package com.bbva.proguarded.android.sslpinning;

import android.content.Context;
import android.provider.Settings;
import android.security.KeyPairGeneratorSpec;
import java.io.File;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.UnrecoverableEntryException;
import java.security.cert.CertificateException;
import java.security.spec.InvalidKeySpecException;
import java.util.Arrays;
import java.util.Date;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;

/* renamed from: com.bbva.proguarded.android.sslpinning.h, reason: case insensitive filesystem */
/* loaded from: classes.dex */
public final class C0151h implements InterfaceC0095a {
    private static final String[] a;
    private static final byte[] b;
    private static C0151h c;
    private Context d;
    private bK e;
    private C0152i f;
    private boolean g;
    private byte[] h;
    private byte[] i;

    static {
        new String[1][0] = "_KEY_MK";
        a = new String[]{"_KEY_KSU", "_USE_AK"};
        b = new byte[16];
    }

    private C0151h(Context context, String str) throws C0150g {
        boolean z = false;
        byte[] bArr = null;
        this.g = false;
        this.d = context;
        this.f = new C0152i("PREFS_" + this.d.getPackageName(), this.d);
        try {
            String b2 = this.f.b("_USE_AK", null);
            if (!bK.c(b2)) {
                if (b2.equalsIgnoreCase("true")) {
                    z = true;
                } else {
                    b2.equalsIgnoreCase("false");
                }
            }
            this.g = z;
            String b3 = this.f.b("_KEY_KSU", null);
            if (!bK.c(b3)) {
                bArr = C0146c.c(b3);
                if (bArr.length == 0) {
                    throw new C0149f(2415);
                }
            }
            if (bArr == null) {
                b(this.d);
                a(this.d);
                this.h = new byte[32];
                new SecureRandom().nextBytes(this.h);
                bK.a(this.h);
                byte[] b4 = b(this.h, str);
                bK.a(b4);
                this.f.a("_KEY_KSU", b4);
            } else {
                bK.a(bArr);
                this.h = a(bArr, str);
                bK.a(this.h);
            }
            if (!this.f.a("_USE_AK")) {
                try {
                    this.f.a("_USE_AK", this.g);
                } catch (C0149f e) {
                    throw new C0150g(2401, e);
                }
            }
            try {
                char[] a2 = a();
                this.e = new bK(this.d, a2);
                if (this.e.a("_KEY_MK")) {
                    this.i = this.e.a("_KEY_MK", a2).getEncoded();
                    return;
                }
                this.i = new byte[32];
                new SecureRandom().nextBytes(this.i);
                this.e.a("_KEY_MK", this.i, "AES", a2);
            } catch (IOException e2) {
                e = e2;
                throw new C0150g(2301, e);
            } catch (KeyStoreException e3) {
                e = e3;
                throw new C0150g(2301, e);
            } catch (NoSuchAlgorithmException e4) {
                e = e4;
                throw new C0150g(2301, e);
            } catch (UnrecoverableEntryException e5) {
                throw new C0150g(2107, e5);
            } catch (CertificateException e6) {
                e = e6;
                throw new C0150g(2301, e);
            }
        } catch (C0149f e7) {
            throw new C0150g(2106, e7);
        }
    }

    public static synchronized InterfaceC0095a a(Context context, String str, boolean z) throws C0150g {
        C0151h c0151h;
        synchronized (C0151h.class) {
            if (z) {
                c(context);
            }
            if (c == null) {
                c = new C0151h(context, str);
            }
            c0151h = c;
        }
        return c0151h;
    }

    private static boolean a(Context context) {
        return C0152i.a("PREFS_" + context.getPackageName(), context);
    }

    private byte[] a(byte[] bArr, String str) throws C0150g {
        if (!this.g) {
            try {
                SecretKey c2 = c(str);
                IvParameterSpec ivParameterSpec = new IvParameterSpec(b);
                Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
                cipher.init(2, c2, ivParameterSpec);
                return cipher.doFinal(bArr);
            } catch (InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | InvalidKeySpecException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e) {
                throw new C0150g(2104, e);
            }
        }
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry("_KEY_AKPAIR", null);
            if (privateKeyEntry == null) {
                throw new C0150g(2102);
            }
            PrivateKey privateKey = privateKeyEntry.getPrivateKey();
            if (privateKey == null) {
                throw new C0150g(2102);
            }
            Cipher cipher2 = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            cipher2.init(2, privateKey);
            return cipher2.doFinal(bArr);
        } catch (IOException e2) {
            e = e2;
            throw new C0150g(2104, e);
        } catch (InvalidKeyException e3) {
            e = e3;
            throw new C0150g(2104, e);
        } catch (KeyStoreException e4) {
            e = e4;
            throw new C0150g(2104, e);
        } catch (NoSuchAlgorithmException e5) {
            e = e5;
            throw new C0150g(2104, e);
        } catch (UnrecoverableEntryException e6) {
            e = e6;
            throw new C0150g(2104, e);
        } catch (CertificateException e7) {
            e = e7;
            throw new C0150g(2104, e);
        } catch (BadPaddingException e8) {
            e = e8;
            throw new C0150g(2104, e);
        } catch (IllegalBlockSizeException e9) {
            e = e9;
            throw new C0150g(2104, e);
        } catch (NoSuchPaddingException e10) {
            e = e10;
            throw new C0150g(2104, e);
        }
    }

    private char[] a() throws C0150g {
        if (this.h == null) {
            throw new C0150g(2106);
        }
        char[] cArr = new char[this.h.length];
        for (int i = 0; i < this.h.length; i++) {
            cArr[i] = (char) this.h[i];
        }
        return cArr;
    }

    private static boolean b(Context context) {
        File file = new File(context.getDir("SElement", 0) + File.separator + "SElement.bin");
        if (file.exists()) {
            return file.delete();
        }
        return true;
    }

    private byte[] b(byte[] bArr, String str) throws C0150g {
        if (this.g) {
            try {
                KeyPairGeneratorSpec build = new KeyPairGeneratorSpec.Builder(this.d).setAlias("_KEY_AKPAIR").setSubject(new X500Principal(String.format("CN=%s, OU=%s", "_KEY_AKPAIR", this.d.getPackageName()))).setSerialNumber(BigInteger.valueOf(Math.abs(new SecureRandom().nextInt()))).setStartDate(new Date(System.currentTimeMillis() - 2592000000L)).setEndDate(new Date(System.currentTimeMillis() + 3153600000000L)).build();
                KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
                keyPairGenerator.initialize(build);
                PublicKey publicKey = keyPairGenerator.generateKeyPair().getPublic();
                Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
                cipher.init(1, publicKey);
                return cipher.doFinal(bArr);
            } catch (InvalidKeyException e) {
                e = e;
                throw new C0150g(2104, e);
            } catch (BadPaddingException e2) {
                e = e2;
                throw new C0150g(2104, e);
            } catch (IllegalBlockSizeException e3) {
                e = e3;
                throw new C0150g(2104, e);
            } catch (NoSuchPaddingException e4) {
                e = e4;
                throw new C0150g(2104, e);
            } catch (Exception e5) {
                this.g = false;
                try {
                    this.f.a("_USE_AK", this.g);
                } catch (C0149f e6) {
                    throw new C0150g(2401, e6);
                }
            }
        }
        if (this.g) {
            throw new C0150g(2106);
        }
        try {
            SecretKey c2 = c(str);
            IvParameterSpec ivParameterSpec = new IvParameterSpec(b);
            Cipher cipher2 = Cipher.getInstance("AES/CBC/NoPadding");
            cipher2.init(1, c2, ivParameterSpec);
            return cipher2.doFinal(bArr);
        } catch (InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | InvalidKeySpecException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e7) {
            throw new C0150g(2104, e7);
        }
    }

    private SecretKey c(String str) throws NoSuchAlgorithmException, InvalidKeySpecException, C0150g {
        if (str == null || str.length() == 0) {
            throw new C0150g(2106);
        }
        char[] charArray = str.toCharArray();
        SecretKeyFactory secretKeyFactory = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1");
        byte[] bytes = Settings.Secure.getString(this.d.getContentResolver(), "android_id").getBytes();
        int length = bytes.length;
        byte[] bArr = new byte[8];
        for (int i = 0; i < 8; i++) {
            bArr[i] = bytes[i % length];
        }
        SecretKeySpec secretKeySpec = new SecretKeySpec(secretKeyFactory.generateSecret(new PBEKeySpec(charArray, bArr, 4096, 256)).getEncoded(), "AES");
        bK.a(secretKeySpec.getEncoded());
        return secretKeySpec;
    }

    private static synchronized void c(Context context) {
        synchronized (C0151h.class) {
            b(context);
            a(context);
            if (c != null) {
                c.d = null;
                if (c.h != null) {
                    Arrays.fill(c.h, (byte) 0);
                }
                if (c.i != null) {
                    Arrays.fill(c.i, (byte) 0);
                }
                c.h = null;
                c.i = null;
                c.f = null;
                c.e = null;
                c = null;
            }
        }
    }

    @Override // com.bbva.proguarded.android.sslpinning.InterfaceC0095a
    public final String a(String str) throws C0150g {
        boolean z = false;
        String[] strArr = a;
        if (str != null) {
            int i = 0;
            while (true) {
                if (i < 2) {
                    String str2 = strArr[i];
                    if (str2 != null && str.equals(str2)) {
                        z = true;
                        break;
                    }
                    i++;
                } else {
                    break;
                }
            }
        }
        if (z) {
            throw new C0150g(2108);
        }
        try {
            String b2 = this.f.b(str, this.i);
            if (b2 == null) {
                throw new C0150g(2404);
            }
            return b2;
        } catch (C0149f e) {
            throw new C0150g(2403, e);
        }
    }

    @Override // com.bbva.proguarded.android.sslpinning.InterfaceC0095a
    public final void a(String str, String str2) throws C0150g {
        try {
            this.f.a(str, str2, this.i);
        } catch (C0149f e) {
            throw new C0150g(2402, e);
        }
    }

    @Override // com.bbva.proguarded.android.sslpinning.InterfaceC0095a
    public final boolean b(String str) throws C0150g {
        try {
            return this.f.a(str);
        } catch (C0149f e) {
            throw new C0150g(2400, e);
        }
    }
}
