package com.vk.core.preference.crypto;

import android.content.Context;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import com.vk.core.preference.crypto.i;
import java.math.BigInteger;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.RSAKeyGenParameterSpec;
import java.util.Calendar;
import java.util.Date;
import java.util.concurrent.CountDownLatch;
import java.util.concurrent.Executor;
import java.util.concurrent.locks.ReentrantLock;
import java.util.concurrent.locks.ReentrantReadWriteLock;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;
import kotlin.Unit;
import kotlin.jvm.functions.Function0;
import kotlin.jvm.functions.Function1;
import kotlin.jvm.internal.Intrinsics;
import org.jetbrains.annotations.NotNull;

/* loaded from: classes3.dex */
public final class c implements i {

    /* renamed from: a, reason: collision with root package name */
    @NotNull
    public final j f45769a;

    /* renamed from: b, reason: collision with root package name */
    @NotNull
    public final ReentrantReadWriteLock f45770b;

    /* renamed from: c, reason: collision with root package name */
    public final Context f45771c;

    /* renamed from: d, reason: collision with root package name */
    @NotNull
    public final Date f45772d;

    /* renamed from: e, reason: collision with root package name */
    @NotNull
    public final Date f45773e;

    /* renamed from: f, reason: collision with root package name */
    @NotNull
    public final CountDownLatch f45774f;

    /* renamed from: g, reason: collision with root package name */
    public KeyStore f45775g;

    /* renamed from: h, reason: collision with root package name */
    public Cipher f45776h;

    /* renamed from: i, reason: collision with root package name */
    @NotNull
    public final ReentrantLock f45777i;

    public c(@NotNull Context context, @NotNull Executor initExecutor, @NotNull final Function1<? super Exception, Unit> exceptionHandler, @NotNull j keyStorage, @NotNull final Function0<Unit> masterKeyCreationCallback) {
        Intrinsics.checkNotNullParameter(context, "context");
        Intrinsics.checkNotNullParameter(initExecutor, "initExecutor");
        Intrinsics.checkNotNullParameter(exceptionHandler, "exceptionHandler");
        Intrinsics.checkNotNullParameter(keyStorage, "keyStorage");
        Intrinsics.checkNotNullParameter(masterKeyCreationCallback, "masterKeyCreationCallback");
        this.f45769a = keyStorage;
        this.f45770b = new ReentrantReadWriteLock();
        this.f45771c = context.getApplicationContext();
        this.f45774f = new CountDownLatch(1);
        this.f45777i = new ReentrantLock();
        Calendar calendar = Calendar.getInstance();
        Date time = calendar.getTime();
        Intrinsics.checkNotNullExpressionValue(time, "calendar.time");
        this.f45772d = time;
        calendar.add(1, 30);
        Date time2 = calendar.getTime();
        Intrinsics.checkNotNullExpressionValue(time2, "calendar.time");
        this.f45773e = time2;
        initExecutor.execute(new Runnable() { // from class: com.vk.core.preference.crypto.a
            @Override // java.lang.Runnable
            public final void run() {
                c this$0 = c.this;
                Intrinsics.checkNotNullParameter(this$0, "this$0");
                Function1 exceptionHandler2 = exceptionHandler;
                Intrinsics.checkNotNullParameter(exceptionHandler2, "$exceptionHandler");
                Function0 masterKeyCreationCallback2 = masterKeyCreationCallback;
                Intrinsics.checkNotNullParameter(masterKeyCreationCallback2, "$masterKeyCreationCallback");
                this$0.getClass();
                Intrinsics.checkNotNullParameter(exceptionHandler2, "exceptionHandler");
                Intrinsics.checkNotNullParameter(masterKeyCreationCallback2, "masterKeyCreationCallback");
                ReentrantReadWriteLock reentrantReadWriteLock = this$0.f45770b;
                ReentrantReadWriteLock.ReadLock readLock = reentrantReadWriteLock.readLock();
                int i2 = 0;
                int readHoldCount = reentrantReadWriteLock.getWriteHoldCount() == 0 ? reentrantReadWriteLock.getReadHoldCount() : 0;
                for (int i3 = 0; i3 < readHoldCount; i3++) {
                    readLock.unlock();
                }
                ReentrantReadWriteLock.WriteLock writeLock = reentrantReadWriteLock.writeLock();
                writeLock.lock();
                CountDownLatch countDownLatch = this$0.f45774f;
                try {
                    if (countDownLatch.getCount() == 0) {
                        while (i2 < readHoldCount) {
                            readLock.lock();
                            i2++;
                        }
                        writeLock.unlock();
                        return;
                    }
                    try {
                        try {
                            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
                            Intrinsics.checkNotNullExpressionValue(keyStore, "getInstance(\"AndroidKeyStore\")");
                            this$0.f45775g = keyStore;
                            if (keyStore == null) {
                                Intrinsics.throwUninitializedPropertyAccessException("keyStore");
                                keyStore = null;
                            }
                            keyStore.load(null);
                            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
                            Intrinsics.checkNotNullExpressionValue(cipher, "getInstance(AES_CIPHER_SUIT)");
                            this$0.f45776h = cipher;
                            if (!this$0.e()) {
                                this$0.b();
                                masterKeyCreationCallback2.invoke();
                            }
                        } catch (Exception e2) {
                            exceptionHandler2.invoke(new EncryptionException("Failed to run init", e2));
                        }
                        countDownLatch.countDown();
                        Unit unit = Unit.INSTANCE;
                    } catch (Throwable th) {
                        countDownLatch.countDown();
                        throw th;
                    }
                } finally {
                    while (i2 < readHoldCount) {
                        readLock.lock();
                        i2++;
                    }
                    writeLock.unlock();
                }
            }
        });
    }

    public final byte[] a(@NotNull String keyAlias, @NotNull i.a data) {
        Intrinsics.checkNotNullParameter(keyAlias, "keyAlias");
        Intrinsics.checkNotNullParameter(data, "data");
        ReentrantReadWriteLock.ReadLock readLock = this.f45770b.readLock();
        readLock.lock();
        try {
            if (this.f45774f.getCount() > 0) {
                throw new EncryptionException("Manager is not initialized");
            }
            if (!e()) {
                throw new EncryptionException("Cannot perform operations without master key");
            }
            Unit unit = Unit.INSTANCE;
            readLock.unlock();
            byte[] c2 = c(keyAlias);
            if (c2 == null) {
                throw new EncryptionException(a.l.a("No key with alias ", keyAlias));
            }
            try {
                ReentrantLock reentrantLock = this.f45777i;
                reentrantLock.lock();
                try {
                    SecretKeySpec secretKeySpec = new SecretKeySpec(c2, "AES");
                    Cipher cipher = this.f45776h;
                    Cipher cipher2 = null;
                    if (cipher == null) {
                        Intrinsics.throwUninitializedPropertyAccessException("aesCipher");
                        cipher = null;
                    }
                    cipher.init(2, secretKeySpec, new IvParameterSpec(data.f45791b));
                    Cipher cipher3 = this.f45776h;
                    if (cipher3 == null) {
                        Intrinsics.throwUninitializedPropertyAccessException("aesCipher");
                    } else {
                        cipher2 = cipher3;
                    }
                    byte[] doFinal = cipher2.doFinal(data.f45790a);
                    reentrantLock.unlock();
                    Intrinsics.checkNotNullExpressionValue(doFinal, "{\n            cipherLock…)\n            }\n        }");
                    return doFinal;
                } catch (Throwable th) {
                    reentrantLock.unlock();
                    throw th;
                }
            } catch (Exception e2) {
                throw new EncryptionException("Failed to decrypt with aes key", e2);
            }
        } catch (Throwable th2) {
            readLock.unlock();
            throw th2;
        }
    }

    public final void b() {
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
            keyPairGenerator.initialize(d());
            keyPairGenerator.generateKeyPair();
        } catch (Exception e2) {
            throw new EncryptionException("Failed to generate master key", e2);
        }
    }

    public final byte[] c(String str) {
        byte[] bArr = this.f45769a.get(str);
        if (bArr == null) {
            com.vk.log.b.g(a.l.a("No key with alias ", str));
            return null;
        }
        try {
            Cipher cipher = Cipher.getInstance("RSA/NONE/PKCS1Padding");
            KeyStore keyStore = this.f45775g;
            if (keyStore == null) {
                Intrinsics.throwUninitializedPropertyAccessException("keyStore");
                keyStore = null;
            }
            cipher.init(2, keyStore.getKey("ALIAS_MASTER_KEY", null));
            byte[] encodedKey = cipher.doFinal(bArr);
            Intrinsics.checkNotNullExpressionValue(encodedKey, "{\n            val cipher…r.doFinal(data)\n        }");
            Intrinsics.checkNotNullParameter(encodedKey, "encodedKey");
            return encodedKey;
        } catch (Exception e2) {
            throw new EncryptionException("Failed to decrypt with master key", e2);
        }
    }

    public final AlgorithmParameterSpec d() {
        if (Build.VERSION.SDK_INT >= 23) {
            KeyGenParameterSpec build = new KeyGenParameterSpec.Builder("ALIAS_MASTER_KEY", 3).setKeySize(2048).setEncryptionPaddings("PKCS1Padding").setAlgorithmParameterSpec(new RSAKeyGenParameterSpec(2048, RSAKeyGenParameterSpec.F4)).setCertificateSubject(new X500Principal("CN=ALIAS_MASTER_KEY")).setCertificateSerialNumber(BigInteger.valueOf(Math.abs(1301899345))).build();
            Intrinsics.checkNotNullExpressionValue(build, "Builder(MASTER_KEY_ALIAS…()))\n            .build()");
            return build;
        }
        KeyPairGeneratorSpec build2 = new KeyPairGeneratorSpec.Builder(this.f45771c).setAlias("ALIAS_MASTER_KEY").setAlgorithmParameterSpec(new RSAKeyGenParameterSpec(2048, RSAKeyGenParameterSpec.F4)).setKeySize(2048).setSubject(new X500Principal("CN=ALIAS_MASTER_KEY")).setSerialNumber(BigInteger.valueOf(Math.abs(1301899345))).setStartDate(this.f45772d).setEndDate(this.f45773e).build();
        Intrinsics.checkNotNullExpressionValue(build2, "Builder(appContext)\n    …ate)\n            .build()");
        return build2;
    }

    public final boolean e() {
        KeyStore keyStore;
        try {
            keyStore = this.f45775g;
            if (keyStore == null) {
                Intrinsics.throwUninitializedPropertyAccessException("keyStore");
                keyStore = null;
            }
        } catch (Exception e2) {
            com.vk.log.b.l(e2, "Failed to retrieve master key");
        }
        return keyStore.getKey("ALIAS_MASTER_KEY", null) != null;
    }
}
