package com.kaspersky.safekids.features.auth.valuestorage;

import android.security.keystore.KeyGenParameterSpec;
import android.security.keystore.KeyInfo;
import android.security.keystore.KeyPermanentlyInvalidatedException;
import android.util.Base64;
import androidx.annotation.NonNull;
import androidx.annotation.RequiresApi;
import com.kaspersky.components.log.KlLog;
import com.kaspersky.safekids.features.auth.valuestorage.SecureValueStorageImpl;
import com.kaspersky.utils.Lazy;
import java.io.IOException;
import java.nio.charset.Charset;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.ProviderException;
import java.security.PublicKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.X509EncodedKeySpec;
import java.util.concurrent.Callable;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.inject.Inject;
import javax.inject.Provider;
import rx.Single;

@RequiresApi
/* loaded from: classes8.dex */
public class SecureValueStorageImpl implements ISecureValueStorage {

    /* renamed from: d, reason: collision with root package name */
    public static final String f23850d = "SecureValueStorageImpl";

    /* renamed from: a, reason: collision with root package name */
    public final IValueStorage f23851a;

    /* renamed from: b, reason: collision with root package name */
    public final SecureStorageConfig f23852b;

    /* renamed from: c, reason: collision with root package name */
    public final Lazy<KeyStore> f23853c = new Lazy<>(new Provider() { // from class: p8.c
        @Override // javax.inject.Provider
        public final Object get() {
            KeyStore q3;
            q3 = SecureValueStorageImpl.this.q();
            return q3;
        }
    });

    @Inject
    public SecureValueStorageImpl(@NonNull IValueStorage iValueStorage, @NonNull SecureStorageConfig secureStorageConfig) {
        this.f23851a = iValueStorage;
        this.f23852b = secureStorageConfig;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public /* synthetic */ Cipher p() throws Exception {
        try {
            return j(2);
        } catch (NoSuchAlgorithmException | NoSuchPaddingException e3) {
            throw new IllegalStateException(e3);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public /* synthetic */ KeyStore q() {
        try {
            KeyStore keyStore = KeyStore.getInstance(this.f23852b.e());
            keyStore.load(null);
            if (o(keyStore)) {
                return keyStore;
            }
            throw new IllegalStateException("Key not initialized");
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e3) {
            throw new IllegalStateException(e3);
        }
    }

    @Override // com.kaspersky.safekids.features.auth.valuestorage.ISecureValueStorage
    public void a(@NonNull String str) {
        this.f23851a.a(str);
    }

    @Override // com.kaspersky.safekids.features.auth.valuestorage.ISecureValueStorage
    public void b(@NonNull String str, @NonNull String str2) {
        try {
            if (this.f23853c != null) {
                this.f23851a.b(str, Base64.encodeToString(j(1).doFinal(str2.getBytes(Charset.defaultCharset())), 2));
            }
        } catch (NoSuchAlgorithmException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e3) {
            throw new IllegalStateException(e3);
        }
    }

    @Override // com.kaspersky.safekids.features.auth.valuestorage.ISecureValueStorage
    public boolean c(@NonNull String str) {
        return this.f23851a.c(str);
    }

    @Override // com.kaspersky.safekids.features.auth.valuestorage.ISecureValueStorage
    @NonNull
    public Single<Cipher> d() {
        return Single.o(new Callable() { // from class: p8.b
            @Override // java.util.concurrent.Callable
            public final Object call() {
                Cipher p3;
                p3 = SecureValueStorageImpl.this.p();
                return p3;
            }
        });
    }

    @Override // com.kaspersky.safekids.features.auth.valuestorage.ISecureValueStorage
    @NonNull
    public String e(@NonNull String str, @NonNull Cipher cipher) {
        try {
            return new String(cipher.doFinal(Base64.decode(this.f23851a.d(str), 2)), Charset.defaultCharset());
        } catch (BadPaddingException e3) {
            throw new IllegalStateException(e3);
        } catch (IllegalBlockSizeException e4) {
            KlLog.e(f23850d, "IllegalBlockSizeException: reiniting key");
            r();
            throw new IllegalStateException(e4);
        }
    }

    public final void h() {
        try {
            this.f23853c.get().deleteEntry(this.f23852b.d());
        } catch (KeyStoreException e3) {
            throw new IllegalStateException(e3);
        }
    }

    public final boolean i() {
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(this.f23852b.c(), this.f23852b.e());
            keyPairGenerator.initialize(new KeyGenParameterSpec.Builder(this.f23852b.d(), this.f23852b.g()).setDigests((String[]) this.f23852b.a().toArray(new String[0])).setEncryptionPaddings(this.f23852b.b()).setUserAuthenticationRequired(true).build());
            if (((KeyInfo) KeyFactory.getInstance(this.f23852b.c(), this.f23852b.e()).getKeySpec(keyPairGenerator.generateKeyPair().getPrivate(), KeyInfo.class)).isInsideSecureHardware()) {
                return true;
            }
            h();
            throw new IllegalStateException("No secure hardware");
        } catch (InvalidAlgorithmParameterException | NoSuchAlgorithmException | NoSuchProviderException | ProviderException | InvalidKeySpecException e3) {
            throw new IllegalStateException(e3);
        }
    }

    @NonNull
    public final Cipher j(int i3) throws NoSuchAlgorithmException, NoSuchPaddingException {
        Cipher cipher = Cipher.getInstance(this.f23852b.h());
        if (l(cipher, i3)) {
            return cipher;
        }
        throw new IllegalStateException("Cipher not initialized");
    }

    public final PrivateKey k() throws UnrecoverableKeyException, NoSuchAlgorithmException, KeyStoreException {
        try {
            return (PrivateKey) this.f23853c.get().getKey(this.f23852b.d(), null);
        } catch (UnrecoverableKeyException unused) {
            KlLog.e(f23850d, "UnrecoverableKeyException: reiniting key");
            r();
            return (PrivateKey) this.f23853c.get().getKey(this.f23852b.d(), null);
        }
    }

    public final boolean l(@NonNull Cipher cipher, int i3) {
        try {
            if (i3 == 1) {
                n(cipher);
            } else {
                if (i3 != 2) {
                    return false;
                }
                m(cipher);
            }
            return true;
        } catch (KeyPermanentlyInvalidatedException unused) {
            h();
            return false;
        } catch (InvalidAlgorithmParameterException e3) {
            e = e3;
            throw new IllegalStateException(e);
        } catch (InvalidKeyException e4) {
            e = e4;
            throw new IllegalStateException(e);
        } catch (KeyStoreException e5) {
            e = e5;
            throw new IllegalStateException(e);
        } catch (NoSuchAlgorithmException e6) {
            e = e6;
            throw new IllegalStateException(e);
        } catch (UnrecoverableKeyException e10) {
            e = e10;
            throw new IllegalStateException(e);
        } catch (InvalidKeySpecException e11) {
            e = e11;
            throw new IllegalStateException(e);
        }
    }

    public final void m(@NonNull Cipher cipher) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException, InvalidKeyException {
        cipher.init(2, k());
    }

    public final void n(@NonNull Cipher cipher) throws KeyStoreException, InvalidKeySpecException, NoSuchAlgorithmException, InvalidKeyException, InvalidAlgorithmParameterException {
        Certificate certificate = this.f23853c.get().getCertificate(this.f23852b.d());
        if (certificate == null) {
            KlLog.e(f23850d, "initEncodeCipher:  certificate == null. Reiniting key");
            r();
            certificate = this.f23853c.get().getCertificate(this.f23852b.d());
            if (certificate == null) {
                throw new IllegalStateException("Wrong certificate");
            }
        }
        PublicKey publicKey = certificate.getPublicKey();
        cipher.init(1, KeyFactory.getInstance(publicKey.getAlgorithm()).generatePublic(new X509EncodedKeySpec(publicKey.getEncoded())), this.f23852b.f());
    }

    public final boolean o(@NonNull KeyStore keyStore) {
        try {
            if (!keyStore.containsAlias(this.f23852b.d())) {
                if (!i()) {
                    return false;
                }
            }
            return true;
        } catch (KeyStoreException e3) {
            throw new IllegalStateException(e3);
        }
    }

    public final void r() {
        h();
        o(this.f23853c.get());
    }
}
