package com.agendrix.android.managers.biometric;

import android.os.Build;
import android.security.keystore.KeyPermanentlyInvalidatedException;
import android.security.keystore.KeyProtection;
import com.agendrix.android.managers.AppPreferences;
import com.google.gson.Gson;
import java.nio.charset.Charset;
import java.security.Key;
import java.security.KeyStore;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import kotlin.Metadata;
import kotlin.jvm.internal.Intrinsics;

/* compiled from: CryptographyManager.kt */
@Metadata(d1 = {"\u0000F\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u000e\n\u0002\b\u0002\n\u0002\u0010\u0012\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\b\n\u0002\u0010\u000b\n\u0002\b\u0004\u0018\u0000 \u001f2\u00020\u0001:\u0001\u001fB\u0005¢\u0006\u0002\u0010\u0002J\b\u0010\u0006\u001a\u00020\u0007H\u0016J\u0010\u0010\b\u001a\u00020\t2\u0006\u0010\n\u001a\u00020\u000bH\u0002J\u0018\u0010\f\u001a\u00020\u000b2\u0006\u0010\r\u001a\u00020\u000e2\u0006\u0010\u000f\u001a\u00020\u0010H\u0016J\u0010\u0010\u0011\u001a\u00020\u00072\u0006\u0010\n\u001a\u00020\u000bH\u0002J\u0018\u0010\u0012\u001a\u00020\u00132\u0006\u0010\u0014\u001a\u00020\u000b2\u0006\u0010\u000f\u001a\u00020\u0010H\u0016J\n\u0010\u0015\u001a\u0004\u0018\u00010\u0013H\u0016J\u0018\u0010\u0016\u001a\u00020\u00102\u0006\u0010\n\u001a\u00020\u000b2\u0006\u0010\u0017\u001a\u00020\u000eH\u0016J\u0010\u0010\u0018\u001a\u00020\u00102\u0006\u0010\n\u001a\u00020\u000bH\u0016J\u0010\u0010\u0019\u001a\u00020\t2\u0006\u0010\n\u001a\u00020\u000bH\u0002J\u0010\u0010\u001a\u001a\u00020\t2\u0006\u0010\n\u001a\u00020\u000bH\u0002J\u0010\u0010\u001b\u001a\u00020\u001c2\u0006\u0010\n\u001a\u00020\u000bH\u0016J\u0010\u0010\u001d\u001a\u00020\u00072\u0006\u0010\u001e\u001a\u00020\u0013H\u0016R\u0016\u0010\u0003\u001a\n \u0005*\u0004\u0018\u00010\u00040\u0004X\u0082\u0004¢\u0006\u0002\n\u0000¨\u0006 "}, d2 = {"Lcom/agendrix/android/managers/biometric/CryptographyManager;", "Lcom/agendrix/android/managers/biometric/CryptographyManagerInterface;", "()V", "keyStore", "Ljava/security/KeyStore;", "kotlin.jvm.PlatformType", "clearCipherTextWrapper", "", "createSecretKey", "Ljavax/crypto/SecretKey;", "keyName", "", "decryptData", "cipherText", "", "cipher", "Ljavax/crypto/Cipher;", "deleteSecretKey", "encryptData", "Lcom/agendrix/android/managers/biometric/CipherTextWrapper;", "plainText", "getCipherTextWrapperFromSharedPrefs", "getInitializedCipherForDecryption", "initializationVector", "getInitializedCipherForEncryption", "getSecretKeyForDecryption", "getSecretKeyForEncryption", "hasSecretKey", "", "persistCipherTextWrapperToSharedPrefs", "cipherTextWrapper", "Companion", "app_release"}, k = 1, mv = {1, 9, 0}, xi = 48)
/* loaded from: classes3.dex */
public final class CryptographyManager implements CryptographyManagerInterface {
    private static final String ANDROID_KEY_STORE = "AndroidKeyStore";
    private static final String ENCRYPTION_ALGORITHM = "AES";
    private static final String ENCRYPTION_BLOCK_MODE = "CBC";
    private static final String ENCRYPTION_PADDING = "PKCS7Padding";
    private static final String ENCRYPTION_TRANSFORMATION = "AES/CBC/PKCS7Padding";
    private static final int KEY_SIZE = 256;
    private final KeyStore keyStore;

    public CryptographyManager() {
        KeyStore keyStore = KeyStore.getInstance(ANDROID_KEY_STORE);
        keyStore.load(null);
        this.keyStore = keyStore;
    }

    private final SecretKey createSecretKey(String keyName) {
        KeyGenerator keyGenerator = KeyGenerator.getInstance(ENCRYPTION_ALGORITHM);
        keyGenerator.init(256);
        SecretKey generateKey = keyGenerator.generateKey();
        this.keyStore.setEntry("encrypt_" + keyName, new KeyStore.SecretKeyEntry(generateKey), new KeyProtection.Builder(1).setBlockModes(ENCRYPTION_BLOCK_MODE).setEncryptionPaddings(ENCRYPTION_PADDING).setRandomizedEncryptionRequired(true).build());
        KeyProtection.Builder builder = new KeyProtection.Builder(2);
        builder.setBlockModes(ENCRYPTION_BLOCK_MODE);
        builder.setEncryptionPaddings(ENCRYPTION_PADDING);
        builder.setUserAuthenticationRequired(true);
        builder.setRandomizedEncryptionRequired(true);
        if (Build.VERSION.SDK_INT >= 28) {
            builder.setUnlockedDeviceRequired(true);
        }
        if (Build.VERSION.SDK_INT >= 30) {
            builder.setUserAuthenticationParameters(0, 3);
        }
        KeyProtection build = builder.build();
        Intrinsics.checkNotNullExpressionValue(build, "build(...)");
        this.keyStore.setEntry("decrypt_" + keyName, new KeyStore.SecretKeyEntry(generateKey), build);
        Intrinsics.checkNotNull(generateKey);
        return generateKey;
    }

    private final void deleteSecretKey(String keyName) {
        this.keyStore.deleteEntry("encrypt_" + keyName);
        this.keyStore.deleteEntry("decrypt_" + keyName);
    }

    private final SecretKey getSecretKeyForDecryption(String keyName) {
        Key key = this.keyStore.getKey("decrypt_" + keyName, null);
        return key != null ? (SecretKey) key : createSecretKey(keyName);
    }

    private final SecretKey getSecretKeyForEncryption(String keyName) {
        Key key = this.keyStore.getKey("encrypt_" + keyName, null);
        return key != null ? (SecretKey) key : createSecretKey(keyName);
    }

    @Override // com.agendrix.android.managers.biometric.CryptographyManagerInterface
    public void clearCipherTextWrapper() {
        AppPreferences.getInstance().clearCipherTextWrapper();
    }

    @Override // com.agendrix.android.managers.biometric.CryptographyManagerInterface
    public String decryptData(byte[] cipherText, Cipher cipher) {
        Intrinsics.checkNotNullParameter(cipherText, "cipherText");
        Intrinsics.checkNotNullParameter(cipher, "cipher");
        byte[] doFinal = cipher.doFinal(cipherText);
        Intrinsics.checkNotNull(doFinal);
        Charset forName = Charset.forName("UTF-8");
        Intrinsics.checkNotNullExpressionValue(forName, "forName(...)");
        return new String(doFinal, forName);
    }

    @Override // com.agendrix.android.managers.biometric.CryptographyManagerInterface
    public CipherTextWrapper encryptData(String plainText, Cipher cipher) {
        Intrinsics.checkNotNullParameter(plainText, "plainText");
        Intrinsics.checkNotNullParameter(cipher, "cipher");
        Charset forName = Charset.forName("UTF-8");
        Intrinsics.checkNotNullExpressionValue(forName, "forName(...)");
        byte[] bytes = plainText.getBytes(forName);
        Intrinsics.checkNotNullExpressionValue(bytes, "getBytes(...)");
        byte[] doFinal = cipher.doFinal(bytes);
        Intrinsics.checkNotNull(doFinal);
        byte[] iv = cipher.getIV();
        Intrinsics.checkNotNullExpressionValue(iv, "getIV(...)");
        return new CipherTextWrapper(doFinal, iv);
    }

    @Override // com.agendrix.android.managers.biometric.CryptographyManagerInterface
    public CipherTextWrapper getCipherTextWrapperFromSharedPrefs() {
        return (CipherTextWrapper) new Gson().fromJson(AppPreferences.getInstance().getCipherTextWrapper(), CipherTextWrapper.class);
    }

    @Override // com.agendrix.android.managers.biometric.CryptographyManagerInterface
    public Cipher getInitializedCipherForDecryption(String keyName, byte[] initializationVector) {
        Intrinsics.checkNotNullParameter(keyName, "keyName");
        Intrinsics.checkNotNullParameter(initializationVector, "initializationVector");
        Cipher cipher = Cipher.getInstance(ENCRYPTION_TRANSFORMATION);
        try {
            cipher.init(2, getSecretKeyForDecryption(keyName), new IvParameterSpec(initializationVector));
            Intrinsics.checkNotNull(cipher);
            return cipher;
        } catch (KeyPermanentlyInvalidatedException e) {
            clearCipherTextWrapper();
            deleteSecretKey(keyName);
            createSecretKey(keyName);
            throw e;
        }
    }

    @Override // com.agendrix.android.managers.biometric.CryptographyManagerInterface
    public Cipher getInitializedCipherForEncryption(String keyName) {
        Intrinsics.checkNotNullParameter(keyName, "keyName");
        SecretKey secretKeyForEncryption = getSecretKeyForEncryption(keyName);
        Cipher cipher = Cipher.getInstance(ENCRYPTION_TRANSFORMATION);
        cipher.init(1, secretKeyForEncryption);
        Intrinsics.checkNotNull(cipher);
        return cipher;
    }

    @Override // com.agendrix.android.managers.biometric.CryptographyManagerInterface
    public boolean hasSecretKey(String keyName) {
        Intrinsics.checkNotNullParameter(keyName, "keyName");
        return this.keyStore.isKeyEntry(keyName);
    }

    @Override // com.agendrix.android.managers.biometric.CryptographyManagerInterface
    public void persistCipherTextWrapperToSharedPrefs(CipherTextWrapper cipherTextWrapper) {
        Intrinsics.checkNotNullParameter(cipherTextWrapper, "cipherTextWrapper");
        AppPreferences.getInstance().saveCipherTextWrapper(new Gson().toJson(cipherTextWrapper));
    }
}
