package org.unifiedpush.android.connector.keys;

import android.content.SharedPreferences;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Log;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.PublicKey;
import java.security.interfaces.ECPublicKey;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.Arrays;
import javax.crypto.AEADBadTagException;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.GCMParameterSpec;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.jvm.internal.Intrinsics;
import org.joinmastodon.android.ui.displayitems.StatusDisplayItem;
import org.unifiedpush.android.connector.keys.WebPushKeysEntries;

/* compiled from: WebPushKeysEntries23.kt */
/* loaded from: classes.dex */
public final class WebPushKeysEntries23 implements WebPushKeysEntries {
    public static final Companion Companion = new Companion(null);
    private final String instance;
    private final SharedPreferences prefs;

    /* compiled from: WebPushKeysEntries23.kt */
    /* loaded from: classes.dex */
    public static final class Companion {
        private Companion() {
        }

        public /* synthetic */ Companion(DefaultConstructorMarker defaultConstructorMarker) {
            this();
        }
    }

    public WebPushKeysEntries23(String instance, SharedPreferences prefs) {
        Intrinsics.checkNotNullParameter(instance, "instance");
        Intrinsics.checkNotNullParameter(prefs, "prefs");
        this.instance = instance;
        this.prefs = prefs;
    }

    private final Cipher getAesGcmCipher(byte[] bArr) {
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null);
        keyStore.containsAlias("UnifiedPush");
        SecretKey secretKey = getSecretKey();
        Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
        cipher.init(2, secretKey, new GCMParameterSpec(StatusDisplayItem.FLAG_IS_FOR_QUOTE, bArr));
        Intrinsics.checkNotNullExpressionValue(cipher, "getInstance(\"AES/GCM/NoP…,\n            )\n        }");
        return cipher;
    }

    private final Cipher getNewAesGcmCipher() {
        SecretKey secretKey = getSecretKey();
        Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
        cipher.init(1, secretKey);
        Intrinsics.checkNotNullExpressionValue(cipher, "getInstance(\"AES/GCM/NoP…,\n            )\n        }");
        return cipher;
    }

    private final SecretKey getSecretKey() {
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null);
        if (keyStore.containsAlias("UnifiedPush")) {
            KeyStore.Entry entry = keyStore.getEntry("UnifiedPush", null);
            Intrinsics.checkNotNull(entry, "null cannot be cast to non-null type java.security.KeyStore.SecretKeyEntry");
            SecretKey secretKey = ((KeyStore.SecretKeyEntry) entry).getSecretKey();
            Intrinsics.checkNotNullExpressionValue(secretKey, "ks.getEntry(ALIAS, null)…SecretKeyEntry).secretKey");
            return secretKey;
        }
        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", "AndroidKeyStore");
        keyGenerator.init(new KeyGenParameterSpec.Builder("UnifiedPush", 3).setBlockModes("GCM").setEncryptionPaddings("NoPadding").build());
        SecretKey generateKey = keyGenerator.generateKey();
        Intrinsics.checkNotNullExpressionValue(generateKey, "getInstance(KeyPropertie…)\n        }.generateKey()");
        return generateKey;
    }

    @Override // org.unifiedpush.android.connector.keys.WebPushKeysEntries
    public void deleteWebPushKeys() {
        Log.d("UnifiedPush", "Deleting webpush keys");
        SharedPreferences.Editor edit = this.prefs.edit();
        String format = String.format("%s/unifiedpush.webpush.auth", Arrays.copyOf(new Object[]{this.instance}, 1));
        Intrinsics.checkNotNullExpressionValue(format, "format(...)");
        SharedPreferences.Editor remove = edit.remove(format);
        String format2 = String.format("%s/unifiedpush.webpush.iv", Arrays.copyOf(new Object[]{this.instance}, 1));
        Intrinsics.checkNotNullExpressionValue(format2, "format(...)");
        SharedPreferences.Editor remove2 = remove.remove(format2);
        String format3 = String.format("%s/unifiedpush.webpush.pubkey", Arrays.copyOf(new Object[]{this.instance}, 1));
        Intrinsics.checkNotNullExpressionValue(format3, "format(...)");
        SharedPreferences.Editor remove3 = remove2.remove(format3);
        String format4 = String.format("%s/unifiedpush.webpush.privkey", Arrays.copyOf(new Object[]{this.instance}, 1));
        Intrinsics.checkNotNullExpressionValue(format4, "format(...)");
        remove3.remove(format4).apply();
    }

    @Override // org.unifiedpush.android.connector.keys.WebPushKeysEntries
    public WebPushKeys genWebPushKeys() {
        WebPushKeys m1035new = WebPushKeys.Companion.m1035new();
        Cipher newAesGcmCipher = getNewAesGcmCipher();
        byte[] sealedPrivateKey = newAesGcmCipher.doFinal(m1035new.getKeyPair().getPrivate().getEncoded());
        SharedPreferences.Editor edit = this.prefs.edit();
        String format = String.format("%s/unifiedpush.webpush.auth", Arrays.copyOf(new Object[]{this.instance}, 1));
        Intrinsics.checkNotNullExpressionValue(format, "format(...)");
        SharedPreferences.Editor putString = edit.putString(format, UtilsKt.b64encode(m1035new.getAuth()));
        String format2 = String.format("%s/unifiedpush.webpush.iv", Arrays.copyOf(new Object[]{this.instance}, 1));
        Intrinsics.checkNotNullExpressionValue(format2, "format(...)");
        byte[] iv = newAesGcmCipher.getIV();
        Intrinsics.checkNotNullExpressionValue(iv, "cipher.iv");
        SharedPreferences.Editor putString2 = putString.putString(format2, UtilsKt.b64encode(iv));
        String format3 = String.format("%s/unifiedpush.webpush.pubkey", Arrays.copyOf(new Object[]{this.instance}, 1));
        Intrinsics.checkNotNullExpressionValue(format3, "format(...)");
        PublicKey publicKey = m1035new.getKeyPair().getPublic();
        Intrinsics.checkNotNull(publicKey, "null cannot be cast to non-null type java.security.interfaces.ECPublicKey");
        SharedPreferences.Editor putString3 = putString2.putString(format3, UtilsKt.serialize((ECPublicKey) publicKey));
        String format4 = String.format("%s/unifiedpush.webpush.privkey", Arrays.copyOf(new Object[]{this.instance}, 1));
        Intrinsics.checkNotNullExpressionValue(format4, "format(...)");
        Intrinsics.checkNotNullExpressionValue(sealedPrivateKey, "sealedPrivateKey");
        putString3.putString(format4, UtilsKt.b64encode(sealedPrivateKey)).apply();
        return m1035new;
    }

    @Override // org.unifiedpush.android.connector.keys.WebPushKeysEntries
    public WebPushKeys getOrNullWebPushKeys() {
        return WebPushKeysEntries.DefaultImpls.getOrNullWebPushKeys(this);
    }

    @Override // org.unifiedpush.android.connector.keys.WebPushKeysEntries
    public WebPushKeys getWebPushKeys() {
        byte[] b64decode;
        byte[] b64decode2;
        byte[] b64decode3;
        ECPublicKey deserializePubKey;
        SharedPreferences sharedPreferences = this.prefs;
        String format = String.format("%s/unifiedpush.webpush.auth", Arrays.copyOf(new Object[]{this.instance}, 1));
        Intrinsics.checkNotNullExpressionValue(format, "format(...)");
        String string = sharedPreferences.getString(format, null);
        if (string != null && (b64decode = UtilsKt.b64decode(string)) != null) {
            SharedPreferences sharedPreferences2 = this.prefs;
            String format2 = String.format("%s/unifiedpush.webpush.iv", Arrays.copyOf(new Object[]{this.instance}, 1));
            Intrinsics.checkNotNullExpressionValue(format2, "format(...)");
            String string2 = sharedPreferences2.getString(format2, null);
            if (string2 != null && (b64decode2 = UtilsKt.b64decode(string2)) != null) {
                SharedPreferences sharedPreferences3 = this.prefs;
                String format3 = String.format("%s/unifiedpush.webpush.privkey", Arrays.copyOf(new Object[]{this.instance}, 1));
                Intrinsics.checkNotNullExpressionValue(format3, "format(...)");
                String string3 = sharedPreferences3.getString(format3, null);
                if (string3 != null && (b64decode3 = UtilsKt.b64decode(string3)) != null) {
                    SharedPreferences sharedPreferences4 = this.prefs;
                    String format4 = String.format("%s/unifiedpush.webpush.pubkey", Arrays.copyOf(new Object[]{this.instance}, 1));
                    Intrinsics.checkNotNullExpressionValue(format4, "format(...)");
                    String string4 = sharedPreferences4.getString(format4, null);
                    if (string4 != null && (deserializePubKey = UtilsKt.deserializePubKey(string4)) != null) {
                        try {
                            return new WebPushKeys(b64decode, new KeyPair(deserializePubKey, KeyFactory.getInstance("EC").generatePrivate(new PKCS8EncodedKeySpec(getAesGcmCipher(b64decode2).doFinal(b64decode3)))));
                        } catch (AEADBadTagException e) {
                            Log.e("UnifiedPush", "AEADBadTagException caught for " + this.instance + ", a new keypair must be generated.", e);
                        }
                    }
                }
            }
        }
        return null;
    }

    @Override // org.unifiedpush.android.connector.keys.WebPushKeysEntries
    public boolean hasWebPushKeys() {
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null);
        SharedPreferences sharedPreferences = this.prefs;
        String format = String.format("%s/unifiedpush.webpush.iv", Arrays.copyOf(new Object[]{this.instance}, 1));
        Intrinsics.checkNotNullExpressionValue(format, "format(...)");
        if (sharedPreferences.contains(format)) {
            SharedPreferences sharedPreferences2 = this.prefs;
            String format2 = String.format("%s/unifiedpush.webpush.auth", Arrays.copyOf(new Object[]{this.instance}, 1));
            Intrinsics.checkNotNullExpressionValue(format2, "format(...)");
            if (sharedPreferences2.contains(format2)) {
                SharedPreferences sharedPreferences3 = this.prefs;
                String format3 = String.format("%s/unifiedpush.webpush.pubkey", Arrays.copyOf(new Object[]{this.instance}, 1));
                Intrinsics.checkNotNullExpressionValue(format3, "format(...)");
                if (sharedPreferences3.contains(format3)) {
                    SharedPreferences sharedPreferences4 = this.prefs;
                    String format4 = String.format("%s/unifiedpush.webpush.privkey", Arrays.copyOf(new Object[]{this.instance}, 1));
                    Intrinsics.checkNotNullExpressionValue(format4, "format(...)");
                    if (sharedPreferences4.contains(format4) && keyStore.containsAlias("UnifiedPush") && keyStore.entryInstanceOf("UnifiedPush", KeyStore.SecretKeyEntry.class)) {
                        return true;
                    }
                }
            }
        }
        return false;
    }
}
