package com.samsungsds.nexsign.client.common_secure_lib.storage;

import android.annotation.TargetApi;
import android.content.Context;
import android.security.keystore.KeyGenParameterSpec;
import android.security.keystore.KeyInfo;
import android.util.Base64;
import com.samsungsds.nexsign.client.common_secure_lib.storage.SecureStorage;
import com.samsungsds.nexsign.client.common_secure_lib.type.DeviceStatusType;
import com.samsungsds.nexsign.client.common_secure_lib.util.CommonUtil;
import defpackage.i;
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Signature;
import java.security.SignatureException;
import java.security.UnrecoverableEntryException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.interfaces.ECPublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.X509EncodedKeySpec;
import javax.crypto.KeyGenerator;
import org.restlet.data.Digest;

/* loaded from: classes.dex */
public class KeystoreSecurityMgr implements SecureStorage {

    /* renamed from: a, reason: collision with root package name */
    private static final String f10493a = "KeystoreSecurityMgr";

    /* renamed from: c, reason: collision with root package name */
    private final String f10495c;

    /* renamed from: d, reason: collision with root package name */
    private String f10496d = null;

    /* renamed from: b, reason: collision with root package name */
    private final String f10494b = "AndroidKeyStore";

    public KeystoreSecurityMgr(Context context) {
        this.f10495c = context.getApplicationInfo().dataDir + "/";
    }

    private String a() {
        String str = this.f10496d;
        return str == null ? this.f10495c : str;
    }

    private static String a(byte[] bArr) {
        return Base64.encodeToString(CommonUtil.getSha256HashedValue(bArr), 10);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Removed duplicated region for block: B:36:0x00b5 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:41:0x00ab A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /* JADX WARN: Type inference failed for: r1v0 */
    /* JADX WARN: Type inference failed for: r1v1 */
    /* JADX WARN: Type inference failed for: r1v2, types: [java.io.OutputStream] */
    /* JADX WARN: Type inference failed for: r1v3 */
    @android.annotation.TargetApi(23)
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private byte[] a(byte[] r7, byte[] r8) {
        /*
            Method dump skipped, instructions count: 213
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.samsungsds.nexsign.client.common_secure_lib.storage.KeystoreSecurityMgr.a(byte[], byte[]):byte[]");
    }

    @TargetApi(23)
    private boolean b(byte[] bArr) {
        KeyGenParameterSpec.Builder blockModes;
        KeyGenParameterSpec.Builder encryptionPaddings;
        KeyGenParameterSpec.Builder keySize;
        KeyGenParameterSpec.Builder randomizedEncryptionRequired;
        KeyGenParameterSpec build;
        try {
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", this.f10494b);
            blockModes = new KeyGenParameterSpec.Builder(a(CommonUtil.getSha256HashedValue(bArr)), 3).setBlockModes("GCM");
            encryptionPaddings = blockModes.setEncryptionPaddings("NoPadding");
            keySize = encryptionPaddings.setKeySize(128);
            randomizedEncryptionRequired = keySize.setRandomizedEncryptionRequired(false);
            build = randomizedEncryptionRequired.build();
            keyGenerator.init(build);
            keyGenerator.generateKey();
            return true;
        } catch (InvalidAlgorithmParameterException | NoSuchAlgorithmException | NoSuchProviderException e) {
            e.getMessage();
            return false;
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Removed duplicated region for block: B:31:0x00b2 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:36:0x00a8 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /* JADX WARN: Type inference failed for: r1v0 */
    /* JADX WARN: Type inference failed for: r1v1 */
    /* JADX WARN: Type inference failed for: r1v2, types: [java.io.OutputStream] */
    /* JADX WARN: Type inference failed for: r1v3 */
    /* JADX WARN: Type inference failed for: r9v0, types: [byte[]] */
    /* JADX WARN: Type inference failed for: r9v1 */
    /* JADX WARN: Type inference failed for: r9v11, types: [javax.crypto.CipherInputStream, java.io.InputStream] */
    /* JADX WARN: Type inference failed for: r9v2 */
    /* JADX WARN: Type inference failed for: r9v3, types: [java.io.InputStream] */
    /* JADX WARN: Type inference failed for: r9v5, types: [java.io.InputStream] */
    @android.annotation.TargetApi(23)
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private byte[] b(byte[] r9, byte[] r10) {
        /*
            Method dump skipped, instructions count: 210
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.samsungsds.nexsign.client.common_secure_lib.storage.KeystoreSecurityMgr.b(byte[], byte[]):byte[]");
    }

    private boolean c(byte[] bArr) {
        try {
            KeyStore keyStore = KeyStore.getInstance(this.f10494b);
            keyStore.load(null);
            return keyStore.getEntry(a(CommonUtil.getSha256HashedValue(bArr)), null) instanceof KeyStore.SecretKeyEntry;
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableEntryException | CertificateException e) {
            e.getMessage();
            return false;
        }
    }

    @Override // com.samsungsds.nexsign.client.common_secure_lib.storage.SecureStorage
    public boolean checkRooting() {
        return false;
    }

    @Override // com.samsungsds.nexsign.client.common_secure_lib.storage.SecureStorage
    @TargetApi(23)
    public byte[] generateKeyPair(byte[] bArr, int i10) {
        KeyGenParameterSpec.Builder digests;
        KeyGenParameterSpec build;
        if (i10 == 3) {
            try {
                KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC", this.f10494b);
                digests = new KeyGenParameterSpec.Builder(a(bArr), 12).setDigests(Digest.ALGORITHM_SHA_256);
                build = digests.build();
                keyPairGenerator.initialize(build);
                return keyPairGenerator.generateKeyPair().getPublic().getEncoded();
            } catch (InvalidAlgorithmParameterException | NoSuchAlgorithmException | NoSuchProviderException e) {
                e.getMessage();
            }
        }
        return null;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Removed duplicated region for block: B:31:0x0059 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    @Override // com.samsungsds.nexsign.client.common_secure_lib.storage.SecureStorage
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public byte[] getData(byte[] r5) {
        /*
            r4 = this;
            r0 = 0
            if (r5 != 0) goto L4
            return r0
        L4:
            r1 = 9
            java.lang.String r1 = android.util.Base64.encodeToString(r5, r1)
            java.lang.StringBuilder r2 = new java.lang.StringBuilder
            r2.<init>()
            java.lang.String r3 = r4.a()
            r2.append(r3)
            r2.append(r1)
            java.lang.String r1 = r2.toString()
            java.io.File r2 = new java.io.File     // Catch: java.lang.Throwable -> L45 java.io.IOException -> L47
            r2.<init>(r1)     // Catch: java.lang.Throwable -> L45 java.io.IOException -> L47
            java.io.FileInputStream r1 = new java.io.FileInputStream     // Catch: java.lang.Throwable -> L45 java.io.IOException -> L47
            r1.<init>(r2)     // Catch: java.lang.Throwable -> L45 java.io.IOException -> L47
            byte[] r5 = i.b.a(r5, r5)     // Catch: java.lang.Throwable -> L40 java.io.IOException -> L43
            byte[] r5 = com.samsungsds.nexsign.client.common_secure_lib.util.CommonUtil.getSha256HashedValue(r5)     // Catch: java.lang.Throwable -> L40 java.io.IOException -> L43
            byte[] r2 = o5.b.b(r1)     // Catch: java.lang.Throwable -> L40 java.io.IOException -> L43
            byte[] r5 = r4.b(r5, r2)     // Catch: java.lang.Throwable -> L40 java.io.IOException -> L43
            r1.close()     // Catch: java.io.IOException -> L3b
            goto L3f
        L3b:
            r0 = move-exception
            r0.toString()
        L3f:
            return r5
        L40:
            r5 = move-exception
            r0 = r1
            goto L57
        L43:
            r5 = move-exception
            goto L49
        L45:
            r5 = move-exception
            goto L57
        L47:
            r5 = move-exception
            r1 = r0
        L49:
            r5.getMessage()     // Catch: java.lang.Throwable -> L40
            if (r1 == 0) goto L56
            r1.close()     // Catch: java.io.IOException -> L52
            goto L56
        L52:
            r5 = move-exception
            r5.toString()
        L56:
            return r0
        L57:
            if (r0 == 0) goto L61
            r0.close()     // Catch: java.io.IOException -> L5d
            goto L61
        L5d:
            r0 = move-exception
            r0.toString()
        L61:
            throw r5
        */
        throw new UnsupportedOperationException("Method not decompiled: com.samsungsds.nexsign.client.common_secure_lib.storage.KeystoreSecurityMgr.getData(byte[]):byte[]");
    }

    @Override // com.samsungsds.nexsign.client.common_secure_lib.storage.SecureStorage
    public DeviceStatusType getDeviceStatus(Context context) {
        return DeviceStatusType.TEE_NOT_SUPPORTED;
    }

    @Override // com.samsungsds.nexsign.client.common_secure_lib.storage.SecureStorage
    public boolean isExist(byte[] bArr) {
        if (bArr == null) {
            return false;
        }
        String encodeToString = Base64.encodeToString(bArr, 9);
        File[] listFiles = new File(a()).listFiles();
        if (listFiles == null) {
            return false;
        }
        for (File file : listFiles) {
            if (file.isFile() && encodeToString.equals(file.getName())) {
                return true;
            }
        }
        return false;
    }

    @Override // com.samsungsds.nexsign.client.common_secure_lib.storage.SecureStorage
    public boolean isKeyExist(byte[] bArr) {
        try {
            KeyStore keyStore = KeyStore.getInstance(this.f10494b);
            keyStore.load(null);
            return keyStore.getEntry(a(bArr), null) instanceof KeyStore.PrivateKeyEntry;
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableEntryException | CertificateException e) {
            e.getMessage();
            return false;
        }
    }

    @TargetApi(23)
    public boolean isKeySecured() {
        boolean isInsideSecureHardware;
        KeyGenParameterSpec.Builder digests;
        KeyGenParameterSpec build;
        boolean isInsideSecureHardware2;
        try {
            if (isKeyExist(CommonUtil.getSha256HashedValue("check".getBytes()))) {
                KeyStore keyStore = KeyStore.getInstance(this.f10494b);
                keyStore.load(null);
                Key key = keyStore.getKey(a(CommonUtil.getSha256HashedValue("check".getBytes())), null);
                isInsideSecureHardware = ((KeyInfo) KeyFactory.getInstance(key.getAlgorithm(), this.f10494b).getKeySpec(key, KeyInfo.class)).isInsideSecureHardware();
                return isInsideSecureHardware;
            }
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC", this.f10494b);
            digests = new KeyGenParameterSpec.Builder(a(CommonUtil.getSha256HashedValue("check".getBytes())), 12).setDigests(Digest.ALGORITHM_SHA_256);
            build = digests.build();
            keyPairGenerator.initialize(build);
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            isInsideSecureHardware2 = ((KeyInfo) KeyFactory.getInstance(generateKeyPair.getPrivate().getAlgorithm(), this.f10494b).getKeySpec(generateKeyPair.getPrivate(), KeyInfo.class)).isInsideSecureHardware();
            return isInsideSecureHardware2;
        } catch (IOException | InvalidAlgorithmParameterException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | UnrecoverableKeyException | CertificateException | InvalidKeySpecException e) {
            e.getMessage();
            return false;
        }
    }

    @Override // com.samsungsds.nexsign.client.common_secure_lib.storage.SecureStorage
    public boolean modify(byte[] bArr, byte[] bArr2) {
        return store(bArr, bArr2);
    }

    @Override // com.samsungsds.nexsign.client.common_secure_lib.storage.SecureStorage
    public boolean provisioning(SecureStorage.CommonInterface commonInterface) {
        return false;
    }

    @Override // com.samsungsds.nexsign.client.common_secure_lib.storage.SecureStorage
    public boolean remove(byte[] bArr) {
        if (bArr == null || !isExist(bArr)) {
            return false;
        }
        return new File(a() + Base64.encodeToString(bArr, 9)).delete();
    }

    @Override // com.samsungsds.nexsign.client.common_secure_lib.storage.SecureStorage
    public boolean removeKey(byte[] bArr) {
        try {
            KeyStore keyStore = KeyStore.getInstance(this.f10494b);
            keyStore.load(null);
            if (!isKeyExist(bArr)) {
                return false;
            }
            keyStore.deleteEntry(a(bArr));
            return true;
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            e.getMessage();
            return false;
        }
    }

    @Override // com.samsungsds.nexsign.client.common_secure_lib.storage.SecureStorage
    public boolean setFilePath(String str) {
        this.f10496d = this.f10495c + str;
        return true;
    }

    @Override // com.samsungsds.nexsign.client.common_secure_lib.storage.SecureStorage
    public void setMainContext(Context context) {
    }

    @Override // com.samsungsds.nexsign.client.common_secure_lib.storage.SecureStorage
    public byte[] signData(byte[] bArr, byte[] bArr2, int i10) {
        if (i10 == 3) {
            try {
                KeyStore keyStore = KeyStore.getInstance(this.f10494b);
                keyStore.load(null);
                KeyStore.Entry entry = keyStore.getEntry(a(bArr), null);
                if (!(entry instanceof KeyStore.PrivateKeyEntry)) {
                    return null;
                }
                Signature signature = Signature.getInstance("SHA256withECDSA");
                signature.initSign(((KeyStore.PrivateKeyEntry) entry).getPrivateKey());
                signature.update(bArr2);
                return signature.sign();
            } catch (IOException | InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | SignatureException | UnrecoverableEntryException | CertificateException e) {
                e.getMessage();
            }
        }
        return null;
    }

    @Override // com.samsungsds.nexsign.client.common_secure_lib.storage.SecureStorage
    public boolean store(byte[] bArr, byte[] bArr2) {
        if (bArr != null && bArr2 != null) {
            String encodeToString = Base64.encodeToString(bArr, 9);
            if (isExist(bArr)) {
                remove(bArr);
            }
            String a10 = a();
            if (!new File(a10).exists()) {
                new File(a10).mkdirs();
            }
            String str = a() + encodeToString;
            FileOutputStream fileOutputStream = null;
            try {
                byte[] a11 = a(CommonUtil.getSha256HashedValue(i.b.a(bArr, bArr)), bArr2);
                if (a11 == null) {
                    return false;
                }
                FileOutputStream fileOutputStream2 = new FileOutputStream(new File(str));
                try {
                    fileOutputStream2.write(a11);
                    fileOutputStream2.close();
                    return true;
                } catch (IOException e) {
                    e = e;
                    fileOutputStream = fileOutputStream2;
                    if (fileOutputStream != null) {
                        try {
                            fileOutputStream.close();
                        } catch (IOException e10) {
                            e10.getMessage();
                            return false;
                        }
                    }
                    e.getMessage();
                    return false;
                }
            } catch (IOException e11) {
                e = e11;
            }
        }
        return false;
    }

    @Override // com.samsungsds.nexsign.client.common_secure_lib.storage.SecureStorage
    public boolean verifyData(byte[] bArr, byte[] bArr2, byte[] bArr3, int i10, byte[] bArr4) {
        if (i10 == 3) {
            try {
                ECPublicKey eCPublicKey = (ECPublicKey) KeyFactory.getInstance("EC").generatePublic(new X509EncodedKeySpec(bArr4));
                Signature signature = Signature.getInstance("SHA256withECDSA");
                signature.initVerify(eCPublicKey);
                signature.update(bArr2);
                return signature.verify(bArr3);
            } catch (InvalidKeyException | NoSuchAlgorithmException | SignatureException | InvalidKeySpecException e) {
                e.getMessage();
            }
        }
        return false;
    }
}
