package com.booking.identity.storage;

import android.security.keystore.KeyGenParameterSpec;
import com.booking.core.squeaks.Squeak;
import com.booking.identity.squeak.SqueaksKt;
import com.booking.identity.storage.MessageRow;
import com.datavisorobfus.r;
import java.nio.ByteBuffer;
import java.security.KeyStore;
import java.util.Arrays;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import kotlin.Result;
import kotlin.ResultKt;
import kotlin.Unit;
import kotlin.collections.ArraysKt___ArraysJvmKt;
import kotlin.jvm.functions.Function0;
import kotlin.jvm.functions.Function1;
import kotlin.jvm.functions.Function2;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.text.Charsets;

/* loaded from: classes.dex */
public final class IdentityEncryptor {
    public static final Companion Companion = new Companion(null);
    public final MessageRow.Algorithm algorithm;
    public final SecretKey key;
    public final byte[] signature;
    public final int version;

    /* loaded from: classes.dex */
    public final class Builder {
        public String alias;
        public Function2 errorListener = new Function2() { // from class: com.booking.identity.storage.IdentityEncryptor$Builder$errorListener$1
            @Override // kotlin.jvm.functions.Function2
            public final Object invoke(Object obj, Object obj2) {
                r.checkNotNullParameter((String) obj, "<anonymous parameter 0>");
                r.checkNotNullParameter((Throwable) obj2, "<anonymous parameter 1>");
                return Unit.INSTANCE;
            }
        };
        public String provider;
        public boolean recreate;

        public final IdentityEncryptor createEncryptor(KeyStore keyStore) {
            Object createFailure;
            Object createFailure2;
            String str;
            Object obj = null;
            try {
                int i = Result.$r8$clinit;
                str = this.alias;
            } catch (Throwable th) {
                int i2 = Result.$r8$clinit;
                createFailure = ResultKt.createFailure(th);
            }
            if (str == null) {
                r.throwUninitializedPropertyAccessException("alias");
                throw null;
            }
            KeyStore.Entry entry = keyStore.getEntry(str, null);
            r.checkNotNull$1(entry, "null cannot be cast to non-null type java.security.KeyStore.SecretKeyEntry");
            createFailure = ((KeyStore.SecretKeyEntry) entry).getSecretKey();
            Throwable m832exceptionOrNullimpl = Result.m832exceptionOrNullimpl(createFailure);
            if (m832exceptionOrNullimpl != null) {
                SqueaksKt.idpWarning("identity_encryptor_key_not_loaded", m832exceptionOrNullimpl, new Function1() { // from class: com.booking.identity.squeak.SqueaksKt$idpWarning$2
                    @Override // kotlin.jvm.functions.Function1
                    public final Object invoke(Object obj2) {
                        r.checkNotNullParameter((Squeak.Builder) obj2, "$this$null");
                        return Unit.INSTANCE;
                    }
                });
                this.errorListener.invoke("Key can't be loaded", m832exceptionOrNullimpl);
                createFailure = recreateKey(keyStore);
                if (createFailure == null) {
                    return null;
                }
            }
            SecretKey secretKey = (SecretKey) createFailure;
            try {
                r.checkNotNullExpressionValue(secretKey, "secretKey");
                createFailure2 = new IdentityEncryptor(secretKey);
            } catch (Throwable th2) {
                int i3 = Result.$r8$clinit;
                createFailure2 = ResultKt.createFailure(th2);
            }
            Throwable m832exceptionOrNullimpl2 = Result.m832exceptionOrNullimpl(createFailure2);
            if (m832exceptionOrNullimpl2 == null) {
                obj = createFailure2;
            } else {
                SqueaksKt.idpWarning("identity_encryptor_not_created", m832exceptionOrNullimpl2, new Function1() { // from class: com.booking.identity.squeak.SqueaksKt$idpWarning$2
                    @Override // kotlin.jvm.functions.Function1
                    public final Object invoke(Object obj2) {
                        r.checkNotNullParameter((Squeak.Builder) obj2, "$this$null");
                        return Unit.INSTANCE;
                    }
                });
                this.errorListener.invoke("Identity Encryptor can not be created", m832exceptionOrNullimpl2);
            }
            return (IdentityEncryptor) obj;
        }

        public final IdentityEncryptor doBuild() {
            Object obj;
            KeyStore keyStore;
            String str;
            String str2 = this.provider;
            if (str2 == null) {
                throw new IllegalStateException("KeyStore Provider is not assigned to IdentityEncryptor".toString());
            }
            if (this.alias == null) {
                throw new IllegalStateException("Key alias is not assigned to IdentityEncryptor".toString());
            }
            try {
                int i = Result.$r8$clinit;
                keyStore = KeyStore.getInstance(str2);
                keyStore.load(null, null);
                if (this.recreate) {
                    recreateKey(keyStore);
                }
                str = this.alias;
            } catch (Throwable th) {
                int i2 = Result.$r8$clinit;
                obj = ResultKt.createFailure(th);
            }
            if (str == null) {
                r.throwUninitializedPropertyAccessException("alias");
                throw null;
            }
            boolean containsAlias = keyStore.containsAlias(str);
            obj = keyStore;
            if (!containsAlias) {
                generateKey();
                obj = keyStore;
            }
            Throwable m832exceptionOrNullimpl = Result.m832exceptionOrNullimpl(obj);
            if (m832exceptionOrNullimpl != null) {
                SqueaksKt.idpWarning("identity_encryptor_key_store_not_loaded", m832exceptionOrNullimpl, new Function1() { // from class: com.booking.identity.squeak.SqueaksKt$idpWarning$2
                    @Override // kotlin.jvm.functions.Function1
                    public final Object invoke(Object obj2) {
                        r.checkNotNullParameter((Squeak.Builder) obj2, "$this$null");
                        return Unit.INSTANCE;
                    }
                });
                this.errorListener.invoke("Error while loading key store or generating secret key", m832exceptionOrNullimpl);
                return null;
            }
            KeyStore keyStore2 = (KeyStore) obj;
            IdentityEncryptor createEncryptor = createEncryptor(keyStore2);
            if ((createEncryptor == null || !verifyEncryptor(createEncryptor)) && (recreateKey(keyStore2) == null || (createEncryptor = createEncryptor(keyStore2)) == null || !verifyEncryptor(createEncryptor))) {
                return null;
            }
            return createEncryptor;
        }

        public final SecretKey generateKey() {
            long nanoTime = System.nanoTime();
            String str = this.provider;
            if (str == null) {
                r.throwUninitializedPropertyAccessException("provider");
                throw null;
            }
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", str);
            String str2 = this.alias;
            if (str2 == null) {
                r.throwUninitializedPropertyAccessException("alias");
                throw null;
            }
            keyGenerator.init(new KeyGenParameterSpec.Builder(str2, 3).setBlockModes("CBC").setEncryptionPaddings("PKCS7Padding").setKeySize(128).setUserAuthenticationRequired(false).build());
            SecretKey generateKey = keyGenerator.generateKey();
            SqueaksKt.idpTimeKpi$default("identity_encryptor_secret_key_generation_end", nanoTime);
            r.checkNotNullExpressionValue(generateKey, "getInstance(\n           …rtTime)\n                }");
            return generateKey;
        }

        public final SecretKey recreateKey(KeyStore keyStore) {
            Object createFailure;
            String str;
            Object obj = null;
            try {
                int i = Result.$r8$clinit;
                str = this.alias;
            } catch (Throwable th) {
                int i2 = Result.$r8$clinit;
                createFailure = ResultKt.createFailure(th);
            }
            if (str == null) {
                r.throwUninitializedPropertyAccessException("alias");
                throw null;
            }
            if (keyStore.containsAlias(str)) {
                String str2 = this.alias;
                if (str2 == null) {
                    r.throwUninitializedPropertyAccessException("alias");
                    throw null;
                }
                keyStore.deleteEntry(str2);
            }
            createFailure = generateKey();
            Throwable m832exceptionOrNullimpl = Result.m832exceptionOrNullimpl(createFailure);
            if (m832exceptionOrNullimpl == null) {
                obj = createFailure;
            } else {
                SqueaksKt.idpWarning("identity_encryptor_key_not_created", m832exceptionOrNullimpl, new Function1() { // from class: com.booking.identity.squeak.SqueaksKt$idpWarning$2
                    @Override // kotlin.jvm.functions.Function1
                    public final Object invoke(Object obj2) {
                        r.checkNotNullParameter((Squeak.Builder) obj2, "$this$null");
                        return Unit.INSTANCE;
                    }
                });
                this.errorListener.invoke("Key can't be recreated", m832exceptionOrNullimpl);
            }
            return (SecretKey) obj;
        }

        public final boolean verifyEncryptor(IdentityEncryptor identityEncryptor) {
            Object createFailure;
            byte[] bArr = identityEncryptor.signature;
            try {
                int i = Result.$r8$clinit;
                createFailure = Boolean.valueOf(Arrays.equals(bArr, identityEncryptor.decryptBytes(identityEncryptor.encryptBytes(bArr))));
            } catch (Throwable th) {
                int i2 = Result.$r8$clinit;
                createFailure = ResultKt.createFailure(th);
            }
            Throwable m832exceptionOrNullimpl = Result.m832exceptionOrNullimpl(createFailure);
            if (m832exceptionOrNullimpl != null) {
                SqueaksKt.idpWarning("identity_encryptor_verification_error", m832exceptionOrNullimpl, new Function1() { // from class: com.booking.identity.squeak.SqueaksKt$idpWarning$2
                    @Override // kotlin.jvm.functions.Function1
                    public final Object invoke(Object obj2) {
                        r.checkNotNullParameter((Squeak.Builder) obj2, "$this$null");
                        return Unit.INSTANCE;
                    }
                });
                this.errorListener.invoke("Error while verifying encryptor", m832exceptionOrNullimpl);
                createFailure = Boolean.FALSE;
            }
            return ((Boolean) createFailure).booleanValue();
        }
    }

    /* loaded from: classes.dex */
    public final class Companion {
        public Companion(DefaultConstructorMarker defaultConstructorMarker) {
        }
    }

    public IdentityEncryptor(SecretKey secretKey) {
        MessageRow.Algorithm algorithm;
        r.checkNotNullParameter(secretKey, "key");
        this.key = secretKey;
        this.version = 1;
        MessageRow.Algorithm.Companion companion = MessageRow.Algorithm.Companion;
        String algorithm2 = secretKey.getAlgorithm();
        r.checkNotNullExpressionValue(algorithm2, "key.algorithm");
        companion.getClass();
        MessageRow.Algorithm[] values = MessageRow.Algorithm.values();
        int length = values.length;
        int i = 0;
        while (true) {
            if (i >= length) {
                algorithm = null;
                break;
            }
            algorithm = values[i];
            if (r.areEqual(algorithm.getKey(), algorithm2)) {
                break;
            } else {
                i++;
            }
        }
        this.algorithm = algorithm == null ? MessageRow.Algorithm.UNKNOWN : algorithm;
        byte[] bytes = "AES/CBC/PKCS7Padding".getBytes(Charsets.UTF_8);
        r.checkNotNullExpressionValue(bytes, "this as java.lang.String).getBytes(charset)");
        byte[] array = ByteBuffer.wrap(new byte[bytes.length + 1]).put((byte) 1).put(bytes).array();
        r.checkNotNullExpressionValue(array, "let {\n        val mode =…           .array()\n    }");
        this.signature = array;
    }

    public static void keyStoreWorkaroundForAndroid10(Function0 function0) {
        for (int i = 1; i < 5; i++) {
            try {
                int i2 = Result.$r8$clinit;
                function0.invoke();
                return;
            } catch (Throwable th) {
                int i3 = Result.$r8$clinit;
                Throwable m832exceptionOrNullimpl = Result.m832exceptionOrNullimpl(ResultKt.createFailure(th));
                if (m832exceptionOrNullimpl != null) {
                    SqueaksKt.idpWarning("identity_encryptor_cipher_failure_" + i, m832exceptionOrNullimpl, new Function1() { // from class: com.booking.identity.squeak.SqueaksKt$idpWarning$2
                        @Override // kotlin.jvm.functions.Function1
                        public final Object invoke(Object obj2) {
                            r.checkNotNullParameter((Squeak.Builder) obj2, "$this$null");
                            return Unit.INSTANCE;
                        }
                    });
                    Thread.sleep(100L);
                }
            }
        }
    }

    public final byte[] decryptBytes(byte[] bArr) {
        r.checkNotNullParameter(bArr, "bytes");
        final Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
        final byte[] copyOfRange = ArraysKt___ArraysJvmKt.copyOfRange(0, 16, bArr);
        byte[] copyOfRange2 = ArraysKt___ArraysJvmKt.copyOfRange(16, bArr.length, bArr);
        keyStoreWorkaroundForAndroid10(new Function0() { // from class: com.booking.identity.storage.IdentityEncryptor$decryptBytes$1
            /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
            {
                super(0);
            }

            @Override // kotlin.jvm.functions.Function0
            public final Object invoke() {
                cipher.init(2, this.key, new IvParameterSpec(copyOfRange));
                return Unit.INSTANCE;
            }
        });
        return cipher.doFinal(copyOfRange2);
    }

    public final byte[] encryptBytes(byte[] bArr) {
        r.checkNotNullParameter(bArr, "bytes");
        final Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
        keyStoreWorkaroundForAndroid10(new Function0() { // from class: com.booking.identity.storage.IdentityEncryptor$encryptBytes$1
            /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
            {
                super(0);
            }

            @Override // kotlin.jvm.functions.Function0
            public final Object invoke() {
                cipher.init(1, this.key);
                return Unit.INSTANCE;
            }
        });
        byte[] doFinal = cipher.doFinal(bArr);
        byte[] iv = cipher.getIV();
        ByteBuffer wrap = ByteBuffer.wrap(new byte[iv.length + doFinal.length]);
        wrap.put(iv);
        wrap.put(doFinal);
        byte[] array = wrap.array();
        r.checkNotNullExpressionValue(array, "buff.array()");
        return array;
    }
}
