package f.f0.a.d;

import android.content.Context;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyProtection;
import android.text.TextUtils;
import android.util.Base64;
import androidx.annotation.RequiresApi;
import com.privacy.azerothprivacy.AzerothPrivacy;
import com.privacy.azerothprivacy.alarm.receiver.KeyAgreementUpdater;
import com.ss.android.ugc.bytex.pthread.base.convergence.hook.ThreadMethodProxy;
import com.ss.android.ugc.bytex.pthread.base.proxy.PthreadThreadV2;
import f.d0.a.h;
import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.util.GregorianCalendar;
import java.util.HashMap;
import java.util.Map;
import java.util.concurrent.Callable;
import java.util.concurrent.CancellationException;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.Future;
import java.util.concurrent.FutureTask;
import java.util.concurrent.TimeUnit;
import java.util.concurrent.TimeoutException;
import java.util.concurrent.atomic.AtomicInteger;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;
import org.json.JSONException;
import org.json.JSONObject;

/* compiled from: AzerothKeystore.java */
/* loaded from: classes7.dex */
public class f {
    public static KeyStore b;
    public static boolean e;
    public final ConcurrentHashMap<Object, Future<Boolean>> a = new ConcurrentHashMap<>();
    public static final Map<String, Key> c = new ConcurrentHashMap();
    public static final Map<String, Key> d = new ConcurrentHashMap();

    /* renamed from: f, reason: collision with root package name */
    public static final AtomicInteger f4123f = new AtomicInteger(0);
    public static final f g = a.a;

    /* compiled from: AzerothKeystore.java */
    /* loaded from: classes7.dex */
    public static class a {
        public static final f a = new f();
    }

    public f() {
        JSONObject jSONObject = new JSONObject();
        try {
            jSONObject.put("AzerothKeystore", "AndroidKeyStoreFailed");
        } catch (JSONException e2) {
            if (f.f0.a.e.a.a != null) {
                f.f0.a.e.a.a.ensureNotReachHere(e2, "Json exception", null);
            }
        }
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            b = keyStore;
            keyStore.load(null);
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException unused) {
            b = null;
            e = true;
            h.e0("crypto", jSONObject, null, null);
        }
    }

    public final void a(final Context context) {
        FutureTask futureTask;
        f fVar = g;
        Future<Boolean> future = fVar.a.get("initKeys");
        if (future == null && (future = fVar.a.putIfAbsent("initKeys", (futureTask = new FutureTask(new Callable() { // from class: f.f0.a.d.b
            @Override // java.util.concurrent.Callable
            public final Object call() {
                boolean z;
                f fVar2 = f.this;
                Context context2 = context;
                synchronized (fVar2) {
                    byte[] a2 = e.a(context2);
                    z = true;
                    if (a2.length != 32) {
                        z = false;
                    } else {
                        if (f.e) {
                            fVar2.b(a2, context2);
                        } else {
                            try {
                                if (Build.VERSION.SDK_INT >= 23) {
                                    fVar2.d(a2);
                                } else {
                                    fVar2.c(a2, context2);
                                }
                            } catch (Exception e2) {
                                HashMap hashMap = new HashMap();
                                hashMap.put("key_version", String.valueOf(e.b(context2)));
                                hashMap.put("shared_preference", f.f0.a.i.a.b(AzerothPrivacy.getAppContext()).a().toString());
                                if (f.f0.a.e.a.a != null) {
                                    f.f0.a.e.a.a.ensureNotReachHere(e2, "key initial internal exception", hashMap);
                                }
                                f.e = true;
                                fVar2.b(a2, context2);
                            }
                        }
                        e.g(context2, e.c(context2), true);
                    }
                }
                return Boolean.valueOf(z);
            }
        })))) == null) {
            futureTask.run();
            future = futureTask;
        }
        try {
            future.get(3L, TimeUnit.SECONDS).booleanValue();
            fVar.a.remove("initKeys", future);
        } catch (InterruptedException | CancellationException | ExecutionException | TimeoutException e2) {
            HashMap hashMap = new HashMap();
            hashMap.put("key version", String.valueOf(e.c(context)));
            hashMap.put("shared_preference", f.f0.a.i.a.b(AzerothPrivacy.getAppContext()).a().toString());
            if (f.f0.a.e.a.a != null) {
                f.f0.a.e.a.a.ensureNotReachHere(e2, "key initial remote exception", hashMap);
            }
            g.a.remove("initKeys", future);
        }
    }

    public final void b(byte[] bArr, Context context) {
        f.f0.a.i.a.b(context).f(h("aes_key"), Base64.encodeToString(bArr, 2));
        f.f0.a.i.a.c.remove(j("aes_key"));
        f.f0.a.i.a.c.commit();
    }

    @RequiresApi(api = 21)
    public final void c(byte[] bArr, Context context) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException, KeyStoreException {
        f.f0.a.i.a b2 = f.f0.a.i.a.b(context);
        GregorianCalendar gregorianCalendar = new GregorianCalendar();
        GregorianCalendar gregorianCalendar2 = new GregorianCalendar();
        gregorianCalendar2.add(1, 1);
        BigInteger bigInteger = new BigInteger(63, new SecureRandom());
        KeyPairGeneratorSpec.Builder alias = new KeyPairGeneratorSpec.Builder(context).setAlias(h("rsa_private_key"));
        StringBuilder L = f.d.a.a.a.L("CN=");
        L.append(h("rsa_private_key"));
        KeyPairGeneratorSpec build = alias.setSubject(new X500Principal(L.toString())).setSerialNumber(bigInteger).setStartDate(gregorianCalendar.getTime()).setEndDate(gregorianCalendar2.getTime()).build();
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
        keyPairGenerator.initialize(build);
        PublicKey publicKey = keyPairGenerator.generateKeyPair().getPublic();
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
        cipher.init(1, publicKey);
        b2.f(h("aes_key"), Base64.encodeToString(cipher.doFinal(bArr), 2));
        f.f0.a.i.a.c.remove(j("aes_key"));
        f.f0.a.i.a.c.commit();
        b.deleteEntry(j("rsa_private_key"));
    }

    @RequiresApi(api = 23)
    public final void d(byte[] bArr) throws KeyStoreException {
        b.setEntry(h("aes_key"), new KeyStore.SecretKeyEntry(new SecretKeySpec(bArr, "AES")), new KeyProtection.Builder(3).setBlockModes("GCM").setEncryptionPaddings("NoPadding").setRandomizedEncryptionRequired(false).build());
        b.deleteEntry(j("aes_key"));
    }

    public final Key e(Context context, Long l) {
        f.f0.a.i.a b2 = f.f0.a.i.a.b(context);
        String i = i("aes_key", l);
        if (e) {
            Map<String, Key> map = d;
            Key key = map.get(i);
            if (key == null) {
                String d2 = b2.d(i);
                if (!TextUtils.isEmpty(d2)) {
                    try {
                        byte[] decode = Base64.decode(d2, 0);
                        if (decode.length == 32) {
                            map.put(i, new SecretKeySpec(decode, "AES"));
                        }
                    } catch (IllegalArgumentException e2) {
                        e2.toString();
                        return null;
                    }
                }
            }
            return key;
        }
        try {
            if (Build.VERSION.SDK_INT >= 23) {
                return b.getKey(i, null);
            }
            Map<String, Key> map2 = c;
            Key key2 = map2.get(i);
            if (key2 == null) {
                PrivateKey privateKey = (PrivateKey) b.getKey(i("rsa_private_key", l), null);
                String d3 = b2.d(i);
                if (privateKey != null && !TextUtils.isEmpty(d3)) {
                    Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
                    cipher.init(2, privateKey);
                    byte[] doFinal = cipher.doFinal(Base64.decode(d3, 0));
                    if (doFinal.length == 32) {
                        key2 = new SecretKeySpec(doFinal, "AES");
                    }
                    map2.put(i, key2);
                }
            }
            return key2;
        } catch (GeneralSecurityException e3) {
            String str = "GetKey exceptions:" + e3;
            HashMap hashMap = new HashMap();
            hashMap.put("key version", String.valueOf(e.c(context)));
            hashMap.put("shared_preference", f.f0.a.i.a.b(AzerothPrivacy.getAppContext()).a().toString());
            if (f.f0.a.e.a.a != null) {
                f.f0.a.e.a.a.ensureNotReachHere(e3, "retrieve key exception", hashMap);
            }
            return null;
        }
    }

    public void f(final Context context) {
        e.f();
        if (e(context, null) == null) {
            ThreadMethodProxy.start(new PthreadThreadV2(new Runnable() { // from class: f.f0.a.d.d
                @Override // java.lang.Runnable
                public final void run() {
                    f.this.a(context);
                }
            }, "AzerothKeystore"));
        } else {
            h.s0(context, new KeyAgreementUpdater());
        }
    }

    public void g(final Context context) {
        e.f();
        if (e(context, null) == null) {
            ThreadMethodProxy.start(new PthreadThreadV2(new Runnable() { // from class: f.f0.a.d.a
                @Override // java.lang.Runnable
                public final void run() {
                    f.this.a(context);
                }
            }, "AzerothKeystore"));
        }
    }

    public final String h(String str) {
        return f.d.a.a.a.Q4(str, AzerothPrivacy.getAppInfo().e, String.valueOf(e.c(AzerothPrivacy.getAppContext())));
    }

    public final String i(String str, Long l) {
        if (l == null) {
            l = Long.valueOf(e.c(AzerothPrivacy.getAppContext()));
        }
        return str + AzerothPrivacy.getAppInfo().e + l;
    }

    public final String j(String str) {
        Long valueOf;
        AzerothPrivacy.getAppContext();
        String str2 = e.a;
        synchronized (e.class) {
            valueOf = e.e == 0 ? null : Long.valueOf(e.e);
        }
        return f.d.a.a.a.Q4(str, AzerothPrivacy.getAppInfo().e, String.valueOf(valueOf));
    }
}
