package cz.o2.smartbox.security;

import android.content.Context;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import com.google.android.gms.internal.p000firebaseauthapi.m4;
import cz.o2.smartbox.core.abstractions.CrashLogger;
import cz.o2.smartbox.core.abstractions.Preferences;
import cz.o2.smartbox.core.abstractions.SecurityProvider;
import cz.o2.smartbox.core.exception.KeyStoreInitException;
import cz.o2.smartbox.push.NotificationConfig;
import ir.s0;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.OutputStream;
import java.math.BigInteger;
import java.nio.charset.Charset;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.Hashtable;
import java.util.Iterator;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import kotlin.Metadata;
import kotlin.Unit;
import kotlin.coroutines.Continuation;
import kotlin.coroutines.intrinsics.IntrinsicsKt;
import kotlin.jvm.internal.Intrinsics;
import kotlin.jvm.internal.SourceDebugExtension;
import kotlin.text.Charsets;
import org.spongycastle.asn1.ASN1EncodableVector;
import org.spongycastle.asn1.ASN1ObjectIdentifier;
import org.spongycastle.asn1.ASN1Sequence;
import org.spongycastle.asn1.DERBitString;
import org.spongycastle.asn1.DEROctetString;
import org.spongycastle.asn1.DERSet;
import org.spongycastle.asn1.pkcs.Attribute;
import org.spongycastle.asn1.pkcs.CertificationRequest;
import org.spongycastle.asn1.pkcs.CertificationRequestInfo;
import org.spongycastle.asn1.pkcs.PKCSObjectIdentifiers;
import org.spongycastle.asn1.x500.X500Name;
import org.spongycastle.asn1.x509.BasicConstraints;
import org.spongycastle.asn1.x509.Extension;
import org.spongycastle.asn1.x509.Extensions;
import org.spongycastle.asn1.x509.ExtensionsGenerator;
import org.spongycastle.asn1.x509.SubjectPublicKeyInfo;
import org.spongycastle.cert.X509CertificateHolder;
import org.spongycastle.cert.jcajce.JcaX509CertificateConverter;
import org.spongycastle.cert.jcajce.JcaX509v3CertificateBuilder;
import org.spongycastle.jce.provider.BouncyCastleProvider;
import org.spongycastle.operator.ContentSigner;
import org.spongycastle.operator.jcajce.JcaContentSignerBuilder;
import org.spongycastle.pkcs.PKCS10CertificationRequest;
import org.spongycastle.pkcs.jcajce.JcaPKCS10CertificationRequestBuilder;

/* compiled from: SecurityProviderImpl.kt */
@Metadata(d1 = {"\u0000\\\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u000e\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u000e\n\u0002\u0018\u0002\n\u0002\b\u0004\n\u0002\u0010\u0002\n\u0002\b\u0007\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u000b\n\u0002\b\u0012\u0018\u00002\u00020\u0001B\u001d\u0012\u0006\u0010\u0002\u001a\u00020\u0003\u0012\u0006\u0010\u0004\u001a\u00020\u0005\u0012\u0006\u0010\u0006\u001a\u00020\u0007¢\u0006\u0002\u0010\bJ\u0019\u0010\u001c\u001a\u00020\r2\u0006\u0010\u001d\u001a\u00020\u001eH\u0082@ø\u0001\u0000¢\u0006\u0002\u0010\u001fJ\u0014\u0010 \u001a\u0004\u0018\u00010\r2\b\u0010!\u001a\u0004\u0018\u00010\rH\u0016J\b\u0010\"\u001a\u00020#H\u0002J\b\u0010$\u001a\u00020#H\u0002J\b\u0010%\u001a\u00020#H\u0016J\u0014\u0010&\u001a\u0004\u0018\u00010\r2\b\u0010'\u001a\u0004\u0018\u00010\rH\u0016J\u0010\u0010(\u001a\u00020\u001e2\u0006\u0010)\u001a\u00020\u000fH\u0002J\u001c\u0010*\u001a\u0004\u0018\u00010+2\u0006\u0010)\u001a\u00020\u000f2\b\b\u0002\u0010,\u001a\u00020\rH\u0002J\u0010\u0010-\u001a\u0004\u0018\u00010\r2\u0006\u0010.\u001a\u00020/J!\u00100\u001a\u00020\r2\u0006\u00101\u001a\u0002022\u0006\u00103\u001a\u000202H\u0096@ø\u0001\u0000¢\u0006\u0002\u00104J\b\u00105\u001a\u000202H\u0002J\b\u00106\u001a\u000202H\u0016J\b\u00107\u001a\u000202H\u0002J\b\u00108\u001a\u000202H\u0002J\b\u00109\u001a\u00020#H\u0002J\u0013\u0010:\u001a\u0004\u0018\u00010\u000fH\u0082@ø\u0001\u0000¢\u0006\u0002\u0010;J\u0012\u0010<\u001a\u0004\u0018\u00010\n2\u0006\u0010=\u001a\u00020\rH\u0002J\u0019\u0010>\u001a\u00020#2\u0006\u0010?\u001a\u00020\rH\u0096@ø\u0001\u0000¢\u0006\u0002\u0010@J\u001a\u0010A\u001a\u0002022\u0006\u0010B\u001a\u00020\r2\b\u0010C\u001a\u0004\u0018\u00010\rH\u0016R\u0010\u0010\t\u001a\u0004\u0018\u00010\nX\u0082\u000e¢\u0006\u0002\n\u0000R\u0010\u0010\u000b\u001a\u0004\u0018\u00010\nX\u0082\u000e¢\u0006\u0002\n\u0000R\u0010\u0010\f\u001a\u0004\u0018\u00010\rX\u0082\u000e¢\u0006\u0002\n\u0000R\u0016\u0010\u000e\u001a\u0004\u0018\u00010\u000f8BX\u0082\u0004¢\u0006\u0006\u001a\u0004\b\u0010\u0010\u0011R\u0016\u0010\u0012\u001a\u0004\u0018\u00010\n8BX\u0082\u0004¢\u0006\u0006\u001a\u0004\b\u0013\u0010\u0014R\u000e\u0010\u0002\u001a\u00020\u0003X\u0082\u0004¢\u0006\u0002\n\u0000R\u000e\u0010\u0004\u001a\u00020\u0005X\u0082\u0004¢\u0006\u0002\n\u0000R\u0016\u0010\u0015\u001a\u0004\u0018\u00010\u000f8VX\u0096\u0004¢\u0006\u0006\u001a\u0004\b\u0016\u0010\u0011R\u0016\u0010\u0017\u001a\u0004\u0018\u00010\n8VX\u0096\u0004¢\u0006\u0006\u001a\u0004\b\u0018\u0010\u0014R\u0016\u0010\u0019\u001a\u0004\u0018\u00010\r8VX\u0096\u0004¢\u0006\u0006\u001a\u0004\b\u001a\u0010\u001bR\u000e\u0010\u0006\u001a\u00020\u0007X\u0082\u0004¢\u0006\u0002\n\u0000\u0082\u0002\u0004\n\u0002\b\u0019¨\u0006D"}, d2 = {"Lcz/o2/smartbox/security/SecurityProviderImpl;", "Lcz/o2/smartbox/core/abstractions/SecurityProvider;", "context", "Landroid/content/Context;", "crashLogger", "Lcz/o2/smartbox/core/abstractions/CrashLogger;", "preferences", "Lcz/o2/smartbox/core/abstractions/Preferences;", "(Landroid/content/Context;Lcz/o2/smartbox/core/abstractions/CrashLogger;Lcz/o2/smartbox/core/abstractions/Preferences;)V", "_androidKeyStore", "Ljava/security/KeyStore;", "_ecKeyStore", "_ecKeyStorePass", "", "androidKeyPair", "Ljava/security/KeyPair;", "getAndroidKeyPair", "()Ljava/security/KeyPair;", "androidKeyStore", "getAndroidKeyStore", "()Ljava/security/KeyStore;", "ecKeyPair", "getEcKeyPair", "ecKeyStore", "getEcKeyStore", "ecKeyStorePass", "getEcKeyStorePass", "()Ljava/lang/String;", "csrToString", "csr", "Lorg/spongycastle/pkcs/PKCS10CertificationRequest;", "(Lorg/spongycastle/pkcs/PKCS10CertificationRequest;Lkotlin/coroutines/Continuation;)Ljava/lang/Object;", "decrypt", "cipheredValue", "deleteCameraKeyStore", "", "deleteECKeyStore", "deleteKeyPair", "encrypt", "value", "generateCSR", "keyPair", "generateCertificate", "Ljava/security/cert/X509Certificate;", NotificationConfig.ALGORITHM, "getCertPem", "certificate", "Ljava/security/cert/Certificate;", "getCsrString", "firstRun", "", "secondTry", "(ZZLkotlin/coroutines/Continuation;)Ljava/lang/Object;", "hasAndroidCertificate", "hasCertificate", "hasECCertificate", "hasECKeyPair", "initCipherKeyPair", "initECKeyPair", "(Lkotlin/coroutines/Continuation;)Ljava/lang/Object;", "loadKeyStore", "keystoreName", "storeCertInKeystore", "cert", "(Ljava/lang/String;Lkotlin/coroutines/Continuation;)Ljava/lang/Object;", "validatePIN", "pin", "cipheredPin", "arch_security_release"}, k = 1, mv = {1, 8, 0}, xi = 48)
@SourceDebugExtension({"SMAP\nSecurityProviderImpl.kt\nKotlin\n*S Kotlin\n*F\n+ 1 SecurityProviderImpl.kt\ncz/o2/smartbox/security/SecurityProviderImpl\n+ 2 fake.kt\nkotlin/jvm/internal/FakeKt\n*L\n1#1,521:1\n1#2:522\n*E\n"})
/* loaded from: classes4.dex */
public final class SecurityProviderImpl implements SecurityProvider {
    private KeyStore _androidKeyStore;
    private KeyStore _ecKeyStore;
    private String _ecKeyStorePass;
    private final Context context;
    private final CrashLogger crashLogger;
    private final Preferences preferences;

    public SecurityProviderImpl(Context context, CrashLogger crashLogger, Preferences preferences) {
        Intrinsics.checkNotNullParameter(context, "context");
        Intrinsics.checkNotNullParameter(crashLogger, "crashLogger");
        Intrinsics.checkNotNullParameter(preferences, "preferences");
        this.context = context;
        this.crashLogger = crashLogger;
        this.preferences = preferences;
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* JADX WARN: Removed duplicated region for block: B:15:0x0031  */
    /* JADX WARN: Removed duplicated region for block: B:8:0x0023  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public final java.lang.Object csrToString(org.spongycastle.pkcs.PKCS10CertificationRequest r6, kotlin.coroutines.Continuation<? super java.lang.String> r7) {
        /*
            r5 = this;
            boolean r0 = r7 instanceof cz.o2.smartbox.security.SecurityProviderImpl$csrToString$1
            if (r0 == 0) goto L13
            r0 = r7
            cz.o2.smartbox.security.SecurityProviderImpl$csrToString$1 r0 = (cz.o2.smartbox.security.SecurityProviderImpl$csrToString$1) r0
            int r1 = r0.label
            r2 = -2147483648(0xffffffff80000000, float:-0.0)
            r3 = r1 & r2
            if (r3 == 0) goto L13
            int r1 = r1 - r2
            r0.label = r1
            goto L18
        L13:
            cz.o2.smartbox.security.SecurityProviderImpl$csrToString$1 r0 = new cz.o2.smartbox.security.SecurityProviderImpl$csrToString$1
            r0.<init>(r5, r7)
        L18:
            java.lang.Object r7 = r0.result
            java.lang.Object r1 = kotlin.coroutines.intrinsics.IntrinsicsKt.getCOROUTINE_SUSPENDED()
            int r2 = r0.label
            r3 = 1
            if (r2 == 0) goto L31
            if (r2 != r3) goto L29
            kotlin.ResultKt.throwOnFailure(r7)
            goto L45
        L29:
            java.lang.IllegalStateException r6 = new java.lang.IllegalStateException
            java.lang.String r7 = "call to 'resume' before 'invoke' with coroutine"
            r6.<init>(r7)
            throw r6
        L31:
            kotlin.ResultKt.throwOnFailure(r7)
            kotlinx.coroutines.scheduling.a r7 = ir.s0.f18595b
            cz.o2.smartbox.security.SecurityProviderImpl$csrToString$2 r2 = new cz.o2.smartbox.security.SecurityProviderImpl$csrToString$2
            r4 = 0
            r2.<init>(r6, r4)
            r0.label = r3
            java.lang.Object r7 = com.google.android.gms.internal.p000firebaseauthapi.m4.i(r7, r2, r0)
            if (r7 != r1) goto L45
            return r1
        L45:
            java.lang.String r6 = "csr: PKCS10Certification…)\n            }\n        }"
            kotlin.jvm.internal.Intrinsics.checkNotNullExpressionValue(r7, r6)
            return r7
        */
        throw new UnsupportedOperationException("Method not decompiled: cz.o2.smartbox.security.SecurityProviderImpl.csrToString(org.spongycastle.pkcs.PKCS10CertificationRequest, kotlin.coroutines.Continuation):java.lang.Object");
    }

    private final void deleteCameraKeyStore() {
        this.context.deleteFile(SecurityConfig.SMARTBOX_CAMERA_KEYSTORE);
    }

    private final void deleteECKeyStore() {
        this.context.deleteFile(SecurityConfig.SMARTBOX_KEYSTORE);
    }

    private final PKCS10CertificationRequest generateCSR(KeyPair keyPair) {
        CertificationRequestInfo certificationRequestInfo;
        Attribute attribute;
        JcaPKCS10CertificationRequestBuilder jcaPKCS10CertificationRequestBuilder = new JcaPKCS10CertificationRequestBuilder(new X500Name(SecurityConfig.KEY_PAIR_SUBJECT_NAME), keyPair.getPublic());
        JcaContentSignerBuilder jcaContentSignerBuilder = new JcaContentSignerBuilder(SecurityConfig.ALGORITHM_EC);
        ExtensionsGenerator extensionsGenerator = new ExtensionsGenerator();
        ASN1ObjectIdentifier aSN1ObjectIdentifier = Extension.f24151g;
        byte[] p10 = new BasicConstraints().b().p("DER");
        Hashtable hashtable = extensionsGenerator.f24171a;
        if (hashtable.containsKey(aSN1ObjectIdentifier)) {
            throw new IllegalArgumentException("extension " + aSN1ObjectIdentifier + " already added");
        }
        extensionsGenerator.f24172b.addElement(aSN1ObjectIdentifier);
        hashtable.put(aSN1ObjectIdentifier, new Extension(aSN1ObjectIdentifier, new DEROctetString(p10)));
        ASN1ObjectIdentifier aSN1ObjectIdentifier2 = PKCSObjectIdentifiers.f23929c1;
        Extensions a10 = extensionsGenerator.a();
        ArrayList arrayList = jcaPKCS10CertificationRequestBuilder.f26301c;
        arrayList.add(new Attribute(aSN1ObjectIdentifier2, new DERSet(a10)));
        ContentSigner a11 = jcaContentSignerBuilder.a(keyPair.getPrivate());
        Intrinsics.checkNotNullExpressionValue(a11, "csBuilder.build(keyPair.private)");
        boolean isEmpty = arrayList.isEmpty();
        SubjectPublicKeyInfo subjectPublicKeyInfo = jcaPKCS10CertificationRequestBuilder.f26299a;
        X500Name x500Name = jcaPKCS10CertificationRequestBuilder.f26300b;
        if (isEmpty) {
            certificationRequestInfo = new CertificationRequestInfo(x500Name, subjectPublicKeyInfo, new DERSet());
        } else {
            ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
            Iterator it = arrayList.iterator();
            while (it.hasNext()) {
                Object next = it.next();
                if (next == null || (next instanceof Attribute)) {
                    attribute = (Attribute) next;
                } else {
                    if (!(next instanceof ASN1Sequence)) {
                        throw new IllegalArgumentException("unknown object in factory: ".concat(next.getClass().getName()));
                    }
                    attribute = new Attribute((ASN1Sequence) next);
                }
                aSN1EncodableVector.a(attribute);
            }
            certificationRequestInfo = new CertificationRequestInfo(x500Name, subjectPublicKeyInfo, new DERSet(aSN1EncodableVector));
        }
        try {
            OutputStream b10 = a11.b();
            b10.write(certificationRequestInfo.p("DER"));
            b10.close();
            PKCS10CertificationRequest pKCS10CertificationRequest = new PKCS10CertificationRequest(new CertificationRequest(certificationRequestInfo, a11.c(), new DERBitString(a11.a())));
            Intrinsics.checkNotNullExpressionValue(pKCS10CertificationRequest, "csrBuilder.build(signer)");
            return pKCS10CertificationRequest;
        } catch (IOException unused) {
            throw new IllegalStateException("cannot produce certification request signature");
        }
    }

    private final X509Certificate generateCertificate(KeyPair keyPair, String algorithm) {
        Calendar calendar = Calendar.getInstance();
        Calendar calendar2 = Calendar.getInstance();
        calendar2.add(1, 40);
        try {
            JcaContentSignerBuilder jcaContentSignerBuilder = new JcaContentSignerBuilder(algorithm);
            jcaContentSignerBuilder.b(new BouncyCastleProvider());
            ContentSigner a10 = jcaContentSignerBuilder.a(keyPair.getPrivate());
            X500Name x500Name = new X500Name(SecurityConfig.EC_KEY_PAIR_SUBJECT_NAME);
            X509CertificateHolder a11 = new JcaX509v3CertificateBuilder(x500Name, BigInteger.valueOf(1L), calendar.getTime(), calendar2.getTime(), x500Name, keyPair.getPublic()).a(a10);
            JcaX509CertificateConverter jcaX509CertificateConverter = new JcaX509CertificateConverter();
            jcaX509CertificateConverter.b(new BouncyCastleProvider());
            return jcaX509CertificateConverter.a(a11);
        } catch (Exception e10) {
            this.crashLogger.logNonFatal(e10);
            return null;
        }
    }

    public static /* synthetic */ X509Certificate generateCertificate$default(SecurityProviderImpl securityProviderImpl, KeyPair keyPair, String str, int i10, Object obj) {
        if ((i10 & 2) != 0) {
            str = SecurityConfig.ALGORITHM_EC;
        }
        return securityProviderImpl.generateCertificate(keyPair, str);
    }

    private final KeyPair getAndroidKeyPair() {
        try {
            KeyStore androidKeyStore = getAndroidKeyStore();
            boolean z10 = false;
            if (androidKeyStore != null && androidKeyStore.containsAlias(SecurityConfig.CIPHER_KEY_ALIAS)) {
                z10 = true;
            }
            if (z10) {
                Key key = androidKeyStore.getKey(SecurityConfig.CIPHER_KEY_ALIAS, null);
                Certificate certificate = androidKeyStore.getCertificate(SecurityConfig.CIPHER_KEY_ALIAS);
                if (certificate == null) {
                    deleteKeyPair();
                    return null;
                }
                PublicKey publicKey = certificate.getPublicKey();
                Intrinsics.checkNotNull(key, "null cannot be cast to non-null type java.security.PrivateKey");
                return new KeyPair(publicKey, (PrivateKey) key);
            }
        } catch (Exception e10) {
            this.crashLogger.logNonFatal(e10);
        }
        return null;
    }

    private final KeyStore getAndroidKeyStore() {
        if (this._androidKeyStore == null) {
            try {
                KeyStore keyStore = KeyStore.getInstance(SecurityConfig.ANDROID_KEYSTORE);
                keyStore.load(null);
                this._androidKeyStore = keyStore;
            } catch (Exception e10) {
                this.crashLogger.logNonFatal(e10);
            }
        }
        return this._androidKeyStore;
    }

    private final boolean hasAndroidCertificate() {
        try {
            KeyStore androidKeyStore = getAndroidKeyStore();
            if (androidKeyStore != null && androidKeyStore.containsAlias(SecurityConfig.KEY_ALIAS) && androidKeyStore.getCertificate(SecurityConfig.KEY_ALIAS) != null) {
                if (Preferences.DefaultImpls.getBoolean$default(this.preferences, "prefs_has_certificate", false, 2, null)) {
                    return true;
                }
            }
        } catch (Exception e10) {
            this.crashLogger.logNonFatal(e10);
        }
        return false;
    }

    private final boolean hasECCertificate() {
        try {
            KeyStore ecKeyStore = getEcKeyStore();
            if (ecKeyStore != null && ecKeyStore.containsAlias(SecurityConfig.EC_KEY_ALIAS) && ecKeyStore.getCertificate(SecurityConfig.EC_KEY_ALIAS) != null) {
                if (Preferences.DefaultImpls.getBoolean$default(this.preferences, "prefs_has_certificate", false, 2, null)) {
                    return true;
                }
            }
        } catch (Exception e10) {
            this.crashLogger.logNonFatal(e10);
        }
        return false;
    }

    private final boolean hasECKeyPair() {
        KeyPair ecKeyPair = getEcKeyPair();
        return (ecKeyPair == null || ecKeyPair.getPrivate() == null || !Intrinsics.areEqual("EC", ecKeyPair.getPrivate().getAlgorithm())) ? false : true;
    }

    private final void initCipherKeyPair() {
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(SecurityConfig.KEY_PAIR_ALGORITHM, SecurityConfig.ANDROID_KEYSTORE);
            Intrinsics.checkNotNullExpressionValue(keyPairGenerator, "getInstance(\n           …ID_KEYSTORE\n            )");
            keyPairGenerator.initialize(new KeyGenParameterSpec.Builder(SecurityConfig.CIPHER_KEY_ALIAS, 15).setDigests("SHA-256", "SHA-512", "NONE").setSignaturePaddings("PKCS1").setEncryptionPaddings("PKCS1Padding").setBlockModes("ECB").build());
            keyPairGenerator.generateKeyPair();
        } catch (Exception e10) {
            this.crashLogger.logNonFatal(e10);
            throw new KeyStoreInitException("unable to init keystore", e10);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public final Object initECKeyPair(Continuation<? super KeyPair> continuation) {
        return m4.i(s0.f18595b, new SecurityProviderImpl$initECKeyPair$2(this, null), continuation);
    }

    private final KeyStore loadKeyStore(String keystoreName) {
        FileInputStream fileInputStream;
        KeyStore keyStore;
        KeyStore keyStore2 = null;
        try {
            fileInputStream = this.context.openFileInput(keystoreName);
        } catch (FileNotFoundException unused) {
            fileInputStream = null;
        }
        try {
            keyStore = KeyStore.getInstance(SecurityConfig.EC_KEY_PAIR_PROVIDER);
        } catch (Exception e10) {
            e = e10;
        }
        try {
            String ecKeyStorePass = getEcKeyStorePass();
            if (fileInputStream == null || ecKeyStorePass == null) {
                keyStore.load(null);
            } else {
                char[] charArray = ecKeyStorePass.toCharArray();
                Intrinsics.checkNotNullExpressionValue(charArray, "this as java.lang.String).toCharArray()");
                keyStore.load(fileInputStream, charArray);
            }
            return keyStore;
        } catch (Exception e11) {
            e = e11;
            keyStore2 = keyStore;
            this.crashLogger.logNonFatal(e);
            return keyStore2;
        }
    }

    @Override // cz.o2.smartbox.core.abstractions.SecurityProvider
    public String decrypt(String cipheredValue) {
        KeyPair androidKeyPair = getAndroidKeyPair();
        if (androidKeyPair != null && cipheredValue != null) {
            try {
                Cipher cipher = Cipher.getInstance(SecurityConfig.CIPHER_ALGORITHM);
                cipher.init(2, androidKeyPair.getPrivate());
                CipherInputStream cipherInputStream = new CipherInputStream(new ByteArrayInputStream(Base64.decode(cipheredValue, 0)), cipher);
                ArrayList arrayList = new ArrayList();
                while (true) {
                    int read = cipherInputStream.read();
                    if (read == -1) {
                        break;
                    }
                    arrayList.add(Byte.valueOf((byte) read));
                }
                int size = arrayList.size();
                byte[] bArr = new byte[size];
                for (int i10 = 0; i10 < size; i10++) {
                    Object obj = arrayList.get(i10);
                    Intrinsics.checkNotNullExpressionValue(obj, "values[i]");
                    bArr[i10] = ((Number) obj).byteValue();
                }
                return new String(bArr, Charsets.UTF_8);
            } catch (Exception e10) {
                this.crashLogger.logNonFatal(e10);
            }
        }
        return null;
    }

    @Override // cz.o2.smartbox.core.abstractions.SecurityProvider
    public void deleteKeyPair() {
        try {
            KeyStore androidKeyStore = getAndroidKeyStore();
            boolean z10 = true;
            if (androidKeyStore != null && androidKeyStore.containsAlias(SecurityConfig.CIPHER_KEY_ALIAS)) {
                androidKeyStore.deleteEntry(SecurityConfig.CIPHER_KEY_ALIAS);
            }
            KeyStore ecKeyStore = getEcKeyStore();
            if (ecKeyStore == null || !ecKeyStore.containsAlias(SecurityConfig.EC_KEY_ALIAS)) {
                z10 = false;
            }
            if (z10) {
                ecKeyStore.deleteEntry(SecurityConfig.EC_KEY_ALIAS);
            }
            this._ecKeyStorePass = null;
            this._ecKeyStore = null;
            deleteECKeyStore();
            deleteCameraKeyStore();
        } catch (Exception e10) {
            this.crashLogger.logNonFatal(e10);
        }
    }

    @Override // cz.o2.smartbox.core.abstractions.SecurityProvider
    public String encrypt(String value) {
        KeyPair androidKeyPair = getAndroidKeyPair();
        if (androidKeyPair != null && value != null) {
            try {
                Cipher cipher = Cipher.getInstance(SecurityConfig.CIPHER_ALGORITHM);
                cipher.init(1, androidKeyPair.getPublic());
                ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, cipher);
                Charset forName = Charset.forName("UTF-8");
                Intrinsics.checkNotNullExpressionValue(forName, "forName(charsetName)");
                byte[] bytes = value.getBytes(forName);
                Intrinsics.checkNotNullExpressionValue(bytes, "this as java.lang.String).getBytes(charset)");
                cipherOutputStream.write(bytes);
                cipherOutputStream.close();
                return Base64.encodeToString(byteArrayOutputStream.toByteArray(), 0);
            } catch (Exception e10) {
                this.crashLogger.logNonFatal(e10);
            }
        }
        return null;
    }

    public final String getCertPem(Certificate certificate) {
        Intrinsics.checkNotNullParameter(certificate, "certificate");
        try {
            return "-----BEGIN CERTIFICATE-----\n" + Base64.encodeToString(certificate.getEncoded(), 0) + "-----END CERTIFICATE-----";
        } catch (CertificateEncodingException e10) {
            e10.printStackTrace();
            return null;
        }
    }

    /* JADX WARN: Removed duplicated region for block: B:23:0x0077  */
    /* JADX WARN: Removed duplicated region for block: B:32:0x0099  */
    /* JADX WARN: Removed duplicated region for block: B:38:0x00b1  */
    /* JADX WARN: Removed duplicated region for block: B:40:0x0048  */
    /* JADX WARN: Removed duplicated region for block: B:8:0x0025  */
    @Override // cz.o2.smartbox.core.abstractions.SecurityProvider
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public java.lang.Object getCsrString(boolean r9, boolean r10, kotlin.coroutines.Continuation<? super java.lang.String> r11) {
        /*
            r8 = this;
            boolean r0 = r11 instanceof cz.o2.smartbox.security.SecurityProviderImpl$getCsrString$1
            if (r0 == 0) goto L13
            r0 = r11
            cz.o2.smartbox.security.SecurityProviderImpl$getCsrString$1 r0 = (cz.o2.smartbox.security.SecurityProviderImpl$getCsrString$1) r0
            int r1 = r0.label
            r2 = -2147483648(0xffffffff80000000, float:-0.0)
            r3 = r1 & r2
            if (r3 == 0) goto L13
            int r1 = r1 - r2
            r0.label = r1
            goto L18
        L13:
            cz.o2.smartbox.security.SecurityProviderImpl$getCsrString$1 r0 = new cz.o2.smartbox.security.SecurityProviderImpl$getCsrString$1
            r0.<init>(r8, r11)
        L18:
            java.lang.Object r11 = r0.result
            java.lang.Object r1 = kotlin.coroutines.intrinsics.IntrinsicsKt.getCOROUTINE_SUSPENDED()
            int r2 = r0.label
            r3 = 3
            r4 = 2
            r5 = 1
            if (r2 == 0) goto L48
            if (r2 == r5) goto L3c
            if (r2 == r4) goto L37
            if (r2 != r3) goto L2f
            kotlin.ResultKt.throwOnFailure(r11)
            goto L93
        L2f:
            java.lang.IllegalStateException r9 = new java.lang.IllegalStateException
            java.lang.String r10 = "call to 'resume' before 'invoke' with coroutine"
            r9.<init>(r10)
            throw r9
        L37:
            kotlin.ResultKt.throwOnFailure(r11)
            goto La6
        L3c:
            boolean r10 = r0.Z$1
            boolean r9 = r0.Z$0
            java.lang.Object r2 = r0.L$0
            cz.o2.smartbox.security.SecurityProviderImpl r2 = (cz.o2.smartbox.security.SecurityProviderImpl) r2
            kotlin.ResultKt.throwOnFailure(r11)
            goto L66
        L48:
            kotlin.ResultKt.throwOnFailure(r11)
            boolean r11 = r8.hasECKeyPair()
            if (r11 != 0) goto L6f
            if (r9 == 0) goto L69
            r8.initCipherKeyPair()
            r0.L$0 = r8
            r0.Z$0 = r9
            r0.Z$1 = r10
            r0.label = r5
            java.lang.Object r11 = r8.initECKeyPair(r0)
            if (r11 != r1) goto L65
            return r1
        L65:
            r2 = r8
        L66:
            java.security.KeyPair r11 = (java.security.KeyPair) r11
            goto L74
        L69:
            cz.o2.smartbox.core.exception.LogoutException r9 = new cz.o2.smartbox.core.exception.LogoutException
            r9.<init>()
            throw r9
        L6f:
            java.security.KeyPair r11 = r8.getEcKeyPair()
            r2 = r8
        L74:
            r6 = 0
            if (r11 == 0) goto L94
            java.security.PrivateKey r7 = r11.getPrivate()
            if (r7 == 0) goto L94
            java.security.PublicKey r7 = r11.getPublic()
            if (r7 != 0) goto L84
            goto L94
        L84:
            org.spongycastle.pkcs.PKCS10CertificationRequest r9 = r2.generateCSR(r11)
            r0.L$0 = r6
            r0.label = r3
            java.lang.Object r11 = r2.csrToString(r9, r0)
            if (r11 != r1) goto L93
            return r1
        L93:
            return r11
        L94:
            r2.deleteKeyPair()
            if (r9 == 0) goto Lb1
            if (r10 != 0) goto La9
            r0.L$0 = r6
            r0.label = r4
            java.lang.Object r11 = r2.getCsrString(r5, r5, r0)
            if (r11 != r1) goto La6
            return r1
        La6:
            java.lang.String r11 = (java.lang.String) r11
            return r11
        La9:
            cz.o2.smartbox.core.exception.KeyStoreInitException r9 = new cz.o2.smartbox.core.exception.KeyStoreInitException
            java.lang.String r10 = "unable to generate functioning keypair"
            r9.<init>(r10, r6, r4, r6)
            throw r9
        Lb1:
            cz.o2.smartbox.core.exception.LogoutException r9 = new cz.o2.smartbox.core.exception.LogoutException
            r9.<init>()
            throw r9
        */
        throw new UnsupportedOperationException("Method not decompiled: cz.o2.smartbox.security.SecurityProviderImpl.getCsrString(boolean, boolean, kotlin.coroutines.Continuation):java.lang.Object");
    }

    @Override // cz.o2.smartbox.core.abstractions.SecurityProvider
    public KeyPair getEcKeyPair() {
        char[] cArr;
        try {
            KeyStore ecKeyStore = getEcKeyStore();
            boolean z10 = false;
            if (ecKeyStore != null && ecKeyStore.containsAlias(SecurityConfig.EC_KEY_ALIAS)) {
                z10 = true;
            }
            if (z10) {
                String ecKeyStorePass = getEcKeyStorePass();
                if (ecKeyStorePass != null) {
                    cArr = ecKeyStorePass.toCharArray();
                    Intrinsics.checkNotNullExpressionValue(cArr, "this as java.lang.String).toCharArray()");
                } else {
                    cArr = null;
                }
                Key key = ecKeyStore.getKey(SecurityConfig.EC_KEY_ALIAS, cArr);
                Certificate certificate = ecKeyStore.getCertificate(SecurityConfig.EC_KEY_ALIAS);
                if (certificate == null) {
                    deleteKeyPair();
                    return null;
                }
                PublicKey publicKey = certificate.getPublicKey();
                Intrinsics.checkNotNull(key, "null cannot be cast to non-null type java.security.PrivateKey");
                return new KeyPair(publicKey, (PrivateKey) key);
            }
        } catch (Exception e10) {
            this.crashLogger.logNonFatal(e10);
        }
        return null;
    }

    @Override // cz.o2.smartbox.core.abstractions.SecurityProvider
    public KeyStore getEcKeyStore() {
        if (this._ecKeyStore == null) {
            this._ecKeyStore = loadKeyStore(SecurityConfig.SMARTBOX_KEYSTORE);
        }
        return this._ecKeyStore;
    }

    @Override // cz.o2.smartbox.core.abstractions.SecurityProvider
    public String getEcKeyStorePass() {
        if (this._ecKeyStorePass == null) {
            this._ecKeyStorePass = decrypt(this.preferences.getString("prefs_secure_encoded_key"));
        }
        return this._ecKeyStorePass;
    }

    @Override // cz.o2.smartbox.core.abstractions.SecurityProvider
    public boolean hasCertificate() {
        return hasECCertificate();
    }

    @Override // cz.o2.smartbox.core.abstractions.SecurityProvider
    public Object storeCertInKeystore(String str, Continuation<? super Unit> continuation) {
        Object i10 = m4.i(s0.f18595b, new SecurityProviderImpl$storeCertInKeystore$2(str, this, null), continuation);
        return i10 == IntrinsicsKt.getCOROUTINE_SUSPENDED() ? i10 : Unit.INSTANCE;
    }

    @Override // cz.o2.smartbox.core.abstractions.SecurityProvider
    public boolean validatePIN(String pin, String cipheredPin) {
        Intrinsics.checkNotNullParameter(pin, "pin");
        return Intrinsics.areEqual(pin, decrypt(cipheredPin));
    }
}
