package com.genexus.android.authentication;

import android.security.keystore.KeyGenParameterSpec;
import android.security.keystore.KeyPermanentlyInvalidatedException;
import com.genexus.android.core.base.services.IAppPreferences;
import com.genexus.android.core.base.services.Services;
import com.genexus.android.core.base.utils.Strings;
import com.genexus.cryptography.Constants;
import com.genexus.util.Base64;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.nio.charset.Charset;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.util.ArrayList;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;

/* loaded from: classes.dex */
public class CipherHelper {
    private static final String FINGER_PRINT_HELPER = "GenexusFingerprintHelper";
    private static final String KEY_NAME = "GenexusFingerprintKey";
    private static final String LAST_USED_IV_SHARED_PREF_KEY = "GenexusFingerprint_LAST_USED_IV";

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public static class FingerprintException extends Exception {
        public FingerprintException(Exception exc) {
            super(exc);
        }
    }

    public static String decrypt(Cipher cipher, String str) {
        if (cipher == null) {
            return null;
        }
        try {
            CipherInputStream cipherInputStream = new CipherInputStream(new ByteArrayInputStream(Base64.decode(str)), cipher);
            ArrayList arrayList = new ArrayList();
            while (true) {
                int read = cipherInputStream.read();
                if (read == -1) {
                    break;
                }
                arrayList.add(Byte.valueOf((byte) read));
            }
            cipherInputStream.close();
            byte[] bArr = new byte[arrayList.size()];
            for (int i = 0; i < arrayList.size(); i++) {
                bArr[i] = ((Byte) arrayList.get(i)).byteValue();
            }
            return new String(bArr, Charset.defaultCharset());
        } catch (IOException e) {
            Services.Log.error(e);
            return null;
        }
    }

    public static String encrypt(Cipher cipher, String str) {
        if (cipher == null) {
            return null;
        }
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, cipher);
            cipherOutputStream.write(str.getBytes(Charset.defaultCharset()));
            cipherOutputStream.flush();
            cipherOutputStream.close();
            return Base64.encodeBytes(byteArrayOutputStream.toByteArray());
        } catch (IOException e) {
            Services.Log.error(e);
            return null;
        }
    }

    private static KeyStore generateKey() throws FingerprintException {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            if (getLastIv() == null) {
                generateSecretKey();
            }
            return keyStore;
        } catch (IOException | InvalidAlgorithmParameterException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | CertificateException e) {
            throw new FingerprintException(e);
        }
    }

    private static SecretKey generateSecretKey() throws NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException {
        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", "AndroidKeyStore");
        keyGenerator.init(new KeyGenParameterSpec.Builder(KEY_NAME, 3).setBlockModes(Constants.DEFAULT_SYM_MODE).setUserAuthenticationRequired(true).setEncryptionPaddings("PKCS7Padding").build());
        return keyGenerator.generateKey();
    }

    public static Cipher getCipher(int i) {
        try {
            return getCipher(i, generateKey());
        } catch (FingerprintException e) {
            return null;
        }
    }

    private static Cipher getCipher(int i, KeyStore keyStore) {
        try {
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
            try {
                keyStore.load(null);
                SecretKey secretKey = (SecretKey) keyStore.getKey(KEY_NAME, null);
                if (secretKey == null) {
                    Services.Log.warning("A new SecretKey must be generated for that keyName");
                    secretKey = generateSecretKey();
                }
                if (i == 1) {
                    cipher.init(i, secretKey);
                    saveIv(cipher.getIV());
                } else {
                    cipher.init(i, secretKey, new IvParameterSpec(getLastIv()));
                }
                return cipher;
            } catch (KeyPermanentlyInvalidatedException e) {
                return null;
            } catch (IOException e2) {
                e = e2;
                throw new RuntimeException("Failed to init Cipher", e);
            } catch (InvalidAlgorithmParameterException e3) {
                e = e3;
                throw new RuntimeException("Failed to init Cipher", e);
            } catch (InvalidKeyException e4) {
                e = e4;
                throw new RuntimeException("Failed to init Cipher", e);
            } catch (KeyStoreException e5) {
                e = e5;
                throw new RuntimeException("Failed to init Cipher", e);
            } catch (NoSuchAlgorithmException e6) {
                e = e6;
                throw new RuntimeException("Failed to init Cipher", e);
            } catch (NoSuchProviderException e7) {
                throw new RuntimeException("Failed to init Cipher generateSecretKey", e7);
            } catch (UnrecoverableKeyException e8) {
                e = e8;
                throw new RuntimeException("Failed to init Cipher", e);
            } catch (CertificateException e9) {
                e = e9;
                throw new RuntimeException("Failed to init Cipher", e);
            }
        } catch (NoSuchAlgorithmException | NoSuchPaddingException e10) {
            throw new RuntimeException("Failed to get Cipher", e10);
        }
    }

    private static byte[] getLastIv() {
        String string = getSharedPreferences().getString(LAST_USED_IV_SHARED_PREF_KEY);
        if (Strings.hasValue(string)) {
            return Base64.decode(string);
        }
        return null;
    }

    private static IAppPreferences getSharedPreferences() {
        return Services.Preferences.getGlobalPreferences(FINGER_PRINT_HELPER);
    }

    private static void saveIv(byte[] bArr) {
        getSharedPreferences().setString(LAST_USED_IV_SHARED_PREF_KEY, Base64.encodeBytes(bArr));
    }
}
