package com.samsung.android.authfw.trustzone.util;

import android.security.keystore.KeyGenParameterSpec;
import android.support.v4.media.session.f;
import android.text.TextUtils;
import android.util.Base64;
import com.samsung.android.authfw.trustzone.TzContext;
import java.io.IOException;
import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.UnrecoverableEntryException;
import java.security.cert.CertificateException;
import java.util.Arrays;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: classes.dex */
public final class StorageCrypto {
    private static final int HEADER_LENGTH = 8;
    private static final String HEADER_V1 = "#%01####";
    private static final String HEADER_V2 = "#%02####";
    private static final String TAG = "StorageCrypto";

    /* loaded from: classes.dex */
    public static final class CryptoV1 {
        private CryptoV1() {
        }

        /* JADX INFO: Access modifiers changed from: private */
        public static String decrypt(String str) {
            try {
                byte[] internalDecrypt = internalDecrypt(str);
                if (internalDecrypt != null) {
                    return new String(internalDecrypt, StandardCharsets.UTF_8);
                }
                return null;
            } catch (IllegalArgumentException | NullPointerException | InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException unused) {
                Log.e(StorageCrypto.TAG, "Error-Decrypt");
                return null;
            }
        }

        private static byte[] generateKeyHash(byte[] bArr) {
            try {
                MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
                messageDigest.update(bArr);
                return messageDigest.digest();
            } catch (NoSuchAlgorithmException e2) {
                Log.e(StorageCrypto.TAG, "NoSuchAlgorithmException : " + e2.getMessage());
                return null;
            }
        }

        private static byte[] getIv() {
            String androidId = DeviceUtil.getAndroidId(TzContext.get());
            f.k("aid is null", androidId);
            byte[] bytes = androidId.getBytes(StandardCharsets.UTF_8);
            for (int i2 = 0; i2 < 25; i2++) {
                bytes = generateKeyHash(bytes);
            }
            return bytes != null ? Arrays.copyOf(bytes, 16) : new byte[16];
        }

        private static byte[] getKey() {
            String androidId = DeviceUtil.getAndroidId(TzContext.get());
            f.k("aid is null", androidId);
            byte[] bytes = androidId.getBytes(StandardCharsets.UTF_8);
            for (int i2 = 0; i2 < 20; i2++) {
                bytes = generateKeyHash(bytes);
            }
            return bytes;
        }

        private static byte[] internalDecrypt(String str) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, InvalidAlgorithmParameterException, IllegalBlockSizeException, BadPaddingException {
            SecretKeySpec secretKeySpec = new SecretKeySpec(getKey(), "AES");
            IvParameterSpec ivParameterSpec = new IvParameterSpec(getIv());
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7PADDING");
            cipher.init(2, secretKeySpec, ivParameterSpec);
            return cipher.doFinal(Base64.decode(str, 0));
        }
    }

    /* loaded from: classes.dex */
    public static final class CryptoV2 {
        static final String KEY_ALIAS = "com.samsung.android.authfw_StorageCryptoV2Key";
        private static SecretKey mSecretKey;

        private static SecretKey createKey() throws NoSuchProviderException, NoSuchAlgorithmException, InvalidAlgorithmParameterException {
            KeyGenParameterSpec build = new KeyGenParameterSpec.Builder("com.samsung.android.authfw_StorageCryptoV2Key", 3).setKeySize(256).setBlockModes("CBC").setEncryptionPaddings("PKCS7Padding").build();
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", "AndroidKeyStore");
            keyGenerator.init(build);
            return keyGenerator.generateKey();
        }

        /* JADX INFO: Access modifiers changed from: private */
        public static String decrypt(String str) {
            byte[] decode = Base64.decode(str, 0);
            if (decode == null || decode.length <= 16) {
                Log.w(StorageCrypto.TAG, "encryptedData is invalid");
                return null;
            }
            byte[] bArr = new byte[16];
            System.arraycopy(decode, 0, bArr, 0, 16);
            int length = decode.length - 16;
            byte[] bArr2 = new byte[length];
            System.arraycopy(decode, 16, bArr2, 0, length);
            try {
                SecretKey keyFromKeystore = getKeyFromKeystore();
                if (keyFromKeystore == null) {
                    Log.w(StorageCrypto.TAG, "get key failed");
                    return null;
                }
                try {
                    Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7PADDING");
                    cipher.init(2, keyFromKeystore, new IvParameterSpec(bArr));
                    try {
                        String str2 = new String(cipher.doFinal(bArr2), StandardCharsets.UTF_8);
                        Log.v("TestKeyStore", "plaintext : ".concat(str2));
                        return str2;
                    } catch (BadPaddingException | IllegalBlockSizeException e2) {
                        Log.e(StorageCrypto.TAG, "Decrypt Exception : " + e2.getMessage());
                        return null;
                    }
                } catch (InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | NoSuchPaddingException e10) {
                    Log.e(StorageCrypto.TAG, "Cipher Exception : " + e10.getMessage());
                    return null;
                }
            } catch (IOException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableEntryException | CertificateException e11) {
                Log.e(StorageCrypto.TAG, "Key Exception : " + e11.getMessage());
                return null;
            }
        }

        /* JADX INFO: Access modifiers changed from: private */
        public static String encrypt(String str) {
            try {
                if (mSecretKey == null) {
                    mSecretKey = getKeyFromKeystore();
                }
                if (mSecretKey == null) {
                    Log.i(StorageCrypto.TAG, "ck");
                    mSecretKey = createKey();
                }
                if (mSecretKey == null) {
                    Log.w(StorageCrypto.TAG, "Create key failed");
                    return null;
                }
                try {
                    Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7PADDING");
                    cipher.init(1, mSecretKey);
                    byte[] iv = cipher.getIV();
                    try {
                        Charset charset = StandardCharsets.UTF_8;
                        byte[] doFinal = cipher.doFinal(str.getBytes(charset));
                        byte[] bArr = new byte[iv.length + doFinal.length];
                        System.arraycopy(iv, 0, bArr, 0, iv.length);
                        System.arraycopy(doFinal, 0, bArr, iv.length, doFinal.length);
                        return new String(Base64.encode(bArr, 0), charset);
                    } catch (BadPaddingException | IllegalBlockSizeException e2) {
                        Log.e(StorageCrypto.TAG, "Encrypt Exception : " + e2.getMessage());
                        return null;
                    }
                } catch (InvalidKeyException | NoSuchAlgorithmException | NoSuchPaddingException e10) {
                    Log.e(StorageCrypto.TAG, "Cipher Exception : " + e10.getMessage());
                    return null;
                }
            } catch (IOException | InvalidAlgorithmParameterException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | UnrecoverableEntryException | CertificateException e11) {
                Log.e(StorageCrypto.TAG, "Key Exception : " + e11.getMessage());
                return null;
            }
        }

        private static SecretKey getKeyFromKeystore() throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException, UnrecoverableEntryException {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            KeyStore.SecretKeyEntry secretKeyEntry = (KeyStore.SecretKeyEntry) keyStore.getEntry("com.samsung.android.authfw_StorageCryptoV2Key", null);
            if (secretKeyEntry == null) {
                return null;
            }
            return secretKeyEntry.getSecretKey();
        }
    }

    public static String decrypt(String str) {
        f.f("input is invalid", !TextUtils.isEmpty(str) && str.length() > 8);
        int i2 = HEADER_LENGTH;
        String substring = str.substring(0, i2);
        String substring2 = str.substring(i2);
        substring.getClass();
        if (substring.equals("#%01####")) {
            return CryptoV1.decrypt(substring2);
        }
        if (substring.equals(HEADER_V2)) {
            return CryptoV2.decrypt(substring2);
        }
        throw new IllegalArgumentException("header is wrong");
    }

    public static String encrypt(String str) {
        return HEADER_V2 + CryptoV2.encrypt(str);
    }
}
