package com.liveperson.infra.controller;

import android.content.res.Resources;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.text.TextUtils;
import android.util.Base64;
import com.liveperson.infra.Clearable;
import com.liveperson.infra.Infra;
import com.liveperson.infra.R;
import com.liveperson.infra.configuration.Configuration;
import com.liveperson.infra.log.LPMobileLog;
import com.liveperson.infra.managers.PreferenceManager;
import com.liveperson.infra.utils.EncryptionVersion;
import com.liveperson.infra.utils.Utils;
import com.tmobile.tmoid.sdk.impl.inbound.dat.utils.SecureStorage;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.math.BigInteger;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.ArrayList;
import java.util.Calendar;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes.dex */
public class DBEncryptionKeyHelper implements Clearable {
    public static final String e = "DBEncryptionKeyHelper";
    public SecretKey a;
    public KeyStore b;
    public SecureRandom c = new SecureRandom();
    public IvParameterSpec d;

    public DBEncryptionKeyHelper(String str) {
        byte[] decode;
        KeyStore.PrivateKeyEntry privateKeyEntry = null;
        this.b = null;
        String stringValue = PreferenceManager.getInstance().getStringValue("initializationVector", PreferenceManager.APP_LEVEL_PREFERENCES, null);
        if (stringValue == null) {
            decode = new byte[16];
            this.c.nextBytes(decode);
            PreferenceManager.getInstance().setStringValue("initializationVector", PreferenceManager.APP_LEVEL_PREFERENCES, Base64.encodeToString(decode, 0));
        } else {
            decode = Base64.decode(stringValue, 0);
        }
        this.d = new IvParameterSpec(decode);
        try {
            if (c()) {
                this.b = KeyStore.getInstance("AndroidKeyStore");
                this.b.load(null, null);
            }
        } catch (Exception e2) {
            LPMobileLog.e(e, e2.getMessage());
        }
        if (str == null) {
            str = PreferenceManager.getInstance().getStringValue("dbEncryptionKey", PreferenceManager.APP_LEVEL_PREFERENCES, null);
            try {
                privateKeyEntry = (KeyStore.PrivateKeyEntry) this.b.getEntry("androidInfraDbEncKey", null);
            } catch (Exception unused) {
            }
            if (str == null || privateKeyEntry == null) {
                str = a();
                d(str);
            } else if (PreferenceManager.getInstance().getBooleanValue("dbEncryptionUsesKeyStore", PreferenceManager.APP_LEVEL_PREFERENCES, false)) {
                str = b(str);
            } else if (c()) {
                d(str);
            }
        }
        f(str);
    }

    public static EncryptionVersion getAppEncryptionVersion() {
        try {
            return EncryptionVersion.fromInt(Configuration.getInteger(R.integer.encryptionVersion));
        } catch (Resources.NotFoundException e2) {
            LPMobileLog.e(e, e2);
            return EncryptionVersion.VERSION_1;
        }
    }

    public final String a() {
        try {
            KeyGenerator keyGenerator = KeyGenerator.getInstance(SecureStorage.ENCRYPTION_ALGO);
            keyGenerator.init(256);
            return Base64.encodeToString(keyGenerator.generateKey().getEncoded(), 0);
        } catch (NoSuchAlgorithmException e2) {
            LPMobileLog.e(e, e2);
            byte[] bArr = new byte[32];
            this.c.nextBytes(bArr);
            return Base64.encodeToString(bArr, 0);
        }
    }

    public String a(String str) {
        String str2;
        String str3 = "";
        if (TextUtils.isEmpty(str)) {
            return "";
        }
        try {
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
            cipher.init(2, b(), this.d);
            return new String(cipher.doFinal(Base64.decode(str, 0)), "UTF-8");
        } catch (BadPaddingException e2) {
            LPMobileLog.e(e, "Caught a bad padding exception!", e2);
            LPMobileLog.d(e, LPMobileLog.FlowTags.DECRYPTION, "Using fallback after BadPaddingException");
            try {
                Cipher cipher2 = Cipher.getInstance("AES/CBC/PKCS5Padding");
                cipher2.init(2, b(), this.d);
                str2 = new String(cipher2.doFinal(Utils.hexStringToByteArray(str)), "UTF-8");
            } catch (Exception e3) {
                e = e3;
            }
            try {
                LPMobileLog.d(e, LPMobileLog.FlowTags.DECRYPTION, "BadPaddingException fallback worked!");
                return str2;
            } catch (Exception e4) {
                e = e4;
                str3 = str2;
                LPMobileLog.e(e, e);
                return str3;
            }
        } catch (Exception e5) {
            LPMobileLog.e(e, e5);
            return "";
        }
    }

    public final String b(String str) {
        try {
            KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) this.b.getEntry("androidInfraDbEncKey", null);
            Cipher cipher = Cipher.getInstance(SecureStorage.KEYSTORE_CIPHER);
            cipher.init(2, privateKeyEntry.getPrivateKey());
            CipherInputStream cipherInputStream = new CipherInputStream(new ByteArrayInputStream(Base64.decode(str, 0)), cipher);
            ArrayList arrayList = new ArrayList();
            while (true) {
                int read = cipherInputStream.read();
                if (read == -1) {
                    break;
                }
                arrayList.add(Byte.valueOf((byte) read));
            }
            byte[] bArr = new byte[arrayList.size()];
            for (int i = 0; i < bArr.length; i++) {
                bArr[i] = ((Byte) arrayList.get(i)).byteValue();
            }
            return new String(bArr, 0, bArr.length, "UTF-8");
        } catch (Exception e2) {
            LPMobileLog.e(e, e2);
            return null;
        }
    }

    public final SecretKey b() {
        return this.a;
    }

    public String c(String str) {
        if (!TextUtils.isEmpty(str)) {
            try {
                Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
                cipher.init(1, b(), this.d);
                return Base64.encodeToString(cipher.doFinal(str.getBytes("UTF-8")), 0);
            } catch (Exception e2) {
                LPMobileLog.e(e, e2);
            }
        }
        return str;
    }

    public final boolean c() {
        return Build.VERSION.SDK_INT >= 18;
    }

    @Override // com.liveperson.infra.Clearable
    public void clear() {
        KeyStore keyStore = this.b;
        if (keyStore != null) {
            try {
                if (keyStore.containsAlias("androidInfraDbEncKey")) {
                    this.b.deleteEntry("androidInfraDbEncKey");
                }
            } catch (Exception e2) {
                LPMobileLog.d(e, "exception deleting key store entry: " + e2.getMessage());
            }
        }
    }

    public final String d(String str) {
        boolean c = c();
        if (c) {
            e("androidInfraDbEncKey");
            try {
                KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) this.b.getEntry("androidInfraDbEncKey", null);
                Cipher cipher = Cipher.getInstance(SecureStorage.KEYSTORE_CIPHER);
                cipher.init(1, privateKeyEntry.getCertificate().getPublicKey());
                ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, cipher);
                cipherOutputStream.write(str.getBytes("UTF-8"));
                cipherOutputStream.close();
                str = Base64.encodeToString(byteArrayOutputStream.toByteArray(), 0);
            } catch (Exception e2) {
                LPMobileLog.e(e, e2);
                c = false;
            }
        }
        PreferenceManager.getInstance().setStringValue("dbEncryptionKey", PreferenceManager.APP_LEVEL_PREFERENCES, str);
        PreferenceManager.getInstance().setBooleanValue("dbEncryptionUsesKeyStore", PreferenceManager.APP_LEVEL_PREFERENCES, c);
        return str;
    }

    public final KeyPair e(String str) {
        if (!c()) {
            return null;
        }
        try {
            if (this.b.containsAlias(str)) {
                return null;
            }
            Calendar calendar = Calendar.getInstance();
            Calendar calendar2 = Calendar.getInstance();
            calendar2.add(1, 120);
            KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(Infra.instance.getApplicationContext()).setAlias(str).setSubject(new X500Principal("CN=DBKeyEncryptor, O=Liveperson")).setSerialNumber(BigInteger.ONE).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build();
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(SecureStorage.KEYSTORE_ALGO, "AndroidKeyStore");
            keyPairGenerator.initialize(build);
            return keyPairGenerator.generateKeyPair();
        } catch (Exception e2) {
            LPMobileLog.e(e, e2);
            return null;
        }
    }

    public final void f(String str) {
        byte[] decode = Base64.decode(str, 0);
        decode[0] = (byte) (decode[0] + 1);
        this.a = new SecretKeySpec(decode, SecureStorage.ENCRYPTION_ALGO);
    }
}
