package eh;

import android.os.Build;
import android.security.keystore.KeyGenParameterSpec;
import android.security.keystore.KeyInfo;
import android.text.TextUtils;
import android.util.Log;
import androidx.annotation.NonNull;
import eh.b;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.Closeable;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.nio.charset.Charset;
import java.security.GeneralSecurityException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.ProviderException;
import java.security.UnrecoverableKeyException;
import java.util.Collections;
import java.util.HashSet;
import java.util.Set;
import java.util.concurrent.atomic.AtomicBoolean;
import java.util.concurrent.atomic.AtomicInteger;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.spec.IvParameterSpec;
import zendesk.chat.WebSocket;

/* loaded from: classes2.dex */
public abstract class b implements eh.a {

    /* renamed from: g, reason: collision with root package name */
    protected static final String f19682g = "b";

    /* renamed from: h, reason: collision with root package name */
    public static final Charset f19683h = Charset.forName("UTF-8");

    /* renamed from: b, reason: collision with root package name */
    protected transient AtomicBoolean f19685b;

    /* renamed from: d, reason: collision with root package name */
    protected transient AtomicBoolean f19687d;

    /* renamed from: e, reason: collision with root package name */
    protected transient Cipher f19688e;

    /* renamed from: f, reason: collision with root package name */
    protected transient KeyStore f19689f;

    /* renamed from: a, reason: collision with root package name */
    protected final Object f19684a = new Object();

    /* renamed from: c, reason: collision with root package name */
    protected final Object f19686c = new Object();

    /* loaded from: classes2.dex */
    public interface a {
        void a(@NonNull Cipher cipher, @NonNull Key key, @NonNull InputStream inputStream);
    }

    /* renamed from: eh.b$b, reason: collision with other inner class name */
    /* loaded from: classes2.dex */
    public static final class C0300b {

        /* renamed from: a, reason: collision with root package name */
        public static final c f19690a = new c() { // from class: eh.c
            @Override // eh.b.c
            public final void a(Cipher cipher, Key key, OutputStream outputStream) {
                cipher.init(1, key);
            }
        };

        /* renamed from: b, reason: collision with root package name */
        public static final a f19691b = new a() { // from class: eh.d
            @Override // eh.b.a
            public final void a(Cipher cipher, Key key, InputStream inputStream) {
                cipher.init(2, key);
            }
        };
    }

    /* loaded from: classes2.dex */
    public interface c {
        void a(@NonNull Cipher cipher, @NonNull Key key, @NonNull OutputStream outputStream);
    }

    /* loaded from: classes2.dex */
    public static final class d {

        /* renamed from: a, reason: collision with root package name */
        public static final c f19692a = new c() { // from class: eh.e
            @Override // eh.b.c
            public final void a(Cipher cipher, Key key, OutputStream outputStream) {
                b.d.c(cipher, key, outputStream);
            }
        };

        /* renamed from: b, reason: collision with root package name */
        public static final a f19693b = new a() { // from class: eh.f
            @Override // eh.b.a
            public final void a(Cipher cipher, Key key, InputStream inputStream) {
                b.d.d(cipher, key, inputStream);
            }
        };

        /* JADX INFO: Access modifiers changed from: private */
        public static /* synthetic */ void c(Cipher cipher, Key key, OutputStream outputStream) {
            cipher.init(1, key);
            byte[] iv = cipher.getIV();
            outputStream.write(iv, 0, iv.length);
        }

        /* JADX INFO: Access modifiers changed from: private */
        public static /* synthetic */ void d(Cipher cipher, Key key, InputStream inputStream) {
            cipher.init(2, key, e(inputStream));
        }

        @NonNull
        public static IvParameterSpec e(@NonNull InputStream inputStream) {
            byte[] bArr = new byte[16];
            if (inputStream.read(bArr, 0, 16) == 16) {
                return new IvParameterSpec(bArr);
            }
            throw new IOException("Input stream has insufficient data.");
        }

        @NonNull
        public static IvParameterSpec f(@NonNull byte[] bArr) {
            byte[] bArr2 = new byte[16];
            if (16 >= bArr.length) {
                throw new IOException("Insufficient length of input data for IV extracting.");
            }
            System.arraycopy(bArr, 0, bArr2, 0, 16);
            return new IvParameterSpec(bArr2);
        }
    }

    /* loaded from: classes2.dex */
    public class e implements Closeable {

        /* renamed from: b, reason: collision with root package name */
        public final String f19694b;

        /* renamed from: c, reason: collision with root package name */
        public final Key f19695c;

        public e(@NonNull b bVar, String str) {
            this(str, bVar.D(str, true));
        }

        public e(@NonNull String str, @NonNull Key key) {
            this.f19694b = str;
            this.f19695c = key;
        }

        @Override // java.io.Closeable, java.lang.AutoCloseable
        public void close() {
            try {
                b.this.i(this.f19694b);
            } catch (gh.c e10) {
                Log.w(b.f19682g, "AutoClose remove key failed. Error: " + e10.getMessage(), e10);
            }
        }
    }

    public static void k(@NonNull InputStream inputStream, @NonNull OutputStream outputStream) {
        byte[] bArr = new byte[16384];
        while (true) {
            int read = inputStream.read(bArr);
            if (read <= 0) {
                return;
            } else {
                outputStream.write(bArr, 0, read);
            }
        }
    }

    @NonNull
    public static String u(String str, @NonNull String str2) {
        return TextUtils.isEmpty(str) ? str2 : str;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @NonNull
    public com.oblador.keychain.f A(@NonNull Key key) {
        return y(key).isInsideSecureHardware() ? com.oblador.keychain.f.SECURE_HARDWARE : com.oblador.keychain.f.SECURE_SOFTWARE;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void B(@NonNull com.oblador.keychain.f fVar) {
        if (!a().b(fVar)) {
            throw new gh.a(String.format("Insufficient security level (wants %s; got %s)", fVar, a()));
        }
    }

    @NonNull
    protected Key C(@NonNull String str) {
        return D(str, false);
    }

    @NonNull
    protected Key D(@NonNull String str, @NonNull boolean z10) {
        return r(x(str, z10).build());
    }

    @NonNull
    protected Key E(@NonNull String str) {
        return F(str, false);
    }

    @NonNull
    protected Key F(@NonNull String str, @NonNull boolean z10) {
        KeyGenParameterSpec.Builder isStrongBoxBacked;
        int i10 = Build.VERSION.SDK_INT;
        if (i10 >= 28) {
            isStrongBoxBacked = x(str, z10).setIsStrongBoxBacked(true);
            return r(isStrongBoxBacked.build());
        }
        throw new gh.c("Strong box security keystore is not supported for old API" + i10 + ".");
    }

    protected boolean G(@NonNull com.oblador.keychain.f fVar, @NonNull Key key) {
        return A(key).b(fVar);
    }

    @Override // eh.a
    public com.oblador.keychain.f a() {
        return com.oblador.keychain.f.SECURE_HARDWARE;
    }

    @Override // eh.a
    public final int e() {
        return ((h() ? 1 : 0) * WebSocket.CLOSE_CODE_NORMAL) + f();
    }

    @Override // eh.a
    public Set<String> g() {
        KeyStore z10 = z();
        try {
            return new HashSet(Collections.list(z10.aliases()));
        } catch (KeyStoreException e10) {
            throw new gh.c("Error accessing aliases in keystore " + z10, e10);
        }
    }

    @Override // eh.a
    public void i(@NonNull String str) {
        String u10 = u(str, v());
        KeyStore z10 = z();
        try {
            if (z10.containsAlias(u10)) {
                z10.deleteEntry(u10);
            }
        } catch (GeneralSecurityException unused) {
        }
    }

    @Override // eh.a
    public boolean j() {
        AtomicBoolean atomicBoolean = this.f19685b;
        if (atomicBoolean != null) {
            return atomicBoolean.get();
        }
        synchronized (this.f19684a) {
            AtomicBoolean atomicBoolean2 = this.f19685b;
            if (atomicBoolean2 != null) {
                return atomicBoolean2.get();
            }
            this.f19685b = new AtomicBoolean(false);
            e eVar = null;
            try {
                e eVar2 = new e(this, "AndroidKeyStore#supportsSecureHardware");
                try {
                    this.f19685b.set(G(com.oblador.keychain.f.SECURE_HARDWARE, eVar2.f19695c));
                    eVar2.close();
                } catch (Throwable unused) {
                    eVar = eVar2;
                    if (eVar != null) {
                        eVar.close();
                    }
                    return this.f19685b.get();
                }
            } catch (Throwable unused2) {
            }
            return this.f19685b.get();
        }
    }

    @NonNull
    public String l(@NonNull Key key, @NonNull byte[] bArr) {
        return m(key, bArr, C0300b.f19691b);
    }

    @NonNull
    protected String m(@NonNull Key key, @NonNull byte[] bArr, a aVar) {
        Cipher t10 = t();
        try {
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
            try {
                ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                if (aVar != null) {
                    try {
                        aVar.a(t10, key, byteArrayInputStream);
                    } finally {
                    }
                }
                CipherInputStream cipherInputStream = new CipherInputStream(byteArrayInputStream, t10);
                try {
                    k(cipherInputStream, byteArrayOutputStream);
                    cipherInputStream.close();
                    String str = new String(byteArrayOutputStream.toByteArray(), f19683h);
                    byteArrayOutputStream.close();
                    byteArrayInputStream.close();
                    return str;
                } finally {
                }
            } finally {
            }
        } catch (Throwable th2) {
            Log.w(f19682g, th2.getMessage(), th2);
            throw th2;
        }
    }

    @NonNull
    public byte[] n(@NonNull Key key, @NonNull String str) {
        return o(key, str, C0300b.f19690a);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @NonNull
    public byte[] o(@NonNull Key key, @NonNull String str, c cVar) {
        Cipher t10 = t();
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            if (cVar != null) {
                try {
                    cVar.a(t10, key, byteArrayOutputStream);
                    byteArrayOutputStream.flush();
                } finally {
                }
            }
            CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, t10);
            try {
                cipherOutputStream.write(str.getBytes(f19683h));
                cipherOutputStream.close();
                byte[] byteArray = byteArrayOutputStream.toByteArray();
                byteArrayOutputStream.close();
                return byteArray;
            } finally {
            }
        } catch (Throwable th2) {
            Log.e(f19682g, th2.getMessage(), th2);
            throw th2;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @NonNull
    public Key p(@NonNull String str, @NonNull com.oblador.keychain.f fVar, @NonNull AtomicInteger atomicInteger) {
        Key q10;
        do {
            KeyStore z10 = z();
            if (!z10.containsAlias(str)) {
                s(str, fVar);
            }
            q10 = q(z10, str, atomicInteger);
        } while (q10 == null);
        return q10;
    }

    protected Key q(@NonNull KeyStore keyStore, @NonNull String str, @NonNull AtomicInteger atomicInteger) {
        try {
            Key key = keyStore.getKey(str, null);
            if (key != null) {
                return key;
            }
            throw new gh.c("Empty key extracted!");
        } catch (UnrecoverableKeyException e10) {
            if (atomicInteger.getAndDecrement() <= 0) {
                throw e10;
            }
            keyStore.deleteEntry(str);
            return null;
        }
    }

    @NonNull
    protected abstract Key r(@NonNull KeyGenParameterSpec keyGenParameterSpec);

    public void s(@NonNull String str, @NonNull com.oblador.keychain.f fVar) {
        Key key;
        synchronized (this.f19686c) {
            AtomicBoolean atomicBoolean = this.f19687d;
            key = null;
            if (atomicBoolean == null || atomicBoolean.get()) {
                if (this.f19687d == null) {
                    this.f19687d = new AtomicBoolean(false);
                }
                try {
                    key = E(str);
                    this.f19687d.set(true);
                } catch (GeneralSecurityException | ProviderException e10) {
                    Log.w(f19682g, "StrongBox security storage is not available.", e10);
                }
            }
        }
        if (key == null || !this.f19687d.get()) {
            try {
                key = C(str);
            } catch (GeneralSecurityException e11) {
                Log.e(f19682g, "Regular security storage is not available.", e11);
                throw e11;
            }
        }
        if (!G(fVar, key)) {
            throw new gh.a("Cannot generate keys with required security guarantees");
        }
    }

    @NonNull
    public Cipher t() {
        if (this.f19688e == null) {
            synchronized (this) {
                if (this.f19688e == null) {
                    this.f19688e = Cipher.getInstance(w());
                }
            }
        }
        return this.f19688e;
    }

    public String v() {
        return c();
    }

    @NonNull
    protected abstract String w();

    @NonNull
    protected abstract KeyGenParameterSpec.Builder x(@NonNull String str, @NonNull boolean z10);

    @NonNull
    protected abstract KeyInfo y(@NonNull Key key);

    @NonNull
    public KeyStore z() {
        if (this.f19689f == null) {
            synchronized (this) {
                if (this.f19689f == null) {
                    try {
                        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
                        keyStore.load(null);
                        this.f19689f = keyStore;
                    } catch (Throwable th2) {
                        throw new gh.c("Could not access Keystore", th2);
                    }
                }
            }
        }
        return this.f19689f;
    }
}
