package com.trifork.timencryptedstorage.shared;

import android.security.keystore.KeyPermanentlyInvalidatedException;
import com.google.firebase.messaging.Constants;
import com.trifork.timencryptedstorage.helpers.TIMEncryptedStorageLogger;
import com.trifork.timencryptedstorage.models.TIMResult;
import com.trifork.timencryptedstorage.models.TIMResultKt;
import com.trifork.timencryptedstorage.models.errors.TIMEncryptedStorageError;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import kotlin.Metadata;
import kotlin.NoWhenBranchMatchedException;
import kotlin.jvm.internal.Intrinsics;
import kotlin.text.StringsKt;

/* compiled from: BiometricCipherHelper.kt */
@Metadata(d1 = {"\u0000<\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u000e\n\u0000\n\u0002\u0010\u0012\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u0002\n\u0002\b\b\u0018\u0000 \u00182\u00020\u0001:\u0002\u0017\u0018B\r\u0012\u0006\u0010\u0002\u001a\u00020\u0003¢\u0006\u0002\u0010\u0004J\u001c\u0010\u0005\u001a\u000e\u0012\u0004\u0012\u00020\u0007\u0012\u0004\u0012\u00020\b0\u00062\u0006\u0010\t\u001a\u00020\nH\u0002J\"\u0010\u000b\u001a\u000e\u0012\u0004\u0012\u00020\f\u0012\u0004\u0012\u00020\b0\u00062\u0006\u0010\r\u001a\u00020\u000e2\u0006\u0010\u000f\u001a\u00020\fJ\u000e\u0010\u0010\u001a\u00020\u00112\u0006\u0010\t\u001a\u00020\nJ\"\u0010\u0012\u001a\u000e\u0012\u0004\u0012\u00020\f\u0012\u0004\u0012\u00020\b0\u00062\u0006\u0010\r\u001a\u00020\u000e2\u0006\u0010\u000f\u001a\u00020\fJ\u0014\u0010\u0013\u001a\u000e\u0012\u0004\u0012\u00020\u000e\u0012\u0004\u0012\u00020\b0\u0006H\u0002J\"\u0010\u0014\u001a\u000e\u0012\u0004\u0012\u00020\u000e\u0012\u0004\u0012\u00020\b0\u00062\u0006\u0010\t\u001a\u00020\n2\u0006\u0010\u0015\u001a\u00020\fJ\u001a\u0010\u0016\u001a\u000e\u0012\u0004\u0012\u00020\u000e\u0012\u0004\u0012\u00020\b0\u00062\u0006\u0010\t\u001a\u00020\nR\u000e\u0010\u0002\u001a\u00020\u0003X\u0082\u0004¢\u0006\u0002\n\u0000¨\u0006\u0019"}, d2 = {"Lcom/trifork/timencryptedstorage/shared/BiometricCipherHelper;", "", "logger", "Lcom/trifork/timencryptedstorage/helpers/TIMEncryptedStorageLogger;", "(Lcom/trifork/timencryptedstorage/helpers/TIMEncryptedStorageLogger;)V", "createCipherAndSecretKey", "Lcom/trifork/timencryptedstorage/models/TIMResult;", "Lcom/trifork/timencryptedstorage/shared/BiometricCipherHelper$CipherSecretKey;", "Lcom/trifork/timencryptedstorage/models/errors/TIMEncryptedStorageError;", "keyId", "", "decrypt", "", "cipher", "Ljavax/crypto/Cipher;", Constants.ScionAnalytics.MessageType.DATA_MESSAGE, "deleteSecretKey", "", "encrypt", "getCipherInstance", "getInitializedCipherForDecryption", "initializationVector", "getInitializedCipherForEncryption", "CipherSecretKey", "Companion", "library_release"}, k = 1, mv = {1, 7, 1}, xi = 48)
/* loaded from: classes2.dex */
public final class BiometricCipherHelper {
    private static final String TAG = "BiometricCipherHelper";
    private final TIMEncryptedStorageLogger logger;

    /* compiled from: BiometricCipherHelper.kt */
    @Metadata(d1 = {"\u0000\u0018\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0006\b\u0000\u0018\u00002\u00020\u0001B\u0015\u0012\u0006\u0010\u0002\u001a\u00020\u0003\u0012\u0006\u0010\u0004\u001a\u00020\u0005¢\u0006\u0002\u0010\u0006R\u0011\u0010\u0002\u001a\u00020\u0003¢\u0006\b\n\u0000\u001a\u0004\b\u0007\u0010\bR\u0011\u0010\u0004\u001a\u00020\u0005¢\u0006\b\n\u0000\u001a\u0004\b\t\u0010\n¨\u0006\u000b"}, d2 = {"Lcom/trifork/timencryptedstorage/shared/BiometricCipherHelper$CipherSecretKey;", "", "cipher", "Ljavax/crypto/Cipher;", "secretKey", "Ljavax/crypto/SecretKey;", "(Ljavax/crypto/Cipher;Ljavax/crypto/SecretKey;)V", "getCipher", "()Ljavax/crypto/Cipher;", "getSecretKey", "()Ljavax/crypto/SecretKey;", "library_release"}, k = 1, mv = {1, 7, 1}, xi = 48)
    /* loaded from: classes2.dex */
    public static final class CipherSecretKey {
        private final Cipher cipher;
        private final SecretKey secretKey;

        public CipherSecretKey(Cipher cipher, SecretKey secretKey) {
            Intrinsics.checkNotNullParameter(cipher, "cipher");
            Intrinsics.checkNotNullParameter(secretKey, "secretKey");
            this.cipher = cipher;
            this.secretKey = secretKey;
        }

        public final Cipher getCipher() {
            return this.cipher;
        }

        public final SecretKey getSecretKey() {
            return this.secretKey;
        }
    }

    public BiometricCipherHelper(TIMEncryptedStorageLogger logger) {
        Intrinsics.checkNotNullParameter(logger, "logger");
        this.logger = logger;
    }

    /* JADX WARN: Multi-variable type inference failed */
    private final TIMResult<CipherSecretKey, TIMEncryptedStorageError> createCipherAndSecretKey(String keyId) {
        TIMResult cipherInstance = getCipherInstance();
        TIMEncryptedStorageLogger.DefaultImpls.log$default(this.logger, 3, TAG, "createCipherAndSecretKey: cipherResult: " + cipherInstance, null, 8, null);
        if (cipherInstance instanceof TIMResult.Failure) {
            return cipherInstance;
        }
        if (!(cipherInstance instanceof TIMResult.Success)) {
            throw new NoWhenBranchMatchedException();
        }
        Cipher cipher = (Cipher) ((TIMResult.Success) cipherInstance).getValue();
        TIMResult orCreateSecretKey = SecretKeyHelper.INSTANCE.getOrCreateSecretKey(keyId);
        TIMEncryptedStorageLogger.DefaultImpls.log$default(this.logger, 3, TAG, "createCipherAndSecretKey: secretKeyResult: " + orCreateSecretKey, null, 8, null);
        if (orCreateSecretKey instanceof TIMResult.Failure) {
            return orCreateSecretKey;
        }
        if (orCreateSecretKey instanceof TIMResult.Success) {
            return TIMResultKt.toTIMSuccess(new CipherSecretKey(cipher, (SecretKey) ((TIMResult.Success) orCreateSecretKey).getValue()));
        }
        throw new NoWhenBranchMatchedException();
    }

    private final TIMResult<Cipher, TIMEncryptedStorageError> getCipherInstance() {
        try {
            return TIMResultKt.toTIMSuccess(Cipher.getInstance(BiometricCipherConstants.cipherTransformation));
        } catch (Throwable th) {
            TIMEncryptedStorageLogger.DefaultImpls.log$default(this.logger, 3, TAG, "getCipherInstance: throwable: " + th, null, 8, null);
            return TIMResultKt.toTIMFailure(new TIMEncryptedStorageError.InvalidCipher(th));
        }
    }

    public final TIMResult<byte[], TIMEncryptedStorageError> decrypt(Cipher cipher, byte[] data) {
        Intrinsics.checkNotNullParameter(cipher, "cipher");
        Intrinsics.checkNotNullParameter(data, "data");
        try {
            return TIMResultKt.toTIMSuccess(cipher.doFinal(data));
        } catch (IllegalBlockSizeException e) {
            Throwable cause = e.getCause();
            if (cause != null) {
                String message = cause.getMessage();
                boolean z = false;
                if (message != null && StringsKt.contains$default((CharSequence) message, (CharSequence) "Key user not authenticated", false, 2, (Object) null)) {
                    z = true;
                }
                if (z) {
                    TIMEncryptedStorageLogger.DefaultImpls.log$default(this.logger, 3, TAG, "decrypt threw: IllegalBlockSizeException with KeyStoreException as cause exception: " + e, null, 8, null);
                    return TIMResultKt.toTIMFailure(new TIMEncryptedStorageError.UnrecoverablyFailedToDecrypt(e));
                }
            }
            TIMEncryptedStorageLogger.DefaultImpls.log$default(this.logger, 3, TAG, "decrypt threw: IllegalBlockSizeException: " + e, null, 8, null);
            return TIMResultKt.toTIMFailure(new TIMEncryptedStorageError.FailedToEncryptData(e));
        } catch (Throwable th) {
            TIMEncryptedStorageLogger.DefaultImpls.log$default(this.logger, 3, TAG, "encrypt decrypt: " + th, null, 8, null);
            return TIMResultKt.toTIMFailure(new TIMEncryptedStorageError.FailedToDecryptData(th));
        }
    }

    public final void deleteSecretKey(String keyId) {
        Intrinsics.checkNotNullParameter(keyId, "keyId");
        SecretKeyHelper.INSTANCE.deleteSecretKey(keyId);
    }

    public final TIMResult<byte[], TIMEncryptedStorageError> encrypt(Cipher cipher, byte[] data) {
        Intrinsics.checkNotNullParameter(cipher, "cipher");
        Intrinsics.checkNotNullParameter(data, "data");
        try {
            return TIMResultKt.toTIMSuccess(cipher.doFinal(data));
        } catch (IllegalBlockSizeException e) {
            Throwable cause = e.getCause();
            if (cause != null) {
                String message = cause.getMessage();
                boolean z = false;
                if (message != null && StringsKt.contains$default((CharSequence) message, (CharSequence) "Key user not authenticated", false, 2, (Object) null)) {
                    z = true;
                }
                if (z) {
                    TIMEncryptedStorageLogger.DefaultImpls.log$default(this.logger, 3, TAG, "encrypt threw: IllegalBlockSizeException with KeyStoreException as cause exception: " + e, null, 8, null);
                    return TIMResultKt.toTIMFailure(new TIMEncryptedStorageError.UnrecoverablyFailedToEncrypt(e));
                }
            }
            TIMEncryptedStorageLogger.DefaultImpls.log$default(this.logger, 3, TAG, "encrypt threw: IllegalBlockSizeException: " + e, null, 8, null);
            return TIMResultKt.toTIMFailure(new TIMEncryptedStorageError.FailedToEncryptData(e));
        } catch (Throwable th) {
            TIMEncryptedStorageLogger.DefaultImpls.log$default(this.logger, 3, TAG, "encrypt threw: " + th, null, 8, null);
            return TIMResultKt.toTIMFailure(new TIMEncryptedStorageError.FailedToEncryptData(th));
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    public final TIMResult<Cipher, TIMEncryptedStorageError> getInitializedCipherForDecryption(String keyId, byte[] initializationVector) {
        Intrinsics.checkNotNullParameter(keyId, "keyId");
        Intrinsics.checkNotNullParameter(initializationVector, "initializationVector");
        TIMResult createCipherAndSecretKey = createCipherAndSecretKey(keyId);
        TIMEncryptedStorageLogger.DefaultImpls.log$default(this.logger, 3, TAG, "getInitializedCipherForDecryption: cipherSecretKeyResult: " + createCipherAndSecretKey, null, 8, null);
        if (createCipherAndSecretKey instanceof TIMResult.Failure) {
            return createCipherAndSecretKey;
        }
        if (!(createCipherAndSecretKey instanceof TIMResult.Success)) {
            throw new NoWhenBranchMatchedException();
        }
        CipherSecretKey cipherSecretKey = (CipherSecretKey) ((TIMResult.Success) createCipherAndSecretKey).getValue();
        try {
            cipherSecretKey.getCipher().init(2, cipherSecretKey.getSecretKey(), new IvParameterSpec(initializationVector));
            return TIMResultKt.toTIMSuccess(cipherSecretKey.getCipher());
        } catch (KeyPermanentlyInvalidatedException e) {
            TIMEncryptedStorageLogger.DefaultImpls.log$default(this.logger, 3, TAG, "getInitializedCipherForDecryption: caught KeyPermanentlyInvalidatedException: " + e + ". Deleting secret key and throwing TIMEncryptedStorageError.PermanentlyInvalidatedKey", null, 8, null);
            deleteSecretKey(keyId);
            return TIMResultKt.toTIMFailure(new TIMEncryptedStorageError.PermanentlyInvalidatedKey(e));
        } catch (Throwable th) {
            TIMEncryptedStorageLogger.DefaultImpls.log$default(this.logger, 3, TAG, "getInitializedCipherForDecryption: caught throwable: " + th, null, 8, null);
            return TIMResultKt.toTIMFailure(new TIMEncryptedStorageError.InvalidEncryptionKey(th));
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    public final TIMResult<Cipher, TIMEncryptedStorageError> getInitializedCipherForEncryption(String keyId) {
        Intrinsics.checkNotNullParameter(keyId, "keyId");
        TIMResult<Cipher, TIMEncryptedStorageError> cipherInstance = getCipherInstance();
        TIMEncryptedStorageLogger.DefaultImpls.log$default(this.logger, 3, TAG, "getInitializedCipherForEncryption: cipher result: " + cipherInstance, null, 8, null);
        if (cipherInstance instanceof TIMResult.Failure) {
            return cipherInstance;
        }
        if (!(cipherInstance instanceof TIMResult.Success)) {
            throw new NoWhenBranchMatchedException();
        }
        Cipher cipher = (Cipher) ((TIMResult.Success) cipherInstance).getValue();
        TIMResult createNewSecretKey = SecretKeyHelper.INSTANCE.createNewSecretKey(keyId);
        TIMEncryptedStorageLogger.DefaultImpls.log$default(this.logger, 3, TAG, "getInitializedCipherForEncryption: secretKeyResult: " + createNewSecretKey, null, 8, null);
        if (createNewSecretKey instanceof TIMResult.Failure) {
            return createNewSecretKey;
        }
        if (!(createNewSecretKey instanceof TIMResult.Success)) {
            throw new NoWhenBranchMatchedException();
        }
        try {
            cipher.init(1, (SecretKey) ((TIMResult.Success) createNewSecretKey).getValue());
            return TIMResultKt.toTIMSuccess(cipher);
        } catch (KeyPermanentlyInvalidatedException e) {
            TIMEncryptedStorageLogger.DefaultImpls.log$default(this.logger, 3, TAG, "getInitializedCipherForEncryption: caught KeyPermanentlyInvalidatedException: " + e + ". Deleting secret key and calling getInitializedCipherForEncryption again.", null, 8, null);
            deleteSecretKey(keyId);
            return getInitializedCipherForEncryption(keyId);
        } catch (Throwable th) {
            TIMEncryptedStorageLogger.DefaultImpls.log$default(this.logger, 3, TAG, "getInitializedCipherForEncryption: caught throwable: " + th, null, 8, null);
            return TIMResultKt.toTIMFailure(new TIMEncryptedStorageError.InvalidEncryptionKey(th));
        }
    }
}
