package e.g.a.a;

import android.annotation.TargetApi;
import android.content.Context;
import android.security.KeyPairGeneratorSpec;
import android.util.Base64;
import com.huawei.anyoffice.sdk.login.EncryptAESUtil;
import com.huawei.cbg.phoenix.encrypt.aes.PhxAESKeystore;
import com.microsoft.aad.adal.ADALError;
import com.microsoft.aad.adal.AuthenticationSettings;
import com.microsoft.aad.adal.Logger;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SecureRandom;
import java.security.UnrecoverableEntryException;
import java.security.cert.CertificateException;
import java.security.spec.InvalidKeySpecException;
import java.util.Calendar;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.Mac;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;

/* compiled from: StorageHelper.java */
/* loaded from: classes2.dex */
public class c0 {

    /* renamed from: d, reason: collision with root package name */
    public static final Object f8264d = new Object();

    /* renamed from: e, reason: collision with root package name */
    public static String f8265e;

    /* renamed from: f, reason: collision with root package name */
    public static SecretKey f8266f;

    /* renamed from: g, reason: collision with root package name */
    public static SecretKey f8267g;

    /* renamed from: h, reason: collision with root package name */
    public static SecretKey f8268h;
    public final SecureRandom a = new SecureRandom();

    /* renamed from: b, reason: collision with root package name */
    public KeyPair f8269b;

    /* renamed from: c, reason: collision with root package name */
    public Context f8270c;

    public c0(Context context) throws NoSuchAlgorithmException, NoSuchPaddingException {
        this.f8270c = context;
    }

    public String a(String str) throws NoSuchAlgorithmException, InvalidKeySpecException, InvalidKeyException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException, IOException, NoSuchPaddingException {
        Logger.a("StorageHelper", "Starting encryption");
        if (e.f.l.a.a.c.h.d.a(str)) {
            throw new IllegalArgumentException("Input is empty or null");
        }
        if (f8266f == null || f8267g == null) {
            synchronized (f8264d) {
                if (AuthenticationSettings.INSTANCE.getSecretKeyData() == null) {
                    try {
                        SecretKey c2 = c();
                        f8266f = c2;
                        f8267g = b(c2);
                        f8265e = "A001";
                    } catch (Exception e2) {
                        Logger.c("StorageHelper", "Failed to get private key from AndroidKeyStore", "", ADALError.ANDROIDKEYSTORE_FAILED, e2);
                    }
                }
                Logger.e("StorageHelper", "Encryption will use secret key from Settings");
                byte[] secretKeyData = AuthenticationSettings.INSTANCE.getSecretKeyData();
                if (secretKeyData == null) {
                    throw new IllegalArgumentException("rawBytes");
                }
                SecretKeySpec secretKeySpec = new SecretKeySpec(secretKeyData, "AES");
                f8266f = secretKeySpec;
                f8267g = b(secretKeySpec);
                f8265e = "U001";
            }
        }
        StringBuilder J = e.a.a.a.a.J("Encrypt version:");
        J.append(f8265e);
        Logger.e("StorageHelper", J.toString());
        byte[] bytes = f8265e.getBytes("UTF_8");
        byte[] bytes2 = str.getBytes("UTF_8");
        byte[] bArr = new byte[16];
        this.a.nextBytes(bArr);
        IvParameterSpec ivParameterSpec = new IvParameterSpec(bArr);
        Cipher cipher = Cipher.getInstance(EncryptAESUtil.TRANSFORMATION);
        Mac mac = Mac.getInstance("HmacSHA256");
        cipher.init(1, f8266f, ivParameterSpec);
        byte[] doFinal = cipher.doFinal(bytes2);
        mac.init(f8267g);
        mac.update(bytes);
        mac.update(doFinal);
        mac.update(bArr);
        byte[] doFinal2 = mac.doFinal();
        byte[] bArr2 = new byte[bytes.length + doFinal.length + 16 + doFinal2.length];
        System.arraycopy(bytes, 0, bArr2, 0, bytes.length);
        System.arraycopy(doFinal, 0, bArr2, bytes.length, doFinal.length);
        System.arraycopy(bArr, 0, bArr2, bytes.length + doFinal.length, 16);
        System.arraycopy(doFinal2, 0, bArr2, bytes.length + doFinal.length + 16, doFinal2.length);
        String str2 = new String(Base64.encode(bArr2, 2), "UTF_8");
        Logger.a("StorageHelper", "Finished encryption");
        return ((char) 99) + "E1" + str2;
    }

    public final SecretKey b(SecretKey secretKey) throws NoSuchAlgorithmException {
        byte[] encoded = secretKey.getEncoded();
        return encoded != null ? new SecretKeySpec(MessageDigest.getInstance("SHA256").digest(encoded), "AES") : secretKey;
    }

    @TargetApi(18)
    public final synchronized SecretKey c() throws IOException, GeneralSecurityException {
        if (f8268h != null) {
            return f8268h;
        }
        File file = new File(this.f8270c.getDir(this.f8270c.getPackageName(), 0), "adalks");
        d();
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
        if (!file.exists()) {
            Logger.e("StorageHelper", "Key file does not exists");
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
            keyGenerator.init(256, this.a);
            SecretKey generateKey = keyGenerator.generateKey();
            Logger.e("StorageHelper", "Wrapping SecretKey");
            cipher.init(3, this.f8269b.getPublic());
            byte[] wrap = cipher.wrap(generateKey);
            Logger.e("StorageHelper", "Writing SecretKey");
            Logger.a("StorageHelper", "Writing key data to a file");
            FileOutputStream fileOutputStream = new FileOutputStream(file);
            try {
                fileOutputStream.write(wrap);
                fileOutputStream.close();
                Logger.e("StorageHelper", "Finished writing SecretKey");
            } catch (Throwable th) {
                fileOutputStream.close();
                throw th;
            }
        }
        Logger.e("StorageHelper", "Reading SecretKey");
        Logger.a("StorageHelper", "Reading key data from a file");
        FileInputStream fileInputStream = new FileInputStream(file);
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            byte[] bArr = new byte[1024];
            while (true) {
                int read = fileInputStream.read(bArr);
                if (read == -1) {
                    byte[] byteArray = byteArrayOutputStream.toByteArray();
                    fileInputStream.close();
                    cipher.init(4, this.f8269b.getPrivate());
                    f8268h = (SecretKey) cipher.unwrap(byteArray, "AES", 3);
                    Logger.e("StorageHelper", "Finished reading SecretKey");
                    return f8268h;
                }
                byteArrayOutputStream.write(bArr, 0, read);
            }
        } catch (Throwable th2) {
            fileInputStream.close();
            throw th2;
        }
    }

    public final void d() throws NoSuchAlgorithmException, NoSuchPaddingException, KeyStoreException, CertificateException, IOException, NoSuchProviderException, InvalidAlgorithmParameterException, UnrecoverableEntryException {
        KeyPair keyPair;
        if (this.f8269b == null) {
            synchronized (this) {
                KeyStore keyStore = KeyStore.getInstance(PhxAESKeystore.KEY_STORE_PROVIDER);
                keyStore.load(null);
                if (keyStore.containsAlias("AdalKey")) {
                    Logger.e("StorageHelper", "Key entry is available");
                } else {
                    Logger.e("StorageHelper", "Key entry is not available");
                    Calendar calendar = Calendar.getInstance();
                    Calendar calendar2 = Calendar.getInstance();
                    calendar2.add(1, 100);
                    String format = String.format("CN=%s, OU=%s", "AdalKey", this.f8270c.getPackageName());
                    KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(this.f8270c).setAlias("AdalKey").setSubject(new X500Principal(format)).setSerialNumber(BigInteger.ONE).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build();
                    KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", PhxAESKeystore.KEY_STORE_PROVIDER);
                    keyPairGenerator.initialize(build);
                    keyPairGenerator.generateKeyPair();
                    Logger.e("StorageHelper", "Key entry is generated for cert " + format);
                }
                Logger.e("StorageHelper", "Reading Key entry");
                KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry("AdalKey", null);
                keyPair = new KeyPair(privateKeyEntry.getCertificate().getPublicKey(), privateKeyEntry.getPrivateKey());
            }
            this.f8269b = keyPair;
        }
    }
}
