package com.server.auditor.ssh.client.i.c0;

import android.content.SharedPreferences;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import com.amazonaws.mobileconnectors.s3.transferutility.TransferTable;
import com.amazonaws.services.s3.internal.crypto.JceEncryptionConstants;
import com.server.auditor.ssh.client.app.TermiusApplication;
import java.math.BigInteger;
import java.nio.charset.Charset;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.util.GregorianCalendar;
import java.util.Objects;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.spec.GCMParameterSpec;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes2.dex */
public final class o implements g {

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes2.dex */
    public static final class a extends com.server.auditor.ssh.client.i.z.d {
        private final KeyStore a;
        private final com.server.auditor.ssh.client.app.h b;
        private final String c;
        private final String d;
        private KeyStore.PrivateKeyEntry e;

        public a(KeyStore keyStore, com.server.auditor.ssh.client.app.h hVar) {
            u.e0.d.l.e(keyStore, "androidKeyStore");
            u.e0.d.l.e(hVar, "keyValueRepository");
            this.a = keyStore;
            this.b = hVar;
            this.c = "termius_secret_key_pair_api21_v1";
            this.d = "RSA/ECB/PKCS1Padding";
        }

        private final Cipher f() {
            Cipher cipher = Cipher.getInstance(this.d);
            KeyStore.PrivateKeyEntry privateKeyEntry = this.e;
            if (privateKeyEntry == null) {
                u.e0.d.l.t("keyEntry");
                throw null;
            }
            cipher.init(2, privateKeyEntry.getPrivateKey());
            u.e0.d.l.d(cipher, "cipher");
            return cipher;
        }

        private final Cipher g() {
            Cipher cipher = Cipher.getInstance(this.d);
            KeyStore.PrivateKeyEntry privateKeyEntry = this.e;
            if (privateKeyEntry == null) {
                u.e0.d.l.t("keyEntry");
                throw null;
            }
            cipher.init(1, privateKeyEntry.getCertificate().getPublicKey());
            u.e0.d.l.d(cipher, "cipher");
            return cipher;
        }

        private final byte[] h(String str) {
            byte[] decode = Base64.decode(str, 2);
            u.e0.d.l.d(decode, "decode(input, Base64.NO_WRAP)");
            return decode;
        }

        private final String i(byte[] bArr) {
            String encodeToString = Base64.encodeToString(bArr, 2);
            u.e0.d.l.d(encodeToString, "encodeToString(input, Base64.NO_WRAP)");
            return encodeToString;
        }

        @Override // com.server.auditor.ssh.client.i.z.d
        public com.server.auditor.ssh.client.app.h a() {
            return this.b;
        }

        @Override // com.server.auditor.ssh.client.i.z.d
        public void b() {
            if (!this.a.isKeyEntry(this.c)) {
                KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
                GregorianCalendar gregorianCalendar = new GregorianCalendar();
                GregorianCalendar gregorianCalendar2 = new GregorianCalendar();
                gregorianCalendar2.add(1, 20);
                KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(TermiusApplication.n()).setAlias(this.c).setSubject(new X500Principal(u.e0.d.l.l("CN=", this.c))).setKeySize(3072).setStartDate(gregorianCalendar.getTime()).setEndDate(gregorianCalendar2.getTime()).setSerialNumber(BigInteger.valueOf(1337L)).build();
                u.e0.d.l.d(build, "Builder(TermiusApplication.getTermiusAppContext())\n                    // You'll use the alias later to retrieve the key.  It's a key for the key!\n                    .setAlias(termiusSecretKeyAliasV1)\n                    // The subject used for the self-signed certificate of the generated pair\n                    .setSubject(X500Principal(\"CN=$termiusSecretKeyAliasV1\"))\n                    // The key size is 3072 bit.\n                    .setKeySize(3072)\n                    .setStartDate(start.time)\n                    .setEndDate(end.time)\n                    // The serial number used for the self-signed certificate of the\n                    // generated pair.\n                    .setSerialNumber(BigInteger.valueOf(1337))\n                    .build()");
                keyPairGenerator.initialize(build);
                keyPairGenerator.genKeyPair();
            }
            KeyStore.Entry entry = this.a.getEntry(this.c, null);
            Objects.requireNonNull(entry, "null cannot be cast to non-null type java.security.KeyStore.PrivateKeyEntry");
            this.e = (KeyStore.PrivateKeyEntry) entry;
            g();
        }

        @Override // com.server.auditor.ssh.client.i.z.d
        public byte[] c(String str, byte[] bArr) {
            u.e0.d.l.e(str, TransferTable.COLUMN_KEY);
            u.e0.d.l.e(bArr, "defaultValue");
            String string = a().getString(str, "");
            if (!(string == null || string.length() == 0)) {
                try {
                    bArr = f().doFinal(h(string));
                } catch (Throwable unused) {
                }
                u.e0.d.l.d(bArr, "{\n                try {\n                    val encrypted = decode(encoded)\n                    val cipher = createDecryptCipher()\n                    cipher.doFinal(encrypted)\n                } catch (t: Throwable) {\n                    defaultValue\n                }\n            }");
            }
            return bArr;
        }

        @Override // com.server.auditor.ssh.client.i.z.d
        public void d(String str) {
            u.e0.d.l.e(str, TransferTable.COLUMN_KEY);
            a().edit().remove(str).apply();
        }

        @Override // com.server.auditor.ssh.client.i.z.d
        public void e(String str, byte[] bArr) {
            u.e0.d.l.e(str, TransferTable.COLUMN_KEY);
            u.e0.d.l.e(bArr, "value");
            byte[] doFinal = g().doFinal(bArr);
            SharedPreferences.Editor edit = a().edit();
            u.e0.d.l.d(doFinal, "encrypted");
            edit.putString(str, i(doFinal)).apply();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes2.dex */
    public static final class b extends com.server.auditor.ssh.client.i.z.d {
        private final KeyStore a;
        private final com.server.auditor.ssh.client.app.h b;
        private final String c;
        private final String d;
        private final a e;
        private KeyStore.SecretKeyEntry f;

        /* loaded from: classes2.dex */
        public static final class a {
            private final int a = 1;

            public final byte[] a(byte[] bArr, byte[] bArr2) {
                byte[] j;
                byte[] k;
                byte[] k2;
                u.e0.d.l.e(bArr, "input");
                u.e0.d.l.e(bArr2, "iv");
                j = u.z.h.j(new byte[0], (byte) bArr2.length);
                k = u.z.h.k(j, bArr2);
                k2 = u.z.h.k(k, bArr);
                return k2;
            }

            public final u.o<byte[], byte[]> b(byte[] bArr) {
                byte[] g;
                byte[] g2;
                u.e0.d.l.e(bArr, "input");
                byte b = bArr[0];
                int i = this.a;
                g = u.z.h.g(bArr, i, i + b);
                g2 = u.z.h.g(bArr, this.a + b, bArr.length);
                return new u.o<>(g, g2);
            }
        }

        public b(KeyStore keyStore, com.server.auditor.ssh.client.app.h hVar) {
            u.e0.d.l.e(keyStore, "androidKeyStore");
            u.e0.d.l.e(hVar, "keyValueRepository");
            this.a = keyStore;
            this.b = hVar;
            this.c = "termius_secret_key_api23_v1";
            this.d = "AES/GCM/NoPadding";
            this.e = new a();
        }

        private final Cipher f(byte[] bArr) {
            Cipher cipher = Cipher.getInstance(this.d);
            GCMParameterSpec gCMParameterSpec = new GCMParameterSpec(128, bArr);
            KeyStore.SecretKeyEntry secretKeyEntry = this.f;
            if (secretKeyEntry == null) {
                u.e0.d.l.t("keyEntry");
                throw null;
            }
            cipher.init(2, secretKeyEntry.getSecretKey(), gCMParameterSpec);
            u.e0.d.l.d(cipher, "cipher");
            return cipher;
        }

        private final Cipher g() {
            Cipher cipher = Cipher.getInstance(this.d);
            KeyStore.SecretKeyEntry secretKeyEntry = this.f;
            if (secretKeyEntry == null) {
                u.e0.d.l.t("keyEntry");
                throw null;
            }
            cipher.init(1, secretKeyEntry.getSecretKey());
            u.e0.d.l.d(cipher, "cipher");
            return cipher;
        }

        private final byte[] h(String str) {
            byte[] decode = Base64.decode(str, 2);
            u.e0.d.l.d(decode, "decode(input, Base64.NO_WRAP)");
            return decode;
        }

        private final String i(byte[] bArr) {
            String encodeToString = Base64.encodeToString(bArr, 2);
            u.e0.d.l.d(encodeToString, "encodeToString(input, Base64.NO_WRAP)");
            return encodeToString;
        }

        @Override // com.server.auditor.ssh.client.i.z.d
        public com.server.auditor.ssh.client.app.h a() {
            return this.b;
        }

        @Override // com.server.auditor.ssh.client.i.z.d
        public void b() {
            if (Build.VERSION.SDK_INT < 23) {
                throw new IllegalStateException("AES cipher in AndroidKeyStore supports only on Android M and above.");
            }
            if (!this.a.isKeyEntry(this.c)) {
                KeyGenerator keyGenerator = KeyGenerator.getInstance(JceEncryptionConstants.SYMMETRIC_KEY_ALGORITHM, "AndroidKeyStore");
                KeyGenParameterSpec build = new KeyGenParameterSpec.Builder(this.c, 3).setBlockModes("GCM").setEncryptionPaddings("NoPadding").setKeySize(256).build();
                u.e0.d.l.d(build, "Builder(\n                        termiusSecretKeyAliasV1,\n                        KeyProperties.PURPOSE_ENCRYPT or KeyProperties.PURPOSE_DECRYPT\n                    )\n                        .setBlockModes(KeyProperties.BLOCK_MODE_GCM)\n                        .setEncryptionPaddings(KeyProperties.ENCRYPTION_PADDING_NONE)\n                        .setKeySize(256)\n                        .build()");
                keyGenerator.init(build);
                keyGenerator.generateKey();
            }
            KeyStore.Entry entry = this.a.getEntry(this.c, null);
            Objects.requireNonNull(entry, "null cannot be cast to non-null type java.security.KeyStore.SecretKeyEntry");
            this.f = (KeyStore.SecretKeyEntry) entry;
            g();
        }

        @Override // com.server.auditor.ssh.client.i.z.d
        public byte[] c(String str, byte[] bArr) {
            u.e0.d.l.e(str, TransferTable.COLUMN_KEY);
            u.e0.d.l.e(bArr, "defaultValue");
            String string = a().getString(str, "");
            if (!(string == null || string.length() == 0)) {
                try {
                    u.o<byte[], byte[]> b = this.e.b(h(string));
                    bArr = f(b.a()).doFinal(b.b());
                } catch (Throwable unused) {
                }
                u.e0.d.l.d(bArr, "{\n                try {\n                    val (iv, encrypted) = packetEncoder.unpack(decode(encoded))\n                    val cipher = createDecryptCipher(iv)\n                    cipher.doFinal(encrypted)\n                } catch (t: Throwable) {\n                    defaultValue\n                }\n            }");
            }
            return bArr;
        }

        @Override // com.server.auditor.ssh.client.i.z.d
        public void d(String str) {
            u.e0.d.l.e(str, TransferTable.COLUMN_KEY);
            a().edit().remove(str).apply();
        }

        @Override // com.server.auditor.ssh.client.i.z.d
        public void e(String str, byte[] bArr) {
            u.e0.d.l.e(str, TransferTable.COLUMN_KEY);
            u.e0.d.l.e(bArr, "value");
            Cipher g = g();
            byte[] doFinal = g.doFinal(bArr);
            a aVar = this.e;
            u.e0.d.l.d(doFinal, "encrypted");
            byte[] iv = g.getIV();
            u.e0.d.l.d(iv, "cipher.iv");
            a().edit().putString(str, i(aVar.a(doFinal, iv))).apply();
        }
    }

    /* loaded from: classes2.dex */
    private static final class c {
        private final String a = "encrypted_storage_api_int";

        public final com.server.auditor.ssh.client.i.z.d a(KeyStore keyStore, com.server.auditor.ssh.client.app.h hVar, int i) {
            int i2;
            com.server.auditor.ssh.client.i.z.d dVar;
            u.e0.d.l.e(hVar, "keyValueRepository");
            try {
                if (hVar.contains(this.a)) {
                    i2 = hVar.getInt(this.a, i);
                } else {
                    hVar.edit().putInt(this.a, i).apply();
                    i2 = i;
                }
                if (i2 > i) {
                    com.crystalnix.terminal.utils.f.a.a.d(new com.server.auditor.ssh.client.i.z.c("Actual sdk version is lower than currently uses " + i2 + '/' + i + '.'));
                }
                if (i2 != 0 && keyStore != null) {
                    dVar = i2 < 23 ? new a(keyStore, hVar) : new b(keyStore, hVar);
                    dVar.b();
                    return dVar;
                }
                dVar = new d(hVar);
                dVar.b();
                return dVar;
            } catch (Throwable th) {
                com.crystalnix.terminal.utils.f.a.a.d(th);
                hVar.edit().putInt(this.a, 0).apply();
                d dVar2 = new d(hVar);
                dVar2.b();
                return dVar2;
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes2.dex */
    public static final class d extends com.server.auditor.ssh.client.i.z.d {
        private final com.server.auditor.ssh.client.app.h a;

        public d(com.server.auditor.ssh.client.app.h hVar) {
            u.e0.d.l.e(hVar, "keyValueRepository");
            this.a = hVar;
        }

        private final byte[] f(String str) {
            byte[] decode = Base64.decode(str, 2);
            u.e0.d.l.d(decode, "decode(input, Base64.NO_WRAP)");
            return decode;
        }

        private final String g(byte[] bArr) {
            String encodeToString = Base64.encodeToString(bArr, 2);
            u.e0.d.l.d(encodeToString, "encodeToString(input, Base64.NO_WRAP)");
            return encodeToString;
        }

        @Override // com.server.auditor.ssh.client.i.z.d
        public com.server.auditor.ssh.client.app.h a() {
            return this.a;
        }

        @Override // com.server.auditor.ssh.client.i.z.d
        public void b() {
        }

        @Override // com.server.auditor.ssh.client.i.z.d
        public byte[] c(String str, byte[] bArr) {
            u.e0.d.l.e(str, TransferTable.COLUMN_KEY);
            u.e0.d.l.e(bArr, "defaultValue");
            String string = a().getString(str, "");
            if (!(string == null || string.length() == 0)) {
                try {
                } catch (Throwable unused) {
                    return bArr;
                }
            }
            return f(string);
        }

        @Override // com.server.auditor.ssh.client.i.z.d
        public void d(String str) {
            u.e0.d.l.e(str, TransferTable.COLUMN_KEY);
            a().edit().remove(str).apply();
        }

        @Override // com.server.auditor.ssh.client.i.z.d
        public void e(String str, byte[] bArr) {
            u.e0.d.l.e(str, TransferTable.COLUMN_KEY);
            u.e0.d.l.e(bArr, "value");
            a().edit().putString(str, g(bArr)).apply();
        }
    }

    @Override // com.server.auditor.ssh.client.i.c0.g
    public void a(KeyStore keyStore, com.server.auditor.ssh.client.app.h hVar, com.server.auditor.ssh.client.app.h hVar2) {
        u.e0.d.l.e(hVar, "encryptionKeyValueRepository");
        u.e0.d.l.e(hVar2, "mainKeyValueRepository");
        SharedPreferences.Editor edit = hVar2.edit();
        com.server.auditor.ssh.client.i.z.d a2 = new c().a(keyStore, hVar, Build.VERSION.SDK_INT);
        String string = hVar2.getString("TEAM_INFO_NAME", "");
        if (!(string == null || string.length() == 0)) {
            Charset charset = u.k0.d.a;
            Objects.requireNonNull(string, "null cannot be cast to non-null type java.lang.String");
            byte[] bytes = string.getBytes(charset);
            u.e0.d.l.d(bytes, "(this as java.lang.String).getBytes(charset)");
            a2.e("team_info_name", bytes);
            edit.remove("TEAM_INFO_NAME");
        }
        String string2 = hVar2.getString("TEAM_INFO_OWNER", "");
        if (!(string2 == null || string2.length() == 0)) {
            Charset charset2 = u.k0.d.a;
            Objects.requireNonNull(string2, "null cannot be cast to non-null type java.lang.String");
            byte[] bytes2 = string2.getBytes(charset2);
            u.e0.d.l.d(bytes2, "(this as java.lang.String).getBytes(charset)");
            a2.e("team_info_owner", bytes2);
            edit.remove("TEAM_INFO_OWNER");
        }
        edit.apply();
    }
}
