package com.slacorp.eptt.android.common.a0;

import android.annotation.TargetApi;
import android.content.Context;
import android.content.SharedPreferences;
import android.os.AsyncTask;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import android.util.Log;
import com.kyocera.mdm.MdmPolicyManager;
import com.slacorp.eptt.jcommon.Debugger;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.security.spec.RSAKeyGenParameterSpec;
import java.util.GregorianCalendar;
import java.util.UUID;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;

/* compiled from: KGCommUI */
/* loaded from: classes.dex */
public class a {

    /* renamed from: a, reason: collision with root package name */
    private static SharedPreferences f3025a = null;

    /* renamed from: b, reason: collision with root package name */
    private static final Object f3026b = new Object();

    /* renamed from: c, reason: collision with root package name */
    private static boolean f3027c = false;

    /* compiled from: KGCommUI */
    /* renamed from: com.slacorp.eptt.android.common.a0.a$a, reason: collision with other inner class name */
    /* loaded from: classes.dex */
    public static class AsyncTaskC0130a extends AsyncTask<String, String, String> {

        /* renamed from: a, reason: collision with root package name */
        private Context f3028a;

        /* renamed from: b, reason: collision with root package name */
        private InterfaceC0131a f3029b;

        /* compiled from: KGCommUI */
        /* renamed from: com.slacorp.eptt.android.common.a0.a$a$a, reason: collision with other inner class name */
        /* loaded from: classes.dex */
        public interface InterfaceC0131a {
            void a(Context context);
        }

        public AsyncTaskC0130a(Context context, InterfaceC0131a interfaceC0131a) {
            this.f3028a = context;
            this.f3029b = interfaceC0131a;
        }

        /* JADX INFO: Access modifiers changed from: protected */
        @Override // android.os.AsyncTask
        /* renamed from: a, reason: merged with bridge method [inline-methods] */
        public String doInBackground(String... strArr) {
            a.c(this.f3028a);
            return null;
        }

        /* JADX INFO: Access modifiers changed from: protected */
        @Override // android.os.AsyncTask
        /* renamed from: a, reason: merged with bridge method [inline-methods] */
        public void onPostExecute(String str) {
            this.f3029b.a(this.f3028a);
        }

        @Override // android.os.AsyncTask
        protected void onPreExecute() {
        }
    }

    public static String a(String str, String str2) {
        if (a()) {
            return str;
        }
        Debugger.i("KSH", "decryptAESData length =" + str.length());
        SecretKey g = g(str2);
        if (g == null) {
            return null;
        }
        try {
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
            byte[] decode = Base64.decode(str, 0);
            byte[] bArr = new byte[16];
            byte[] bArr2 = new byte[decode.length - 16];
            System.arraycopy(decode, 0, bArr, 0, 16);
            System.arraycopy(decode, 16, bArr2, 0, decode.length - 16);
            cipher.init(2, g, new IvParameterSpec(bArr));
            return new String(cipher.doFinal(bArr2));
        } catch (Exception e) {
            Debugger.e("KSH", "decryptAES failed to get cipher " + e);
            return null;
        }
    }

    private static void a(Context context) throws NoSuchProviderException, NoSuchAlgorithmException, InvalidAlgorithmParameterException {
        if (i()) {
            i("keys already exist for EPTT_KSH_ALIAS");
            return;
        }
        f3027c = true;
        i("create keys for EPTT_KSH_ALIAS");
        if (Build.VERSION.SDK_INT >= 23) {
            b("createkeys modern");
            b();
        } else {
            b("createkeys jellybean");
            b(context);
        }
        i("done creating keys for EPTT_KSH_ALIAS");
        f3027c = false;
    }

    private static boolean a() {
        return com.slacorp.eptt.android.common.device.a.d0();
    }

    public static boolean a(String str) {
        return a() || g(str) != null;
    }

    private static boolean a(SecretKey secretKey, String str) {
        return c(Base64.encodeToString(secretKey.getEncoded(), 0), str);
    }

    public static byte[] a(byte[] bArr) {
        if (a()) {
            return bArr;
        }
        Debugger.i("KSH", "decrypt key using master RSA key");
        try {
            PrivateKey h = h();
            Cipher g = g();
            g.init(2, h);
            return g.doFinal(bArr);
        } catch (Exception e) {
            Debugger.e("KSH", "Exception decrypting bdata with master key: ", e);
            return null;
        }
    }

    public static byte[] a(byte[] bArr, String str) {
        if (a()) {
            return bArr;
        }
        Debugger.i("KSH", "decryptAESData length =" + bArr.length);
        SecretKey g = g(str);
        if (g == null) {
            return null;
        }
        try {
            byte[] bArr2 = new byte[16];
            byte[] bArr3 = new byte[bArr.length - 16];
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
            System.arraycopy(bArr, 0, bArr2, 0, 16);
            System.arraycopy(bArr, 16, bArr3, 0, bArr.length - 16);
            cipher.init(2, g, new IvParameterSpec(bArr2));
            return cipher.doFinal(bArr3);
        } catch (Exception e) {
            Debugger.e("KSH", "decryptAESData failed to get cipher " + e);
            return null;
        }
    }

    public static String b(String str, String str2) {
        if (a()) {
            return str;
        }
        Debugger.i("KSH", "encryptAESData length =" + str.length());
        SecretKey g = g(str2);
        if (g == null) {
            g = d();
            if (g == null) {
                Debugger.e("KSH", "Failed to generate AES key for name = " + str2);
                return null;
            }
            a(g, str2);
        }
        try {
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
            cipher.init(1, g);
            byte[] doFinal = cipher.doFinal(str.getBytes());
            byte[] iv = cipher.getIV();
            byte[] bArr = new byte[doFinal.length + 16];
            System.arraycopy(iv, 0, bArr, 0, 16);
            System.arraycopy(doFinal, 0, bArr, 16, doFinal.length);
            return Base64.encodeToString(bArr, 0);
        } catch (Exception e) {
            Debugger.e("KSH", "encryptAES failed to get cipher " + e.toString());
            return null;
        }
    }

    @TargetApi(23)
    private static void b() {
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
            keyPairGenerator.initialize(new KeyGenParameterSpec.Builder("EPTT_KSH_ALIAS", 3).setAlgorithmParameterSpec(new RSAKeyGenParameterSpec(MdmPolicyManager.ALL_SYSTEM_DIALOG_DISABLE, RSAKeyGenParameterSpec.F4)).setBlockModes("CBC").setEncryptionPaddings("PKCS1Padding").setDigests("SHA-256", "SHA-384", "SHA-512").setUserAuthenticationRequired(false).build());
            Debugger.s("KSH", "Public Key is: " + keyPairGenerator.generateKeyPair().getPublic().toString());
        } catch (InvalidAlgorithmParameterException | NoSuchAlgorithmException | NoSuchProviderException e) {
            throw new RuntimeException(e);
        }
    }

    private static void b(Context context) throws NoSuchProviderException, NoSuchAlgorithmException, InvalidAlgorithmParameterException {
        GregorianCalendar gregorianCalendar = new GregorianCalendar();
        GregorianCalendar gregorianCalendar2 = new GregorianCalendar();
        gregorianCalendar2.add(1, 30);
        KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(context).setAlias("EPTT_KSH_ALIAS").setSubject(new X500Principal("CN=EPTT_KSH_ALIAS")).setSerialNumber(BigInteger.valueOf(Math.abs("EPTT_KSH_ALIAS".hashCode()))).setStartDate(gregorianCalendar.getTime()).setEndDate(gregorianCalendar2.getTime()).build();
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
        keyPairGenerator.initialize(build);
        Debugger.s("KSH", "Public Key is: " + keyPairGenerator.generateKeyPair().getPublic().toString());
    }

    private static void b(String str) {
        if (Debugger.getInstance() == null) {
            Log.i("KSH", str);
        } else {
            Debugger.i("KSH", str);
        }
    }

    public static byte[] b(byte[] bArr) {
        if (a()) {
            return bArr;
        }
        Debugger.i("KSH", "encrypt key using master RSA key");
        try {
            Certificate f = f();
            if (f == null) {
                return null;
            }
            PublicKey publicKey = f.getPublicKey();
            Cipher g = g();
            g.init(1, publicKey);
            return g.doFinal(bArr);
        } catch (Exception e) {
            Debugger.e("KSH", "Exception encrypting bdata with master key: ", e);
            return null;
        }
    }

    public static byte[] b(byte[] bArr, String str) {
        if (a()) {
            return bArr;
        }
        Debugger.i("KSH", "encryptAESData length =" + bArr.length);
        SecretKey g = g(str);
        if (g == null) {
            g = d();
            if (g == null) {
                Debugger.e("KSH", "Failed to generate AES key for name = " + str);
                return null;
            }
            a(g, str);
        }
        try {
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
            cipher.init(1, g);
            byte[] doFinal = cipher.doFinal(bArr);
            byte[] iv = cipher.getIV();
            byte[] bArr2 = new byte[doFinal.length + 16];
            System.arraycopy(iv, 0, bArr2, 0, 16);
            System.arraycopy(doFinal, 0, bArr2, 16, doFinal.length);
            return bArr2;
        } catch (Exception e) {
            Debugger.e("KSH", "encryptAES failed to get cipher " + e);
            return null;
        }
    }

    private static String c(String str) {
        if (a()) {
            return str;
        }
        Debugger.i("KSH", "decrypt key using master RSA key");
        try {
            PrivateKey h = h();
            Cipher g = g();
            g.init(2, h);
            return new String(g.doFinal(Base64.decode(str, 0)));
        } catch (Exception e) {
            Debugger.e("KSH", "Exception decrypting data with master key: ", e);
            return null;
        }
    }

    public static void c() {
        if (a()) {
            return;
        }
        Debugger.w("KSH", "destroy");
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            keyStore.deleteEntry("EPTT_KSH_ALIAS");
        } catch (Exception e) {
            Debugger.w("KSH", "Fail destroy: deleteEntry: " + e.getMessage(), e);
        }
        f("config_key_json");
        f("config_key_json_provision");
        f("dbkey");
        f("MESSAGES_KEY");
        f("RECENTS_KEY");
    }

    public static void c(Context context) {
        if (a()) {
            i("Bypass KeyStoreHelper enabled");
            return;
        }
        synchronized (f3026b) {
            if (f3025a == null) {
                f3025a = context.getSharedPreferences("eschat-prefs", 0);
            }
            try {
                a(context);
            } catch (Exception e) {
                e("Failed to create key store helper. WE ARE DOOMED: " + e.toString());
            }
        }
    }

    public static boolean c(String str, String str2) {
        Debugger.i("KSH", "storeKey key for name = " + str2);
        Debugger.i("KSH", "storeKey key length before encryption " + str.length());
        if (f3025a == null) {
            Debugger.w("KSH", "sharedPref is null");
            return false;
        }
        String d2 = d(str);
        if (d2 == null) {
            Debugger.e("KSH", "Failed to store key for " + str2);
            return false;
        }
        SharedPreferences.Editor edit = f3025a.edit();
        Debugger.i("KSH", "storeKey encrypted key bytes length " + d2.length());
        edit.putString(str2, d2);
        return edit.commit();
    }

    private static String d(String str) {
        if (a()) {
            return str;
        }
        Debugger.i("KSH", "encrypt key using master RSA key");
        try {
            Certificate f = f();
            if (f == null) {
                return null;
            }
            PublicKey publicKey = f.getPublicKey();
            Cipher g = g();
            g.init(1, publicKey);
            return Base64.encodeToString(g.doFinal(str.getBytes()), 0);
        } catch (Exception e) {
            Debugger.e("KSH", "Exception encrypting data with master key: ", e);
            return null;
        }
    }

    private static SecretKey d() {
        Debugger.i("KSH", "generateAesKey key");
        try {
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
            keyGenerator.init(256);
            SecretKey generateKey = keyGenerator.generateKey();
            Debugger.i("KSH", "generateAesKey key = " + generateKey.getEncoded().length);
            return generateKey;
        } catch (Exception unused) {
            return null;
        }
    }

    public static String e() {
        Debugger.i("KSH", "generatePassword");
        return UUID.randomUUID().toString();
    }

    private static void e(String str) {
        if (Debugger.getInstance() == null) {
            Log.e("KSH", str);
        } else {
            Debugger.e("KSH", str);
        }
    }

    private static Certificate f() {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            return keyStore.getCertificate("EPTT_KSH_ALIAS");
        } catch (Exception e) {
            Debugger.s("KSH", "Fail getCertificate: EPTT_KSH_ALIAS");
            Debugger.e("KSH", e.getMessage(), e);
            return null;
        }
    }

    public static void f(String str) {
        Debugger.i("KSH", "removeKey for name = " + str);
        SharedPreferences sharedPreferences = f3025a;
        if (sharedPreferences == null) {
            Debugger.w("KSH", "sharedPref is null");
            return;
        }
        SharedPreferences.Editor edit = sharedPreferences.edit();
        edit.remove(str);
        edit.commit();
    }

    private static Cipher g() throws NoSuchPaddingException, NoSuchAlgorithmException {
        return Cipher.getInstance(String.format("%s/%s/%s", "RSA", "NONE", "PKCS1Padding"));
    }

    private static SecretKey g(String str) {
        String h = h(str);
        if (h == null || h.length() <= 0) {
            Debugger.w("KSH", "retrieveAESKey error retrieving key for name = " + str);
            return null;
        }
        SecretKeySpec secretKeySpec = new SecretKeySpec(Base64.decode(h, 0), "AES");
        Debugger.i("KSH", "retrieveAesKey key bytes length " + secretKeySpec.getEncoded().length);
        return secretKeySpec;
    }

    public static String h(String str) {
        Debugger.i("KSH", "retrieveKey retrieving key for name = " + str);
        SharedPreferences sharedPreferences = f3025a;
        if (sharedPreferences == null) {
            Debugger.w("KSH", "sharedPref is null");
            return null;
        }
        String string = sharedPreferences.getString(str, null);
        if (string != null && string.length() > 0) {
            return c(string);
        }
        Debugger.w("KSH", "retrieveKey error retrieving key for name = " + str);
        return null;
    }

    private static PrivateKey h() {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            return (PrivateKey) keyStore.getKey("EPTT_KSH_ALIAS", null);
        } catch (Exception e) {
            Debugger.s("KSH", "Fail getPrivateKey: EPTT_KSH_ALIAS");
            Debugger.e("KSH", e.getMessage(), e);
            return null;
        }
    }

    private static void i(String str) {
        if (Debugger.getInstance() == null) {
            Log.w("KSH", str);
        } else {
            Debugger.w("KSH", str);
        }
    }

    public static boolean i() {
        if (a()) {
            return true;
        }
        b("isSigningKey alias=EPTT_KSH_ALIAS, creating=" + f3027c);
        if (f3027c) {
            return false;
        }
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            return keyStore.containsAlias("EPTT_KSH_ALIAS");
        } catch (Exception e) {
            Debugger.w("KSH", e.getMessage(), e);
            return false;
        }
    }
}
