package com.dyadicsec.mobile.storage;

import android.content.Context;
import android.content.SharedPreferences;
import android.os.Build;
import android.util.Pair;
import com.dyadicsec.mobile.DYMobileUtils;
import com.dyadicsec.mobile.crypto.aesgcm.AESGCM;
import com.dyadicsec.mobile.crypto.dycrypto.DYCrypto;
import com.dyadicsec.mobile.utils.DYLog;
import java.io.UnsupportedEncodingException;
import java.security.SecureRandom;
import java.util.Collection;
import java.util.LinkedList;
import java.util.concurrent.Semaphore;
import q2d05f90d.g61b0d6a3.gb32b0209;
import runtime.Strings.StringIndexer;

/* loaded from: classes4.dex */
public class DYEncryptedStorage implements DYStorage {
    public static final String IV_SUFFIX = ".iv";
    public static final String TAG_SUFFIX = ".tag";
    private static final String a = "DYEncryptedStorage";
    private static final boolean b;
    private static final Semaphore c;
    private SharedPreferences d;

    static {
        b = Build.VERSION.SDK_INT < 23;
        c = new Semaphore(1, true);
    }

    public DYEncryptedStorage(Context context) {
        this.d = context.getSharedPreferences("dyadic_secure.dat", 0);
        if (!b) {
            if (DYCrypto.isEntryExists("pfrsb")) {
                return;
            }
            DYLog.v(a, "private enc key does not exist, creating");
            DYCrypto.generatePrivateKeyWithAndroidKeyStore("pfrsb");
            return;
        }
        if (DYCrypto.isEntryExists("ckcry") && this.d.contains("pfrsb")) {
            return;
        }
        DYLog.v(a, StringIndexer._getString("6514"));
        DYCrypto.generateLegacyEncryptDecryptKeyPairWithAndroidKeyStore("ckcry", context);
        byte[] bArr = new byte[32];
        new SecureRandom().nextBytes(bArr);
        byte[] encryptWithKeyPairUsingAndroidKeyStore = DYCrypto.encryptWithKeyPairUsingAndroidKeyStore("ckcry", bArr);
        SharedPreferences.Editor edit = this.d.edit();
        edit.putString("pfrsb", DYMobileUtils.BytesToBase64(encryptWithKeyPairUsingAndroidKeyStore));
        edit.commit();
    }

    private synchronized String a(String str) {
        byte[] decryptWithPrivateKeyUsingAndroidKeyStore;
        String str2 = a;
        DYLog.v(str2, "started decrypt");
        if (!b) {
            byte[] Base64ToBytes = DYMobileUtils.Base64ToBytes(gb32b0209.getString(this.d, str, null));
            byte[] Base64ToBytes2 = DYMobileUtils.Base64ToBytes(gb32b0209.getString(this.d, str + IV_SUFFIX, null));
            if (Base64ToBytes != null && Base64ToBytes2 != null) {
                if (Base64ToBytes2.length != 12) {
                    DYLog.e(str2, "iv length must be 12. got " + Base64ToBytes2.length);
                    return null;
                }
                decryptWithPrivateKeyUsingAndroidKeyStore = DYCrypto.decryptWithPrivateKeyUsingAndroidKeyStore("pfrsb", Base64ToBytes2, Base64ToBytes);
                if (decryptWithPrivateKeyUsingAndroidKeyStore == null) {
                    DYLog.e(str2, "failed to decrypted tokens db");
                    return null;
                }
            }
            DYLog.e(str2, "failed to read enc storage from disk");
            return null;
        }
        byte[] Base64ToBytes3 = DYMobileUtils.Base64ToBytes(gb32b0209.getString(this.d, str, null));
        byte[] Base64ToBytes4 = DYMobileUtils.Base64ToBytes(gb32b0209.getString(this.d, str + IV_SUFFIX, null));
        byte[] Base64ToBytes5 = DYMobileUtils.Base64ToBytes(gb32b0209.getString(this.d, str + TAG_SUFFIX, null));
        byte[] decryptWithKeyPairUsingAndroidKeyStore = DYCrypto.decryptWithKeyPairUsingAndroidKeyStore("ckcry", DYMobileUtils.Base64ToBytes(gb32b0209.getString(this.d, "pfrsb", null)));
        decryptWithPrivateKeyUsingAndroidKeyStore = new byte[Base64ToBytes3.length];
        if (!AESGCM.decryptAesGcm(decryptWithKeyPairUsingAndroidKeyStore, Base64ToBytes3, Base64ToBytes4, Base64ToBytes5, decryptWithPrivateKeyUsingAndroidKeyStore)) {
            DYLog.e(str2, "AESGCM Failed");
        }
        DYLog.v(str2, "decrypt done");
        try {
            return new String(decryptWithPrivateKeyUsingAndroidKeyStore, "UTF8");
        } catch (UnsupportedEncodingException e) {
            DYLog.e(a, "UnsupportedEncodingException", e);
            return null;
        }
    }

    private synchronized boolean a(String str, String str2) {
        boolean commit;
        String str3 = a;
        DYLog.v(str3, "started encrypt");
        SharedPreferences.Editor edit = this.d.edit();
        if (b) {
            byte[] decryptWithKeyPairUsingAndroidKeyStore = DYCrypto.decryptWithKeyPairUsingAndroidKeyStore("ckcry", DYMobileUtils.Base64ToBytes(gb32b0209.getString(this.d, "pfrsb", null)));
            try {
                byte[] bArr = new byte[str2.getBytes("UTF8").length];
                byte[] bArr2 = new byte[12];
                new SecureRandom().nextBytes(bArr2);
                byte[] encryptAesGcm = AESGCM.encryptAesGcm(decryptWithKeyPairUsingAndroidKeyStore, str2.getBytes(), bArr2, bArr);
                edit.putString(str + IV_SUFFIX, DYMobileUtils.BytesToBase64(bArr2));
                edit.putString(str + TAG_SUFFIX, DYMobileUtils.BytesToBase64(encryptAesGcm));
                edit.putString(str, DYMobileUtils.BytesToBase64(bArr));
                commit = edit.commit();
                DYLog.v(str3, commit ? "legacy encrypted storage successfully wrote data to disk successfully" : "failed to write legacy encrypted data to disk");
            } catch (UnsupportedEncodingException e) {
                DYLog.e(a, "UnsupportedEncodingException", e);
                return false;
            }
        } else {
            Pair<byte[], byte[]> encryptWithPrivateKeyUsingAndroidKeyStore = DYCrypto.encryptWithPrivateKeyUsingAndroidKeyStore("pfrsb", str2.getBytes());
            edit.putString(str, DYMobileUtils.BytesToBase64((byte[]) encryptWithPrivateKeyUsingAndroidKeyStore.first));
            edit.putString(str + IV_SUFFIX, DYMobileUtils.BytesToBase64((byte[]) encryptWithPrivateKeyUsingAndroidKeyStore.second));
            commit = edit.commit();
            DYLog.v(str3, commit ? "encrypted storage successfully wrote data to disk successfully" : "failed to write encrypted data to disk");
        }
        DYLog.v(str3, "encrypt done");
        return commit;
    }

    public static void convertFromDefaultToEncrypted(Context context) {
        DYDefaultStorage dYDefaultStorage = new DYDefaultStorage(context);
        Collection<String> keys = dYDefaultStorage.getKeys();
        if (keys == null || keys.size() <= 0) {
            return;
        }
        DYLog.d(a, StringIndexer._getString("6515"));
        DYEncryptedStorage dYEncryptedStorage = new DYEncryptedStorage(context);
        for (String str : keys) {
            dYEncryptedStorage.store(str, dYDefaultStorage.load(str));
            dYDefaultStorage.remove(str);
        }
        DYLog.d(a, "moved " + String.valueOf(keys.size()) + " tokens from default storage to encrypted");
    }

    @Override // com.dyadicsec.mobile.storage.DYStorage
    public Collection<String> getKeys() {
        try {
            c.acquire();
        } catch (InterruptedException e) {
            e.printStackTrace();
        }
        LinkedList linkedList = new LinkedList();
        for (String str : this.d.getAll().keySet()) {
            if (!str.contains(IV_SUFFIX) && !str.contains(TAG_SUFFIX) && !str.contains("pfrsb")) {
                linkedList.add(str);
            }
        }
        c.release();
        return linkedList;
    }

    @Override // com.dyadicsec.mobile.storage.DYStorage
    public String load(String str) {
        try {
            c.acquire();
        } catch (InterruptedException e) {
            e.printStackTrace();
        }
        String a2 = a(str);
        c.release();
        return a2;
    }

    @Override // com.dyadicsec.mobile.storage.DYStorage
    public boolean remove(String str) {
        try {
            c.acquire();
        } catch (InterruptedException e) {
            e.printStackTrace();
        }
        SharedPreferences.Editor edit = this.d.edit();
        edit.remove(str);
        edit.remove(str + IV_SUFFIX);
        if (b) {
            edit.remove(str + TAG_SUFFIX);
        }
        boolean commit = edit.commit();
        c.release();
        return commit;
    }

    @Override // com.dyadicsec.mobile.storage.DYStorage
    public boolean store(String str, String str2) {
        try {
            c.acquire();
        } catch (InterruptedException e) {
            e.printStackTrace();
        }
        c.release();
        return a(str, str2);
    }
}
