package com.github.leonardoxh.keystore;

import android.content.Context;
import android.security.keystore.KeyGenParameterSpec;
import com.github.leonardoxh.keystore.store.Storage;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.nio.charset.Charset;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.UnrecoverableKeyException;
import java.security.spec.AlgorithmParameterSpec;
import javax.annotation.Nullable;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.IvParameterSpec;

/* loaded from: classes2.dex */
final class CipherStorageAndroidKeystore extends BaseCipherStorage {
    private static final Charset DEFAULT_CHARSET = Charset.forName("UTF-8");
    private static final String ENCRYPTION_ALGORITHM = "AES";
    private static final String ENCRYPTION_BLOCK_MODE = "CBC";
    private static final int ENCRYPTION_KEY_SIZE = 256;
    private static final String ENCRYPTION_PADDING = "PKCS7Padding";
    private static final String ENCRYPTION_TRANSFORMATION = "AES/CBC/PKCS7Padding";

    /* JADX INFO: Access modifiers changed from: package-private */
    public CipherStorageAndroidKeystore(Context context, Storage storage) {
        super(context, storage);
    }

    private static String decryptBytes(Key key, byte[] bArr) throws CryptoFailedException {
        try {
            Cipher cipher = Cipher.getInstance(ENCRYPTION_TRANSFORMATION);
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
            cipher.init(2, key, readIvFromStream(byteArrayInputStream));
            CipherInputStream cipherInputStream = new CipherInputStream(byteArrayInputStream, cipher);
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            byte[] bArr2 = new byte[1024];
            while (true) {
                int read = cipherInputStream.read(bArr2, 0, 1024);
                if (read <= 0) {
                    return new String(byteArrayOutputStream.toByteArray(), DEFAULT_CHARSET);
                }
                byteArrayOutputStream.write(bArr2, 0, read);
            }
        } catch (IOException | InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | NoSuchPaddingException e) {
            throw new CryptoFailedException("Could not decrypt bytes", e);
        }
    }

    private static byte[] encryptString(Key key, String str) throws CryptoFailedException {
        try {
            Cipher cipher = Cipher.getInstance(ENCRYPTION_TRANSFORMATION);
            cipher.init(1, key);
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            byte[] iv = cipher.getIV();
            byteArrayOutputStream.write(iv, 0, iv.length);
            CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, cipher);
            cipherOutputStream.write(str.getBytes(DEFAULT_CHARSET));
            cipherOutputStream.close();
            return byteArrayOutputStream.toByteArray();
        } catch (IOException | InvalidKeyException | NoSuchAlgorithmException | NoSuchPaddingException e) {
            throw new CryptoFailedException("Could not encrypt value", e);
        }
    }

    private static AlgorithmParameterSpec generateParameterSpec(String str) {
        return new KeyGenParameterSpec.Builder(str, 3).setBlockModes(ENCRYPTION_BLOCK_MODE).setEncryptionPaddings(ENCRYPTION_PADDING).setRandomizedEncryptionRequired(true).setKeySize(256).build();
    }

    private static IvParameterSpec readIvFromStream(ByteArrayInputStream byteArrayInputStream) {
        byte[] bArr = new byte[16];
        byteArrayInputStream.read(bArr, 0, 16);
        return new IvParameterSpec(bArr);
    }

    @Override // com.github.leonardoxh.keystore.CipherStorage
    @Nullable
    public String decrypt(String str) {
        Key key;
        try {
            byte[] keyBytes = this.storage.getKeyBytes(str);
            if (keyBytes == null || (key = getKeyStoreAndLoad().getKey(str, null)) == null) {
                return null;
            }
            return decryptBytes(key, keyBytes);
        } catch (KeyStoreAccessException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException unused) {
            return null;
        }
    }

    @Override // com.github.leonardoxh.keystore.CipherStorage
    public void encrypt(String str, String str2) {
        try {
            KeyStore keyStoreAndLoad = getKeyStoreAndLoad();
            KeyGenerator keyGenerator = KeyGenerator.getInstance(ENCRYPTION_ALGORITHM, "AndroidKeyStore");
            keyGenerator.init(generateParameterSpec(str));
            keyGenerator.generateKey();
            this.storage.saveKeyBytes(str, encryptString(keyStoreAndLoad.getKey(str, null), str2));
        } catch (KeyStoreAccessException e) {
            e = e;
            throw new CryptoFailedException("Could not access Keystore", e);
        } catch (InvalidAlgorithmParameterException e2) {
            e = e2;
            throw new CryptoFailedException("Could not encrypt data", e);
        } catch (KeyStoreException e3) {
            e = e3;
            throw new CryptoFailedException("Could not access Keystore", e);
        } catch (NoSuchAlgorithmException e4) {
            e = e4;
            throw new CryptoFailedException("Could not encrypt data", e);
        } catch (NoSuchProviderException e5) {
            e = e5;
            throw new CryptoFailedException("Could not encrypt data", e);
        } catch (UnrecoverableKeyException e6) {
            e = e6;
            throw new CryptoFailedException("Could not encrypt data", e);
        }
    }
}
