package com.lyonbros.turtlstore;

import android.annotation.SuppressLint;
import android.content.Context;
import android.content.SharedPreferences;
import android.preference.PreferenceManager;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import android.util.Log;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.UnrecoverableEntryException;
import java.security.cert.CertificateException;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.GCMParameterSpec;

/* loaded from: classes.dex */
public class SecurityStore {
    private static final String ANDROID_KEY_STORE = "AndroidKeyStore";
    private static final String CIPHER_MODE = "AES/GCM/NoPadding";
    private static final String KEY_SUFFIX_IV = ".iv";
    private static final String KEY_SUFFIX_KEY = ".key";
    private static final String LOG_TAG_NAME = "SecurityStore";
    private final SharedPreferences preferences;

    @SuppressLint({"HardwareIds"})
    public SecurityStore(Context context) {
        this.preferences = PreferenceManager.getDefaultSharedPreferences(context);
    }

    private SecretKey createSecretKey(String str) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException {
        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", ANDROID_KEY_STORE);
        keyGenerator.init(new KeyGenParameterSpec.Builder(str, 3).setBlockModes("GCM").setEncryptionPaddings("NoPadding").build());
        return keyGenerator.generateKey();
    }

    private SecretKey getSecretKey(String str) {
        try {
            KeyStore keyStore = KeyStore.getInstance(ANDROID_KEY_STORE);
            keyStore.load(null);
            return ((KeyStore.SecretKeyEntry) keyStore.getEntry(str, null)).getSecretKey();
        } catch (IOException e) {
            e = e;
            Log.e(LOG_TAG_NAME, "getSecretKey: Can't load keystore.", e);
            return null;
        } catch (NullPointerException e2) {
            e = e2;
            Log.e(LOG_TAG_NAME, "getSecretKey: Can't load key from keystore.", e);
            return null;
        } catch (KeyStoreException e3) {
            Log.e(LOG_TAG_NAME, "getSecretKey: No keystore-provider is founded or can't load key from keystore.", e3);
            return null;
        } catch (NoSuchAlgorithmException e4) {
            Log.e(LOG_TAG_NAME, "getSecretKey: Can't load keystore or can't load key from keystore.", e4);
            return null;
        } catch (UnrecoverableEntryException e5) {
            e = e5;
            Log.e(LOG_TAG_NAME, "getSecretKey: Can't load key from keystore.", e);
            return null;
        } catch (CertificateException e6) {
            e = e6;
            Log.e(LOG_TAG_NAME, "getSecretKey: Can't load keystore.", e);
            return null;
        }
    }

    public boolean clear() {
        return clear("TurtlLoginSecret");
    }

    public boolean clear(String str) {
        SharedPreferences.Editor edit = this.preferences.edit();
        edit.remove(str + KEY_SUFFIX_KEY);
        edit.remove(str + KEY_SUFFIX_IV);
        edit.apply();
        return true;
    }

    public byte[] loadKey() {
        return loadKey("TurtlLoginSecret");
    }

    public byte[] loadKey(String str) {
        SecretKey secretKey = getSecretKey(str);
        if (!this.preferences.contains(str + KEY_SUFFIX_KEY) || secretKey == null) {
            Log.i(LOG_TAG_NAME, "loadKey: key not found");
            return null;
        }
        Log.i(LOG_TAG_NAME, "loadKey: grabbing " + str + KEY_SUFFIX_KEY);
        byte[] decode = Base64.decode(this.preferences.getString(str + KEY_SUFFIX_KEY, null), 0);
        byte[] decode2 = Base64.decode(this.preferences.getString(str + KEY_SUFFIX_IV, null), 0);
        Log.i(LOG_TAG_NAME, "loadKey: key/iv len: " + decode.length + "/" + decode2.length);
        try {
            Cipher cipher = Cipher.getInstance(CIPHER_MODE);
            cipher.init(2, secretKey, new GCMParameterSpec(128, decode2));
            return cipher.doFinal(decode);
        } catch (InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e) {
            Log.e(LOG_TAG_NAME, "loadKey: Wrong decryption parameter", e);
            return null;
        }
    }

    public boolean storeKey(byte[] bArr) {
        return storeKey(bArr, "TurtlLoginSecret");
    }

    public boolean storeKey(byte[] bArr, String str) {
        try {
            Cipher cipher = Cipher.getInstance(CIPHER_MODE);
            cipher.init(1, createSecretKey(str));
            byte[] iv = cipher.getIV();
            byte[] doFinal = cipher.doFinal(bArr);
            Log.d(LOG_TAG_NAME, "storeKey: storing key/iv of len " + bArr.length + "/" + doFinal.length + "/" + iv.length);
            SharedPreferences.Editor edit = this.preferences.edit();
            edit.putString(str + KEY_SUFFIX_KEY, Base64.encodeToString(doFinal, 0));
            edit.putString(str + KEY_SUFFIX_IV, Base64.encodeToString(iv, 0));
            edit.apply();
            return true;
        } catch (InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | NoSuchProviderException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e) {
            Log.e(LOG_TAG_NAME, "storeKey: Wrong encryption parameter", e);
            this.preferences.edit().clear().apply();
            return false;
        }
    }
}
