package of;

import android.content.Context;
import android.security.keystore.KeyGenParameterSpec;
import android.text.TextUtils;
import android.util.Base64;
import bj.y;
import java.io.IOException;
import java.math.BigInteger;
import java.security.Key;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.CertificateException;
import java.security.spec.AlgorithmParameterSpec;
import java.util.Calendar;
import java.util.Date;
import java.util.EnumMap;
import java.util.Map;
import javax.crypto.Cipher;
import javax.security.auth.x500.X500Principal;
import le.x0;

/* loaded from: classes2.dex */
public class f {

    /* renamed from: a, reason: collision with root package name */
    private KeyStore f26084a = null;

    /* renamed from: b, reason: collision with root package name */
    private final Map<c, Boolean> f26085b = new EnumMap(c.class);

    /* renamed from: c, reason: collision with root package name */
    private final Context f26086c;

    /* renamed from: d, reason: collision with root package name */
    private final rg.b f26087d;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes2.dex */
    public static /* synthetic */ class a {

        /* renamed from: a, reason: collision with root package name */
        static final /* synthetic */ int[] f26088a;

        static {
            int[] iArr = new int[c.values().length];
            f26088a = iArr;
            try {
                iArr[c.PKCS1.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                f26088a[c.OAEP.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
        }
    }

    public f(Context context, rg.b bVar) {
        this.f26086c = context;
        this.f26087d = bVar;
    }

    private AlgorithmParameterSpec a(c cVar, String str, Date date, Date date2) {
        X500Principal x500Principal = new X500Principal("CN=LastPass, O=LastPass");
        int i10 = a.f26088a[cVar.ordinal()];
        if (i10 == 1) {
            return new KeyGenParameterSpec.Builder(str, 3).setCertificateSubject(x500Principal).setEncryptionPaddings("PKCS1Padding").setCertificateSerialNumber(BigInteger.ONE).setCertificateNotBefore(date).setCertificateNotAfter(date2).build();
        }
        if (i10 != 2) {
            return null;
        }
        return new KeyGenParameterSpec.Builder(str, 3).setDigests("SHA-256", "SHA-512").setCertificateSubject(x500Principal).setKeySize(2048).setEncryptionPaddings("OAEPPadding").setCertificateSerialNumber(BigInteger.ONE).setCertificateNotBefore(date).setCertificateNotAfter(date2).build();
    }

    private static Cipher g(int i10, c cVar, Key key) {
        Cipher cipher = Cipher.getInstance(cVar.b());
        if (cVar.c() == null) {
            cipher.init(i10, key);
        } else {
            cipher.init(i10, key, cVar.c());
        }
        return cipher;
    }

    public synchronized void b(String str, c cVar) {
        if (this.f26084a != null && this.f26086c != null && !TextUtils.isEmpty(str)) {
            String str2 = str + cVar.d();
            try {
                if (this.f26084a.containsAlias(str2)) {
                    x0.p("TagCryptography", "Key alias already exists " + str2);
                } else {
                    Calendar calendar = Calendar.getInstance();
                    Calendar calendar2 = Calendar.getInstance();
                    calendar2.add(1, 10);
                    KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
                    keyPairGenerator.initialize(a(cVar, str2, calendar.getTime(), calendar2.getTime()));
                    keyPairGenerator.generateKeyPair();
                    x0.p("TagCryptography", "Created key pair for " + str2);
                }
            } catch (Exception e10) {
                x0.x(e10);
                x0.j("TagCryptography", "Cannot create key pair", e10);
            }
        }
    }

    public synchronized void c(c cVar) {
        b("test_key_alias", cVar);
    }

    public synchronized boolean d(c cVar) {
        boolean l10;
        c(cVar);
        l10 = l(cVar);
        this.f26085b.put(cVar, Boolean.valueOf(l10));
        return l10;
    }

    public synchronized String e(String str, String str2, c cVar) {
        if (!TextUtils.isEmpty(str) && !TextUtils.isEmpty(str2) && this.f26084a != null) {
            String str3 = str + cVar.d();
            try {
                PrivateKey privateKey = (PrivateKey) this.f26084a.getKey(str3, null);
                if (privateKey == null) {
                    x0.D("TagCryptography", "Key alias not found " + str3);
                    return null;
                }
                byte[] doFinal = g(2, cVar, privateKey).doFinal(Base64.decode(str2, 0));
                x0.d("TagCryptography", "Decrypted data of " + str3);
                return y.u(doFinal);
            } catch (Exception e10) {
                x0.E("TagCryptography", "Cannot decrypt for " + str3, e10);
                return null;
            }
        }
        return null;
    }

    public synchronized String f(String str, String str2, c cVar) {
        if (!TextUtils.isEmpty(str) && !TextUtils.isEmpty(str2) && this.f26084a != null) {
            String str3 = str + cVar.d();
            try {
                PrivateKey privateKey = (PrivateKey) this.f26084a.getKey(str3, null);
                PublicKey publicKey = this.f26084a.getCertificate(str3).getPublicKey();
                if (privateKey != null && publicKey != null) {
                    byte[] doFinal = g(1, cVar, publicKey).doFinal(y.e(str2));
                    x0.d("TagCryptography", "Encrypted data of " + str3);
                    return Base64.encodeToString(doFinal, 2);
                }
                x0.D("TagCryptography", "Key alias not found " + str3);
                return null;
            } catch (Exception e10) {
                x0.E("TagCryptography", "Cannot encrypt for " + str3, e10);
                return null;
            }
        }
        return null;
    }

    public synchronized int h() {
        int i10;
        i10 = -1;
        try {
            KeyStore keyStore = this.f26084a;
            if (keyStore != null) {
                i10 = keyStore.size();
            }
        } catch (KeyStoreException unused) {
            return -1;
        }
        return i10;
    }

    public void i(d dVar, ig.c cVar) {
        try {
            dVar.a(cVar);
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            this.f26084a = keyStore;
            keyStore.load(null);
            c b10 = dVar.b();
            d(b10);
            k(this.f26087d, b10);
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e10) {
            x0.j("TagCryptography", "Cannot validate key store", e10);
            x0.x(e10);
        }
    }

    public synchronized boolean j(c cVar) {
        Boolean bool;
        bool = this.f26085b.get(cVar);
        if (bool == null) {
            throw new IllegalStateException("keyStoreTestResult = null (" + cVar + ")");
        }
        return this.f26084a != null && bool.booleanValue();
    }

    public void k(rg.b bVar, c cVar) {
        Boolean bool = this.f26085b.get(cVar);
        if (bool == null) {
            bool = "null";
        }
        bVar.d("KeyStoreTestedValid", bool);
    }

    public synchronized boolean l(c cVar) {
        boolean z10;
        String str = "test_key_alias" + cVar.d();
        x0.d("TagCryptography", "Validating keystore with " + str);
        z10 = false;
        try {
            String f10 = f("test_key_alias", "test_key_text", cVar);
            if (TextUtils.isEmpty(f10)) {
                x0.i("TagCryptography", "Cannot encrypt string for keystore validation " + str);
            } else {
                String e10 = e("test_key_alias", f10, cVar);
                if (TextUtils.isEmpty(e10) || !e10.equals("test_key_text")) {
                    x0.i("TagCryptography", "Keystore validation content mismatch " + str);
                } else {
                    z10 = true;
                }
            }
        } catch (Exception e11) {
            x0.j("TagCryptography", "Cannot validate key store with " + str, e11);
            x0.x(e11);
        }
        if (z10) {
            x0.p("TagCryptography", "Key store valid");
        } else {
            x0.i("TagCryptography", "Key store invalid");
        }
        return z10;
    }
}
