package r10.one.auth.internal;

import android.app.KeyguardManager;
import android.content.Context;
import android.content.SharedPreferences;
import android.os.Build;
import android.security.keystore.KeyPermanentlyInvalidatedException;
import android.security.keystore.KeyProtection;
import android.security.keystore.UserNotAuthenticatedException;
import java.security.Key;
import java.security.KeyStore;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.GCMParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import kotlin.collections.ArraysKt___ArraysJvmKt;
import kotlin.jvm.functions.Function1;
import kotlin.jvm.functions.Function2;
import kotlin.jvm.functions.Function3;
import kotlin.jvm.functions.Function6;
import kotlin.jvm.internal.Intrinsics;
import kotlin.jvm.internal.Lambda;
import r10.one.auth.e1;

/* compiled from: AndroidKeystore.kt */
/* loaded from: classes3.dex */
public final class a implements h {

    /* renamed from: a, reason: collision with root package name */
    public static final a f20583a = new a();

    /* renamed from: b, reason: collision with root package name */
    private static final KeyStore f20584b = KeyStore.getInstance("AndroidKeyStore");

    /* renamed from: c, reason: collision with root package name */
    private static final Function2<Integer, Key, Cipher> f20585c = c.f20592d;

    /* renamed from: d, reason: collision with root package name */
    private static final Function2<Integer, Key, Cipher> f20586d = b.f20591d;

    /* renamed from: e, reason: collision with root package name */
    private static final Function6<Context, Integer, Boolean, String, String, i, byte[]> f20587e = C0402a.f20590d;

    /* renamed from: f, reason: collision with root package name */
    private static final Function3<Context, Integer, Boolean, i> f20588f = d.f20593d;

    /* renamed from: g, reason: collision with root package name */
    private static final Function1<Context, f> f20589g = e.f20594d;

    /* compiled from: AndroidKeystore.kt */
    /* renamed from: r10.one.auth.internal.a$a, reason: collision with other inner class name */
    /* loaded from: classes3.dex */
    static final class C0402a extends Lambda implements Function6<Context, Integer, Boolean, String, String, i, byte[]> {

        /* renamed from: d, reason: collision with root package name */
        public static final C0402a f20590d = new C0402a();

        C0402a() {
            super(6);
        }

        public final byte[] a(Context context, int i2, boolean z, String str, String str2, i iVar) {
            SharedPreferences sharedPreferences = context.getSharedPreferences("r10.one.auth.master_key", 0);
            byte[] b2 = iVar.b();
            String a2 = r10.one.auth.internal.j.a.a(iVar.c().b());
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
            keyGenerator.init(256);
            SecretKey generateKey = keyGenerator.generateKey();
            byte[] doFinal = ((Cipher) a.f20585c.invoke(1, generateKey)).doFinal(b2);
            KeyProtection.Builder encryptionPaddings = new KeyProtection.Builder(3).setBlockModes("GCM").setEncryptionPaddings("NoPadding");
            Object systemService = context.getSystemService("keyguard");
            KeyguardManager keyguardManager = systemService instanceof KeyguardManager ? (KeyguardManager) systemService : null;
            if (keyguardManager != null) {
                if (keyguardManager.isDeviceSecure()) {
                    encryptionPaddings.setUserAuthenticationRequired(z);
                    if (Build.VERSION.SDK_INT > 29) {
                        encryptionPaddings.setUserAuthenticationParameters(i2, 3);
                    } else {
                        encryptionPaddings.setUserAuthenticationValidityDurationSeconds(i2);
                    }
                }
                KeyStore keyStore = a.f20584b;
                keyStore.load(null);
                keyStore.setEntry(a2, new KeyStore.SecretKeyEntry(generateKey), encryptionPaddings.build());
                SharedPreferences.Editor edit = sharedPreferences.edit();
                edit.putString(str, a2);
                edit.putString(str2, r10.one.auth.internal.j.a.a(doFinal));
                edit.putBoolean(Intrinsics.stringPlus(str2, "_require_auth"), z);
                edit.apply();
            }
            return b2;
        }

        @Override // kotlin.jvm.functions.Function6
        public /* bridge */ /* synthetic */ byte[] invoke(Context context, Integer num, Boolean bool, String str, String str2, i iVar) {
            return a(context, num.intValue(), bool.booleanValue(), str, str2, iVar);
        }
    }

    /* compiled from: AndroidKeystore.kt */
    /* loaded from: classes3.dex */
    static final class b extends Lambda implements Function2<Integer, Key, Cipher> {

        /* renamed from: d, reason: collision with root package name */
        public static final b f20591d = new b();

        b() {
            super(2);
        }

        public final Cipher a(int i2, Key key) {
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            cipher.init(i2, key);
            return cipher;
        }

        @Override // kotlin.jvm.functions.Function2
        public /* bridge */ /* synthetic */ Cipher invoke(Integer num, Key key) {
            return a(num.intValue(), key);
        }
    }

    /* compiled from: AndroidKeystore.kt */
    /* loaded from: classes3.dex */
    static final class c extends Lambda implements Function2<Integer, Key, Cipher> {

        /* renamed from: d, reason: collision with root package name */
        public static final c f20592d = new c();

        c() {
            super(2);
        }

        public final Cipher a(int i2, Key key) {
            byte[] bArr = new byte[12];
            ArraysKt___ArraysJvmKt.fill$default(bArr, (byte) 9, 0, 0, 6, (Object) null);
            Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
            cipher.init(i2, key, new GCMParameterSpec(128, bArr));
            return cipher;
        }

        @Override // kotlin.jvm.functions.Function2
        public /* bridge */ /* synthetic */ Cipher invoke(Integer num, Key key) {
            return a(num.intValue(), key);
        }
    }

    /* compiled from: AndroidKeystore.kt */
    /* loaded from: classes3.dex */
    static final class d extends Lambda implements Function3<Context, Integer, Boolean, i> {

        /* renamed from: d, reason: collision with root package name */
        public static final d f20593d = new d();

        d() {
            super(3);
        }

        public final i a(Context context, int i2, boolean z) {
            a aVar = a.f20583a;
            boolean z2 = aVar.p(context) && !z;
            i iVar = new i();
            byte[] l = aVar.l(context, "alias", "key", z2);
            if (l == null) {
                l = aVar.o().invoke(context, Integer.valueOf(i2), Boolean.valueOf(z2), "alias", "key", iVar);
            }
            return new i(l);
        }

        @Override // kotlin.jvm.functions.Function3
        public /* bridge */ /* synthetic */ i invoke(Context context, Integer num, Boolean bool) {
            return a(context, num.intValue(), bool.booleanValue());
        }
    }

    /* compiled from: AndroidKeystore.kt */
    /* loaded from: classes3.dex */
    static final class e extends Lambda implements Function1<Context, f> {

        /* renamed from: d, reason: collision with root package name */
        public static final e f20594d = new e();

        e() {
            super(1);
        }

        @Override // kotlin.jvm.functions.Function1
        /* renamed from: a, reason: merged with bridge method [inline-methods] */
        public final f invoke(Context context) {
            String string = context.getSharedPreferences("r10.one.auth.master_key", 0).getString("alias", null);
            if (string == null) {
                return null;
            }
            return new f(r10.one.auth.internal.j.a.b(string));
        }
    }

    private a() {
    }

    /* JADX INFO: Access modifiers changed from: private */
    public final byte[] l(Context context, String str, String str2, boolean z) {
        String string;
        SharedPreferences sharedPreferences = context.getSharedPreferences("r10.one.auth.master_key", 0);
        if (sharedPreferences.contains(Intrinsics.stringPlus(str2, "_require_auth")) && sharedPreferences.getBoolean(Intrinsics.stringPlus(str2, "_require_auth"), false) != z) {
            a(context);
            return null;
        }
        try {
            String string2 = sharedPreferences.getString(str, null);
            if (string2 == null) {
                return null;
            }
            KeyStore keyStore = f20584b;
            keyStore.load(null);
            Key key = keyStore.getKey(string2, null);
            if (key != null && (string = sharedPreferences.getString(str2, null)) != null) {
                return f20585c.invoke(2, key).doFinal(r10.one.auth.internal.j.a.b(string));
            }
            return null;
        } catch (KeyPermanentlyInvalidatedException unused) {
            return null;
        } catch (UserNotAuthenticatedException e2) {
            throw new e1(e2);
        }
    }

    static /* synthetic */ byte[] m(a aVar, Context context, String str, String str2, boolean z, int i2, Object obj) {
        if ((i2 & 8) != 0) {
            z = false;
        }
        return aVar.l(context, str, str2, z);
    }

    private final byte[] n(Context context) {
        byte[] a2 = r10.one.auth.internal.b.a(new byte[32]);
        f20587e.invoke(context, 0, Boolean.FALSE, "metadata_alias", "metadata_key", new i(a2));
        return a2;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public final boolean p(Context context) {
        KeyguardManager keyguardManager = (KeyguardManager) context.getSystemService("keyguard");
        return keyguardManager != null && keyguardManager.isDeviceSecure();
    }

    @Override // r10.one.auth.internal.h
    public void a(Context context) {
        SharedPreferences.Editor edit = context.getSharedPreferences("r10.one.auth.master_key", 0).edit();
        edit.remove("alias");
        edit.remove("key").apply();
    }

    @Override // r10.one.auth.internal.h
    public Function1<Context, f> b() {
        return f20589g;
    }

    @Override // r10.one.auth.internal.h
    public Ed25519KeyPair c(String str, Context context) {
        byte[] m = m(this, context, Intrinsics.stringPlus("alias_ephemeral_", str), Intrinsics.stringPlus("key_ephemeral_", str), false, 8, null);
        if (m == null) {
            return null;
        }
        return Ed25519KeyPair.INSTANCE.b(m);
    }

    @Override // r10.one.auth.internal.h
    public Function3<Context, Integer, Boolean, i> d() {
        return f20588f;
    }

    @Override // r10.one.auth.internal.h
    public Ed25519KeyPair e(Context context) {
        byte[] a2 = r10.one.auth.internal.b.a(new byte[32]);
        Ed25519KeyPair b2 = Ed25519KeyPair.INSTANCE.b(a2);
        f20587e.invoke(context, 0, Boolean.FALSE, Intrinsics.stringPlus("alias_ephemeral_", b2.getKid()), Intrinsics.stringPlus("key_ephemeral_", b2.getKid()), new i(a2));
        return b2;
    }

    @Override // r10.one.auth.internal.h
    public Key f(Context context) {
        byte[] m = m(this, context, "metadata_alias", "metadata_key", false, 8, null);
        if (m == null) {
            m = n(context);
        }
        return new SecretKeySpec(m, "AES");
    }

    @Override // r10.one.auth.internal.h
    public void g(Context context, String str) {
        SharedPreferences.Editor edit = context.getSharedPreferences("r10.one.auth.master_key", 0).edit();
        edit.remove(Intrinsics.stringPlus("alias_ephemeral_", str));
        edit.remove(Intrinsics.stringPlus("key_ephemeral_", str)).apply();
    }

    public final Function6<Context, Integer, Boolean, String, String, i, byte[]> o() {
        return f20587e;
    }
}
