package com.babycenter.pregbaby.persistence;

import android.annotation.TargetApi;
import android.content.Context;
import android.content.SharedPreferences;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import com.adjust.sdk.Constants;
import com.babycenter.pregbaby.persistence.k;
import com.google.android.gms.stats.CodePackage;
import com.google.firebase.appindexing.Indexable;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.SecureRandom;
import java.security.UnrecoverableEntryException;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Calendar;
import java.util.List;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.KeyGenerator;
import javax.crypto.Mac;
import javax.crypto.SecretKey;
import javax.crypto.spec.GCMParameterSpec;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes.dex */
public class EncryptionManager {
    private Context A;
    SharedPreferences B;
    k.b C;

    /* renamed from: a, reason: collision with root package name */
    private final int f5835a;

    /* renamed from: b, reason: collision with root package name */
    private final int f5836b;

    /* renamed from: c, reason: collision with root package name */
    private final int f5837c;

    /* renamed from: d, reason: collision with root package name */
    private final int f5838d;

    /* renamed from: e, reason: collision with root package name */
    private final int f5839e;

    /* renamed from: f, reason: collision with root package name */
    private final int f5840f;

    /* renamed from: g, reason: collision with root package name */
    private final String f5841g;

    /* renamed from: h, reason: collision with root package name */
    private final String f5842h;

    /* renamed from: i, reason: collision with root package name */
    private final String f5843i;

    /* renamed from: j, reason: collision with root package name */
    private final byte[] f5844j;

    /* renamed from: k, reason: collision with root package name */
    private final String f5845k;
    protected final String l;
    protected final String m;
    private final String n;
    private final String o;
    private final String p;
    private final String q;
    private final String r;
    protected final String s;
    private KeyStore t;
    private SecretKey u;
    private SecretKey v;
    private RSAPublicKey w;
    private RSAPrivateKey x;
    private String y;
    private boolean z;

    /* loaded from: classes.dex */
    public class InvalidMacException extends GeneralSecurityException {
        public InvalidMacException() {
            super("Invalid Mac, failed to verify integrity.");
        }
    }

    /* loaded from: classes.dex */
    public static class a {

        /* renamed from: a, reason: collision with root package name */
        byte[] f5847a = null;

        /* renamed from: b, reason: collision with root package name */
        byte[] f5848b = null;

        /* renamed from: c, reason: collision with root package name */
        byte[] f5849c = null;

        byte[] a() {
            byte[] bArr = this.f5847a;
            byte[] bArr2 = new byte[bArr.length + this.f5848b.length];
            System.arraycopy(bArr, 0, bArr2, 0, bArr.length);
            byte[] bArr3 = this.f5848b;
            System.arraycopy(bArr3, 0, bArr2, this.f5847a.length, bArr3.length);
            return bArr2;
        }
    }

    public EncryptionManager(Context context, SharedPreferences sharedPreferences, k.b bVar) {
        this(context, sharedPreferences, null, null, bVar);
    }

    public EncryptionManager(Context context, SharedPreferences sharedPreferences, String str, byte[] bArr, k.b bVar) {
        this.f5835a = 2048;
        this.f5836b = Indexable.MAX_URL_LENGTH;
        this.f5837c = Indexable.MAX_URL_LENGTH;
        this.f5838d = 128;
        this.f5839e = 16;
        this.f5840f = 12;
        this.f5841g = "AndroidKeyStore";
        this.f5842h = "AndroidOpenSSL";
        this.f5843i = "BC";
        this.n = "]";
        this.o = "RSA/ECB/PKCS1Padding";
        this.p = "AES/GCM/NoPadding";
        this.q = "AES/CBC/PKCS7Padding";
        this.r = "HmacSHA256";
        boolean z = false;
        this.z = false;
        this.f5844j = bArr;
        String string = sharedPreferences.getString(e("OverridingAlias"), str);
        this.y = string == null ? "sps" : string;
        this.s = String.format("%s_%s", this.y, "data_in_compat");
        this.f5845k = String.format("%s_%s", this.y, "rsa_key");
        this.l = String.format("%s_%s", this.y, "aes_key");
        this.m = String.format("%s_%s", this.y, "mac_key");
        this.z = sharedPreferences.getBoolean(e(this.s), Build.VERSION.SDK_INT < 23);
        this.C = bVar;
        this.A = context;
        this.B = sharedPreferences;
        c();
        try {
            a(context, sharedPreferences, bArr);
        } catch (Exception e2) {
            if (!a((EncryptionManager) e2)) {
                throw e2;
            }
            z = b((EncryptionManager) e2);
        }
        if (z) {
            a(context, sharedPreferences, bArr);
        }
    }

    public static byte[] a(String str) {
        return Base64.decode(str, 2);
    }

    public static String c(byte[] bArr) {
        return Base64.encodeToString(bArr, 2);
    }

    private byte[] d(byte[] bArr, byte[] bArr2) {
        if (bArr2 == null || bArr2.length == 0) {
            return bArr;
        }
        byte[] bArr3 = new byte[bArr.length];
        for (int i2 = 0; i2 < bArr.length; i2++) {
            bArr3[i2] = (byte) (bArr[i2] ^ bArr2[i2 % bArr2.length]);
        }
        return bArr3;
    }

    public static String e(String str) {
        return g(MessageDigest.getInstance(Constants.SHA256).digest(str.getBytes("UTF-8")));
    }

    static String g(byte[] bArr) {
        StringBuilder sb = new StringBuilder();
        for (byte b2 : bArr) {
            sb.append(String.format("%02X", Byte.valueOf(b2)));
        }
        return sb.toString();
    }

    @TargetApi(19)
    a a(byte[] bArr, byte[] bArr2) {
        Cipher a2 = a(bArr2, true);
        a aVar = new a();
        aVar.f5847a = a2.getIV();
        aVar.f5848b = a2.doFinal(bArr);
        return aVar;
    }

    @TargetApi(19)
    Cipher a(byte[] bArr, boolean z) {
        Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
        cipher.init(z ? 1 : 2, this.u, new GCMParameterSpec(128, bArr));
        return cipher;
    }

    SecretKey a(SharedPreferences sharedPreferences) {
        String string = sharedPreferences.getString(e(this.l), null);
        if (string != null) {
            return new SecretKeySpec(d(a(a(string)), this.f5844j), "AES");
        }
        return null;
    }

    void a(Context context, SharedPreferences sharedPreferences, byte[] bArr) {
        if (a(context, bArr, sharedPreferences)) {
            this.B.edit().putString(e("OverridingAlias"), this.y).commit();
        }
        c(sharedPreferences);
    }

    boolean a(Context context, byte[] bArr) {
        if (this.t.containsAlias(this.f5845k)) {
            return false;
        }
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
        Calendar calendar = Calendar.getInstance();
        calendar.add(11, -26);
        Calendar calendar2 = Calendar.getInstance();
        calendar2.add(1, 100);
        KeyPairGeneratorSpec build = Build.VERSION.SDK_INT >= 19 ? new KeyPairGeneratorSpec.Builder(context).setAlias(this.f5845k).setKeySize(2048).setKeyType("RSA").setSerialNumber(BigInteger.ONE).setSubject(new X500Principal("CN = Secured Preference Store, O = Devliving Online")).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build() : new KeyPairGeneratorSpec.Builder(context).setAlias(this.f5845k).setSerialNumber(BigInteger.ONE).setSubject(new X500Principal("CN = Secured Preference Store, O = Devliving Online")).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build();
        if (bArr == null || bArr.length <= 0) {
            keyPairGenerator.initialize(build);
        } else {
            keyPairGenerator.initialize(build, new SecureRandom(bArr));
        }
        keyPairGenerator.generateKeyPair();
        return true;
    }

    boolean a(Context context, byte[] bArr, SharedPreferences sharedPreferences) {
        if (!this.z) {
            return f(bArr);
        }
        boolean a2 = a(context, bArr);
        d();
        return b(sharedPreferences, bArr) || (a(sharedPreferences, bArr) || a2);
    }

    boolean a(SharedPreferences sharedPreferences, byte[] bArr) {
        String e2 = e(this.l);
        if (sharedPreferences.contains(e2)) {
            return false;
        }
        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
        if (bArr == null || bArr.length <= 0) {
            keyGenerator.init(Indexable.MAX_URL_LENGTH);
        } else {
            keyGenerator.init(Indexable.MAX_URL_LENGTH, new SecureRandom(bArr));
        }
        boolean commit = sharedPreferences.edit().putString(e2, c(b(d(keyGenerator.generateKey().getEncoded(), this.f5844j)))).commit();
        sharedPreferences.edit().putBoolean(e(this.s), true).apply();
        return commit;
    }

    <T extends Exception> boolean a(T t) {
        return (t instanceof KeyStoreException) || (t instanceof UnrecoverableEntryException) || (t instanceof InvalidKeyException) || (t instanceof IllegalStateException) || ((t instanceof IOException) && t.getCause() != null && (t.getCause() instanceof BadPaddingException));
    }

    byte[] a() {
        byte[] bArr = !this.z ? new byte[12] : new byte[16];
        new SecureRandom().nextBytes(bArr);
        return bArr;
    }

    public byte[] a(a aVar) {
        if (aVar == null || aVar.f5848b == null) {
            return null;
        }
        return this.z ? c(aVar) : b(aVar);
    }

    byte[] a(byte[] bArr) {
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", "AndroidOpenSSL");
        cipher.init(2, this.x);
        CipherInputStream cipherInputStream = new CipherInputStream(new ByteArrayInputStream(bArr), cipher);
        ArrayList arrayList = new ArrayList();
        while (true) {
            int read = cipherInputStream.read();
            if (read == -1) {
                break;
            }
            arrayList.add(Byte.valueOf((byte) read));
        }
        byte[] bArr2 = new byte[arrayList.size()];
        for (int i2 = 0; i2 < bArr2.length; i2++) {
            bArr2[i2] = ((Byte) arrayList.get(i2)).byteValue();
        }
        cipherInputStream.close();
        return bArr2;
    }

    a b(String str) {
        a aVar = new a();
        String[] split = str.split("]");
        aVar.f5847a = a(split[0]);
        aVar.f5848b = a(split[1]);
        if (split.length > 2) {
            aVar.f5849c = a(split[2]);
        }
        return aVar;
    }

    a b(byte[] bArr, byte[] bArr2) {
        Cipher b2 = b(bArr2, true);
        a aVar = new a();
        aVar.f5847a = b2.getIV();
        aVar.f5848b = b2.doFinal(bArr);
        aVar.f5849c = d(aVar.a());
        return aVar;
    }

    List<String> b() {
        return Arrays.asList(this.l, this.f5845k);
    }

    Cipher b(byte[] bArr, boolean z) {
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding", "BC");
        cipher.init(z ? 1 : 2, this.u, new IvParameterSpec(bArr));
        return cipher;
    }

    SecretKey b(SharedPreferences sharedPreferences) {
        String string = sharedPreferences.getString(e(this.m), null);
        if (string != null) {
            return new SecretKeySpec(a(a(string)), "HmacSHA256");
        }
        return null;
    }

    boolean b(SharedPreferences sharedPreferences, byte[] bArr) {
        String e2 = e(this.m);
        if (sharedPreferences.contains(e2)) {
            return false;
        }
        byte[] bArr2 = new byte[32];
        ((bArr == null || bArr.length <= 0) ? new SecureRandom() : new SecureRandom(bArr)).nextBytes(bArr2);
        return sharedPreferences.edit().putString(e2, c(b(bArr2))).commit();
    }

    <T extends Exception> boolean b(T t) {
        k.b bVar = this.C;
        return bVar != null && bVar.a(t, this.t, b());
    }

    @TargetApi(19)
    byte[] b(a aVar) {
        return a(aVar.f5847a, false).doFinal(aVar.f5848b);
    }

    byte[] b(byte[] bArr) {
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", "AndroidOpenSSL");
        cipher.init(1, this.w);
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, cipher);
        cipherOutputStream.write(bArr);
        cipherOutputStream.close();
        return byteArrayOutputStream.toByteArray();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String c(String str) {
        if (str == null || str.length() <= 0) {
            return null;
        }
        byte[] e2 = e(b(str));
        return new String(e2, 0, e2.length, "UTF-8");
    }

    void c() {
        this.t = KeyStore.getInstance("AndroidKeyStore");
        this.t.load(null);
    }

    void c(SharedPreferences sharedPreferences) {
        if (this.z) {
            this.u = a(sharedPreferences);
            this.v = b(sharedPreferences);
        } else if (this.t.containsAlias(this.l) && this.t.entryInstanceOf(this.l, KeyStore.SecretKeyEntry.class)) {
            this.u = ((KeyStore.SecretKeyEntry) this.t.getEntry(this.l, null)).getSecretKey();
        }
    }

    boolean c(byte[] bArr, byte[] bArr2) {
        if (bArr == null || bArr2 == null) {
            return false;
        }
        byte[] d2 = d(bArr2);
        if (d2.length != bArr.length) {
            return false;
        }
        int i2 = 0;
        for (int i3 = 0; i3 < d2.length; i3++) {
            i2 |= d2[i3] ^ bArr[i3];
        }
        return i2 == 0;
    }

    byte[] c(a aVar) {
        if (c(aVar.f5849c, aVar.a())) {
            return b(aVar.f5847a, false).doFinal(aVar.f5848b);
        }
        throw new InvalidMacException();
    }

    String d(a aVar) {
        if (aVar.f5849c == null) {
            return c(aVar.f5847a) + "]" + c(aVar.f5848b);
        }
        return c(aVar.f5847a) + "]" + c(aVar.f5848b) + "]" + c(aVar.f5849c);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String d(String str) {
        if (str == null || str.length() <= 0) {
            return null;
        }
        return d(h(str.getBytes("UTF-8")));
    }

    void d() {
        if (this.t.containsAlias(this.f5845k) && this.t.entryInstanceOf(this.f5845k, KeyStore.PrivateKeyEntry.class)) {
            KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) this.t.getEntry(this.f5845k, null);
            this.w = (RSAPublicKey) privateKeyEntry.getCertificate().getPublicKey();
            this.x = (RSAPrivateKey) privateKeyEntry.getPrivateKey();
        }
    }

    byte[] d(byte[] bArr) {
        Mac mac = Mac.getInstance("HmacSHA256");
        mac.init(this.v);
        return mac.doFinal(bArr);
    }

    public a e(byte[] bArr) {
        if (bArr == null || bArr.length <= 0) {
            return null;
        }
        byte[] a2 = a();
        return this.z ? b(bArr, a2) : a(bArr, a2);
    }

    public byte[] e(a aVar) {
        boolean b2;
        byte[] bArr;
        try {
            bArr = a(aVar);
            b2 = false;
        } catch (Exception e2) {
            if (!a((EncryptionManager) e2)) {
                throw e2;
            }
            b2 = b((EncryptionManager) e2);
            bArr = null;
        }
        if (!b2) {
            return bArr;
        }
        a(this.A, this.B, (byte[]) null);
        return a(aVar);
    }

    @TargetApi(23)
    boolean f(byte[] bArr) {
        if (this.t.containsAlias(this.l)) {
            return false;
        }
        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", "AndroidKeyStore");
        KeyGenParameterSpec build = new KeyGenParameterSpec.Builder(this.l, 3).setCertificateSubject(new X500Principal("CN = Secured Preference Store, O = Devliving Online")).setCertificateSerialNumber(BigInteger.ONE).setKeySize(Indexable.MAX_URL_LENGTH).setBlockModes(CodePackage.GCM).setEncryptionPaddings("NoPadding").setRandomizedEncryptionRequired(false).build();
        if (bArr == null || bArr.length <= 0) {
            keyGenerator.init(build);
        } else {
            keyGenerator.init(build, new SecureRandom(bArr));
        }
        keyGenerator.generateKey();
        return true;
    }

    public a h(byte[] bArr) {
        boolean b2;
        a aVar;
        try {
            aVar = e(bArr);
            b2 = false;
        } catch (Exception e2) {
            if (!a((EncryptionManager) e2)) {
                throw e2;
            }
            b2 = b((EncryptionManager) e2);
            aVar = null;
        }
        if (!b2) {
            return aVar;
        }
        a(this.A, this.B, (byte[]) null);
        return e(bArr);
    }
}
