package com.oblador.keychain.cipherStorage;

import android.annotation.TargetApi;
import android.security.keystore.KeyGenParameterSpec;
import android.support.annotation.NonNull;
import com.oblador.keychain.cipherStorage.CipherStorage;
import com.oblador.keychain.exceptions.CryptoFailedException;
import com.oblador.keychain.exceptions.KeyStoreAccessException;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import javax.crypto.Cipher;
import javax.crypto.CipherOutputStream;
import javax.crypto.KeyGenerator;
import javax.crypto.spec.IvParameterSpec;

/* loaded from: classes.dex */
public class CipherStorageKeystoreAESCBC implements CipherStorage {
    public static final String CIPHER_STORAGE_NAME = "KeystoreAESCBC";
    public static final String DEFAULT_SERVICE = "RN_KEYCHAIN_DEFAULT_ALIAS";
    public static final String ENCRYPTION_ALGORITHM = "AES";
    public static final String ENCRYPTION_BLOCK_MODE = "CBC";
    public static final int ENCRYPTION_KEY_SIZE = 256;
    public static final String ENCRYPTION_PADDING = "PKCS7Padding";
    public static final String ENCRYPTION_TRANSFORMATION = "AES/CBC/PKCS7Padding";
    public static final String KEYSTORE_TYPE = "AndroidKeyStore";

    /*  JADX ERROR: JadxRuntimeException in pass: BlockProcessor
        jadx.core.utils.exceptions.JadxRuntimeException: Found unreachable blocks
        	at jadx.core.dex.visitors.blocks.DominatorTree.sortBlocks(DominatorTree.java:34)
        	at jadx.core.dex.visitors.blocks.DominatorTree.compute(DominatorTree.java:24)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.computeDominators(BlockProcessor.java:209)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.processBlocksTree(BlockProcessor.java:50)
        	at jadx.core.dex.visitors.blocks.BlockProcessor.visit(BlockProcessor.java:44)
        */
    private java.lang.String decryptBytes(java.security.Key r4, byte[] r5) throws com.oblador.keychain.exceptions.CryptoFailedException {
        /*
            r3 = this;
            java.lang.String r0 = "AES/CBC/PKCS7Padding"
            javax.crypto.Cipher r0 = javax.crypto.Cipher.getInstance(r0)     // Catch: java.lang.Exception -> L3d
            java.io.ByteArrayInputStream r1 = new java.io.ByteArrayInputStream     // Catch: java.lang.Exception -> L3d
            r1.<init>(r5)     // Catch: java.lang.Exception -> L3d
            javax.crypto.spec.IvParameterSpec r5 = r3.readIvFromStream(r1)     // Catch: java.lang.Exception -> L3d
            r2 = 2
            r0.init(r2, r4, r5)     // Catch: java.lang.Exception -> L3d
            javax.crypto.CipherInputStream r4 = new javax.crypto.CipherInputStream     // Catch: java.lang.Exception -> L3d
            r4.<init>(r1, r0)     // Catch: java.lang.Exception -> L3d
            java.io.ByteArrayOutputStream r5 = new java.io.ByteArrayOutputStream     // Catch: java.lang.Exception -> L3d
            r5.<init>()     // Catch: java.lang.Exception -> L3d
            r0 = 1024(0x400, float:1.435E-42)
            byte[] r0 = new byte[r0]     // Catch: java.lang.Exception -> L3d
        L21:
            int r1 = r0.length     // Catch: java.lang.Exception -> L3d
            r2 = 0
            int r1 = r4.read(r0, r2, r1)     // Catch: java.lang.Exception -> L3d
            if (r1 > 0) goto L39
            java.lang.String r4 = new java.lang.String     // Catch: java.lang.Exception -> L3d
            byte[] r5 = r5.toByteArray()     // Catch: java.lang.Exception -> L3d
            java.lang.String r0 = "UTF-8"
            java.nio.charset.Charset r0 = java.nio.charset.Charset.forName(r0)     // Catch: java.lang.Exception -> L3d
            r4.<init>(r5, r0)     // Catch: java.lang.Exception -> L3d
            return r4
        L39:
            r5.write(r0, r2, r1)     // Catch: java.lang.Exception -> L3d
            goto L21
        L3d:
            r4 = move-exception
            com.oblador.keychain.exceptions.CryptoFailedException r5 = new com.oblador.keychain.exceptions.CryptoFailedException
            java.lang.String r0 = "Could not decrypt bytes"
            r5.<init>(r0, r4)
            throw r5
        L46:
            goto L46
        */
        throw new UnsupportedOperationException("Method not decompiled: com.oblador.keychain.cipherStorage.CipherStorageKeystoreAESCBC.decryptBytes(java.security.Key, byte[]):java.lang.String");
    }

    private byte[] encryptString(Key key, String str, String str2) throws CryptoFailedException {
        try {
            Cipher cipher = Cipher.getInstance(ENCRYPTION_TRANSFORMATION);
            cipher.init(1, key);
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            byte[] iv = cipher.getIV();
            byteArrayOutputStream.write(iv, 0, iv.length);
            CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, cipher);
            cipherOutputStream.write(str2.getBytes("UTF-8"));
            cipherOutputStream.close();
            return byteArrayOutputStream.toByteArray();
        } catch (Exception e) {
            throw new CryptoFailedException("Could not encrypt value for service " + str, e);
        }
    }

    @NonNull
    private String getDefaultServiceIfEmpty(@NonNull String str) {
        return str.isEmpty() ? DEFAULT_SERVICE : str;
    }

    private KeyStore getKeyStoreAndLoad() throws KeyStoreException, KeyStoreAccessException {
        try {
            KeyStore keyStore = KeyStore.getInstance(KEYSTORE_TYPE);
            keyStore.load(null);
            return keyStore;
        } catch (IOException | NoSuchAlgorithmException | CertificateException e) {
            throw new KeyStoreAccessException("Could not access Keystore", e);
        }
    }

    private IvParameterSpec readIvFromStream(ByteArrayInputStream byteArrayInputStream) {
        byte[] bArr = new byte[16];
        byteArrayInputStream.read(bArr, 0, bArr.length);
        return new IvParameterSpec(bArr);
    }

    @Override // com.oblador.keychain.cipherStorage.CipherStorage
    public CipherStorage.DecryptionResult decrypt(@NonNull String str, @NonNull byte[] bArr, @NonNull byte[] bArr2) throws CryptoFailedException {
        try {
            Key key = getKeyStoreAndLoad().getKey(getDefaultServiceIfEmpty(str), null);
            return new CipherStorage.DecryptionResult(decryptBytes(key, bArr), decryptBytes(key, bArr2));
        } catch (KeyStoreAccessException e) {
            throw new CryptoFailedException("Could not access Keystore", e);
        } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException e2) {
            throw new CryptoFailedException("Could not get key from Keystore", e2);
        } catch (Exception e3) {
            throw new CryptoFailedException("Unknown error: " + e3.getMessage(), e3);
        }
    }

    @Override // com.oblador.keychain.cipherStorage.CipherStorage
    @TargetApi(23)
    public CipherStorage.EncryptionResult encrypt(@NonNull String str, @NonNull String str2, @NonNull String str3) throws CryptoFailedException {
        String defaultServiceIfEmpty = getDefaultServiceIfEmpty(str);
        try {
            KeyStore keyStoreAndLoad = getKeyStoreAndLoad();
            if (!keyStoreAndLoad.containsAlias(defaultServiceIfEmpty)) {
                KeyGenParameterSpec build = new KeyGenParameterSpec.Builder(defaultServiceIfEmpty, 3).setBlockModes(ENCRYPTION_BLOCK_MODE).setEncryptionPaddings(ENCRYPTION_PADDING).setRandomizedEncryptionRequired(true).setKeySize(256).build();
                KeyGenerator keyGenerator = KeyGenerator.getInstance(ENCRYPTION_ALGORITHM, KEYSTORE_TYPE);
                keyGenerator.init(build);
                keyGenerator.generateKey();
            }
            Key key = keyStoreAndLoad.getKey(defaultServiceIfEmpty, null);
            return new CipherStorage.EncryptionResult(encryptString(key, defaultServiceIfEmpty, str2), encryptString(key, defaultServiceIfEmpty, str3), this);
        } catch (KeyStoreAccessException | KeyStoreException e) {
            throw new CryptoFailedException("Could not access Keystore for service " + defaultServiceIfEmpty, e);
        } catch (InvalidAlgorithmParameterException | NoSuchAlgorithmException | NoSuchProviderException | UnrecoverableKeyException e2) {
            throw new CryptoFailedException("Could not encrypt data for service " + defaultServiceIfEmpty, e2);
        } catch (Exception e3) {
            throw new CryptoFailedException("Unknown error: " + e3.getMessage(), e3);
        }
    }

    @Override // com.oblador.keychain.cipherStorage.CipherStorage
    public String getCipherStorageName() {
        return CIPHER_STORAGE_NAME;
    }

    @Override // com.oblador.keychain.cipherStorage.CipherStorage
    public int getMinSupportedApiLevel() {
        return 23;
    }

    @Override // com.oblador.keychain.cipherStorage.CipherStorage
    public void removeKey(@NonNull String str) throws KeyStoreAccessException {
        String defaultServiceIfEmpty = getDefaultServiceIfEmpty(str);
        try {
            KeyStore keyStoreAndLoad = getKeyStoreAndLoad();
            if (keyStoreAndLoad.containsAlias(defaultServiceIfEmpty)) {
                keyStoreAndLoad.deleteEntry(defaultServiceIfEmpty);
            }
        } catch (KeyStoreException e) {
            throw new KeyStoreAccessException("Failed to access Keystore", e);
        } catch (Exception e2) {
            throw new KeyStoreAccessException("Unknown error " + e2.getMessage(), e2);
        }
    }
}
