package com.samsung.android.service.health.security;

import android.content.Context;
import android.provider.Settings;
import android.util.Base64;
import com.americanwell.sdk.activity.VideoVisitConstants;
import com.samsung.android.sdk.healthdata.privileged.util.LogUtil;
import java.io.BufferedInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.nio.charset.StandardCharsets;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.spec.InvalidKeySpecException;
import java.util.Arrays;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: classes3.dex */
public final class KeyOperation {
    private static final String TAG = LogUtil.makeTag("KeyOperation");

    private static byte[] cipherMessage(byte[] bArr, byte[] bArr2, boolean z) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException {
        SecretKeySpec secretKeySpec = new SecretKeySpec(bArr2, "AES");
        Cipher cipher = Cipher.getInstance("AES");
        if (z) {
            cipher.init(1, secretKeySpec);
        } else {
            cipher.init(2, secretKeySpec);
        }
        return cipher.doFinal(bArr);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Key createNewDbKey() throws UnsupportedEncodingException, NoSuchAlgorithmException, InvalidKeySpecException {
        return createNewSecretKey(1024);
    }

    public static Key createNewKey(int i) throws UnsupportedEncodingException, NoSuchAlgorithmException, InvalidKeySpecException {
        return createNewSecretKey(i);
    }

    private static Key createNewSecretKey(int i) throws UnsupportedEncodingException, NoSuchAlgorithmException, InvalidKeySpecException {
        return getSecretKey(new String(generateRandom(256), "UTF-8"), generateRandom(32), i);
    }

    private static byte[] decryptKey(Context context, String str, byte[] bArr, File file) {
        try {
            return cipherMessage(bArr, getCipherKey(context, str, file), false);
        } catch (Exception e) {
            ServiceLogger.doKoLogging(context, "ENC/DEC_FAIL0 : " + e.getMessage(), true);
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static synchronized boolean doesKeyFileExist(Context context) {
        boolean z;
        synchronized (KeyOperation.class) {
            z = context.getFileStreamPath("encryptedKeystore").length() > 0;
        }
        return z;
    }

    public static byte[] encryptKey(Context context, String str, byte[] bArr) {
        try {
            return cipherMessage(bArr, getCipherKey(context, str, context.getFileStreamPath("SHealthSalt")), true);
        } catch (UnsupportedEncodingException | GeneralSecurityException e) {
            LogUtil.LOGE(TAG, "Failed to encrypt key", e);
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* JADX WARN: Code restructure failed: missing block: B:15:0x007f, code lost:
    
        if (com.samsung.android.service.health.security.DbChecker.isDbKeyValid(r11, r13, "KeyGenDPW_InvalidDb") != false) goto L36;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static synchronized byte[] generateDbKeyInLocal(android.content.Context r11, java.lang.String r12, byte[] r13) {
        /*
            r6 = 0
            java.lang.Class<com.samsung.android.service.health.security.KeyOperation> r7 = com.samsung.android.service.health.security.KeyOperation.class
            monitor-enter(r7)
            r4 = 0
            if (r13 != 0) goto L29
            boolean r8 = doesKeyFileExist(r11)     // Catch: java.lang.Exception -> L3a java.lang.Throwable -> L54
            if (r8 == 0) goto L1a
            java.lang.String r8 = "KeyGenDPW_AlreadyExists"
            r9 = 1
            com.samsung.android.service.health.security.ServiceLogger.doKmLogging(r11, r8, r9)     // Catch: java.lang.Exception -> L3a java.lang.Throwable -> L54
            byte[] r6 = getDbKeyFromKeyFile(r11, r12)     // Catch: java.lang.Exception -> L3a java.lang.Throwable -> L54
        L18:
            monitor-exit(r7)
            return r6
        L1a:
            r3 = 0
        L1b:
            r8 = 3
            if (r3 >= r8) goto L29
            r8 = 1024(0x400, float:1.435E-42)
            java.security.Key r8 = createNewSecretKey(r8)     // Catch: java.lang.Throwable -> L54 java.lang.Exception -> L57
            byte[] r13 = r8.getEncoded()     // Catch: java.lang.Throwable -> L54 java.lang.Exception -> L57
            r4 = 1
        L29:
            r8 = 1
            boolean r8 = com.samsung.android.service.health.security.DbChecker.isDbAlreadyExist(r11, r8)     // Catch: java.lang.Exception -> L3a java.lang.Throwable -> L54
            if (r8 == 0) goto L81
            if (r4 == 0) goto L78
            java.lang.String r8 = "KeyGenDPW_denied"
            r9 = 1
            com.samsung.android.service.health.security.ServiceLogger.doKmLogging(r11, r8, r9)     // Catch: java.lang.Exception -> L3a java.lang.Throwable -> L54
            goto L18
        L3a:
            r0 = move-exception
            java.lang.StringBuilder r8 = new java.lang.StringBuilder     // Catch: java.lang.Throwable -> L54
            java.lang.String r9 = "KeyGenDPW1:"
            r8.<init>(r9)     // Catch: java.lang.Throwable -> L54
            java.lang.String r9 = r0.getMessage()     // Catch: java.lang.Throwable -> L54
            java.lang.StringBuilder r8 = r8.append(r9)     // Catch: java.lang.Throwable -> L54
            java.lang.String r8 = r8.toString()     // Catch: java.lang.Throwable -> L54
            r9 = 1
            com.samsung.android.service.health.security.ServiceLogger.doKmLogging(r11, r8, r9)     // Catch: java.lang.Throwable -> L54
            goto L18
        L54:
            r6 = move-exception
            monitor-exit(r7)
            throw r6
        L57:
            r0 = move-exception
            java.lang.String r8 = com.samsung.android.service.health.security.KeyOperation.TAG     // Catch: java.lang.Exception -> L3a java.lang.Throwable -> L54
            java.lang.StringBuilder r9 = new java.lang.StringBuilder     // Catch: java.lang.Exception -> L3a java.lang.Throwable -> L54
            java.lang.String r10 = "create key failed due to : "
            r9.<init>(r10)     // Catch: java.lang.Exception -> L3a java.lang.Throwable -> L54
            java.lang.String r10 = r0.getMessage()     // Catch: java.lang.Exception -> L3a java.lang.Throwable -> L54
            java.lang.StringBuilder r9 = r9.append(r10)     // Catch: java.lang.Exception -> L3a java.lang.Throwable -> L54
            java.lang.String r9 = r9.toString()     // Catch: java.lang.Exception -> L3a java.lang.Throwable -> L54
            com.samsung.android.sdk.healthdata.privileged.util.LogUtil.LOGE(r8, r9)     // Catch: java.lang.Exception -> L3a java.lang.Throwable -> L54
            r8 = 2
            if (r3 != r8) goto L75
            throw r0     // Catch: java.lang.Exception -> L3a java.lang.Throwable -> L54
        L75:
            int r3 = r3 + 1
            goto L1b
        L78:
            java.lang.String r8 = "KeyGenDPW_InvalidDb"
            boolean r8 = com.samsung.android.service.health.security.DbChecker.isDbKeyValid(r11, r13, r8)     // Catch: java.lang.Exception -> L3a java.lang.Throwable -> L54
            if (r8 == 0) goto L18
        L81:
            byte[] r1 = encryptKey(r11, r12, r13)     // Catch: java.lang.Exception -> L3a java.lang.Throwable -> L54
            java.lang.String r8 = "encryptedKeystore"
            boolean r8 = saveBytesToFile(r11, r1, r8)     // Catch: java.lang.Exception -> L3a java.lang.Throwable -> L54
            if (r8 != 0) goto La1
            java.lang.String r8 = "encryptedKeystore"
            java.io.File r2 = r11.getFileStreamPath(r8)     // Catch: java.lang.Exception -> L3a java.lang.Throwable -> L54
            r2.delete()     // Catch: java.lang.Exception -> L3a java.lang.Throwable -> L54
            java.lang.String r8 = "KeyGenDPW2"
            r9 = 1
            com.samsung.android.service.health.security.ServiceLogger.doKmLogging(r11, r8, r9)     // Catch: java.lang.Exception -> L3a java.lang.Throwable -> L54
            goto L18
        La1:
            byte[] r5 = getDbKeyFromKeyFile(r11, r12)     // Catch: java.lang.Exception -> L3a java.lang.Throwable -> L54
            boolean r8 = java.util.Arrays.equals(r5, r13)     // Catch: java.lang.Exception -> L3a java.lang.Throwable -> L54
            if (r8 != 0) goto Lb4
            java.lang.String r8 = "KeyGenDPW3"
            r9 = 1
            com.samsung.android.service.health.security.ServiceLogger.doKmLogging(r11, r8, r9)     // Catch: java.lang.Exception -> L3a java.lang.Throwable -> L54
            goto L18
        Lb4:
            r6 = r13
            goto L18
        */
        throw new UnsupportedOperationException("Method not decompiled: com.samsung.android.service.health.security.KeyOperation.generateDbKeyInLocal(android.content.Context, java.lang.String, byte[]):byte[]");
    }

    private static byte[] generateRandom(int i) {
        try {
            byte[] bArr = new byte[i];
            SecureRandom.getInstance("SHA1PRNG").nextBytes(bArr);
            return Arrays.copyOfRange(Base64.encode(bArr, 0), 0, i);
        } catch (NoSuchAlgorithmException e) {
            throw new SecurityException("SHA1PRNG not available", e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static synchronized byte[] getAndRecoverDbKeyFromKeyFile(Context context, String str) {
        byte[] dbKeyFromKeyFile;
        synchronized (KeyOperation.class) {
            dbKeyFromKeyFile = getDbKeyFromKeyFile(context, str);
            boolean z = true;
            if (dbKeyFromKeyFile == null) {
                dbKeyFromKeyFile = getDbKeyFromTempKeyFile(context, str);
                z = false;
            }
            if (dbKeyFromKeyFile == null) {
                ServiceLogger.doKmLogging(context, "GetDbKeyFail", true);
            } else if (!DbChecker.isDbKeyValid(context, dbKeyFromKeyFile, "GetAndRecover")) {
                ServiceLogger.doKmLogging(context, "RcDbKeyWrongKey", true);
            } else if (!z && !saveAndCheckDbKey(context, dbKeyFromKeyFile, str, "encryptedKeystore", "RecoverKf")) {
                ServiceLogger.doKmLogging(context, "RcDbKeyRecoverFail", true);
            }
            dbKeyFromKeyFile = null;
        }
        return dbKeyFromKeyFile;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static byte[] getByteFromFile(Context context, String str) throws IOException {
        return getByteFromFile(context.getFileStreamPath(str));
    }

    private static byte[] getByteFromFile(File file) throws IOException {
        int length = (int) file.length();
        byte[] bArr = new byte[length];
        if (length == 0) {
            return bArr;
        }
        try {
            BufferedInputStream bufferedInputStream = new BufferedInputStream(new FileInputStream(file));
            try {
                bufferedInputStream.read(bArr);
                bufferedInputStream.close();
            } catch (Throwable th) {
                if (0 != 0) {
                    try {
                        bufferedInputStream.close();
                    } catch (Throwable th2) {
                    }
                } else {
                    bufferedInputStream.close();
                }
                throw th;
            }
        } catch (IOException e) {
            LogUtil.LOGE(TAG, "IOException occurred", e);
            bArr = null;
        }
        return bArr;
    }

    private static byte[] getCipherKey(Context context, String str, File file) throws UnsupportedEncodingException, NoSuchAlgorithmException, InvalidKeySpecException {
        try {
            SecretKey secretKey = getSecretKey(str, getSalt(file), 256);
            if (secretKey != null) {
                return secretKey.getEncoded();
            }
            ServiceLogger.doKoLogging(context, "FAIL_GET_KEY", true);
            LogUtil.LOGD(TAG, "Fails to create new key for secure DB");
            return null;
        } catch (IOException e) {
            ServiceLogger.doKoLogging(context, "FAIL_GET_SALT : " + e.getMessage(), true);
            return null;
        }
    }

    public static synchronized byte[] getDbKeyFromFile(Context context, String str, File file, File file2) {
        byte[] bArr;
        synchronized (KeyOperation.class) {
            byte[] storedKey = getStoredKey(context, file);
            if (storedKey == null || storedKey.length == 0) {
                bArr = null;
            } else {
                bArr = decryptKey(context, str, storedKey, file2);
                if (bArr == null) {
                    bArr = null;
                }
            }
        }
        return bArr;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static byte[] getDbKeyFromKeyFile(Context context, String str) {
        return getDbKeyFromFile(context, str, context.getFileStreamPath("encryptedKeystore"), context.getFileStreamPath("SHealthSalt"));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static byte[] getDbKeyFromTempKeyFile(Context context, String str) {
        return getDbKeyFromFile(context, str, context.getFileStreamPath("TempEncryptedKeystore"), context.getFileStreamPath("SHealthSalt"));
    }

    public static String getDefaultPassword(Context context) {
        String string = Settings.Secure.getString(context.getContentResolver(), "android_id");
        if (string != null && !string.isEmpty()) {
            return getTransformedPassword(context, string);
        }
        ServiceLogger.doKmLogging(context, "DefaultPW0", true);
        return null;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static synchronized long getKeyFileLastModified(Context context) {
        long lastModified;
        synchronized (KeyOperation.class) {
            lastModified = doesKeyFileExist(context) ? context.getFileStreamPath("encryptedKeystore").lastModified() : -1L;
        }
        return lastModified;
    }

    private static byte[] getMessageDigest(Context context, String str, String str2) {
        try {
            return MessageDigest.getInstance(str2).digest(str.getBytes(StandardCharsets.UTF_8));
        } catch (NoSuchAlgorithmException e) {
            ServiceLogger.doKoLogging(context, "NoAlgo_" + str2, true);
            return null;
        }
    }

    private static byte[] getSalt(File file) throws IOException {
        byte[] byteFromFile;
        for (int i = 0; i < 10; i++) {
            byte[] byteFromFile2 = getByteFromFile(file);
            if (byteFromFile2 != null) {
                if (byteFromFile2.length == 0) {
                    for (int i2 = 0; i2 < 10; i2++) {
                        byte[] generateRandom = generateRandom(128);
                        if (saveBytesToFile(generateRandom, file) && (byteFromFile = getByteFromFile(file)) != null && byteFromFile.length == 128 && Arrays.equals(generateRandom, byteFromFile)) {
                            return generateRandom;
                        }
                        try {
                            Thread.sleep(100L);
                        } catch (InterruptedException e) {
                        }
                    }
                } else if (byteFromFile2.length == 128) {
                    return byteFromFile2;
                }
            }
            try {
                Thread.sleep(100L);
            } catch (InterruptedException e2) {
            }
        }
        throw new IOException("Fail to get salt");
    }

    private static SecretKey getSecretKey(String str, byte[] bArr, int i) throws UnsupportedEncodingException, NoSuchAlgorithmException, InvalidKeySpecException {
        return SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1").generateSecret(new PBEKeySpec(str.toCharArray(), bArr, VideoVisitConstants.VISIT_RESULT_PROVIDER_GONE, i));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static byte[] getSecureMd(Context context, String str) {
        return getMessageDigest(context, str, "SHA256");
    }

    private static byte[] getStoredKey(Context context, File file) {
        try {
            byte[] byteFromFile = getByteFromFile(file);
            if (byteFromFile == null) {
                return byteFromFile;
            }
            LogUtil.LOGD(TAG, "KF size = " + byteFromFile.length);
            return byteFromFile;
        } catch (IOException e) {
            ServiceLogger.doKoLogging(context, "KEYIO0 : " + e.getMessage(), true);
            return null;
        }
    }

    public static String getTransformedPassword(Context context, String str) {
        byte[] messageDigest = getMessageDigest(context, str, "MD5");
        if (messageDigest == null) {
            return null;
        }
        return KeyManager.getInstance().getMagic(messageDigest);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static boolean removeKeyFiles(Context context) {
        return context.getFileStreamPath("encryptedKeystore").delete() && context.getFileStreamPath("SHealthSalt").delete();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static synchronized boolean saveAndCheckDbKey(Context context, byte[] bArr, String str, String str2, String str3) {
        boolean z = false;
        synchronized (KeyOperation.class) {
            byte[] encryptKey = encryptKey(context, str, bArr);
            if (encryptKey != null) {
                if (saveBytesToFile(context, encryptKey, str2)) {
                    if (Arrays.equals(getDbKeyFromFile(context, str, context.getFileStreamPath(str2), context.getFileStreamPath("SHealthSalt")), bArr)) {
                        z = true;
                    } else {
                        ServiceLogger.doKmLogging(context, str3 + "RechkFail", true);
                    }
                } else if (context.deleteFile(str2)) {
                    ServiceLogger.doKmLogging(context, str3 + "SaveFail", true);
                } else {
                    ServiceLogger.doKmLogging(context, str3 + "SaveAndDeleteFail", true);
                }
            }
        }
        return z;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static synchronized boolean saveBytesToFile(Context context, byte[] bArr, String str) {
        boolean saveBytesToFile;
        synchronized (KeyOperation.class) {
            saveBytesToFile = saveBytesToFile(bArr, context.getFileStreamPath(str));
        }
        return saveBytesToFile;
    }

    /* JADX WARN: Removed duplicated region for block: B:22:0x0038 A[Catch: IOException -> 0x0026, all -> 0x003c, TRY_ENTER, TRY_LEAVE, TryCatch #2 {IOException -> 0x0026, blocks: (B:6:0x0004, B:10:0x0015, B:25:0x0022, B:23:0x0025, B:22:0x0038), top: B:5:0x0004, outer: #5 }] */
    /* JADX WARN: Removed duplicated region for block: B:24:0x0022 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private static synchronized boolean saveBytesToFile(byte[] r7, java.io.File r8) {
        /*
            java.lang.Class<com.samsung.android.service.health.security.KeyOperation> r5 = com.samsung.android.service.health.security.KeyOperation.class
            monitor-enter(r5)
            r2 = 1
            java.io.BufferedOutputStream r0 = new java.io.BufferedOutputStream     // Catch: java.io.IOException -> L26 java.lang.Throwable -> L3c
            java.io.FileOutputStream r3 = new java.io.FileOutputStream     // Catch: java.io.IOException -> L26 java.lang.Throwable -> L3c
            r3.<init>(r8)     // Catch: java.io.IOException -> L26 java.lang.Throwable -> L3c
            r0.<init>(r3)     // Catch: java.io.IOException -> L26 java.lang.Throwable -> L3c
            r4 = 0
            r0.write(r7)     // Catch: java.lang.Throwable -> L1a java.lang.Throwable -> L45
            r0.flush()     // Catch: java.lang.Throwable -> L1a java.lang.Throwable -> L45
            r0.close()     // Catch: java.io.IOException -> L26 java.lang.Throwable -> L3c
        L18:
            monitor-exit(r5)
            return r2
        L1a:
            r3 = move-exception
            throw r3     // Catch: java.lang.Throwable -> L1c
        L1c:
            r4 = move-exception
            r6 = r4
            r4 = r3
            r3 = r6
        L20:
            if (r4 == 0) goto L38
            r0.close()     // Catch: java.io.IOException -> L26 java.lang.Throwable -> L3c java.lang.Throwable -> L43
        L25:
            throw r3     // Catch: java.io.IOException -> L26 java.lang.Throwable -> L3c
        L26:
            r1 = move-exception
            java.lang.String r4 = com.samsung.android.service.health.security.KeyOperation.TAG     // Catch: java.lang.Throwable -> L3c
            java.lang.String r3 = r1.getMessage()     // Catch: java.lang.Throwable -> L3c
            if (r3 == 0) goto L3f
            java.lang.String r3 = r1.getMessage()     // Catch: java.lang.Throwable -> L3c
        L33:
            com.samsung.android.sdk.healthdata.privileged.util.LogUtil.LOGE(r4, r3)     // Catch: java.lang.Throwable -> L3c
            r2 = 0
            goto L18
        L38:
            r0.close()     // Catch: java.io.IOException -> L26 java.lang.Throwable -> L3c
            goto L25
        L3c:
            r3 = move-exception
            monitor-exit(r5)
            throw r3
        L3f:
            java.lang.String r3 = "IOException occurred"
            goto L33
        L43:
            r4 = move-exception
            goto L25
        L45:
            r3 = move-exception
            goto L20
        */
        throw new UnsupportedOperationException("Method not decompiled: com.samsung.android.service.health.security.KeyOperation.saveBytesToFile(byte[], java.io.File):boolean");
    }
}
