package m5;

import android.app.ActivityManager;
import android.content.Context;
import android.content.SharedPreferences;
import android.os.Build;
import android.os.Process;
import android.preference.PreferenceManager;
import android.security.KeyPairGeneratorSpec;
import android.util.Base64;
import c9.h;
import com.google.android.gms.internal.ads.cy;
import f6.d;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.DigestException;
import java.security.GeneralSecurityException;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.Collections;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import java.util.concurrent.atomic.AtomicBoolean;
import java.util.concurrent.atomic.AtomicReference;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.Mac;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes.dex */
public final class c {

    /* renamed from: h, reason: collision with root package name */
    public static final AtomicReference f16260h = new AtomicReference("");

    /* renamed from: i, reason: collision with root package name */
    public static final AtomicBoolean f16261i = new AtomicBoolean(false);

    /* renamed from: a, reason: collision with root package name */
    public final Context f16262a;

    /* renamed from: c, reason: collision with root package name */
    public KeyPair f16264c;

    /* renamed from: d, reason: collision with root package name */
    public String f16265d;

    /* renamed from: e, reason: collision with root package name */
    public SecretKey f16266e = null;

    /* renamed from: f, reason: collision with root package name */
    public SecretKey f16267f = null;

    /* renamed from: g, reason: collision with root package name */
    public SecretKey f16268g = null;

    /* renamed from: b, reason: collision with root package name */
    public final SecureRandom f16263b = new SecureRandom();

    public c(Context context) {
        this.f16262a = context.getApplicationContext();
    }

    public static synchronized void a(Locale locale) {
        synchronized (c.class) {
            if (Build.VERSION.SDK_INT <= 23) {
                Object obj = e6.a.f14720a;
                if (e6.a.f14721b.contains(locale.getLanguage())) {
                    Locale.setDefault(Locale.ENGLISH);
                }
            }
        }
    }

    public static String c(byte[] bArr, SecretKey secretKey) {
        byte[] encoded = secretKey.getEncoded();
        SecretKey secretKeySpec = encoded != null ? new SecretKeySpec(MessageDigest.getInstance("SHA256").digest(encoded), "AES") : secretKey;
        int length = bArr.length;
        int i9 = length - 48;
        int length2 = bArr.length - 32;
        int i10 = length - 52;
        if (i9 < 0 || length2 < 0 || i10 < 0) {
            throw new IOException("Invalid byte array input for decryption.");
        }
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
        Mac mac = Mac.getInstance("HmacSHA256");
        mac.init(secretKeySpec);
        byte b10 = 0;
        mac.update(bArr, 0, length2);
        byte[] doFinal = mac.doFinal();
        p(secretKey, secretKeySpec);
        int length3 = bArr.length;
        if (doFinal.length != length3 - length2) {
            throw new IllegalArgumentException("Unexpected HMAC length");
        }
        for (int i11 = length2; i11 < length3; i11++) {
            b10 = (byte) (b10 | (doFinal[i11 - length2] ^ bArr[i11]));
        }
        if (b10 != 0) {
            throw new DigestException();
        }
        cipher.init(2, secretKey, new IvParameterSpec(bArr, i9, 16));
        return new String(cipher.doFinal(bArr, 4, i10), l5.a.f16087a);
    }

    public static byte[] f(String str) {
        char charAt = str.charAt(0);
        int i9 = charAt - 'a';
        if (i9 <= 0) {
            throw new IllegalArgumentException(cy.l("Encode version length: '", i9, "' is not valid, it must be greater of equal to 0"));
        }
        int i10 = charAt - '`';
        if (str.substring(1, i10).equals("E1")) {
            return Base64.decode(str.substring(i10), 0);
        }
        throw new IllegalArgumentException("Unsupported encode version received. Encode version supported is: 'E1'");
    }

    public static int g(String str) {
        String str2;
        try {
            str2 = new String(f(str), 0, 4, l5.a.f16087a);
        } catch (Exception unused) {
        }
        if ("U001".equalsIgnoreCase(str2)) {
            return 1;
        }
        return "A001".equalsIgnoreCase(str2) ? 2 : 3;
    }

    public static SecretKeySpec i(byte[] bArr) {
        if (bArr != null) {
            return new SecretKeySpec(bArr, "AES");
        }
        throw new IllegalArgumentException("rawBytes");
    }

    public static void m(String str, String str2, String str3, Exception exc) {
        d.a("StorageHelper".concat(str), str2 + " failed: " + str3, exc);
    }

    public static void n(String str, String str2) {
        d.g("StorageHelper".concat(str), str2.concat(" started."));
    }

    public static void o(String str, String str2, String str3) {
        d.g("StorageHelper".concat(str), str2 + " successfully finished: " + str3);
    }

    public static void p(SecretKey secretKey, SecretKey secretKey2) {
        Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
        byte[] bytes = "012345678910111213141516".getBytes();
        cipher.init(1, secretKey);
        byte[] doFinal = cipher.doFinal(bytes);
        Mac mac = Mac.getInstance("HmacSHA256");
        mac.init(secretKey2);
        String encodeToString = Base64.encodeToString(mac.doFinal(doFinal), 3);
        AtomicReference atomicReference = f16260h;
        if (((String) atomicReference.get()).equals(encodeToString)) {
            return;
        }
        atomicReference.set(encodeToString);
        if (f16261i.compareAndSet(false, true)) {
            return;
        }
        d.d("StorageHelper:logIfKeyHasChanged", "Using key with thumbprint that has changed " + encodeToString);
    }

    public final String b(String str) {
        b bVar;
        SecretKey l9;
        d.g("StorageHelper:decrypt", "Starting decryption");
        if (h.e(str)) {
            throw new IllegalArgumentException("Input is empty or null");
        }
        if (g(str) == 3) {
            d.h("StorageHelper:decrypt", "This string is not encrypted. Finished decryption.");
            return str;
        }
        Context context = this.f16262a;
        String packageName = context.getPackageName();
        ArrayList arrayList = new ArrayList();
        int g9 = g(str);
        if (g9 == 1) {
            if (k()) {
                boolean equalsIgnoreCase = "com.microsoft.windowsintune.companyportal".equalsIgnoreCase(packageName);
                b bVar2 = b.LEGACY_COMPANY_PORTAL_KEY;
                b bVar3 = b.LEGACY_AUTHENTICATOR_APP_KEY;
                if (equalsIgnoreCase || "com.microsoft.identity.testuserapp".equalsIgnoreCase(packageName)) {
                    arrayList.add(bVar2);
                    arrayList.add(bVar3);
                } else {
                    if (!"com.azure.authenticator".equalsIgnoreCase(packageName)) {
                        throw new IllegalStateException("Unexpected Broker package name.");
                    }
                    arrayList.add(bVar3);
                    arrayList.add(bVar2);
                }
            } else {
                bVar = b.ADAL_USER_DEFINED_KEY;
                arrayList.add(bVar);
            }
        } else if (g9 == 2) {
            bVar = b.KEYSTORE_ENCRYPTED_KEY;
            arrayList.add(bVar);
        }
        byte[] f9 = f(str);
        Iterator it = arrayList.iterator();
        while (it.hasNext()) {
            b bVar4 = (b) it.next();
            try {
                l9 = l(bVar4);
            } catch (IOException | GeneralSecurityException e9) {
                SharedPreferences defaultSharedPreferences = PreferenceManager.getDefaultSharedPreferences(context);
                String string = defaultSharedPreferences.getString("current_active_broker", "");
                String packageName2 = context.getPackageName();
                if (!string.equalsIgnoreCase(packageName2)) {
                    d.d("StorageHelper:emitDecryptionFailureTelemetryIfNeeded", "Decryption failed with key: " + bVar4.name() + " Active broker: " + packageName2 + " Exception: " + e9.toString());
                    defaultSharedPreferences.edit().putString("current_active_broker", packageName2).apply();
                }
            }
            if (l9 != null) {
                String c10 = c(f9, l9);
                d.g("StorageHelper:decrypt", "Finished decryption with keyType:" + bVar4.name());
                return c10;
            }
        }
        d.d("StorageHelper:decrypt", "Tried all decryption keys and decryption still fails. Throw an exception.");
        throw new GeneralSecurityException("decryption_failed");
    }

    /* JADX WARN: Code restructure failed: missing block: B:31:0x005b, code lost:
    
        if (r0 != null) goto L20;
     */
    /* JADX WARN: Removed duplicated region for block: B:13:0x0072  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public final java.lang.String d(java.lang.String r10) {
        /*
            Method dump skipped, instructions count: 294
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: m5.c.d(java.lang.String):java.lang.String");
    }

    public final synchronized SecretKey e() {
        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
        keyGenerator.init(256, this.f16263b);
        SecretKey generateKey = keyGenerator.generateKey();
        this.f16268g = generateKey;
        t(generateKey);
        d.g("StorageHelper:generateKeyStoreEncryptedKey", "key_created_v2: New key is generated.");
        return this.f16268g;
    }

    public final KeyPairGeneratorSpec h(Context context, Date date, Date date2) {
        Locale locale = Locale.ROOT;
        return new KeyPairGeneratorSpec.Builder(context).setAlias("AdalKey").setSubject(new X500Principal(android.support.v4.media.a.b("CN=AdalKey, OU=", this.f16262a.getPackageName()))).setSerialNumber(BigInteger.ONE).setStartDate(date).setEndDate(date2).build();
    }

    public final synchronized SecretKey j() {
        d.g("StorageHelper:getUnwrappedSecretKey", "Reading SecretKey");
        byte[] q = q();
        if (q == null) {
            d.g("StorageHelper:getUnwrappedSecretKey", "Key data is null");
            return null;
        }
        KeyPair r9 = r();
        this.f16264c = r9;
        if (r9 == null) {
            return null;
        }
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
        cipher.init(4, this.f16264c.getPrivate());
        try {
            SecretKey secretKey = (SecretKey) cipher.unwrap(q, "AES", 3);
            d.g("StorageHelper:getUnwrappedSecretKey", "Finished reading SecretKey");
            return secretKey;
        } catch (IllegalArgumentException e9) {
            throw new KeyStoreException(e9);
        }
    }

    public final boolean k() {
        String str;
        int myPid = Process.myPid();
        List<ActivityManager.RunningAppProcessInfo> runningAppProcesses = ((ActivityManager) this.f16262a.getApplicationContext().getSystemService("activity")).getRunningAppProcesses();
        if (runningAppProcesses != null) {
            for (ActivityManager.RunningAppProcessInfo runningAppProcessInfo : runningAppProcesses) {
                if (runningAppProcessInfo.pid == myPid) {
                    str = runningAppProcessInfo.processName;
                    break;
                }
            }
        }
        str = null;
        Iterator it = s5.b.f17728h.iterator();
        while (it.hasNext()) {
            if ((((s5.b) it.next()).f17729a + ":auth").equalsIgnoreCase(str)) {
                return true;
            }
        }
        return false;
    }

    public final SecretKey l(b bVar) {
        SecretKey secretKey;
        int ordinal = bVar.ordinal();
        if (ordinal == 0) {
            return i((byte[]) Collections.unmodifiableMap(l5.b.f16088p.f16089i).get("com.azure.authenticator"));
        }
        if (ordinal == 1) {
            return i((byte[]) Collections.unmodifiableMap(l5.b.f16088p.f16089i).get("com.microsoft.windowsintune.companyportal"));
        }
        if (ordinal == 2) {
            return i((byte[]) l5.b.f16088p.f16090j.get());
        }
        if (ordinal != 3) {
            d.g("StorageHelper:loadSecretKey", "Unknown KeyType. This code should never be reached.");
            throw new GeneralSecurityException("unknown_error");
        }
        synchronized (this) {
            secretKey = this.f16268g;
            if (secretKey == null) {
                try {
                    secretKey = j();
                    this.f16268g = secretKey;
                } catch (IOException | GeneralSecurityException e9) {
                    d.a("StorageHelper:loadKeyStoreEncryptedKey", "android_keystore_failed", e9);
                    this.f16264c = null;
                    this.f16268g = null;
                    Context context = this.f16262a;
                    File file = new File(context.getDir(context.getPackageName(), 0), "adalks");
                    if (file.exists()) {
                        d.g("StorageHelper:deleteKeyFile", "Delete KeyFile");
                        if (!file.delete()) {
                            d.g("StorageHelper:deleteKeyFile", "Delete KeyFile failed");
                        }
                    }
                    s();
                    throw e9;
                }
            }
        }
        return secretKey;
    }

    public final byte[] q() {
        Context context = this.f16262a;
        File file = new File(context.getDir(context.getPackageName(), 0), "adalks");
        if (!file.exists()) {
            return null;
        }
        d.g("StorageHelper:readKeyData", "Reading key data from a file");
        FileInputStream fileInputStream = new FileInputStream(file);
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            byte[] bArr = new byte[1024];
            while (true) {
                int read = fileInputStream.read(bArr);
                if (read == -1) {
                    byte[] byteArray = byteArrayOutputStream.toByteArray();
                    fileInputStream.close();
                    return byteArray;
                }
                byteArrayOutputStream.write(bArr, 0, read);
            }
        } catch (Throwable th) {
            fileInputStream.close();
            throw th;
        }
    }

    public final synchronized KeyPair r() {
        d.g("StorageHelper:readKeyPair", "Reading Key entry");
        try {
            n(":readKeyPair", "keychain_read_v2_start");
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            Certificate certificate = keyStore.getCertificate("AdalKey");
            Key key = keyStore.getKey("AdalKey", null);
            if (certificate != null && key != null) {
                KeyPair keyPair = new KeyPair(certificate.getPublicKey(), (PrivateKey) key);
                o(":readKeyPair", "keychain_read_v2_end", "KeyStore KeyPair is loaded.");
                return keyPair;
            }
            o(":readKeyPair", "keychain_read_v2_end", "KeyStore is empty.");
            d.g("StorageHelper:readKeyPair", "Key entry doesn't exist.");
            return null;
        } catch (IOException e9) {
            e = e9;
            m(":readKeyPair", "keychain_read_v2_end", e.toString(), e);
            throw e;
        } catch (RuntimeException e10) {
            m(":readKeyPair", "keychain_read_v2_end", e10.toString(), e10);
            throw new KeyStoreException(e10);
        } catch (GeneralSecurityException e11) {
            e = e11;
            m(":readKeyPair", "keychain_read_v2_end", e.toString(), e);
            throw e;
        }
    }

    public final synchronized void s() {
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null);
        keyStore.deleteEntry("AdalKey");
    }

    public final void t(SecretKey secretKey) {
        KeyPair generateKeyPair;
        if (this.f16264c == null) {
            synchronized (this) {
                try {
                    Locale locale = Locale.getDefault();
                    Object obj = e6.a.f14720a;
                    synchronized ((e6.a.f14721b.contains(locale.getLanguage()) ? e6.a.f14720a : new Object())) {
                        Locale locale2 = Locale.getDefault();
                        a(locale2);
                        try {
                            try {
                                n(":generateKeyPairFromAndroidKeyStore", "keychain_write_v2_start");
                                KeyStore.getInstance("AndroidKeyStore").load(null);
                                d.g("StorageHelper:generateKeyPairFromAndroidKeyStore", "Generate KeyPair from AndroidKeyStore");
                                Calendar calendar = Calendar.getInstance();
                                Calendar calendar2 = Calendar.getInstance();
                                calendar2.add(1, 100);
                                KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
                                keyPairGenerator.initialize(h(this.f16262a, calendar.getTime(), calendar2.getTime()));
                                generateKeyPair = keyPairGenerator.generateKeyPair();
                                o(":generateKeyPairFromAndroidKeyStore", "keychain_write_v2_end", "");
                            } finally {
                                Locale.setDefault(locale2);
                            }
                        } catch (IOException e9) {
                            e = e9;
                            m(":generateKeyPairFromAndroidKeyStore", "keychain_write_v2_end", e.toString(), e);
                            throw e;
                        } catch (IllegalStateException e10) {
                            m(":generateKeyPairFromAndroidKeyStore", "keychain_write_v2_end", e10.toString(), e10);
                            throw new KeyStoreException(e10);
                        } catch (GeneralSecurityException e11) {
                            e = e11;
                            m(":generateKeyPairFromAndroidKeyStore", "keychain_write_v2_end", e.toString(), e);
                            throw e;
                        }
                    }
                } catch (Throwable th) {
                    throw th;
                }
            }
            this.f16264c = generateKeyPair;
        }
        d.g("StorageHelper:wrap", "Wrap secret key.");
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
        cipher.init(3, this.f16264c.getPublic());
        byte[] wrap = cipher.wrap(secretKey);
        d.g("StorageHelper:writeKeyData", "Writing key data to a file");
        Context context = this.f16262a;
        FileOutputStream fileOutputStream = new FileOutputStream(new File(context.getDir(context.getPackageName(), 0), "adalks"));
        try {
            fileOutputStream.write(wrap);
        } finally {
            fileOutputStream.close();
        }
    }
}
