package hos.houns.securestorage;

import android.annotation.TargetApi;
import android.content.Context;
import android.security.keystore.KeyGenParameterSpec;
import com.google.android.gms.common.ConnectionResult;
import com.google.gson.internal.QSf.FTsdGRQtbQ;
import hos.houns.securestorage.BaseCipherStorage;
import hos.houns.securestorage.utils.GsonParser;
import hos.houns.securestorage.utils.SecureStorageSerializer;
import i.DD.dOObbcTeJOfiZS;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.nio.charset.Charset;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.UnrecoverableKeyException;
import java.security.spec.AlgorithmParameterSpec;
import java.util.concurrent.atomic.AtomicReference;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.GCMParameterSpec;
import m.l;
import o.a;
import o.c;

@TargetApi(ConnectionResult.API_DISABLED)
/* loaded from: classes3.dex */
public final class CipherStorageAndroidKeystore extends BaseCipherStorage {
    public static final Companion Companion = new Companion(null);
    private static final Charset DEFAULT_CHARSET = Charset.forName("UTF-8");
    private static final String ENCRYPTION_ALGORITHM = "AES";
    private static final String ENCRYPTION_BLOCK_MODE = "GCM";
    private static final int ENCRYPTION_KEY_SIZE = 256;
    private static final String ENCRYPTION_PADDING = "NoPadding";
    private static final String ENCRYPTION_TRANSFORMATION = "AES/GCM/NoPadding";
    private static final int GCM_IV_LENGTH = 12;
    private static final int GCM_TAG_LENGTH = 16;

    /* loaded from: classes3.dex */
    public static final class Companion {
        private Companion() {
        }

        public /* synthetic */ Companion(a aVar) {
            this();
        }

        /* JADX INFO: Access modifiers changed from: private */
        public final <T> T decryptBytes(String str, Key key, byte[] bArr, Storage storage) {
            try {
                Cipher cipher = Cipher.getInstance(CipherStorageAndroidKeystore.ENCRYPTION_TRANSFORMATION);
                ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
                cipher.init(2, key, readIvFromStream(byteArrayInputStream));
                CipherInputStream cipherInputStream = new CipherInputStream(byteArrayInputStream, cipher);
                ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                byte[] bArr2 = new byte[1024];
                while (true) {
                    int read = cipherInputStream.read(bArr2, 0, 1024);
                    if (read <= 0) {
                        break;
                    }
                    byteArrayOutputStream.write(bArr2, 0, read);
                }
                SecureStorage secureStorage = SecureStorage.INSTANCE;
                GsonParser gsonParser$app_debug = secureStorage.getGsonParser$app_debug();
                byte[] byteArray = byteArrayOutputStream.toByteArray();
                c.a(byteArray, FTsdGRQtbQ.BeuGa);
                Charset charset = CipherStorageAndroidKeystore.DEFAULT_CHARSET;
                c.a(charset, "DEFAULT_CHARSET");
                String str2 = new String(byteArray, charset);
                SecureStorageSerializer secureStorageSerializer$app_debug = secureStorage.getSecureStorageSerializer$app_debug();
                String string = storage.getString(BaseCipherStorage.Companion.makeTypeTagForAlias(str));
                if (string == null) {
                    c.k();
                }
                return (T) gsonParser$app_debug.fromJson(str2, secureStorageSerializer$app_debug.getClassType(string));
            } catch (IOException e2) {
                throw new CryptoFailedException("Could not decrypt bytes", e2);
            } catch (InvalidAlgorithmParameterException e3) {
                throw new CryptoFailedException("Could not decrypt bytes", e3);
            } catch (InvalidKeyException e4) {
                throw new CryptoFailedException("Could not decrypt bytes", e4);
            } catch (NoSuchAlgorithmException e5) {
                throw new CryptoFailedException("Could not decrypt bytes", e5);
            } catch (BadPaddingException e6) {
                throw new CryptoFailedException("Could not access Keystore", e6);
            } catch (NoSuchPaddingException e7) {
                throw new CryptoFailedException("Could not decrypt bytes", e7);
            }
        }

        /* JADX INFO: Access modifiers changed from: private */
        public final <T> byte[] encryptString(Key key, T t) {
            try {
                Cipher cipher = Cipher.getInstance(CipherStorageAndroidKeystore.ENCRYPTION_TRANSFORMATION);
                cipher.init(1, key);
                ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                c.a(cipher, "cipher");
                AtomicReference atomicReference = new AtomicReference(cipher.getIV());
                byteArrayOutputStream.write((byte[]) atomicReference.get(), 0, ((byte[]) atomicReference.get()).length);
                CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, cipher);
                String json = SecureStorage.INSTANCE.getGsonParser$app_debug().toJson(t);
                Charset charset = CipherStorageAndroidKeystore.DEFAULT_CHARSET;
                c.a(charset, "DEFAULT_CHARSET");
                if (json == null) {
                    throw new l(dOObbcTeJOfiZS.Vem);
                }
                byte[] bytes = json.getBytes(charset);
                c.a(bytes, "(this as java.lang.String).getBytes(charset)");
                cipherOutputStream.write(bytes);
                cipherOutputStream.close();
                byte[] byteArray = byteArrayOutputStream.toByteArray();
                c.a(byteArray, "outputStream.toByteArray()");
                return byteArray;
            } catch (IOException e2) {
                throw new CryptoFailedException("Could not encrypt value", e2);
            } catch (InvalidKeyException e3) {
                throw new CryptoFailedException("Could not encrypt value", e3);
            } catch (NoSuchAlgorithmException e4) {
                throw new CryptoFailedException("Could not encrypt value", e4);
            } catch (BadPaddingException e5) {
                throw new CryptoFailedException("Could not access Keystore", e5);
            } catch (NoSuchPaddingException e6) {
                throw new CryptoFailedException("Could not encrypt value", e6);
            }
        }

        /* JADX INFO: Access modifiers changed from: private */
        public final AlgorithmParameterSpec generateParameterSpec(String str) {
            KeyGenParameterSpec build = new KeyGenParameterSpec.Builder(str, 3).setBlockModes("GCM").setEncryptionPaddings(CipherStorageAndroidKeystore.ENCRYPTION_PADDING).setRandomizedEncryptionRequired(true).setKeySize(CipherStorageAndroidKeystore.ENCRYPTION_KEY_SIZE).build();
            c.a(build, "KeyGenParameterSpec.Buil…\n                .build()");
            return build;
        }

        private final GCMParameterSpec readIvFromStream(ByteArrayInputStream byteArrayInputStream) {
            byte[] bArr = new byte[CipherStorageAndroidKeystore.GCM_IV_LENGTH];
            byteArrayInputStream.read(bArr, 0, CipherStorageAndroidKeystore.GCM_IV_LENGTH);
            return new GCMParameterSpec(128, bArr);
        }
    }

    /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
    public CipherStorageAndroidKeystore(Context context, Storage storage) {
        super(context, storage);
        c.e(context, "context");
        c.e(storage, "storage");
    }

    @Override // hos.houns.securestorage.CipherStorage
    public <T> T decrypt(String str) {
        Key key;
        c.e(str, "alias");
        try {
            byte[] keyBytes = getStorage().getKeyBytes(str);
            if (keyBytes == null || (key = BaseCipherStorage.Companion.getKeyStoreAndLoad().getKey(str, null)) == null) {
                return null;
            }
            return (T) Companion.decryptBytes(str, key, keyBytes, getStorage());
        } catch (CryptoFailedException e2) {
            e2.printStackTrace();
            return null;
        } catch (KeyStoreAccessException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException unused) {
            return null;
        } catch (m.a e3) {
            e3.printStackTrace();
            return null;
        }
    }

    @Override // hos.houns.securestorage.CipherStorage
    public <T> void encrypt(String str, T t) {
        c.e(str, "alias");
        try {
            BaseCipherStorage.Companion companion = BaseCipherStorage.Companion;
            KeyStore keyStoreAndLoad = companion.getKeyStoreAndLoad();
            if (!keyStoreAndLoad.containsAlias(str)) {
                KeyGenerator keyGenerator = KeyGenerator.getInstance(ENCRYPTION_ALGORITHM, BaseCipherStorage.ANDROID_KEY_STORE);
                keyGenerator.init(Companion.generateParameterSpec(str));
                keyGenerator.generateKey();
            }
            Key key = keyStoreAndLoad.getKey(str, null);
            Companion companion2 = Companion;
            c.a(key, "key");
            getStorage().saveKeyBytes(str, companion2.encryptString(key, t));
            getStorage().saveString(companion.makeTypeTagForAlias(str), SecureStorage.INSTANCE.getSecureStorageSerializer$app_debug().getType(t));
        } catch (KeyStoreAccessException e2) {
            throw new CryptoFailedException("Could not access Keystore", e2);
        } catch (NullPointerException e3) {
            throw new CryptoFailedException("Could not access Keystore", e3);
        } catch (InvalidAlgorithmParameterException e4) {
            throw new CryptoFailedException("Could not encrypt data", e4);
        } catch (KeyStoreException e5) {
            throw new CryptoFailedException("Could not access Keystore", e5);
        } catch (NoSuchAlgorithmException e6) {
            throw new CryptoFailedException("Could not encrypt data", e6);
        } catch (NoSuchProviderException e7) {
            throw new CryptoFailedException("Could not encrypt data", e7);
        } catch (UnrecoverableKeyException e8) {
            throw new CryptoFailedException("Could not encrypt data", e8);
        } catch (BadPaddingException e9) {
            throw new CryptoFailedException("Could not access Keystore", e9);
        }
    }
}
