package com.ionicframework.IdentityVault;

import android.security.keystore.KeyPermanentlyInvalidatedException;
import android.util.Base64;
import com.bottlerocketstudios.vault.EncryptionConstants;
import java.nio.charset.StandardCharsets;
import java.security.InvalidKeyException;
import java.security.KeyStore;
import java.security.MessageDigest;
import java.security.SecureRandom;
import java.util.ArrayList;
import java.util.Collections;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.spec.GCMParameterSpec;
import kotlin.UByte;
import org.json.JSONObject;

/* loaded from: classes3.dex */
public class PairedAESKeysHelper {
    private static final String CIPHER_INSTANCE = "AES/GCM/NoPadding";

    private static String bytesToHexString(byte[] bArr) {
        StringBuilder sb = new StringBuilder();
        for (byte b : bArr) {
            String hexString = Integer.toHexString(b & UByte.MAX_VALUE);
            if (hexString.length() == 1) {
                sb.append('0');
            }
            sb.append(hexString);
        }
        return sb.toString();
    }

    /* JADX WARN: Code restructure failed: missing block: B:13:0x00a7, code lost:
    
        if (r8 == 1) goto L26;
     */
    /* JADX WARN: Code restructure failed: missing block: B:14:0x00a9, code lost:
    
        if (r8 == 2) goto L25;
     */
    /* JADX WARN: Code restructure failed: missing block: B:23:0x00ac, code lost:
    
        r0 = r6.setUserAuthenticationParameters(0, 3);
     */
    /* JADX WARN: Code restructure failed: missing block: B:24:0x00b1, code lost:
    
        r0 = r6.setUserAuthenticationParameters(0, 2);
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private static void createKeys(java.lang.String r9, java.lang.String r10) throws com.ionicframework.IdentityVault.VaultError {
        /*
            Method dump skipped, instructions count: 251
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.ionicframework.IdentityVault.PairedAESKeysHelper.createKeys(java.lang.String, java.lang.String):void");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static byte[] encodeBase64StringToBytes(String str) {
        return Base64.decode(str, 0);
    }

    protected static String encodeBytesToBase64String(byte[] bArr) {
        return Base64.encodeToString(bArr, 0);
    }

    protected static byte[] encodeStringToBase64Bytes(String str) {
        return Base64.decode(str.getBytes(StandardCharsets.UTF_8), 0);
    }

    public static String encryptMasterPasscode(String str, String str2, String str3) throws VaultError {
        try {
            createKeys(str, str2);
            KeyStore keyStore = KeyStore.getInstance(EncryptionConstants.ANDROID_KEY_STORE);
            keyStore.load(null);
            SecretKey secretKey = (SecretKey) keyStore.getKey(str + "-encrypt_key", null);
            Cipher cipher = Cipher.getInstance(CIPHER_INSTANCE);
            cipher.init(1, secretKey);
            byte[] iv = cipher.getIV();
            byte[] doFinal = cipher.doFinal(encodeStringToBase64Bytes(str3));
            JSONObject jSONObject = new JSONObject();
            jSONObject.put("encryptedPassword", encodeBytesToBase64String(doFinal));
            jSONObject.put("iv", encodeBytesToBase64String(iv));
            return jSONObject.toString();
        } catch (Exception e) {
            e.printStackTrace();
            throw new VaultError("PairedAESKeysHelper.encryptMasterPasscode, " + e);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static String generateSecurePassword() throws VaultError {
        try {
            SecureRandom secureRandom = new SecureRandom();
            ArrayList arrayList = new ArrayList();
            for (int i = 33; i < 127; i++) {
                if (i != 34 && i != 39 && i != 96) {
                    arrayList.add(Character.valueOf((char) i));
                }
            }
            Collections.rotate(arrayList, 5);
            StringBuilder sb = new StringBuilder();
            for (int i2 = 0; i2 < 15; i2++) {
                sb.append(arrayList.get(secureRandom.nextInt(arrayList.size())));
            }
            String sb2 = sb.toString();
            MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
            messageDigest.update(sb2.getBytes());
            return bytesToHexString(messageDigest.digest());
        } catch (Exception e) {
            e.printStackTrace();
            throw new VaultError("PairedAESKeysHelper.generateSecurePassword, " + e);
        }
    }

    public static Cipher getDecryptionCipher(String str, String str2) throws VaultError {
        try {
            byte[] encodeBase64StringToBytes = encodeBase64StringToBytes(str2);
            KeyStore keyStore = KeyStore.getInstance(EncryptionConstants.ANDROID_KEY_STORE);
            keyStore.load(null);
            SecretKey secretKey = (SecretKey) keyStore.getKey(str + "-decrypt_key", null);
            Cipher cipher = Cipher.getInstance(CIPHER_INSTANCE);
            cipher.init(2, secretKey, new GCMParameterSpec(128, encodeBase64StringToBytes));
            return cipher;
        } catch (KeyPermanentlyInvalidatedException unused) {
            throw new InvalidatedCredentialsError();
        } catch (InvalidKeyException e) {
            e.printStackTrace();
            throw new UnexpectedKeystoreError(e.getLocalizedMessage());
        } catch (Exception e2) {
            e2.printStackTrace();
            throw new VaultError("PairedAESKeysHelper.getDecryptionCipher, " + e2);
        }
    }
}
