package com.oblador.keychain.g;

import android.os.Build;
import android.security.keystore.KeyGenParameterSpec;
import android.security.keystore.KeyInfo;
import android.text.TextUtils;
import android.util.Log;
import com.oblador.keychain.f;
import com.oblador.keychain.g.d;
import com.reactnativecommunity.webview.RNCWebViewManager;
import java.io.ByteArrayOutputStream;
import java.io.Closeable;
import java.io.IOException;
import java.io.OutputStream;
import java.nio.charset.Charset;
import java.security.GeneralSecurityException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.ProviderException;
import java.security.UnrecoverableKeyException;
import java.util.Collections;
import java.util.HashSet;
import java.util.Set;
import java.util.concurrent.atomic.AtomicBoolean;
import java.util.concurrent.atomic.AtomicInteger;
import javax.crypto.Cipher;
import javax.crypto.CipherOutputStream;
import javax.crypto.spec.IvParameterSpec;

/* compiled from: CipherStorageBase.java */
/* loaded from: classes.dex */
public abstract class d implements com.oblador.keychain.g.c {
    protected static final String a = "d";

    /* renamed from: b, reason: collision with root package name */
    public static final Charset f6138b = Charset.forName("UTF-8");

    /* renamed from: d, reason: collision with root package name */
    protected transient AtomicBoolean f6140d;

    /* renamed from: f, reason: collision with root package name */
    protected transient AtomicBoolean f6142f;

    /* renamed from: g, reason: collision with root package name */
    protected transient Cipher f6143g;

    /* renamed from: h, reason: collision with root package name */
    protected transient KeyStore f6144h;

    /* renamed from: c, reason: collision with root package name */
    protected final Object f6139c = new Object();

    /* renamed from: e, reason: collision with root package name */
    protected final Object f6141e = new Object();

    /* compiled from: CipherStorageBase.java */
    /* loaded from: classes.dex */
    public interface a {
    }

    /* compiled from: CipherStorageBase.java */
    /* loaded from: classes.dex */
    public interface b {
        void a(Cipher cipher, Key key, OutputStream outputStream);
    }

    /* compiled from: CipherStorageBase.java */
    /* loaded from: classes.dex */
    public static final class c {
        public static final b a = new b() { // from class: com.oblador.keychain.g.a
            @Override // com.oblador.keychain.g.d.b
            public final void a(Cipher cipher, Key key, OutputStream outputStream) {
                d.c.a(cipher, key, outputStream);
            }
        };

        /* renamed from: b, reason: collision with root package name */
        public static final a f6145b = new a() { // from class: com.oblador.keychain.g.b
        };

        /* JADX INFO: Access modifiers changed from: package-private */
        public static /* synthetic */ void a(Cipher cipher, Key key, OutputStream outputStream) {
            cipher.init(1, key);
            byte[] iv = cipher.getIV();
            outputStream.write(iv, 0, iv.length);
        }

        public static IvParameterSpec b(byte[] bArr) {
            byte[] bArr2 = new byte[16];
            if (16 >= bArr.length) {
                throw new IOException("Insufficient length of input data for IV extracting.");
            }
            System.arraycopy(bArr, 0, bArr2, 0, 16);
            return new IvParameterSpec(bArr2);
        }
    }

    /* compiled from: CipherStorageBase.java */
    /* renamed from: com.oblador.keychain.g.d$d, reason: collision with other inner class name */
    /* loaded from: classes.dex */
    public class C0175d implements Closeable {

        /* renamed from: e, reason: collision with root package name */
        public final String f6146e;

        /* renamed from: f, reason: collision with root package name */
        public final Key f6147f;

        public C0175d(d dVar, String str) {
            this(str, dVar.z(str, true));
        }

        public C0175d(String str, Key key) {
            this.f6146e = str;
            this.f6147f = key;
        }

        @Override // java.io.Closeable, java.lang.AutoCloseable
        public void close() {
            try {
                d.this.h(this.f6146e);
            } catch (com.oblador.keychain.i.c e2) {
                Log.w(d.a, "AutoClose remove key failed. Error: " + e2.getMessage(), e2);
            }
        }
    }

    public static String q(String str, String str2) {
        return TextUtils.isEmpty(str) ? str2 : str;
    }

    protected Key A(String str) {
        return B(str, false);
    }

    protected Key B(String str, boolean z) {
        int i2 = Build.VERSION.SDK_INT;
        if (i2 >= 28) {
            return n(t(str, z).setIsStrongBoxBacked(true).build());
        }
        throw new com.oblador.keychain.i.c("Strong box security keystore is not supported for old API" + i2 + ".");
    }

    protected boolean C(f fVar, Key key) {
        return w(key).c(fVar);
    }

    @Override // com.oblador.keychain.g.c
    public f a() {
        return f.SECURE_HARDWARE;
    }

    @Override // com.oblador.keychain.g.c
    public final int d() {
        return ((g() ? 1 : 0) * RNCWebViewManager.COMMAND_CLEAR_FORM_DATA) + e();
    }

    @Override // com.oblador.keychain.g.c
    public Set<String> f() {
        KeyStore v = v();
        try {
            return new HashSet(Collections.list(v.aliases()));
        } catch (KeyStoreException e2) {
            throw new com.oblador.keychain.i.c("Error accessing aliases in keystore " + v, e2);
        }
    }

    @Override // com.oblador.keychain.g.c
    public void h(String str) {
        String q = q(str, r());
        KeyStore v = v();
        try {
            if (v.containsAlias(q)) {
                v.deleteEntry(q);
            }
        } catch (GeneralSecurityException unused) {
        }
    }

    @Override // com.oblador.keychain.g.c
    public boolean j() {
        AtomicBoolean atomicBoolean = this.f6140d;
        if (atomicBoolean != null) {
            return atomicBoolean.get();
        }
        synchronized (this.f6139c) {
            AtomicBoolean atomicBoolean2 = this.f6140d;
            if (atomicBoolean2 != null) {
                return atomicBoolean2.get();
            }
            this.f6140d = new AtomicBoolean(false);
            C0175d c0175d = null;
            try {
                C0175d c0175d2 = new C0175d(this, "AndroidKeyStore#supportsSecureHardware");
                try {
                    this.f6140d.set(C(f.SECURE_HARDWARE, c0175d2.f6147f));
                    c0175d2.close();
                } catch (Throwable unused) {
                    c0175d = c0175d2;
                    if (c0175d != null) {
                        c0175d.close();
                    }
                    return this.f6140d.get();
                }
            } catch (Throwable unused2) {
            }
            return this.f6140d.get();
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public byte[] k(Key key, String str, b bVar) {
        Cipher p = p();
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            if (bVar != null) {
                try {
                    bVar.a(p, key, byteArrayOutputStream);
                    byteArrayOutputStream.flush();
                } finally {
                }
            }
            CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, p);
            try {
                cipherOutputStream.write(str.getBytes(f6138b));
                cipherOutputStream.close();
                byte[] byteArray = byteArrayOutputStream.toByteArray();
                byteArrayOutputStream.close();
                return byteArray;
            } finally {
            }
        } catch (Throwable th) {
            Log.e(a, th.getMessage(), th);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Key l(String str, f fVar, AtomicInteger atomicInteger) {
        Key m;
        do {
            KeyStore v = v();
            if (!v.containsAlias(str)) {
                o(str, fVar);
            }
            m = m(v, str, atomicInteger);
        } while (m == null);
        return m;
    }

    protected Key m(KeyStore keyStore, String str, AtomicInteger atomicInteger) {
        try {
            Key key = keyStore.getKey(str, null);
            if (key != null) {
                return key;
            }
            throw new com.oblador.keychain.i.c("Empty key extracted!");
        } catch (UnrecoverableKeyException e2) {
            if (atomicInteger.getAndDecrement() <= 0) {
                throw e2;
            }
            keyStore.deleteEntry(str);
            return null;
        }
    }

    protected abstract Key n(KeyGenParameterSpec keyGenParameterSpec);

    public void o(String str, f fVar) {
        Key key;
        synchronized (this.f6141e) {
            AtomicBoolean atomicBoolean = this.f6142f;
            key = null;
            if (atomicBoolean == null || atomicBoolean.get()) {
                if (this.f6142f == null) {
                    this.f6142f = new AtomicBoolean(false);
                }
                try {
                    key = A(str);
                    this.f6142f.set(true);
                } catch (GeneralSecurityException | ProviderException e2) {
                    Log.w(a, "StrongBox security storage is not available.", e2);
                }
            }
        }
        if (key == null || !this.f6142f.get()) {
            try {
                key = y(str);
            } catch (GeneralSecurityException e3) {
                Log.e(a, "Regular security storage is not available.", e3);
                throw e3;
            }
        }
        if (!C(fVar, key)) {
            throw new com.oblador.keychain.i.a("Cannot generate keys with required security guarantees");
        }
    }

    public Cipher p() {
        if (this.f6143g == null) {
            synchronized (this) {
                if (this.f6143g == null) {
                    this.f6143g = Cipher.getInstance(s());
                }
            }
        }
        return this.f6143g;
    }

    public String r() {
        return b();
    }

    protected abstract String s();

    protected abstract KeyGenParameterSpec.Builder t(String str, boolean z);

    protected abstract KeyInfo u(Key key);

    public KeyStore v() {
        if (this.f6144h == null) {
            synchronized (this) {
                if (this.f6144h == null) {
                    try {
                        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
                        keyStore.load(null);
                        this.f6144h = keyStore;
                    } catch (Throwable th) {
                        throw new com.oblador.keychain.i.c("Could not access Keystore", th);
                    }
                }
            }
        }
        return this.f6144h;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public f w(Key key) {
        return (Build.VERSION.SDK_INT < 23 || !u(key).isInsideSecureHardware()) ? f.SECURE_SOFTWARE : f.SECURE_HARDWARE;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void x(f fVar) {
        if (!a().c(fVar)) {
            throw new com.oblador.keychain.i.a(String.format("Insufficient security level (wants %s; got %s)", fVar, a()));
        }
    }

    protected Key y(String str) {
        return z(str, false);
    }

    protected Key z(String str, boolean z) {
        int i2 = Build.VERSION.SDK_INT;
        if (i2 >= 23) {
            return n(t(str, z).build());
        }
        throw new com.oblador.keychain.i.c("Regular security keystore is not supported for old API" + i2 + ".");
    }
}
