package com.server.auditor.ssh.client.i.z;

import android.os.Build;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import com.amazonaws.mobileconnectors.s3.transferutility.TransferTable;
import com.amazonaws.services.s3.internal.crypto.JceEncryptionConstants;
import com.server.auditor.ssh.client.app.h;
import java.security.KeyStore;
import java.util.Objects;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.spec.GCMParameterSpec;
import u.e0.d.l;
import u.o;

/* loaded from: classes2.dex */
public final class b extends d {
    private final KeyStore a;
    private final h b;
    private final String c;
    private final String d;
    private final a e;
    private KeyStore.SecretKeyEntry f;

    /* loaded from: classes2.dex */
    public static final class a {
        private final int a = 1;

        public final byte[] a(byte[] bArr, byte[] bArr2) {
            byte[] j;
            byte[] k;
            byte[] k2;
            l.e(bArr, "input");
            l.e(bArr2, "iv");
            j = u.z.h.j(new byte[0], (byte) bArr2.length);
            k = u.z.h.k(j, bArr2);
            k2 = u.z.h.k(k, bArr);
            return k2;
        }

        public final o<byte[], byte[]> b(byte[] bArr) {
            byte[] g;
            byte[] g2;
            l.e(bArr, "input");
            byte b = bArr[0];
            int i = this.a;
            g = u.z.h.g(bArr, i, i + b);
            g2 = u.z.h.g(bArr, this.a + b, bArr.length);
            return new o<>(g, g2);
        }
    }

    public b(KeyStore keyStore, h hVar) {
        l.e(keyStore, "androidKeyStore");
        l.e(hVar, "keyValueRepository");
        this.a = keyStore;
        this.b = hVar;
        this.c = "termius_secret_key_api23_v1";
        this.d = "AES/GCM/NoPadding";
        this.e = new a();
    }

    private final Cipher f(byte[] bArr) {
        Cipher cipher = Cipher.getInstance(this.d);
        GCMParameterSpec gCMParameterSpec = new GCMParameterSpec(128, bArr);
        KeyStore.SecretKeyEntry secretKeyEntry = this.f;
        if (secretKeyEntry == null) {
            l.t("keyEntry");
            throw null;
        }
        cipher.init(2, secretKeyEntry.getSecretKey(), gCMParameterSpec);
        l.d(cipher, "cipher");
        return cipher;
    }

    private final Cipher g() {
        Cipher cipher = Cipher.getInstance(this.d);
        KeyStore.SecretKeyEntry secretKeyEntry = this.f;
        if (secretKeyEntry == null) {
            l.t("keyEntry");
            throw null;
        }
        cipher.init(1, secretKeyEntry.getSecretKey());
        l.d(cipher, "cipher");
        return cipher;
    }

    private final byte[] h(String str) {
        byte[] decode = Base64.decode(str, 2);
        l.d(decode, "decode(input, Base64.NO_WRAP)");
        return decode;
    }

    private final String i(byte[] bArr) {
        String encodeToString = Base64.encodeToString(bArr, 2);
        l.d(encodeToString, "encodeToString(input, Base64.NO_WRAP)");
        return encodeToString;
    }

    @Override // com.server.auditor.ssh.client.i.z.d
    public h a() {
        return this.b;
    }

    @Override // com.server.auditor.ssh.client.i.z.d
    public void b() {
        if (Build.VERSION.SDK_INT < 23) {
            throw new IllegalStateException("AES cipher in AndroidKeyStore supports only on Android M and above.");
        }
        if (!this.a.isKeyEntry(this.c)) {
            KeyGenerator keyGenerator = KeyGenerator.getInstance(JceEncryptionConstants.SYMMETRIC_KEY_ALGORITHM, "AndroidKeyStore");
            KeyGenParameterSpec build = new KeyGenParameterSpec.Builder(this.c, 3).setBlockModes("GCM").setEncryptionPaddings("NoPadding").setKeySize(256).build();
            l.d(build, "Builder(\n                    termiusSecretKeyAliasV1,\n                    KeyProperties.PURPOSE_ENCRYPT or KeyProperties.PURPOSE_DECRYPT\n                )\n                    .setBlockModes(KeyProperties.BLOCK_MODE_GCM)\n                    .setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_NONE)\n                    .setKeySize(256)\n                    .build()");
            keyGenerator.init(build);
            keyGenerator.generateKey();
        }
        KeyStore.Entry entry = this.a.getEntry(this.c, null);
        Objects.requireNonNull(entry, "null cannot be cast to non-null type java.security.KeyStore.SecretKeyEntry");
        this.f = (KeyStore.SecretKeyEntry) entry;
        g();
    }

    @Override // com.server.auditor.ssh.client.i.z.d
    public byte[] c(String str, byte[] bArr) {
        l.e(str, TransferTable.COLUMN_KEY);
        l.e(bArr, "defaultValue");
        String string = a().getString(com.server.auditor.ssh.client.i.l.i(str), "");
        if (!(string == null || string.length() == 0)) {
            try {
                o<byte[], byte[]> b = this.e.b(h(string));
                bArr = f(b.a()).doFinal(b.b());
            } catch (Throwable unused) {
            }
            l.d(bArr, "{\n            try {\n                val (iv, encrypted) = packetEncoder.unpack(decode(encoded))\n                val cipher = createDecryptCipher(iv)\n                cipher.doFinal(encrypted)\n            } catch (t: Throwable) {\n                defaultValue\n            }\n        }");
        }
        return bArr;
    }

    @Override // com.server.auditor.ssh.client.i.z.d
    public void d(String str) {
        l.e(str, TransferTable.COLUMN_KEY);
        a().edit().remove(com.server.auditor.ssh.client.i.l.i(str)).apply();
    }

    @Override // com.server.auditor.ssh.client.i.z.d
    public void e(String str, byte[] bArr) {
        l.e(str, TransferTable.COLUMN_KEY);
        l.e(bArr, "value");
        Cipher g = g();
        byte[] doFinal = g.doFinal(bArr);
        a aVar = this.e;
        l.d(doFinal, "encrypted");
        byte[] iv = g.getIV();
        l.d(iv, "cipher.iv");
        String i = i(aVar.a(doFinal, iv));
        a().edit().putString(com.server.auditor.ssh.client.i.l.i(str), i).apply();
    }
}
