package Z;

import android.security.keystore.KeyGenParameterSpec;
import android.security.keystore.KeyPermanentlyInvalidatedException;
import android.util.Log;
import c0.EnumC0348e;
import c0.InterfaceC0354k;
import de.tutao.tutashared.CryptoError;
import h0.AbstractC0426j;
import h0.C0430n;
import h0.EnumC0429m;
import h0.InterfaceC0425i;
import i0.AbstractC0460h;
import java.io.ByteArrayOutputStream;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.UnrecoverableKeyException;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.spec.IvParameterSpec;
import u0.InterfaceC0542a;
import v0.AbstractC0582j;
import v0.AbstractC0589q;

/* loaded from: classes.dex */
public final class d {

    /* renamed from: c, reason: collision with root package name */
    public static final a f2011c = new a(null);

    /* renamed from: a, reason: collision with root package name */
    private final InterfaceC0354k f2012a;

    /* renamed from: b, reason: collision with root package name */
    private final InterfaceC0425i f2013b;

    /* loaded from: classes.dex */
    public static final class a {
        private a() {
        }

        public /* synthetic */ a(AbstractC0582j abstractC0582j) {
            this();
        }
    }

    /* loaded from: classes.dex */
    public /* synthetic */ class b {

        /* renamed from: a, reason: collision with root package name */
        public static final /* synthetic */ int[] f2014a;

        static {
            int[] iArr = new int[EnumC0348e.values().length];
            try {
                iArr[EnumC0348e.f4146g.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                iArr[EnumC0348e.f4147h.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
            try {
                iArr[EnumC0348e.f4148i.ordinal()] = 3;
            } catch (NoSuchFieldError unused3) {
            }
            f2014a = iArr;
        }
    }

    public d(InterfaceC0354k interfaceC0354k) {
        AbstractC0589q.e(interfaceC0354k, "dataKeyGenerator");
        this.f2012a = interfaceC0354k;
        this.f2013b = AbstractC0426j.a(EnumC0429m.f5343e, new InterfaceC0542a() { // from class: Z.c
            @Override // u0.InterfaceC0542a
            public final Object b() {
                KeyStore r2;
                r2 = d.r(d.this);
                return r2;
            }
        });
    }

    private final Cipher b(Key key, int i2) {
        try {
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", "AndroidOpenSSL");
            cipher.init(i2, key);
            return cipher;
        } catch (InvalidKeyException e2) {
            throw new CryptoError(e2);
        }
    }

    private final byte[] e(Key key, byte[] bArr) {
        try {
            Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
            cipher.init(2, key, new IvParameterSpec(f.f2015d.i()));
            return cipher.doFinal(bArr);
        } catch (InvalidKeyException e2) {
            throw new CryptoError(e2);
        } catch (BadPaddingException e3) {
            throw new CryptoError(e3);
        } catch (IllegalBlockSizeException e4) {
            throw new CryptoError(e4);
        }
    }

    private final byte[] h(Key key, byte[] bArr) {
        try {
            Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
            cipher.init(1, key, new IvParameterSpec(f.f2015d.i()));
            return cipher.doFinal(bArr);
        } catch (InvalidKeyException e2) {
            throw new CryptoError(e2);
        } catch (BadPaddingException e3) {
            throw new CryptoError(e3);
        } catch (IllegalBlockSizeException e4) {
            throw new CryptoError(e4);
        }
    }

    private final void i() {
        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", "AndroidKeyStore");
        keyGenerator.init(new KeyGenParameterSpec.Builder("TutanotaAppDeviceKey", 3).setBlockModes("CBC").setEncryptionPaddings("NoPadding").setRandomizedEncryptionRequired(false).build());
        keyGenerator.generateKey();
    }

    private final byte[] l(byte[] bArr) {
        return AbstractC0460h.h(bArr, 16, AbstractC0460h.y(bArr) + 1);
    }

    private final Key m(EnumC0348e enumC0348e) {
        String q2 = q(enumC0348e);
        if (!o().containsAlias(q2)) {
            return this.f2012a.a(q2, enumC0348e);
        }
        try {
            return o().getKey(q2, null);
        } catch (UnrecoverableKeyException e2) {
            throw new KeyStoreException(e2);
        }
    }

    private final byte[] n(byte[] bArr) {
        return AbstractC0460h.h(bArr, 0, 16);
    }

    private final KeyStore o() {
        Object value = this.f2013b.getValue();
        AbstractC0589q.d(value, "getValue(...)");
        return (KeyStore) value;
    }

    private final Key p() {
        try {
            return o().getKey("TutanotaAppDeviceKey", null);
        } catch (UnrecoverableKeyException e2) {
            throw new KeyStoreException(e2);
        }
    }

    private final String q(EnumC0348e enumC0348e) {
        int i2 = b.f2014a[enumC0348e.ordinal()];
        if (i2 == 1) {
            return "DeviceLockDataKey";
        }
        if (i2 == 2) {
            return "SystemPasswordDataKey";
        }
        if (i2 == 3) {
            return "BIometricsDataKey";
        }
        throw new C0430n();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static final KeyStore r(d dVar) {
        AbstractC0589q.e(dVar, "this$0");
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            if (!keyStore.containsAlias("TutanotaAppDeviceKey") && !keyStore.containsAlias("TutanotaAppDeviceAsymmetricKey")) {
                dVar.i();
            }
            return keyStore;
        } catch (Throwable th) {
            Log.w("AndroidKeyStoreFacade", "Keystore could not be initialized", th);
            throw th;
        }
    }

    public final byte[] c(byte[] bArr, Cipher cipher) {
        AbstractC0589q.e(bArr, "dataToDecrypt");
        AbstractC0589q.e(cipher, "cipher");
        try {
            return cipher.doFinal(l(bArr));
        } catch (BadPaddingException e2) {
            throw new CryptoError(e2);
        } catch (IllegalBlockSizeException e3) {
            throw new CryptoError(e3);
        }
    }

    public final byte[] d(byte[] bArr) {
        AbstractC0589q.e(bArr, "encSessionKey");
        if (!o().containsAlias("TutanotaAppDeviceAsymmetricKey")) {
            return e(p(), bArr);
        }
        try {
            Key key = o().getKey("TutanotaAppDeviceAsymmetricKey", null);
            AbstractC0589q.c(key, "null cannot be cast to non-null type java.security.PrivateKey");
            return b((PrivateKey) key, 2).doFinal(bArr);
        } catch (BadPaddingException e2) {
            throw new CryptoError(e2);
        } catch (IllegalBlockSizeException e3) {
            throw new CryptoError(e3);
        }
    }

    public final byte[] f(byte[] bArr, Cipher cipher) {
        AbstractC0589q.e(bArr, "data");
        AbstractC0589q.e(cipher, "cipher");
        try {
            byte[] doFinal = cipher.doFinal(bArr);
            byte[] iv = cipher.getIV();
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream(doFinal.length + iv.length);
            byteArrayOutputStream.write(iv);
            byteArrayOutputStream.write(doFinal);
            return byteArrayOutputStream.toByteArray();
        } catch (BadPaddingException e2) {
            throw new CryptoError(e2);
        } catch (IllegalBlockSizeException e3) {
            throw new CryptoError(e3);
        }
    }

    public final byte[] g(byte[] bArr) {
        AbstractC0589q.e(bArr, "sessionKey");
        if (!o().containsAlias("TutanotaAppDeviceAsymmetricKey")) {
            return h(p(), bArr);
        }
        PublicKey publicKey = o().getCertificate("TutanotaAppDeviceAsymmetricKey").getPublicKey();
        try {
            AbstractC0589q.b(publicKey);
            byte[] doFinal = b(publicKey, 1).doFinal(bArr);
            AbstractC0589q.b(doFinal);
            return doFinal;
        } catch (BadPaddingException e2) {
            throw new CryptoError(e2);
        } catch (IllegalBlockSizeException e3) {
            throw new CryptoError(e3);
        }
    }

    public final Cipher j(EnumC0348e enumC0348e, byte[] bArr) {
        AbstractC0589q.e(enumC0348e, "encryptionMode");
        AbstractC0589q.e(bArr, "dataToBeDecrypted");
        Key m2 = m(enumC0348e);
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding", "AndroidKeyStoreBCWorkaround");
        try {
            cipher.init(2, m2, new IvParameterSpec(n(bArr)));
            AbstractC0589q.b(cipher);
            return cipher;
        } catch (KeyPermanentlyInvalidatedException e2) {
            o().deleteEntry(q(enumC0348e));
            throw e2;
        } catch (InvalidAlgorithmParameterException e3) {
            throw new CryptoError(e3);
        } catch (InvalidKeyException e4) {
            throw new KeyStoreException(e4);
        }
    }

    public final Cipher k(EnumC0348e enumC0348e) {
        AbstractC0589q.e(enumC0348e, "encryptionMode");
        Key m2 = m(enumC0348e);
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding", "AndroidKeyStoreBCWorkaround");
        try {
            cipher.init(1, m2);
            AbstractC0589q.b(cipher);
            return cipher;
        } catch (KeyPermanentlyInvalidatedException e2) {
            o().deleteEntry(q(enumC0348e));
            throw e2;
        } catch (InvalidKeyException e3) {
            throw new KeyStoreException(e3);
        }
    }
}
