package org.matrix.android.sdk.internal.session.securestorage;

import android.content.Context;
import android.os.Build;
import android.security.keystore.KeyGenParameterSpec;
import androidx.recyclerview.widget.RecyclerView;
import androidx.transition.CanvasUtils;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.io.OutputStream;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.SecureRandom;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.GCMParameterSpec;
import kotlin.Lazy;
import kotlin.Metadata;
import kotlin.Pair;
import kotlin._Assertions;
import kotlin.jvm.functions.Function0;
import kotlin.jvm.internal.Intrinsics;
import kotlin.text.Charsets;
import timber.log.Timber;

/* compiled from: SecretStoringUtils.kt */
@Metadata(bv = {1, 0, 3}, d1 = {"\u0000d\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0005\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u000e\n\u0000\n\u0002\u0010\u0012\n\u0002\b\u0007\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\b\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\f\n\u0002\u0010\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0007\b\u0000\u0018\u0000 ?2\u00020\u0001:\u0001?B\u000f\b\u0007\u0012\u0006\u0010\u0002\u001a\u00020\u0003¢\u0006\u0002\u0010\u0004J\u001a\u0010\r\u001a\u0004\u0018\u00010\u000e2\u0006\u0010\u000f\u001a\u00020\u00102\u0006\u0010\u0011\u001a\u00020\u000eH\u0002J\u0018\u0010\u0012\u001a\u00020\u000e2\u0006\u0010\u0013\u001a\u00020\u00102\u0006\u0010\u0011\u001a\u00020\u000eH\u0003J\u001a\u0010\u0014\u001a\u0004\u0018\u00010\u00102\u0006\u0010\u0015\u001a\u00020\u000e2\u0006\u0010\u0011\u001a\u00020\u000eH\u0002J\u001a\u0010\u0016\u001a\u0004\u0018\u00010\u00102\u0006\u0010\u0015\u001a\u00020\u000e2\u0006\u0010\u0011\u001a\u00020\u000eH\u0007J\"\u0010\u0017\u001a\u0014\u0012\u0004\u0012\u00020\u0010\u0012\u0004\u0012\u00020\u0010\u0012\u0004\u0012\u00020\u00100\u00182\u0006\u0010\u0019\u001a\u00020\u001aH\u0002J \u0010\u001b\u001a\u00020\u00102\u0006\u0010\u001c\u001a\u00020\u00102\u0006\u0010\u001d\u001a\u00020\u00102\u0006\u0010\u001e\u001a\u00020\u0010H\u0002J\"\u0010\u001f\u001a\u0014\u0012\u0004\u0012\u00020\u0010\u0012\u0004\u0012\u00020\u0010\u0012\u0004\u0012\u00020\u00100\u00182\u0006\u0010\u0019\u001a\u00020\u001aH\u0002J \u0010 \u001a\u00020\u00102\u0006\u0010!\u001a\u00020\u00102\u0006\u0010\u001d\u001a\u00020\u00102\u0006\u0010\u001e\u001a\u00020\u0010H\u0002J\u001c\u0010\"\u001a\u000e\u0012\u0004\u0012\u00020\u0010\u0012\u0004\u0012\u00020\u00100#2\u0006\u0010\u0019\u001a\u00020\u001aH\u0002J\u0018\u0010$\u001a\u00020\u00102\u0006\u0010\u001d\u001a\u00020\u00102\u0006\u0010\u000f\u001a\u00020\u0010H\u0002J\u000e\u0010%\u001a\u00020&2\u0006\u0010'\u001a\u00020\u000eJ\u0010\u0010(\u001a\u00020)2\u0006\u0010'\u001a\u00020\u000eH\u0003J%\u0010*\u001a\u0004\u0018\u0001H+\"\u0004\b\u0000\u0010+2\u0006\u0010\u0011\u001a\u00020\u000e2\u0006\u0010,\u001a\u00020\u001aH\u0002¢\u0006\u0002\u0010-J%\u0010.\u001a\u0004\u0018\u0001H+\"\u0004\b\u0000\u0010+2\u0006\u0010\u0011\u001a\u00020\u000e2\u0006\u0010,\u001a\u00020\u001aH\u0003¢\u0006\u0002\u0010-J#\u0010/\u001a\u0004\u0018\u0001H+\"\u0004\b\u0000\u0010+2\u0006\u0010,\u001a\u00020\u001a2\u0006\u0010\u0011\u001a\u00020\u000e¢\u0006\u0002\u00100J\u0018\u0010/\u001a\u0004\u0018\u00010\u000e2\u0006\u00101\u001a\u00020\u00102\u0006\u0010\u0011\u001a\u00020\u000eJ\u0018\u00102\u001a\u00020\u00102\u0006\u0010'\u001a\u00020\u000e2\u0006\u00101\u001a\u00020\u001aH\u0002J\u0018\u00103\u001a\u00020\u00102\u0006\u0010'\u001a\u00020\u000e2\u0006\u00104\u001a\u00020\u0010H\u0002J\u000e\u00105\u001a\u0002062\u0006\u0010\u0011\u001a\u00020\u000eJ \u00107\u001a\u0002062\u0006\u0010\u0011\u001a\u00020\u000e2\u0006\u00108\u001a\u0002092\u0006\u0010:\u001a\u00020\u0001H\u0002J \u0010;\u001a\u0002062\u0006\u0010\u0011\u001a\u00020\u000e2\u0006\u00108\u001a\u0002092\u0006\u0010:\u001a\u00020\u0001H\u0003J\u001e\u0010<\u001a\u0002062\u0006\u0010=\u001a\u00020\u00012\u0006\u0010\u0011\u001a\u00020\u000e2\u0006\u00108\u001a\u000209J\u0018\u0010>\u001a\u0004\u0018\u00010\u00102\u0006\u00104\u001a\u00020\u000e2\u0006\u0010\u0011\u001a\u00020\u000eR\u000e\u0010\u0002\u001a\u00020\u0003X\u0082\u0004¢\u0006\u0002\n\u0000R\u001b\u0010\u0005\u001a\u00020\u00068BX\u0082\u0084\u0002¢\u0006\f\n\u0004\b\t\u0010\n\u001a\u0004\b\u0007\u0010\bR\u000e\u0010\u000b\u001a\u00020\fX\u0082\u0004¢\u0006\u0002\n\u0000¨\u0006@"}, d2 = {"Lorg/matrix/android/sdk/internal/session/securestorage/SecretStoringUtils;", "", "context", "Landroid/content/Context;", "(Landroid/content/Context;)V", "keyStore", "Ljava/security/KeyStore;", "getKeyStore", "()Ljava/security/KeyStore;", "keyStore$delegate", "Lkotlin/Lazy;", "secureRandom", "Ljava/security/SecureRandom;", "decryptString", "", "data", "", "keyAlias", "decryptStringM", "encryptedChunk", "encryptString", "text", "encryptStringM", "format1Extract", "Lkotlin/Triple;", "bis", "Ljava/io/InputStream;", "format1Make", "encryptedKey", "iv", "encryptedBytes", "format2Extract", "format2Make", "salt", "formatMExtract", "Lkotlin/Pair;", "formatMMake", "getOrGenerateKeyPairForAlias", "Ljava/security/KeyStore$PrivateKeyEntry;", "alias", "getOrGenerateSymmetricKeyForAliasM", "Ljavax/crypto/SecretKey;", "loadSecureObject", "T", "inputStream", "(Ljava/lang/String;Ljava/io/InputStream;)Ljava/lang/Object;", "loadSecureObjectM", "loadSecureSecret", "(Ljava/io/InputStream;Ljava/lang/String;)Ljava/lang/Object;", "encrypted", "rsaDecrypt", "rsaEncrypt", "secret", "safeDeleteKey", "", "saveSecureObject", "output", "Ljava/io/OutputStream;", "writeObject", "saveSecureObjectM", "securelyStoreObject", "any", "securelyStoreString", "Companion", "matrix-sdk-android_release"}, k = 1, mv = {1, 1, 16})
/* loaded from: classes2.dex */
public final class SecretStoringUtils {
    public final Context context;

    /* renamed from: keyStore$delegate, reason: from kotlin metadata */
    public final Lazy keyStore;
    public final SecureRandom secureRandom;

    public SecretStoringUtils(Context context) {
        if (context == null) {
            Intrinsics.throwParameterIsNullException("context");
            throw null;
        }
        this.context = context;
        this.keyStore = CanvasUtils.lazy((Function0) new Function0<KeyStore>() { // from class: org.matrix.android.sdk.internal.session.securestorage.SecretStoringUtils$keyStore$2
            @Override // kotlin.jvm.functions.Function0
            public final KeyStore invoke() {
                KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
                keyStore.load(null);
                return keyStore;
            }
        });
        this.secureRandom = new SecureRandom();
    }

    public final KeyStore getKeyStore() {
        return (KeyStore) this.keyStore.getValue();
    }

    public final SecretKey getOrGenerateSymmetricKeyForAliasM(String alias) {
        KeyStore.Entry entry = getKeyStore().getEntry(alias, null);
        if (!(entry instanceof KeyStore.SecretKeyEntry)) {
            entry = null;
        }
        KeyStore.SecretKeyEntry secretKeyEntry = (KeyStore.SecretKeyEntry) entry;
        SecretKey secretKey = secretKeyEntry != null ? secretKeyEntry.getSecretKey() : null;
        if (secretKey != null) {
            return secretKey;
        }
        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", "AndroidKeyStore");
        KeyGenParameterSpec build = new KeyGenParameterSpec.Builder(alias, 3).setBlockModes("GCM").setEncryptionPaddings("NoPadding").setKeySize(RecyclerView.ViewHolder.FLAG_IGNORE).build();
        Intrinsics.checkExpressionValueIsNotNull(build, "KeyGenParameterSpec.Buil…                 .build()");
        keyGenerator.init(build);
        SecretKey generateKey = keyGenerator.generateKey();
        Intrinsics.checkExpressionValueIsNotNull(generateKey, "generator.generateKey()");
        return generateKey;
    }

    public final <T> T loadSecureSecret(InputStream inputStream, String keyAlias) {
        if (inputStream == null) {
            Intrinsics.throwParameterIsNullException("inputStream");
            throw null;
        }
        if (keyAlias == null) {
            Intrinsics.throwParameterIsNullException("keyAlias");
            throw null;
        }
        int i = Build.VERSION.SDK_INT;
        SecretKey orGenerateSymmetricKeyForAliasM = getOrGenerateSymmetricKeyForAliasM(keyAlias);
        boolean z = ((byte) inputStream.read()) == 0;
        if (_Assertions.ENABLED && !z) {
            throw new AssertionError("Assertion failed");
        }
        int read = inputStream.read();
        byte[] bArr = new byte[read];
        inputStream.read(bArr, 0, read);
        Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
        cipher.init(2, orGenerateSymmetricKeyForAliasM, new GCMParameterSpec(RecyclerView.ViewHolder.FLAG_IGNORE, bArr));
        CipherInputStream cipherInputStream = new CipherInputStream(inputStream, cipher);
        try {
            ObjectInputStream objectInputStream = new ObjectInputStream(cipherInputStream);
            try {
                T t = (T) objectInputStream.readObject();
                if (!(t instanceof Object)) {
                    t = null;
                }
                CanvasUtils.closeFinally(objectInputStream, null);
                CanvasUtils.closeFinally(cipherInputStream, null);
                return t;
            } finally {
            }
        } finally {
        }
    }

    public final String loadSecureSecret(byte[] encrypted, String keyAlias) throws Exception {
        if (encrypted == null) {
            Intrinsics.throwParameterIsNullException("encrypted");
            throw null;
        }
        if (keyAlias == null) {
            Intrinsics.throwParameterIsNullException("keyAlias");
            throw null;
        }
        int i = Build.VERSION.SDK_INT;
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(encrypted);
        boolean z = ((byte) byteArrayInputStream.read()) == 0;
        if (_Assertions.ENABLED && !z) {
            throw new AssertionError("Assertion failed");
        }
        int read = byteArrayInputStream.read();
        byte[] bArr = new byte[read];
        byteArrayInputStream.read(bArr, 0, read);
        Pair pair = new Pair(bArr, CanvasUtils.readBytes(byteArrayInputStream));
        byte[] bArr2 = (byte[]) pair.component1();
        byte[] bArr3 = (byte[]) pair.component2();
        SecretKey orGenerateSymmetricKeyForAliasM = getOrGenerateSymmetricKeyForAliasM(keyAlias);
        Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
        cipher.init(2, orGenerateSymmetricKeyForAliasM, new GCMParameterSpec(RecyclerView.ViewHolder.FLAG_IGNORE, bArr2));
        byte[] doFinal = cipher.doFinal(bArr3);
        Intrinsics.checkExpressionValueIsNotNull(doFinal, "cipher.doFinal(encryptedText)");
        return new String(doFinal, Charsets.UTF_8);
    }

    public final void safeDeleteKey(String keyAlias) {
        if (keyAlias == null) {
            Intrinsics.throwParameterIsNullException("keyAlias");
            throw null;
        }
        try {
            getKeyStore().deleteEntry(keyAlias);
        } catch (KeyStoreException e) {
            Timber.TREE_OF_SOULS.e(e);
        }
    }

    public final void securelyStoreObject(Object any, String keyAlias, OutputStream output) {
        if (any == null) {
            Intrinsics.throwParameterIsNullException("any");
            throw null;
        }
        if (keyAlias == null) {
            Intrinsics.throwParameterIsNullException("keyAlias");
            throw null;
        }
        if (output == null) {
            Intrinsics.throwParameterIsNullException("output");
            throw null;
        }
        int i = Build.VERSION.SDK_INT;
        SecretKey orGenerateSymmetricKeyForAliasM = getOrGenerateSymmetricKeyForAliasM(keyAlias);
        Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
        cipher.init(1, orGenerateSymmetricKeyForAliasM);
        Intrinsics.checkExpressionValueIsNotNull(cipher, "cipher");
        byte[] iv = cipher.getIV();
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        ObjectOutputStream objectOutputStream = new ObjectOutputStream(byteArrayOutputStream);
        try {
            objectOutputStream.writeObject(any);
            CanvasUtils.closeFinally(objectOutputStream, null);
            byte[] doFinal = cipher.doFinal(byteArrayOutputStream.toByteArray());
            output.write(0);
            output.write(iv.length);
            output.write(iv);
            output.write(doFinal);
        } finally {
        }
    }

    public final byte[] securelyStoreString(String secret, String keyAlias) throws Exception {
        if (secret == null) {
            Intrinsics.throwParameterIsNullException("secret");
            throw null;
        }
        if (keyAlias == null) {
            Intrinsics.throwParameterIsNullException("keyAlias");
            throw null;
        }
        int i = Build.VERSION.SDK_INT;
        SecretKey orGenerateSymmetricKeyForAliasM = getOrGenerateSymmetricKeyForAliasM(keyAlias);
        Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
        cipher.init(1, orGenerateSymmetricKeyForAliasM);
        Intrinsics.checkExpressionValueIsNotNull(cipher, "cipher");
        byte[] iv = cipher.getIV();
        byte[] bytes = secret.getBytes(Charsets.UTF_8);
        Intrinsics.checkExpressionValueIsNotNull(bytes, "(this as java.lang.String).getBytes(charset)");
        byte[] doFinal = cipher.doFinal(bytes);
        Intrinsics.checkExpressionValueIsNotNull(doFinal, "cipher.doFinal(text.toByteArray(Charsets.UTF_8))");
        Intrinsics.checkExpressionValueIsNotNull(iv, "iv");
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream(iv.length + 2 + doFinal.length);
        byteArrayOutputStream.write(0);
        byteArrayOutputStream.write(iv.length);
        byteArrayOutputStream.write(iv);
        byteArrayOutputStream.write(doFinal);
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        Intrinsics.checkExpressionValueIsNotNull(byteArray, "bos.toByteArray()");
        return byteArray;
    }
}
