package m4;

import android.content.Context;
import android.content.SharedPreferences;
import android.security.KeyPairGeneratorSpec;
import android.util.Log;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.UnrecoverableEntryException;
import java.security.cert.Certificate;
import java.security.interfaces.RSAPrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Calendar;
import java.util.List;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.GCMParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;
import o4.c;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: classes.dex */
public class e implements c {

    /* renamed from: a, reason: collision with root package name */
    private static final e f10827a = new e();

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public static class a implements f {

        /* renamed from: a, reason: collision with root package name */
        public final RSAPrivateKey f10828a;

        /* renamed from: b, reason: collision with root package name */
        private final k4.f f10829b;

        public a(KeyPair keyPair) {
            this.f10828a = (RSAPrivateKey) keyPair.getPrivate();
            this.f10829b = k4.f.b((RSAPublicKey) keyPair.getPublic());
        }

        @Override // m4.f
        public k4.f a() {
            return this.f10829b;
        }

        @Override // m4.f
        public Certificate[] b() {
            return new Certificate[0];
        }
    }

    private e() {
    }

    private static byte[] e(PublicKey publicKey, byte[] bArr) throws i4.a {
        try {
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            try {
                cipher.init(1, publicKey);
                return cipher.doFinal(bArr);
            } catch (InvalidKeyException e10) {
                throw new i4.a(e10);
            } catch (BadPaddingException e11) {
                throw new i4.a(e11);
            } catch (IllegalBlockSizeException e12) {
                throw new i4.a(e12);
            }
        } catch (NoSuchAlgorithmException unused) {
            throw new RuntimeException("RSA/ECB/PKCS1Padding not supported");
        } catch (NoSuchPaddingException unused2) {
            throw new RuntimeException("RSA/ECB/PKCS1Padding not supported");
        }
    }

    private static KeyPair f() {
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
            keyPairGenerator.initialize(2048);
            return keyPairGenerator.generateKeyPair();
        } catch (NoSuchAlgorithmException unused) {
            throw new RuntimeException("RSA not supported");
        }
    }

    public static e g() {
        return f10827a;
    }

    private static SharedPreferences h(Context context) {
        return context.getSharedPreferences("miuikeybag.pref.softkeystore.key", 0);
    }

    private PublicKey j(Context context) throws i4.a {
        KeyStore a10 = o4.a.a();
        try {
            KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) a10.getEntry("miuikeybag.key.softstore.protectedkey", null);
            if (privateKeyEntry != null) {
                return privateKeyEntry.getCertificate().getPublicKey();
            }
            Calendar calendar = Calendar.getInstance();
            Calendar calendar2 = Calendar.getInstance();
            calendar2.add(1, 100);
            KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(context).setAlias("miuikeybag.key.softstore.protectedkey").setSubject(new X500Principal("CN=miuikeybag.key.softstore.protectedkey")).setSerialNumber(BigInteger.TEN).setKeySize(2048).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build();
            try {
                KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", o4.a.b());
                try {
                    keyPairGenerator.initialize(build);
                    try {
                        synchronized (this) {
                            KeyStore.PrivateKeyEntry privateKeyEntry2 = (KeyStore.PrivateKeyEntry) a10.getEntry("miuikeybag.key.softstore.protectedkey", null);
                            if (privateKeyEntry2 != null) {
                                return privateKeyEntry2.getCertificate().getPublicKey();
                            }
                            return keyPairGenerator.generateKeyPair().getPublic();
                        }
                    } catch (KeyStoreException e10) {
                        throw new i4.a(e10);
                    } catch (NoSuchAlgorithmException e11) {
                        throw new i4.a(e11);
                    } catch (UnrecoverableEntryException e12) {
                        throw new i4.a(e12);
                    }
                } catch (InvalidAlgorithmParameterException unused) {
                    throw new IllegalStateException("should not reach here");
                }
            } catch (NoSuchAlgorithmException unused2) {
                throw new RuntimeException("Android key store RSA generator not supported");
            } catch (NoSuchProviderException unused3) {
                throw new RuntimeException("Android key store RSA generator not supported");
            }
        } catch (KeyStoreException e13) {
            throw new i4.a(e13);
        } catch (NoSuchAlgorithmException e14) {
            throw new i4.a(e14);
        } catch (UnrecoverableEntryException e15) {
            throw new i4.a(e15);
        }
    }

    private static byte[] k(a aVar, l4.c cVar) throws i4.a {
        try {
            Cipher cipher = Cipher.getInstance("RSA/ECB/OAEPPadding");
            Cipher cipher2 = Cipher.getInstance("AES/GCM/NoPadding");
            try {
                cipher.init(2, aVar.f10828a);
                byte[] doFinal = cipher.doFinal(cVar.f10689b);
                cipher2.init(2, new SecretKeySpec(doFinal, "AES"), new GCMParameterSpec(128, cVar.f10690c));
                cipher2.updateAAD(cVar.f10691d);
                return cipher2.doFinal(cVar.f10688a);
            } catch (InvalidAlgorithmParameterException e10) {
                throw new i4.a(e10);
            } catch (InvalidKeyException e11) {
                throw new i4.a(e11);
            } catch (BadPaddingException e12) {
                throw new i4.a(e12);
            } catch (IllegalBlockSizeException e13) {
                throw new i4.a(e13);
            }
        } catch (NoSuchAlgorithmException unused) {
            throw new RuntimeException("RSA/ECB/OAEPPadding or AES/GCM/NoPadding not supported");
        } catch (NoSuchPaddingException unused2) {
            throw new RuntimeException("RSA/ECB/OAEPPadding or AES/GCM/NoPadding not supported");
        }
    }

    @Override // m4.c
    public List<String> a(Context context) {
        return new ArrayList(h(context).getAll().keySet());
    }

    @Override // m4.c
    public f b(Context context) {
        return new a(f());
    }

    @Override // m4.c
    public void c(Context context, String str) {
        h(context).edit().remove(str).commit();
    }

    @Override // m4.c
    public void d(Context context, String str, f fVar, l4.c cVar) throws i4.a {
        byte[] k9 = k((a) fVar, cVar);
        byte[] a10 = o4.b.a(k9);
        byte[] e10 = e(j(context), k9);
        try {
            JSONObject jSONObject = new JSONObject();
            jSONObject.put("key", o4.c.b(e10));
            jSONObject.put(com.xiaomi.onetrack.g.a.f7786e, o4.c.b(a10));
            if (h(context).edit().putString(str, jSONObject.toString()).commit()) {
                return;
            }
            Log.i("KeyBag.MasterKeyStorage", "put masterKey to sp return fales");
            throw new i4.a("importMasterKey failed.");
        } catch (JSONException unused) {
            throw new IllegalStateException("won't reach here");
        }
    }

    public SecretKey i(Context context, String str) {
        String string = h(context).getString(str, null);
        if (string == null) {
            Log.i("KeyBag.MasterKeyStorage", "getKey: no key " + o4.d.a(str));
            return null;
        }
        try {
            JSONObject jSONObject = new JSONObject(string);
            String string2 = jSONObject.getString("key");
            String string3 = jSONObject.getString(com.xiaomi.onetrack.g.a.f7786e);
            try {
                byte[] a10 = o4.c.a(string2);
                byte[] a11 = o4.c.a(string3);
                try {
                    try {
                        KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) o4.a.a().getEntry("miuikeybag.key.softstore.protectedkey", null);
                        if (privateKeyEntry == null) {
                            Log.e("KeyBag.MasterKeyStorage", "getKey: no protect key for " + o4.d.a(str));
                            return null;
                        }
                        PrivateKey privateKey = privateKeyEntry.getPrivateKey();
                        try {
                            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
                            try {
                                cipher.init(2, privateKey);
                                byte[] doFinal = cipher.doFinal(a10);
                                if (Arrays.equals(a11, o4.b.a(doFinal))) {
                                    return new SecretKeySpec(doFinal, "AES");
                                }
                                Log.e("KeyBag.MasterKeyStorage", "getKey: bad master key " + o4.d.a(str) + ", bad hash");
                                return null;
                            } catch (InvalidKeyException e10) {
                                Log.e("KeyBag.MasterKeyStorage", "getKey: failed to unprotect key " + o4.d.a(str), e10);
                                return null;
                            } catch (BadPaddingException e11) {
                                Log.e("KeyBag.MasterKeyStorage", "getKey: failed to unprotect key " + o4.d.a(str), e11);
                                return null;
                            } catch (IllegalBlockSizeException e12) {
                                Log.e("KeyBag.MasterKeyStorage", "getKey: failed to unprotect key " + o4.d.a(str), e12);
                                return null;
                            }
                        } catch (NoSuchAlgorithmException unused) {
                            throw new RuntimeException("RSA/ECB/PKCS1Padding not supported");
                        } catch (NoSuchPaddingException unused2) {
                            throw new RuntimeException("RSA/ECB/PKCS1Padding not supported");
                        }
                    } catch (KeyStoreException e13) {
                        Log.e("KeyBag.MasterKeyStorage", "getKey: bad protect key for " + o4.d.a(str), e13);
                        return null;
                    } catch (NoSuchAlgorithmException e14) {
                        Log.e("KeyBag.MasterKeyStorage", "getKey: bad protect key for " + o4.d.a(str), e14);
                        return null;
                    } catch (UnrecoverableEntryException e15) {
                        Log.e("KeyBag.MasterKeyStorage", "getKey: bad protect key for " + o4.d.a(str), e15);
                        return null;
                    }
                } catch (i4.a e16) {
                    Log.e("KeyBag.MasterKeyStorage", "getKey: Android key store error", e16);
                    return null;
                }
            } catch (c.a e17) {
                Log.e("KeyBag.MasterKeyStorage", "getKey: bad key info " + o4.d.a(str), e17);
                return null;
            }
        } catch (JSONException e18) {
            Log.e("KeyBag.MasterKeyStorage", "getKey: bad key info " + o4.d.a(str), e18);
            return null;
        }
    }
}
