.security.auth.x500.X500Principal;
import k4.d;
import kotlin.Metadata;
import kotlin.jvm.internal.h;
import kotlin.jvm.internal.i0;
import kotlin.jvm.internal.n;
import pt.rocket.features.deeplink.args.StaticScreenArgs;

@Metadata(bv = {1, 0, 3}, d1 = {"\u0000H\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u000b\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u0012\n\u0000\n\u0002\u0010\u000e\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0004\n\u0002\u0018\u0002\n\u0002\b\u0006\n\u0002\u0018\u0002\n\u0002\b\u0004\n\u0002\u0018\u0002\n\u0002\b\u0006\u0018\u0000 #2\u00020\u0001:\u0001#B\u001b\u0012\u0006\u0010\u001f\u001a\u00020\u001e\u0012\n\b\u0002\u0010\u001a\u001a\u0004\u0018\u00010\u0019¢\u0006\u0004\b!\u0010\"J\b\u0010\u0003\u001a\u00020\u0002H\u0003J\u0014\u0010\u0006\u001a\u00020\u00052\n\b\u0002\u0010\u0004\u001a\u0004\u0018\u00010\u0002H\u0003J\u0018\u0010\f\u001a\u00020\u000b2\u0006\u0010\b\u001a\u00020\u00072\u0006\u0010\n\u001a\u00020\tH\u0003J\u001c\u0010\u0010\u001a\u0004\u0018\u00010\t2\u0006\u0010\u000e\u001a\u00020\r2\b\u0010\u000f\u001a\u0004\u0018\u00010\u000bH\u0003J\u0012\u0010\u0013\u001a\u00020\u00122\b\u0010\u0011\u001a\u0004\u0018\u00010\u0002H\u0003J\b\u0010\u0014\u001a\u00020\u0005H\u0007J\u0012\u0010\u0016\u001a\u00020\u00122\b\u0010\u0015\u001a\u0004\u0018\u00010\u000bH\u0007J\u001a\u0010\u0017\u001a\u00020\u00052\u0006\u0010\u0015\u001a\u00020\u000b2\b\u0010\n\u001a\u0004\u0018\u00010\u000bH\u0007J\u0012\u0010\u0018\u001a\u0004\u0018\u00010\u000b2\u0006\u0010\u0015\u001a\u00020\u000bH\u0007J\u0014\u0010\f\u001a\u0004\u0018\u00010\u000b2\b\u0010\n\u001a\u0004\u0018\u00010\u000bH\u0007J\u0014\u0010\u0010\u001a\u0004\u0018\u00010\u000b2\b\u0010\u000f\u001a\u0004\u0018\u00010\u000bH\u0007R\u0018\u0010\u001a\u001a\u0004\u0018\u00010\u00198\u0002@\u0002X\u0082\u0004¢\u0006\u0006\n\u0004\b\u001a\u0010\u001bR\u0016\u0010\u001c\u001a\u00020\u000b8\u0002@\u0002X\u0082\u0004¢\u0006\u0006\n\u0004\b\u001c\u0010\u001dR\u0016\u0010\u001f\u001a\u00020\u001e8\u0002@\u0002X\u0082\u0004¢\u0006\u0006\n\u0004\b\u001f\u0010 ¨\u0006$"}, d2 = {"Lcom/zalora/security/ZaloraSecurityHelper;", "", "Ljava/security/KeyStore;", "loadKeyStore", "ks", "", "isKeyCertificateExists", "Ljava/security/PublicKey;", "encryptionKey", "", "data", "", "encrypt", "Ljava/security/PrivateKey;", "decryptionKey", "encryptedData", "decrypt", "keyStore", "Lp3/u;", "deleteEntry", "init", StaticScreenArgs.PATH_PARAM_KEY, "removeKeyFromPreferences", "setEncryptedDataToPreferences", "getDecryptedDataFromPreferences", "Landroid/content/SharedPreferences;", "preferences", "Landroid/content/SharedPreferences;", "alias", "Ljava/lang/String;", "Landroid/content/Context;", "context", "Landroid/content/Context;", "<init>", "(Landroid/content/Context;Landroid/content/SharedPreferences;)V", "Companion", "security_release"}, k = 1, mv = {1, 5, 1})
/* loaded from: classes4.dex */
public final class ZaloraSecurityHelper {
    private static final ReentrantReadWriteLock lock;
    private static final ReentrantReadWriteLock.ReadLock readLock;
    private static final ReentrantReadWriteLock.WriteLock writeLock;
    private final String alias;
    private final Context context;
    private final SharedPreferences preferences;

    static {
        ReentrantReadWriteLock reentrantReadWriteLock = new ReentrantReadWriteLock();
        lock = reentrantReadWriteLock;
        readLock = reentrantReadWriteLock.readLock();
        writeLock = reentrantReadWriteLock.writeLock();
    }

    public ZaloraSecurityHelper(Context context, SharedPreferences sharedPreferences) {
        n.f(context, "context");
        this.context = context;
        this.preferences = sharedPreferences;
        String packageName = context.getPackageName();
        n.e(packageName, "context.packageName");
        this.alias = packageName;
    }

    public /* synthetic */ ZaloraSecurityHelper(Context context, SharedPreferences sharedPreferences, int i10, h hVar) {
        this(context, (i10 & 2) != 0 ? null : sharedPreferences);
    }

    private final byte[] decrypt(PrivateKey decryptionKey, String encryptedData) {
        if (encryptedData == null) {
            return null;
        }
        byte[] decode = Base64.decode(encryptedData, 0);
        Cipher cipher = Cipher.getInstance(ZaloraSecurityResources.INSTANCE.getRSAPadding());
        cipher.init(2, decryptionKey);
        return cipher.doFinal(decode);
    }

    private final void deleteEntry(KeyStore keyStore) {
        if (keyStore != null) {
            try {
                keyStore.deleteEntry(this.alias);
            } catch (Exception unused) {
            }
        }
    }

    @SuppressLint({"TrulyRandom"})
    private final String encrypt(PublicKey encryptionKey, byte[] data) {
        Cipher cipher = Cipher.getInstance(ZaloraSecurityResources.INSTANCE.getRSAPadding());
        cipher.init(1, encryptionKey);
        String encodeToString = Base64.encodeToString(cipher.doFinal(data), 0);
        n.e(encodeToString, "encodeToString(encrypted, Base64.DEFAULT)");
        return encodeToString;
    }

    private final boolean isKeyCertificateExists(KeyStore ks) {
        KeyStore loadKeyStore;
        ReentrantReadWriteLock.ReadLock readLock2 = readLock;
        readLock2.tryLock();
        boolean z10 = false;
        boolean z11 = true;
        if (ks == null) {
            try {
                try {
                    loadKeyStore = loadKeyStore();
                } catch (Exception e10) {
                    if (!(e10 instanceof KeyStoreException ? true : e10 instanceof IOException ? true : e10 instanceof NoSuchAlgorithmException)) {
                        z11 = e10 instanceof UnrecoverableKeyException;
                    }
                    if (z11) {
                        deleteEntry(ks);
                    }
                    readLock.unlock();
                    return false;
                }
            } catch (Throwable th) {
                readLock.unlock();
                throw th;
            }
        } else {
            loadKeyStore = ks;
        }
        Key key = loadKeyStore.getKey(this.alias, null);
        if ((key instanceof PrivateKey ? (PrivateKey) key : null) != null && loadKeyStore.getCertificate(this.alias) != null) {
            if (loadKeyStore.getCertificate(this.alias).getPublicKey() != null) {
                z10 = true;
            }
        }
        readLock2.unlock();
        return z10;
    }

    static /* synthetic */ boolean isKeyCertificateExists$default(ZaloraSecurityHelper zaloraSecurityHelper, KeyStore keyStore, int i10, Object obj) {
        if ((i10 & 1) != 0) {
            keyStore = null;
        }
        return zaloraSecurityHelper.isKeyCertificateExists(keyStore);
    }

    @SuppressLint({"NewApi", "TrulyRandom"})
    private final KeyStore loadKeyStore() {
        ReentrantReadWriteLock.ReadLock readLock2 = readLock;
        readLock2.tryLock();
        try {
            try {
                KeyStore keyStore = KeyStore.getInstance(ZaloraSecurityResources.INSTANCE.getAndroidKeyStoreProvider());
                keyStore.load(null);
                n.e(keyStore, "getInstance(ZaloraSecurityResources.getAndroidKeyStoreProvider()).also {\n                it.load(null)\n            }");
                readLock2.unlock();
                return keyStore;
            } catch (Exception e10) {
                throw e10;
            }
        } catch (Throwable th) {
            readLock.unlock();
            throw th;
        }
    }

    public final String decrypt(String encryptedData) {
        byte[] decrypt;
        if (encryptedData == null) {
            return null;
        }
        try {
            Key key = loadKeyStore().getKey(this.alias, null);
            PrivateKey privateKey = key instanceof PrivateKey ? (PrivateKey) key : null;
            if (privateKey == null || (decrypt = decrypt(privateKey, encryptedData)) == null) {
                return null;
            }
            return new String(decrypt, d.f11487a);
        } catch (Exception unused) {
            return null;
        }
    }

    @SuppressLint({"TrulyRandom"})
    public final String encrypt(String data) {
        if (data == null) {
            return null;
        }
        try {
            KeyStore loadKeyStore = loadKeyStore();
            if (loadKeyStore.getCertificate(this.alias) == null) {
                return null;
            }
            PublicKey publicKey = loadKeyStore.getCertificate(this.alias).getPublicKey();
            n.e(publicKey, "ks.getCertificate(alias).publicKey");
            byte[] bytes = data.getBytes(d.f11487a);
            n.e(bytes, "(this as java.lang.String).getBytes(charset)");
            return encrypt(publicKey, bytes);
        } catch (Exception unused) {
            return null;
        }
    }

    public final String getDecryptedDataFromPreferences(String key) {
        KeyStore keyStore;
        String string;
        byte[] decrypt;
        n.f(key, "key");
        if (this.preferences == null) {
            return null;
        }
        try {
            keyStore = loadKeyStore();
        } catch (Exception e10) {
            e = e10;
            keyStore = null;
        }
        try {
            Key key2 = keyStore.getKey(this.alias, null);
            PrivateKey privateKey = key2 instanceof PrivateKey ? (PrivateKey) key2 : null;
            if (privateKey == null || (string = this.preferences.getString(key, null)) == null || (decrypt = decrypt(privateKey, string)) == null) {
                return null;
            }
            return new String(decrypt, d.f11487a);
        } catch (Exception e11) {
            e = e11;
            if (e instanceof NoSuchAlgorithmException ? true : e instanceof InvalidKeyException ? true : e instanceof NoSuchPaddingException ? true : e instanceof IllegalBlockSizeException ? true : e instanceof BadPaddingException ? true : e instanceof KeyStoreException ? true : e instanceof NoSuchProviderException ? true : e instanceof InvalidKeySpecException ? true : e instanceof CertificateException) {
                deleteEntry(keyStore);
            }
            return null;
        }
    }

    public final synchronized boolean init() {
        AlgorithmParameterSpec build;
        KeyStore loadKeyStore = loadKeyStore();
        if (isKeyCertificateExists(loadKeyStore)) {
            return true;
        }
        if (Build.VERSION.SDK_INT < 23) {
            GregorianCalendar gregorianCalendar = new GregorianCalendar();
            GregorianCalendar gregorianCalendar2 = new GregorianCalendar();
            gregorianCalendar2.add(1, 10);
            KeyPairGeneratorSpec.Builder alias = new KeyPairGeneratorSpec.Builder(this.context).setAlias(this.alias);
            i0 i0Var = i0.f11613a;
            ZaloraSecurityResources.Companion companion = ZaloraSecurityResources.INSTANCE;
            String format = String.format(companion.getSubjectSelfSignedCertificateGeneratedPair(), Arrays.copyOf(new Object[]{this.alias}, 1));
            n.e(format, "java.lang.String.format(format, *args)");
            build = alias.setSubject(new X500Principal(format)).setSerialNumber(BigInteger.valueOf(companion.getSelfSignedCertificateGeneratedPair())).setStartDate(gregorianCalendar.getTime()).setEndDate(gregorianCalendar2.getTime()).build();
            n.e(build, "Builder(context)\n                // Alias - is a key for your KeyPair, to obtain it from Keystore in future.\n                .setAlias(alias)\n                // The subject used for the self-signed certificate of the generated pair\n                .setSubject(X500Principal(String.format(ZaloraSecurityResources.getSubjectSelfSignedCertificateGeneratedPair(), alias)))\n                // The serial number used for the self-signed certificate of the generated pair.\n                .setSerialNumber(BigInteger.valueOf(ZaloraSecurityResources.getSelfSignedCertificateGeneratedPair()))\n                // Date range of validity for the generated pair.\n                .setStartDate(start.time).setEndDate(end.time)\n                .build()");
        } else {
            build = new KeyGenParameterSpec.Builder(this.alias, 2).setDigests(Constants.SHA256, "SHA-512").setEncryptionPaddings("PKCS1Padding").build();
            n.e(build, "Builder(alias, KeyProperties.PURPOSE_DECRYPT)\n                .setDigests(KeyProperties.DIGEST_SHA256, KeyProperties.DIGEST_SHA512)\n                .setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_RSA_PKCS1)\n                .build()");
        }
        ReentrantReadWriteLock.WriteLock writeLock2 = writeLock;
        writeLock2.tryLock();
        try {
            try {
                ZaloraSecurityResources.Companion companion2 = ZaloraSecurityResources.INSTANCE;
                KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(companion2.getAlgorithm(), companion2.getAndroidKeyStoreProvider());
                n.e(keyPairGenerator, "getInstance(ZaloraSecurityResources.getAlgorithm(), ZaloraSecurityResources.getAndroidKeyStoreProvider())");
                keyPairGenerator.initialize(build);
                keyPairGenerator.generateKeyPair();
                writeLock2.unlock();
            } catch (Exception e10) {
                if (e10 instanceof NoSuchAlgorithmException ? true : e10 instanceof InvalidAlgorithmParameterException ? true : e10 instanceof NoSuchProviderException) {
                    deleteEntry(loadKeyStore);
                }
                writeLock.unlock();
            }
            return true;
        } catch (Throwable th) {
            writeLock.unlock();
            throw th;
        }
    }

    public final void removeKeyFromPreferences(String str) {
        SharedPreferences sharedPreferences;
        SharedPreferences.Editor edit;
        if (str == null || (sharedPreferences = this.preferences) == null || (edit = sharedPreferences.edit()) == null) {
            return;
        }
        edit.remove(str);
        edit.apply();
    }

    public final boolean setEncryptedDataToPreferences(String key, String data) {
        n.f(key, "key");
        if (this.preferences == null || data == null) {
            return false;
        }
        KeyStore keyStore = null;
        try {
            keyStore = loadKeyStore();
            if (keyStore.getCertificate(this.alias) == null) {
                return false;
            }
            PublicKey publicKey = keyStore.getCertificate(this.alias).getPublicKey();
            n.e(publicKey, "ks.getCertificate(alias).publicKey");
            byte[] bytes = data.getBytes(d.f11487a);
            n.e(bytes, "(this as java.lang.String).getBytes(charset)");
            String encrypt = encrypt(publicKey, bytes);
            SharedPreferences.Editor edit = this.preferences.edit();
            if (edit == null) {
                return false;
            }
            edit.putString(key, encrypt);
            edit.apply();
            return true;
        } catch (Exception e10) {
            if (e10 instanceof NoSuchAlgorithmException ? true : e10 instanceof InvalidKeyException ? true : e10 instanceof NoSuchPaddingException ? true : e10 instanceof IllegalBlockSizeException ? true : e10 instanceof BadPaddingException ? true : e10 instanceof KeyStoreException ? true : e10 instanceof NoSuchProviderException ? true : e10 instanceof InvalidKeySpecException ? true : e10 instanceof CertificateException) {
                deleteEntry(keyStore);
            }
            return false;
        }
    }
}
