package com.liveperson.infra.z;

import android.content.res.Resources;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.text.TextUtils;
import android.util.Base64;
import com.liveperson.infra.h;
import com.liveperson.infra.s;
import com.liveperson.infra.utils.n0;
import com.liveperson.infra.utils.p;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.math.BigInteger;
import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.Objects;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;
import kotlin.TypeCastException;
import kotlin.a0.f;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.jvm.internal.i;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;

/* compiled from: DBEncryptionService.kt */
/* loaded from: classes2.dex */
public final class c {

    /* renamed from: a, reason: collision with root package name */
    public static final a f13749a = new a(null);

    /* renamed from: b, reason: collision with root package name */
    private KeyStore f13750b;

    /* renamed from: c, reason: collision with root package name */
    private SecretKey f13751c;

    /* renamed from: d, reason: collision with root package name */
    private final IvParameterSpec f13752d;

    /* renamed from: e, reason: collision with root package name */
    private final boolean f13753e;

    /* compiled from: DBEncryptionService.kt */
    /* loaded from: classes2.dex */
    public static final class a {
        private a() {
        }

        public /* synthetic */ a(DefaultConstructorMarker defaultConstructorMarker) {
            this();
        }

        @NotNull
        public final p a() {
            try {
                p a2 = p.a(com.liveperson.infra.y.b.e(s.f13600a));
                i.b(a2, "EncryptionVersion.fromIn…teger.encryptionVersion))");
                return a2;
            } catch (Resources.NotFoundException e2) {
                com.liveperson.infra.e0.c.f12921e.e("DBEncryptionService", com.liveperson.infra.b0.a.ERR_0000003C, "Exception while getting app encryption version.", e2);
                return p.VERSION_1;
            }
        }
    }

    public c() {
        boolean z = Build.VERSION.SDK_INT >= 23 && !com.liveperson.infra.g0.b.e().c("dbEncryptionKey", "appLevelPreferences");
        this.f13753e = z;
        com.liveperson.infra.e0.c cVar = com.liveperson.infra.e0.c.f12921e;
        StringBuilder sb = new StringBuilder();
        sb.append("Using ");
        sb.append(z ? "Keystore" : "Legacy");
        sb.append(" encryption system.");
        cVar.k("DBEncryptionService", sb.toString());
        l();
        this.f13752d = m();
        if (z) {
            this.f13751c = null;
        } else {
            n(k());
        }
    }

    private final void b() {
        try {
            KeyStore keyStore = this.f13750b;
            if (keyStore == null) {
                i.q("androidKeyStore");
            }
            if (keyStore.containsAlias("androidInfraDbEncKey")) {
                return;
            }
            try {
                KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", "AndroidKeyStore");
                KeyGenParameterSpec build = new KeyGenParameterSpec.Builder("androidInfraDbEncKey", 3).setKeySize(256).setBlockModes("CBC").setEncryptionPaddings("PKCS7Padding").build();
                i.b(build, "KeyGenParameterSpec.Buil…NG_PKCS7)\n\t\t\t\t\t\t\t.build()");
                keyGenerator.init(build);
                keyGenerator.generateKey();
            } catch (Exception e2) {
                com.liveperson.infra.e0.c.f12921e.e("DBEncryptionService", com.liveperson.infra.b0.a.ERR_0000014B, "Fatal exception while generating new AES key: ", e2);
            }
        } catch (KeyStoreException e3) {
            com.liveperson.infra.e0.c.f12921e.e("DBEncryptionService", com.liveperson.infra.b0.a.ERR_0000014A, "Fatal exception while accessing keystore: ", e3);
        }
    }

    private final String d(String str) {
        try {
            KeyStore keyStore = this.f13750b;
            if (keyStore == null) {
                i.q("androidKeyStore");
            }
            KeyStore.Entry entry = keyStore.getEntry("androidInfraDbEncKey", null);
            if (entry == null) {
                throw new TypeCastException("null cannot be cast to non-null type java.security.KeyStore.PrivateKeyEntry");
            }
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            cipher.init(2, ((KeyStore.PrivateKeyEntry) entry).getPrivateKey());
            CipherInputStream cipherInputStream = new CipherInputStream(new ByteArrayInputStream(Base64.decode(str, 0)), cipher);
            ArrayList arrayList = new ArrayList();
            kotlin.jvm.internal.s sVar = new kotlin.jvm.internal.s();
            while (true) {
                int read = cipherInputStream.read();
                sVar.k = read;
                if (read == -1) {
                    break;
                }
                arrayList.add(Byte.valueOf((byte) read));
            }
            int size = arrayList.size();
            byte[] bArr = new byte[size];
            for (int i2 = 0; i2 < size; i2++) {
                Object obj = arrayList.get(i2);
                i.b(obj, "values[i]");
                bArr[i2] = ((Number) obj).byteValue();
            }
            Charset charset = StandardCharsets.UTF_8;
            i.b(charset, "StandardCharsets.UTF_8");
            return new String(bArr, 0, size, charset);
        } catch (Exception e2) {
            com.liveperson.infra.e0.c.f12921e.e("DBEncryptionService", com.liveperson.infra.b0.a.ERR_00000035, "Exception while decrypting key.", e2);
            return null;
        }
    }

    private final void f(String str) {
        KeyStore.Entry entry;
        g();
        boolean z = false;
        try {
            KeyStore keyStore = this.f13750b;
            if (keyStore == null) {
                i.q("androidKeyStore");
            }
            entry = keyStore.getEntry("androidInfraDbEncKey", null);
        } catch (Exception e2) {
            com.liveperson.infra.e0.c.f12921e.e("DBEncryptionService", com.liveperson.infra.b0.a.ERR_00000036, "Exception while encrypting/saving key.", e2);
        }
        if (entry == null) {
            throw new TypeCastException("null cannot be cast to non-null type java.security.KeyStore.PrivateKeyEntry");
        }
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
        Certificate certificate = ((KeyStore.PrivateKeyEntry) entry).getCertificate();
        i.b(certificate, "publicKeyEntry.certificate");
        cipher.init(1, certificate.getPublicKey());
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, cipher);
        if (str == null) {
            i.m();
        }
        Charset charset = StandardCharsets.UTF_8;
        i.b(charset, "StandardCharsets.UTF_8");
        if (str == null) {
            throw new NullPointerException("null cannot be cast to non-null type java.lang.String");
        }
        byte[] bytes = str.getBytes(charset);
        i.d(bytes, "(this as java.lang.String).getBytes(charset)");
        cipherOutputStream.write(bytes);
        cipherOutputStream.close();
        str = Base64.encodeToString(byteArrayOutputStream.toByteArray(), 0);
        z = true;
        com.liveperson.infra.g0.b.e().m("dbEncryptionKey", "appLevelPreferences", str);
        com.liveperson.infra.g0.b.e().j("dbEncryptionUsesKeyStore", "appLevelPreferences", z);
    }

    private final void g() {
        try {
            KeyStore keyStore = this.f13750b;
            if (keyStore == null) {
                i.q("androidKeyStore");
            }
            if (keyStore.containsAlias("androidInfraDbEncKey")) {
                return;
            }
            Calendar start = Calendar.getInstance();
            Calendar end = Calendar.getInstance();
            end.add(1, 120);
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
            KeyPairGeneratorSpec.Builder serialNumber = new KeyPairGeneratorSpec.Builder(h.instance.p()).setAlias("androidInfraDbEncKey").setSubject(new X500Principal("CN=DBKeyEncryptor, O=Liveperson")).setSerialNumber(BigInteger.ONE);
            i.b(start, "start");
            KeyPairGeneratorSpec.Builder startDate = serialNumber.setStartDate(start.getTime());
            i.b(end, "end");
            keyPairGenerator.initialize(startDate.setEndDate(end.getTime()).build());
            keyPairGenerator.generateKeyPair();
        } catch (Exception e2) {
            com.liveperson.infra.e0.c.f12921e.e("DBEncryptionService", com.liveperson.infra.b0.a.ERR_00000038, "Exception while generating KeyPair.", e2);
        }
    }

    private final String h() {
        try {
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
            keyGenerator.init(256);
            SecretKey generateKey = keyGenerator.generateKey();
            i.b(generateKey, "keyGen.generateKey()");
            String encodeToString = Base64.encodeToString(generateKey.getEncoded(), 0);
            i.b(encodeToString, "Base64.encodeToString(se….encoded, Base64.DEFAULT)");
            return encodeToString;
        } catch (NoSuchAlgorithmException e2) {
            com.liveperson.infra.e0.c.f12921e.e("DBEncryptionService", com.liveperson.infra.b0.a.ERR_00000037, "Exception while generating AES Encryption Key", e2);
            byte[] bArr = new byte[32];
            new SecureRandom().nextBytes(bArr);
            String encodeToString2 = Base64.encodeToString(bArr, 0);
            i.b(encodeToString2, "Base64.encodeToString(randomBytes, Base64.DEFAULT)");
            return encodeToString2;
        }
    }

    private final Cipher i(IvParameterSpec ivParameterSpec) {
        Cipher cipher = Cipher.getInstance(this.f13753e ? "AES/CBC/PKCS7Padding" : "AES/CBC/PKCS5Padding");
        if (this.f13753e) {
            b();
            KeyStore keyStore = this.f13750b;
            if (keyStore == null) {
                i.q("androidKeyStore");
            }
            KeyStore.Entry entry = keyStore.getEntry("androidInfraDbEncKey", null);
            if (entry == null) {
                throw new TypeCastException("null cannot be cast to non-null type java.security.KeyStore.SecretKeyEntry");
            }
            cipher.init(2, ((KeyStore.SecretKeyEntry) entry).getSecretKey(), ivParameterSpec);
        } else {
            cipher.init(2, this.f13751c, ivParameterSpec);
        }
        i.b(cipher, "cipher");
        return cipher;
    }

    private final Cipher j() {
        Cipher cipher = Cipher.getInstance(this.f13753e ? "AES/CBC/PKCS7Padding" : "AES/CBC/PKCS5Padding");
        if (this.f13753e) {
            b();
            KeyStore keyStore = this.f13750b;
            if (keyStore == null) {
                i.q("androidKeyStore");
            }
            KeyStore.Entry entry = keyStore.getEntry("androidInfraDbEncKey", null);
            if (entry == null) {
                throw new TypeCastException("null cannot be cast to non-null type java.security.KeyStore.SecretKeyEntry");
            }
            cipher.init(1, ((KeyStore.SecretKeyEntry) entry).getSecretKey());
        } else {
            cipher.init(1, this.f13751c, this.f13752d);
        }
        i.b(cipher, "cipher");
        return cipher;
    }

    private final String k() {
        KeyStore.Entry entry;
        KeyStore.PrivateKeyEntry privateKeyEntry = null;
        String h2 = com.liveperson.infra.g0.b.e().h("dbEncryptionKey", "appLevelPreferences", null);
        try {
            KeyStore keyStore = this.f13750b;
            if (keyStore == null) {
                i.q("androidKeyStore");
            }
            entry = keyStore.getEntry("androidInfraDbEncKey", null);
        } catch (Exception unused) {
        }
        if (entry == null) {
            throw new TypeCastException("null cannot be cast to non-null type java.security.KeyStore.PrivateKeyEntry");
        }
        privateKeyEntry = (KeyStore.PrivateKeyEntry) entry;
        if (h2 == null || privateKeyEntry == null) {
            String h3 = h();
            f(h3);
            return h3;
        }
        if (com.liveperson.infra.g0.b.e().d("dbEncryptionUsesKeyStore", "appLevelPreferences", false)) {
            return d(h2);
        }
        f(h2);
        return h2;
    }

    private final void l() {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            i.b(keyStore, "KeyStore.getInstance(\"AndroidKeyStore\")");
            this.f13750b = keyStore;
            if (keyStore == null) {
                i.q("androidKeyStore");
            }
            keyStore.load(null, null);
        } catch (Exception e2) {
            com.liveperson.infra.e0.c.f12921e.e("DBEncryptionService", com.liveperson.infra.b0.a.ERR_00000034, "Failed to load Keystore.", e2);
        }
    }

    private final IvParameterSpec m() {
        String h2 = com.liveperson.infra.g0.b.e().h("initializationVector", "appLevelPreferences", null);
        if (h2 == null) {
            return null;
        }
        com.liveperson.infra.e0.c.f12921e.q("DBEncryptionService", "Found a legacy Initialization Vector; loading it. Please log out and back in to clear old data.");
        return new IvParameterSpec(Base64.decode(h2, 0));
    }

    private final void n(String str) {
        byte[] decode = Base64.decode(str, 0);
        decode[0] = (byte) (decode[0] + 1);
        this.f13751c = new SecretKeySpec(decode, "AES");
    }

    private final IvParameterSpec o(String str) {
        return new IvParameterSpec(Base64.decode(str, 0));
    }

    public void a() {
        try {
            KeyStore keyStore = this.f13750b;
            if (keyStore == null) {
                i.q("androidKeyStore");
            }
            keyStore.deleteEntry("androidInfraDbEncKey");
        } catch (Exception e2) {
            com.liveperson.infra.e0.c.f12921e.c("DBEncryptionService", "exception deleting key store entry: ", e2);
        }
    }

    @Nullable
    public final String c(@Nullable String str) {
        IvParameterSpec ivParameterSpec;
        String str2;
        String str3;
        if (TextUtils.isEmpty(str)) {
            return str;
        }
        if (str == null) {
            i.m();
        }
        Object[] array = new f("::").c(str, 0).toArray(new String[0]);
        Objects.requireNonNull(array, "null cannot be cast to non-null type kotlin.Array<T>");
        String[] strArr = (String[]) array;
        if (strArr.length > 1) {
            ivParameterSpec = o(strArr[0]);
            str2 = strArr[1];
        } else {
            ivParameterSpec = this.f13752d;
            str2 = strArr[0];
        }
        try {
            byte[] decryptedBytes = i(ivParameterSpec).doFinal(Base64.decode(str2, 0));
            com.liveperson.infra.e0.c cVar = com.liveperson.infra.e0.c.f12921e;
            StringBuilder sb = new StringBuilder();
            sb.append("Successfully Decrypted ");
            if (strArr.length > 1) {
                str3 = cVar.m("block " + strArr[0]);
            } else {
                str3 = "Legacy block";
            }
            sb.append(str3);
            cVar.n("DBEncryptionService", sb.toString());
            i.b(decryptedBytes, "decryptedBytes");
            Charset charset = StandardCharsets.UTF_8;
            i.b(charset, "StandardCharsets.UTF_8");
            return new String(decryptedBytes, charset);
        } catch (BadPaddingException e2) {
            com.liveperson.infra.e0.c cVar2 = com.liveperson.infra.e0.c.f12921e;
            com.liveperson.infra.e0.b bVar = com.liveperson.infra.e0.b.DECRYPTION;
            cVar2.p("DBEncryptionService", bVar, "Caught a bad padding exception!", e2);
            cVar2.a("DBEncryptionService", bVar, "Using fallback after BadPaddingException");
            try {
                byte[] decryptedBytes2 = i(ivParameterSpec).doFinal(n0.b(str2));
                cVar2.a("DBEncryptionService", bVar, "BadPaddingException fallback worked!");
                i.b(decryptedBytes2, "decryptedBytes");
                Charset charset2 = StandardCharsets.UTF_8;
                i.b(charset2, "StandardCharsets.UTF_8");
                return new String(decryptedBytes2, charset2);
            } catch (Exception e3) {
                com.liveperson.infra.e0.c.f12921e.g("DBEncryptionService", com.liveperson.infra.e0.b.DECRYPTION, com.liveperson.infra.b0.a.ERR_0000003A, "BadPaddingException fallback failed.", e3);
                return str;
            }
        } catch (Exception e4) {
            com.liveperson.infra.e0.c.f12921e.g("DBEncryptionService", com.liveperson.infra.e0.b.DECRYPTION, com.liveperson.infra.b0.a.ERR_0000003B, "Caught an unexpected exception.", e4);
            return str;
        }
    }

    @Nullable
    public final String e(@Nullable String str) {
        if (TextUtils.isEmpty(str)) {
            return str;
        }
        try {
            Cipher j2 = j();
            if (str == null) {
                i.m();
            }
            Charset charset = StandardCharsets.UTF_8;
            i.b(charset, "StandardCharsets.UTF_8");
            if (str == null) {
                throw new NullPointerException("null cannot be cast to non-null type java.lang.String");
            }
            byte[] bytes = str.getBytes(charset);
            i.d(bytes, "(this as java.lang.String).getBytes(charset)");
            byte[] doFinal = j2.doFinal(bytes);
            byte[] iv = j2.getIV();
            String encodeToString = Base64.encodeToString(doFinal, 0);
            String encodeToString2 = Base64.encodeToString(iv, 0);
            com.liveperson.infra.e0.c cVar = com.liveperson.infra.e0.c.f12921e;
            cVar.n("DBEncryptionService", "Successfully Encrypted block " + cVar.m(encodeToString2));
            return encodeToString2 + "::" + encodeToString;
        } catch (Exception e2) {
            com.liveperson.infra.e0.c.f12921e.e("DBEncryptionService", com.liveperson.infra.b0.a.ERR_00000039, "Exception while Encrypting text.", e2);
            return str;
        }
    }
}
