package com.creditcard.base;

import android.annotation.SuppressLint;
import android.content.Context;
import android.content.SharedPreferences;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.text.TextUtils;
import android.util.Base64;
import androidx.annotation.RequiresApi;
import com.dynatrace.android.agent.Global;
import com.poalim.utils.extenssion.LogsExtensionKt;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.nio.charset.Charset;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SecureRandom;
import java.security.UnrecoverableEntryException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Calendar;
import java.util.Locale;
import java.util.Objects;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.GCMParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;
import kotlin.Lazy;
import kotlin.LazyKt__LazyJVMKt;
import kotlin.Unit;
import kotlin.jvm.functions.Function0;
import kotlin.jvm.internal.Intrinsics;
import kotlin.jvm.internal.StringCompanionObject;

/* compiled from: CreditCardEncryptionKeyStore.kt */
/* loaded from: classes.dex */
public final class CreditCardEncryptionKeyStore {
    private final Lazy iv$delegate;
    private final Context mContext;
    private final Object s_keyInitLock;

    public CreditCardEncryptionKeyStore(Context mContext) {
        Lazy lazy;
        Intrinsics.checkNotNullParameter(mContext, "mContext");
        this.mContext = mContext;
        this.s_keyInitLock = new Object();
        lazy = LazyKt__LazyJVMKt.lazy(new Function0<byte[]>() { // from class: com.creditcard.base.CreditCardEncryptionKeyStore$iv$2
            @Override // kotlin.jvm.functions.Function0
            public final byte[] invoke() {
                return new byte[12];
            }
        });
        this.iv$delegate = lazy;
        new SecureRandom().nextBytes(getIv());
    }

    @RequiresApi(api = 18)
    private final void generateKeysForAPILessThanM() throws NoSuchProviderException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, CertificateException, UnrecoverableEntryException, NoSuchPaddingException, KeyStoreException, InvalidKeyException, IOException {
        Locale locale = Locale.US;
        Calendar calendar = Calendar.getInstance(locale);
        Calendar calendar2 = Calendar.getInstance(locale);
        calendar2.add(1, 30);
        KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(this.mContext).setAlias("YOUR-KeyAliasForEncryption").setSubject(new X500Principal("CN=YOUR-KeyAliasForEncryption")).setSerialNumber(BigInteger.TEN).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build();
        Intrinsics.checkNotNullExpressionValue(build, "Builder(mContext)\n                .setAlias(KEY_ALIAS)\n                .setSubject(X500Principal(\"CN=$KEY_ALIAS\"))\n                .setSerialNumber(BigInteger.TEN)\n                .setStartDate(start.time)\n                .setEndDate(end.time)\n                .build()");
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
        keyPairGenerator.initialize(build);
        keyPairGenerator.generateKeyPair();
        saveEncryptedKey();
    }

    @RequiresApi(api = 23)
    private final void generateKeysForAPIMOrGreater() throws NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException {
        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", "AndroidKeyStore");
        Intrinsics.checkNotNullExpressionValue(keyGenerator, "getInstance(KeyProperties.KEY_ALGORITHM_AES, ANDROID_KEY_STORE_NAME)");
        keyGenerator.init(new KeyGenParameterSpec.Builder("YOUR-KeyAliasForEncryption", 3).setBlockModes("GCM").setEncryptionPaddings("NoPadding").setRandomizedEncryptionRequired(false).build());
        keyGenerator.generateKey();
    }

    private final byte[] getIv() {
        return (byte[]) this.iv$delegate.getValue();
    }

    private final Key getSecretKeyAPILessThanM() throws CertificateException, NoSuchPaddingException, InvalidKeyException, NoSuchAlgorithmException, KeyStoreException, NoSuchProviderException, UnrecoverableEntryException, IOException {
        String secretKeyFromSharedPreferences = getSecretKeyFromSharedPreferences();
        if (TextUtils.isEmpty(secretKeyFromSharedPreferences)) {
            throw new InvalidKeyException("Saved key missing from shared preferences");
        }
        byte[] encryptedKey = Base64.decode(secretKeyFromSharedPreferences, 0);
        Intrinsics.checkNotNullExpressionValue(encryptedKey, "encryptedKey");
        return new SecretKeySpec(rsaDecryptKey(encryptedKey), "AES");
    }

    private final Key getSecretKeyAPIMorGreater() throws CertificateException, NoSuchAlgorithmException, IOException, KeyStoreException, UnrecoverableKeyException {
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null);
        Key key = keyStore.getKey("YOUR-KeyAliasForEncryption", null);
        Intrinsics.checkNotNullExpressionValue(key, "keyStore.getKey(KEY_ALIAS, null)");
        return key;
    }

    private final String getSecretKeyFromSharedPreferences() {
        return this.mContext.getSharedPreferences("PoalimEncryptedKeysSharedPreferences", 0).getString("PoalimEncryptedKeysKeyName", null);
    }

    /* JADX WARN: Code restructure failed: missing block: B:18:0x0039, code lost:
    
        if (android.text.TextUtils.isEmpty(getSecretKeyFromSharedPreferences()) == false) goto L23;
     */
    @androidx.annotation.RequiresApi(api = 21)
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private final void initKeys() throws java.security.KeyStoreException, java.security.cert.CertificateException, java.security.NoSuchAlgorithmException, java.io.IOException, java.security.NoSuchProviderException, java.security.InvalidAlgorithmParameterException, java.security.UnrecoverableEntryException, javax.crypto.NoSuchPaddingException, java.security.InvalidKeyException {
        /*
            r6 = this;
            java.lang.String r0 = "AndroidKeyStore"
            java.security.KeyStore r0 = java.security.KeyStore.getInstance(r0)
            r1 = 0
            r0.load(r1)
            java.lang.String r2 = "YOUR-KeyAliasForEncryption"
            boolean r2 = r0.containsAlias(r2)
            if (r2 != 0) goto L16
            r6.initValidKeys()
            goto L71
        L16:
            r2 = 0
            r3 = 1
            java.lang.String r4 = "YOUR-KeyAliasForEncryption"
            java.security.KeyStore$Entry r1 = r0.getEntry(r4, r1)     // Catch: java.security.UnrecoverableKeyException -> L3c java.lang.NullPointerException -> L4b
            boolean r4 = r1 instanceof java.security.KeyStore.SecretKeyEntry     // Catch: java.security.UnrecoverableKeyException -> L3c java.lang.NullPointerException -> L4b
            r5 = 23
            if (r4 == 0) goto L29
            int r4 = android.os.Build.VERSION.SDK_INT     // Catch: java.security.UnrecoverableKeyException -> L3c java.lang.NullPointerException -> L4b
            if (r4 < r5) goto L29
            r2 = 1
        L29:
            boolean r1 = r1 instanceof java.security.KeyStore.PrivateKeyEntry     // Catch: java.security.UnrecoverableKeyException -> L3c java.lang.NullPointerException -> L4b
            if (r1 == 0) goto L59
            int r1 = android.os.Build.VERSION.SDK_INT     // Catch: java.security.UnrecoverableKeyException -> L3c java.lang.NullPointerException -> L4b
            if (r1 >= r5) goto L59
            java.lang.String r1 = r6.getSecretKeyFromSharedPreferences()     // Catch: java.security.UnrecoverableKeyException -> L3c java.lang.NullPointerException -> L4b
            boolean r1 = android.text.TextUtils.isEmpty(r1)     // Catch: java.security.UnrecoverableKeyException -> L3c java.lang.NullPointerException -> L4b
            if (r1 != 0) goto L59
            goto L5a
        L3c:
            r1 = move-exception
            java.lang.String r3 = "Failed to get key store entry "
            java.lang.String r1 = r1.getMessage()
            java.lang.String r1 = kotlin.jvm.internal.Intrinsics.stringPlus(r3, r1)
            com.poalim.utils.extenssion.LogsExtensionKt.showLog(r6, r1)
            goto L59
        L4b:
            r1 = move-exception
            java.lang.String r3 = "Failed to get key store entry "
            java.lang.String r1 = r1.getMessage()
            java.lang.String r1 = kotlin.jvm.internal.Intrinsics.stringPlus(r3, r1)
            com.poalim.utils.extenssion.LogsExtensionKt.showLog(r6, r1)
        L59:
            r3 = r2
        L5a:
            if (r3 != 0) goto L71
            java.lang.Object r1 = r6.s_keyInitLock
            monitor-enter(r1)
            java.lang.String r2 = "keyStore"
            kotlin.jvm.internal.Intrinsics.checkNotNullExpressionValue(r0, r2)     // Catch: java.lang.Throwable -> L6e
            r6.removeKeys(r0)     // Catch: java.lang.Throwable -> L6e
            r6.initValidKeys()     // Catch: java.lang.Throwable -> L6e
            kotlin.Unit r0 = kotlin.Unit.INSTANCE     // Catch: java.lang.Throwable -> L6e
            monitor-exit(r1)
            goto L71
        L6e:
            r0 = move-exception
            monitor-exit(r1)
            throw r0
        L71:
            return
        */
        throw new UnsupportedOperationException("Method not decompiled: com.creditcard.base.CreditCardEncryptionKeyStore.initKeys():void");
    }

    @RequiresApi(api = 21)
    private final void initValidKeys() throws NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException, CertificateException, UnrecoverableEntryException, NoSuchPaddingException, KeyStoreException, InvalidKeyException, IOException {
        synchronized (this.s_keyInitLock) {
            if (Build.VERSION.SDK_INT >= 23) {
                generateKeysForAPIMOrGreater();
            } else {
                generateKeysForAPILessThanM();
            }
            Unit unit = Unit.INSTANCE;
        }
    }

    private final void removeKeys(KeyStore keyStore) throws KeyStoreException {
        keyStore.deleteEntry("YOUR-KeyAliasForEncryption");
        removeSavedSharedPreferences();
    }

    private final void removeSavedSharedPreferences() {
        boolean commit = this.mContext.getSharedPreferences("PoalimEncryptedKeysSharedPreferences", 0).edit().clear().commit();
        StringCompanionObject stringCompanionObject = StringCompanionObject.INSTANCE;
        String format = String.format("Cleared secret key shared preferences `%s`", Arrays.copyOf(new Object[]{Boolean.valueOf(commit)}, 1));
        Intrinsics.checkNotNullExpressionValue(format, "format(format, *args)");
        LogsExtensionKt.showLog(this, format);
    }

    private final byte[] rsaDecryptKey(byte[] bArr) throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException, UnrecoverableEntryException, NoSuchProviderException, NoSuchPaddingException, InvalidKeyException {
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null);
        KeyStore.Entry entry = keyStore.getEntry("YOUR-KeyAliasForEncryption", null);
        Objects.requireNonNull(entry, "null cannot be cast to non-null type java.security.KeyStore.PrivateKeyEntry");
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", "AndroidOpenSSL");
        cipher.init(2, ((KeyStore.PrivateKeyEntry) entry).getPrivateKey());
        CipherInputStream cipherInputStream = new CipherInputStream(new ByteArrayInputStream(bArr), cipher);
        ArrayList arrayList = new ArrayList();
        for (int read = cipherInputStream.read(); read != -1; read = cipherInputStream.read()) {
            arrayList.add(Byte.valueOf((byte) read));
        }
        int size = arrayList.size();
        byte[] bArr2 = new byte[size];
        int i = 0;
        int i2 = size - 1;
        if (i2 >= 0) {
            while (true) {
                int i3 = i + 1;
                Object obj = arrayList.get(i);
                Intrinsics.checkNotNullExpressionValue(obj, "values[i]");
                bArr2[i] = ((Number) obj).byteValue();
                if (i3 > i2) {
                    break;
                }
                i = i3;
            }
        }
        return bArr2;
    }

    private final byte[] rsaEncryptKey(byte[] bArr) throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException, NoSuchProviderException, NoSuchPaddingException, UnrecoverableEntryException, InvalidKeyException {
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null);
        KeyStore.Entry entry = keyStore.getEntry("YOUR-KeyAliasForEncryption", null);
        Objects.requireNonNull(entry, "null cannot be cast to non-null type java.security.KeyStore.PrivateKeyEntry");
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", "AndroidOpenSSL");
        cipher.init(1, ((KeyStore.PrivateKeyEntry) entry).getCertificate().getPublicKey());
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, cipher);
        cipherOutputStream.write(bArr);
        cipherOutputStream.close();
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        Intrinsics.checkNotNullExpressionValue(byteArray, "outputStream.toByteArray()");
        return byteArray;
    }

    @SuppressLint({"ApplySharedPref"})
    private final void saveEncryptedKey() throws CertificateException, NoSuchPaddingException, InvalidKeyException, NoSuchAlgorithmException, KeyStoreException, NoSuchProviderException, UnrecoverableEntryException, IOException {
        SharedPreferences sharedPreferences = this.mContext.getSharedPreferences("PoalimEncryptedKeysSharedPreferences", 0);
        if (sharedPreferences.getString("PoalimEncryptedKeysKeyName", null) == null) {
            byte[] bArr = new byte[16];
            new SecureRandom().nextBytes(bArr);
            String encodeToString = Base64.encodeToString(rsaEncryptKey(bArr), 0);
            SharedPreferences.Editor edit = sharedPreferences.edit();
            edit.putString("PoalimEncryptedKeysKeyName", encodeToString);
            if (edit.commit()) {
                LogsExtensionKt.showLog(this, "Saved keys successfully");
            } else {
                LogsExtensionKt.showLog(this, "Saved keys unsuccessfully");
                throw new IOException("Could not save keys");
            }
        }
    }

    @RequiresApi(api = 21)
    public final String decryptData(String str) throws NoSuchPaddingException, NoSuchAlgorithmException, UnrecoverableEntryException, CertificateException, KeyStoreException, IOException, InvalidAlgorithmParameterException, InvalidKeyException, NoSuchProviderException, BadPaddingException, IllegalBlockSizeException {
        Cipher cipher;
        initKeys();
        if (str == null) {
            throw new IllegalArgumentException("Data to be decrypted must be non null");
        }
        byte[] decode = Base64.decode(str, 0);
        try {
            if (Build.VERSION.SDK_INT >= 23) {
                cipher = Cipher.getInstance("AES/GCM/NoPadding");
                Intrinsics.checkNotNullExpressionValue(cipher, "getInstance(AES_MODE_M_OR_GREATER)");
                cipher.init(2, getSecretKeyAPIMorGreater(), new GCMParameterSpec(128, getIv()));
            } else {
                cipher = Cipher.getInstance("AES/ECB/PKCS7Padding", "BC");
                Intrinsics.checkNotNullExpressionValue(cipher, "getInstance(AES_MODE_LESS_THAN_M, CIPHER_PROVIDER_NAME_ENCRYPTION_DECRYPTION_AES)");
                cipher.init(2, getSecretKeyAPILessThanM());
            }
            byte[] decodedBytes = cipher.doFinal(decode);
            Intrinsics.checkNotNullExpressionValue(decodedBytes, "decodedBytes");
            Charset forName = Charset.forName(Global.CHAR_SET_NAME);
            Intrinsics.checkNotNullExpressionValue(forName, "forName(charsetName)");
            return new String(decodedBytes, forName);
        } catch (IOException e) {
            removeKeys();
            throw e;
        } catch (InvalidKeyException e2) {
            removeKeys();
            throw e2;
        }
    }

    @RequiresApi(api = 21)
    public final String encryptData(String str) throws NoSuchPaddingException, NoSuchAlgorithmException, UnrecoverableEntryException, CertificateException, KeyStoreException, IOException, InvalidAlgorithmParameterException, InvalidKeyException, NoSuchProviderException, BadPaddingException, IllegalBlockSizeException {
        Cipher cipher;
        initKeys();
        if (str == null) {
            throw new IllegalArgumentException("Data to be decrypted must be non null");
        }
        if (Build.VERSION.SDK_INT >= 23) {
            cipher = Cipher.getInstance("AES/GCM/NoPadding");
            Intrinsics.checkNotNullExpressionValue(cipher, "getInstance(AES_MODE_M_OR_GREATER)");
            cipher.init(1, getSecretKeyAPIMorGreater(), new GCMParameterSpec(128, getIv()));
        } else {
            cipher = Cipher.getInstance("AES/ECB/PKCS7Padding", "BC");
            Intrinsics.checkNotNullExpressionValue(cipher, "getInstance(AES_MODE_LESS_THAN_M, CIPHER_PROVIDER_NAME_ENCRYPTION_DECRYPTION_AES)");
            try {
                cipher.init(1, getSecretKeyAPILessThanM());
            } catch (IOException e) {
                removeKeys();
                throw e;
            } catch (IllegalArgumentException e2) {
                removeKeys();
                throw e2;
            } catch (InvalidKeyException e3) {
                removeKeys();
                throw e3;
            }
        }
        Charset forName = Charset.forName(Global.CHAR_SET_NAME);
        Intrinsics.checkNotNullExpressionValue(forName, "forName(charsetName)");
        byte[] bytes = str.getBytes(forName);
        Intrinsics.checkNotNullExpressionValue(bytes, "this as java.lang.String).getBytes(charset)");
        String encodeToString = Base64.encodeToString(cipher.doFinal(bytes), 0);
        Intrinsics.checkNotNullExpressionValue(encodeToString, "encodeToString(encodedBytes, Base64.DEFAULT)");
        return encodeToString;
    }

    public final void removeKeys() throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException {
        synchronized (this.s_keyInitLock) {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            Intrinsics.checkNotNullExpressionValue(keyStore, "keyStore");
            removeKeys(keyStore);
            Unit unit = Unit.INSTANCE;
        }
    }
}
