package design.codeux.biometric_storage;

import android.security.keystore.KeyGenParameterSpec;
import java.io.File;
import java.io.FileInputStream;
import java.nio.charset.Charset;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.util.Arrays;
import java.util.Objects;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.GCMParameterSpec;
import kotlin.jvm.functions.Function0;
import kotlin.jvm.functions.Function1;
import kotlin.jvm.internal.Lambda;
import kotlin.ranges.IntRange;
import kotlin.text.Charsets;
import kotlin.z;

/* compiled from: CryptographyManager.kt */
/* loaded from: classes2.dex */
public final class k {
    private final Function1<KeyGenParameterSpec.Builder, z> a;

    /* compiled from: CryptographyManager.kt */
    /* loaded from: classes2.dex */
    static final class a extends Lambda implements Function0<Object> {
        final /* synthetic */ byte[] a;

        /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
        a(byte[] bArr) {
            super(0);
            this.a = bArr;
        }

        @Override // kotlin.jvm.functions.Function0
        public final Object invoke() {
            return "decrypting " + this.a.length + " bytes (iv: 12, tag: 16)";
        }
    }

    /* compiled from: CryptographyManager.kt */
    /* loaded from: classes2.dex */
    static final class b extends Lambda implements Function0<Object> {
        final /* synthetic */ String a;

        /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
        b(String str) {
            super(0);
            this.a = str;
        }

        @Override // kotlin.jvm.functions.Function0
        public final Object invoke() {
            return "Unable to delete key from KeyStore _CM_" + this.a;
        }
    }

    /* compiled from: CryptographyManager.kt */
    /* loaded from: classes2.dex */
    static final class c extends Lambda implements Function0<Object> {
        final /* synthetic */ byte[] a;
        final /* synthetic */ byte[] b;

        /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
        c(byte[] bArr, byte[] bArr2) {
            super(0);
            this.a = bArr;
            this.b = bArr2;
        }

        @Override // kotlin.jvm.functions.Function0
        public final Object invoke() {
            return "encrypted " + this.a.length + " (" + this.b.length + " output)";
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    public k(Function1<? super KeyGenParameterSpec.Builder, z> configure) {
        kotlin.jvm.internal.j.e(configure, "configure");
        this.a = configure;
    }

    private final Cipher d() {
        Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
        kotlin.jvm.internal.j.d(cipher, "Cipher.getInstance(transformation)");
        return cipher;
    }

    private final SecretKey h(String str) {
        String str2 = "_CM_" + str;
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null);
        Key key = keyStore.getKey(str2, null);
        if (key != null) {
            Objects.requireNonNull(key, "null cannot be cast to non-null type javax.crypto.SecretKey");
            return (SecretKey) key;
        }
        KeyGenParameterSpec.Builder builder = new KeyGenParameterSpec.Builder(str2, 3);
        builder.setBlockModes("GCM");
        builder.setEncryptionPaddings("NoPadding");
        builder.setKeySize(256);
        builder.setUserAuthenticationRequired(true);
        this.a.invoke(builder);
        KeyGenParameterSpec build = builder.build();
        kotlin.jvm.internal.j.d(build, "paramsBuilder.build()");
        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", "AndroidKeyStore");
        keyGenerator.init(build);
        SecretKey generateKey = keyGenerator.generateKey();
        kotlin.jvm.internal.j.d(generateKey, "keyGenerator.generateKey()");
        return generateKey;
    }

    public String a(byte[] ciphertext, Cipher cipher) {
        l.a aVar;
        byte[] O;
        kotlin.jvm.internal.j.e(ciphertext, "ciphertext");
        kotlin.jvm.internal.j.e(cipher, "cipher");
        aVar = l.a;
        aVar.n(new a(ciphertext));
        O = kotlin.collections.k.O(ciphertext, new IntRange(0, 11));
        if (!Arrays.equals(O, cipher.getIV())) {
            throw new IllegalStateException("expected first bytes of ciphertext to equal cipher iv.");
        }
        byte[] plaintext = cipher.doFinal(ciphertext, 12, ciphertext.length - 12);
        kotlin.jvm.internal.j.d(plaintext, "plaintext");
        Charset forName = Charset.forName("UTF-8");
        kotlin.jvm.internal.j.d(forName, "Charset.forName(\"UTF-8\")");
        return new String(plaintext, forName);
    }

    public final void b(String keyName) {
        l.a aVar;
        kotlin.jvm.internal.j.e(keyName, "keyName");
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null);
        try {
            keyStore.deleteEntry("_CM_" + keyName);
        } catch (KeyStoreException e2) {
            aVar = l.a;
            aVar.p(e2, new b(keyName));
        }
    }

    public m c(String plaintext, Cipher cipher) {
        l.a aVar;
        kotlin.jvm.internal.j.e(plaintext, "plaintext");
        kotlin.jvm.internal.j.e(cipher, "cipher");
        byte[] bytes = plaintext.getBytes(Charsets.a);
        kotlin.jvm.internal.j.d(bytes, "(this as java.lang.String).getBytes(charset)");
        byte[] bArr = new byte[bytes.length + 12 + 16];
        cipher.doFinal(bytes, 0, bytes.length, bArr, 12);
        byte[] iv = cipher.getIV();
        kotlin.jvm.internal.j.d(iv, "cipher.iv");
        kotlin.collections.g.f(iv, bArr, 0, 0, 0, 14, null);
        int length = bytes.length + 16;
        int length2 = cipher.getIV().length;
        aVar = l.a;
        aVar.n(new c(bytes, bArr));
        return new m(bArr);
    }

    public Cipher e(String keyName, File encryptedDataFile) {
        kotlin.jvm.internal.j.e(keyName, "keyName");
        kotlin.jvm.internal.j.e(encryptedDataFile, "encryptedDataFile");
        byte[] bArr = new byte[12];
        new FileInputStream(encryptedDataFile).read(bArr);
        return f(keyName, bArr);
    }

    public Cipher f(String keyName, byte[] initializationVector) {
        kotlin.jvm.internal.j.e(keyName, "keyName");
        kotlin.jvm.internal.j.e(initializationVector, "initializationVector");
        Cipher d2 = d();
        d2.init(2, h(keyName), new GCMParameterSpec(128, initializationVector));
        return d2;
    }

    public Cipher g(String keyName) {
        kotlin.jvm.internal.j.e(keyName, "keyName");
        Cipher d2 = d();
        d2.init(1, h(keyName));
        return d2;
    }
}
