package r0;

import android.content.Context;
import android.content.SharedPreferences;
import android.content.res.Configuration;
import android.content.res.Resources;
import android.os.SystemClock;
import android.security.keystore.KeyGenParameterSpec;
import android.text.TextUtils;
import android.util.Base64;
import android.util.Pair;
import com.xiaomi.accountsdk.utils.AccountLog;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.util.Locale;
import java.util.WeakHashMap;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;

/* compiled from: SecureDataManager.java */
/* loaded from: classes.dex */
public class d {

    /* renamed from: a, reason: collision with root package name */
    private static volatile Key f7519a;

    /* renamed from: b, reason: collision with root package name */
    private static volatile KeyStore f7520b;

    /* renamed from: c, reason: collision with root package name */
    private static final byte[] f7521c = "0102030405060708".getBytes();

    /* renamed from: d, reason: collision with root package name */
    private static final WeakHashMap<String, Pair<String, String>> f7522d = new WeakHashMap<>();

    private static byte[] a(String str) {
        if (TextUtils.isEmpty(str)) {
            return null;
        }
        return Base64.decode(str, 10);
    }

    public static String b(Context context, String str) {
        if (!str.startsWith("ENCRYPTED@")) {
            return str;
        }
        Pair<String, String> pair = f7522d.get(str);
        if (pair != null) {
            return (String) pair.first;
        }
        if (f7519a == null) {
            i(context);
        }
        if (f7519a == null) {
            return null;
        }
        String substring = str.substring(10);
        try {
            Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
            try {
                cipher.init(2, f7519a, new IvParameterSpec(f7521c));
                byte[] bArr = new byte[0];
                try {
                    bArr = cipher.doFinal(a(substring));
                } catch (BadPaddingException e3) {
                    AccountLog.e("SecureDataManager", "decrypt failed", e3);
                    return str;
                } catch (IllegalBlockSizeException e4) {
                    AccountLog.e("SecureDataManager", "decrypt failed", e4);
                }
                int length = bArr.length;
                int i2 = 0;
                for (int i3 = 0; i3 < length && bArr[i3] != 0; i3++) {
                    i2++;
                }
                String str2 = new String(bArr, 0, i2);
                l(str2, str);
                AccountLog.e("SecureDataManager", "decrypt " + str + " -> " + str2);
                return str2;
            } catch (InvalidAlgorithmParameterException e5) {
                AccountLog.e("SecureDataManager", "init cipher failed", e5);
                return str;
            } catch (InvalidKeyException e6) {
                AccountLog.e("SecureDataManager", "init cipher failed", e6);
                return str;
            }
        } catch (NoSuchAlgorithmException e7) {
            AccountLog.e("SecureDataManager", "get cipher failed", e7);
            return str;
        } catch (NoSuchPaddingException e8) {
            AccountLog.e("SecureDataManager", "get cipher failed", e8);
            return str;
        }
    }

    private static String c(byte[] bArr) {
        if (bArr == null || bArr.length == 0) {
            return null;
        }
        return Base64.encodeToString(bArr, 10);
    }

    public static String d(Context context, String str) {
        Pair<String, String> pair = f7522d.get(str);
        if (pair != null) {
            return (String) pair.second;
        }
        if (f7519a == null) {
            i(context);
        }
        if (f7519a == null) {
            return str;
        }
        try {
            Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
            try {
                cipher.init(1, f7519a, new IvParameterSpec(f7521c));
                try {
                    byte[] bytes = str.getBytes();
                    if (bytes.length % 16 != 0) {
                        byte[] bArr = new byte[((bytes.length / 16) + 1) * 16];
                        for (int i2 = 0; i2 < bytes.length; i2++) {
                            bArr[i2] = bytes[i2];
                        }
                        bytes = bArr;
                    }
                    String str2 = "ENCRYPTED@" + c(cipher.doFinal(bytes));
                    l(str, str2);
                    AccountLog.e("SecureDataManager", "encrypt " + str + " -> " + str2);
                    return str2;
                } catch (BadPaddingException e3) {
                    AccountLog.e("SecureDataManager", "encrypt failed", e3);
                    return str;
                } catch (IllegalBlockSizeException e4) {
                    AccountLog.e("SecureDataManager", "encrypt failed", e4);
                    return str;
                }
            } catch (InvalidAlgorithmParameterException e5) {
                AccountLog.e("SecureDataManager", "init cipher failed", e5);
                return str;
            } catch (InvalidKeyException e6) {
                AccountLog.e("SecureDataManager", "init cipher failed", e6);
                return str;
            }
        } catch (NoSuchAlgorithmException e7) {
            AccountLog.e("SecureDataManager", "get cipher failed", e7);
            return str;
        } catch (NoSuchPaddingException e8) {
            AccountLog.e("SecureDataManager", "get cipher failed", e8);
            return str;
        }
    }

    private static void e(Context context) {
        try {
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", "AndroidKeyStore");
            Locale locale = Locale.getDefault();
            o(context, Locale.ENGLISH);
            try {
                try {
                    keyGenerator.init(new KeyGenParameterSpec.Builder("XiaomiPassport", 3).setBlockModes("CBC").setEncryptionPaddings("NoPadding").setKeySize(128).setRandomizedEncryptionRequired(false).setUserAuthenticationRequired(false).build());
                    o(context, locale);
                    SecretKey generateKey = keyGenerator.generateKey();
                    StringBuilder sb = new StringBuilder();
                    sb.append("generate key success? ");
                    sb.append(generateKey != null);
                    AccountLog.e("SecureDataManager", sb.toString());
                    KeyStore f3 = f();
                    if (generateKey == null || f3 == null) {
                        return;
                    }
                    f7519a = generateKey;
                } catch (InvalidAlgorithmParameterException e3) {
                    AccountLog.e("SecureDataManager", "init keypair generator failed", e3);
                    o(context, locale);
                }
            } catch (Throwable th) {
                o(context, locale);
                throw th;
            }
        } catch (NoSuchAlgorithmException e4) {
            AccountLog.e("SecureDataManager", "get key generator failed", e4);
        } catch (NoSuchProviderException e5) {
            AccountLog.e("SecureDataManager", "get key generator failed", e5);
        }
    }

    private static synchronized KeyStore f() {
        synchronized (d.class) {
            if (f7520b != null) {
                return f7520b;
            }
            try {
                KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
                try {
                    try {
                        try {
                            keyStore.load(null);
                            f7520b = keyStore;
                            return keyStore;
                        } catch (CertificateException e3) {
                            AccountLog.e("SecureDataManager", "init android keystore failed", e3);
                            return null;
                        }
                    } catch (IOException e4) {
                        AccountLog.e("SecureDataManager", "init android keystore failed", e4);
                        return null;
                    }
                } catch (NoSuchAlgorithmException e5) {
                    AccountLog.e("SecureDataManager", "init android keystore failed", e5);
                    return null;
                }
            } catch (KeyStoreException e6) {
                AccountLog.e("SecureDataManager", "get android keystore failed", e6);
                return null;
            }
        }
    }

    private static SharedPreferences g(Context context) {
        return context.getSharedPreferences("generate_secret_key_ret", 0);
    }

    public static boolean h(Context context) {
        return g(context).contains("generate_secret_key_success");
    }

    public static synchronized void i(Context context) {
        synchronized (d.class) {
            if (h(context) && !k(context)) {
                AccountLog.e("SecureDataManager", "not gen success, do not get");
                return;
            }
            if (f7519a != null) {
                AccountLog.e("SecureDataManager", "key is not null, skip");
                return;
            }
            long elapsedRealtime = SystemClock.elapsedRealtime();
            KeyStore f3 = f();
            if (f3 == null) {
                AccountLog.e("SecureDataManager", "initExistingKey#get null android key store");
                return;
            }
            try {
                if (!f3.containsAlias("XiaomiPassport")) {
                    AccountLog.e("SecureDataManager", "initExistingKey#has not generate key yet");
                    return;
                }
                try {
                    try {
                        f7519a = f3.getKey("XiaomiPassport", null);
                        StringBuilder sb = new StringBuilder();
                        sb.append("get key null? ");
                        sb.append(f7519a == null);
                        AccountLog.e("SecureDataManager", sb.toString());
                    } catch (NoSuchAlgorithmException e3) {
                        AccountLog.e("SecureDataManager", "get key failed", e3);
                    }
                } catch (KeyStoreException e4) {
                    throw new IllegalStateException(e4);
                } catch (UnrecoverableKeyException e5) {
                    AccountLog.e("SecureDataManager", "get key failed", e5);
                }
                AccountLog.i("SecureDataManager", "initExistingKey#init existing key cost " + (SystemClock.elapsedRealtime() - elapsedRealtime) + " ms");
                return;
            } catch (KeyStoreException e6) {
                throw new IllegalStateException(e6);
            }
        }
    }

    public static boolean j(String str) {
        return str.startsWith("ENCRYPTED@");
    }

    public static boolean k(Context context) {
        return g(context).getBoolean("generate_secret_key_success", false);
    }

    private static synchronized void l(String str, String str2) {
        synchronized (d.class) {
            Pair<String, String> pair = new Pair<>(str, str2);
            WeakHashMap<String, Pair<String, String>> weakHashMap = f7522d;
            weakHashMap.put(str, pair);
            weakHashMap.put(str2, pair);
        }
    }

    public static synchronized void m(Context context) {
        KeyStore f3;
        synchronized (d.class) {
            if (f7519a != null) {
                return;
            }
            if (h(context)) {
                i(context);
                AccountLog.i("SecureDataManager", "already generate key");
                return;
            }
            AccountLog.i("SecureDataManager", "start safe generate key");
            long elapsedRealtime = SystemClock.elapsedRealtime();
            boolean z2 = true;
            try {
                try {
                    f3 = f();
                } catch (Exception e3) {
                    AccountLog.e("SecureDataManager", "generate key failed", e3);
                    if (f7519a == null) {
                        z2 = false;
                    }
                }
                if (f3 != null && f3.containsAlias("XiaomiPassport")) {
                    AccountLog.i("SecureDataManager", "contains key already, init existing key");
                    i(context);
                    return;
                }
                e(context);
                i(context);
                if (f7519a == null) {
                    z2 = false;
                }
                n(context, z2);
                AccountLog.i("SecureDataManager", "generate key cost " + (SystemClock.elapsedRealtime() - elapsedRealtime) + " ms");
            } finally {
                if (f7519a == null) {
                    z2 = false;
                }
                n(context, z2);
            }
        }
    }

    private static void n(Context context, boolean z2) {
        g(context).edit().putBoolean("generate_secret_key_success", z2).commit();
    }

    private static void o(Context context, Locale locale) {
        Locale.setDefault(locale);
        Resources resources = context.getResources();
        Configuration configuration = resources.getConfiguration();
        configuration.locale = locale;
        resources.updateConfiguration(configuration, resources.getDisplayMetrics());
    }
}
