package com.safeincloud.models;

import android.os.AsyncTask;
import android.security.KeyPairGeneratorSpec;
import android.util.Base64;
import com.safeincloud.App;
import com.safeincloud.D;
import com.safeincloud.support.AppPreferences;
import java.math.BigInteger;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.Signature;
import java.util.Calendar;
import java.util.Date;
import javax.crypto.Cipher;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes.dex */
public class PasswordStore {
    private static final String ANDROID_KEY_STORE = "AndroidKeyStore";
    private static final String CIPHER_ALGORITHM = "AES";
    private static final String CIPHER_TRANSFORMATION = "AES/CBC/PKCS5Padding";
    private static final String ENCRYPTED_PASSWORD_SETTING = "encrypted_password";
    private static final String IV_SALT = "iv_salt";
    private static final int IV_SIZE = 128;
    private static final String KEY_ALGORITHM = "RSA";
    private static final String KEY_ALIAS = "password_store";
    private static final String KEY_SALT = "key_salt";
    private static final int KEY_SIZE = 256;
    private static final String KEY_SUBJECT = "CN=SafeInCloud";
    private static final int MIN_PASSWORD_LENGTH_WITH_PADDING = 32;
    private static final String PADDING_SUFFIX = "padding";
    private static final String SIGNATURE_ALGORITHM = "SHA256withRSA";

    /* loaded from: classes.dex */
    private static class SavePasswordTask extends AsyncTask<Void, Void, Void> {
        private SavePasswordTask() {
        }

        /* JADX INFO: Access modifiers changed from: protected */
        @Override // android.os.AsyncTask
        public Void doInBackground(Void... voidArr) {
            return null;
        }
    }

    private PasswordStore() {
    }

    private static String addPadding(String str) {
        StringBuilder sb = new StringBuilder(str);
        SecureRandom secureRandom = new SecureRandom();
        sb.append(PADDING_SUFFIX);
        for (int length = sb.length(); length < 32; length++) {
            sb.append(secureRandom.nextInt(10));
        }
        return sb.toString();
    }

    public static void eraseData() {
        D.func();
        AppPreferences.setString(ENCRYPTED_PASSWORD_SETTING, null);
    }

    private static PrivateKey generatePrivateKey() {
        D.func();
        Calendar calendar = Calendar.getInstance();
        calendar.add(1, -10);
        Date time = calendar.getTime();
        calendar.add(1, 100);
        Date time2 = calendar.getTime();
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(KEY_ALGORITHM, ANDROID_KEY_STORE);
        keyPairGenerator.initialize(new KeyPairGeneratorSpec.Builder(App.getInstance()).setAlias(KEY_ALIAS).setStartDate(time).setEndDate(time2).setSerialNumber(BigInteger.valueOf(1L)).setSubject(new X500Principal(KEY_SUBJECT)).build());
        return keyPairGenerator.generateKeyPair().getPrivate();
    }

    private static PrivateKey getPrivateKey() {
        D.func();
        try {
            KeyStore keyStore = KeyStore.getInstance(ANDROID_KEY_STORE);
            keyStore.load(null);
            KeyStore.Entry entry = keyStore.getEntry(KEY_ALIAS, null);
            if (entry instanceof KeyStore.PrivateKeyEntry) {
                PrivateKey privateKey = ((KeyStore.PrivateKeyEntry) entry).getPrivateKey();
                if (validatePrivateKey(privateKey)) {
                    return privateKey;
                }
                keyStore.deleteEntry(KEY_ALIAS);
            }
        } catch (Exception e2) {
            D.error(e2);
        }
        return null;
    }

    private static byte[] getSecret(int i, String str, PrivateKey privateKey) {
        D.func(Integer.valueOf(i));
        Signature signature = Signature.getInstance(SIGNATURE_ALGORITHM);
        signature.initSign(privateKey);
        signature.update(str.getBytes());
        byte[] sign = signature.sign();
        byte[] bArr = new byte[i];
        for (int i2 = 0; i2 < i; i2++) {
            bArr[i2] = sign[i2 % sign.length];
        }
        return bArr;
    }

    public static boolean hasPassword() {
        D.func();
        return (AppPreferences.getString(ENCRYPTED_PASSWORD_SETTING, null) == null || getPrivateKey() == null) ? false : true;
    }

    public static String loadPassword() {
        D.func();
        try {
            String string = AppPreferences.getString(ENCRYPTED_PASSWORD_SETTING, null);
            if (string != null) {
                byte[] decode = Base64.decode(string, 0);
                PrivateKey privateKey = getPrivateKey();
                if (privateKey == null) {
                    throw new Exception("Failed to get private key");
                }
                byte[] secret = getSecret(16, IV_SALT, privateKey);
                byte[] secret2 = getSecret(32, KEY_SALT, privateKey);
                Cipher cipher = Cipher.getInstance(CIPHER_TRANSFORMATION);
                cipher.init(2, new SecretKeySpec(secret2, CIPHER_ALGORITHM), new IvParameterSpec(secret));
                return removePadding(new String(cipher.doFinal(decode)));
            }
        } catch (Exception e2) {
            D.error(e2);
        }
        return null;
    }

    private static String removePadding(String str) {
        int lastIndexOf = str.lastIndexOf(PADDING_SUFFIX);
        if (lastIndexOf != -1) {
            return str.substring(0, lastIndexOf);
        }
        return null;
    }

    public static boolean savePassword(String str) {
        D.func();
        try {
            byte[] bytes = addPadding(str).getBytes();
            PrivateKey privateKey = getPrivateKey();
            if (privateKey == null) {
                privateKey = generatePrivateKey();
            }
            byte[] secret = getSecret(16, IV_SALT, privateKey);
            byte[] secret2 = getSecret(32, KEY_SALT, privateKey);
            Cipher cipher = Cipher.getInstance(CIPHER_TRANSFORMATION);
            cipher.init(1, new SecretKeySpec(secret2, CIPHER_ALGORITHM), new IvParameterSpec(secret));
            AppPreferences.setString(ENCRYPTED_PASSWORD_SETTING, Base64.encodeToString(cipher.doFinal(bytes), 0));
            return true;
        } catch (Exception e2) {
            D.error(e2);
            return false;
        }
    }

    private static boolean validatePrivateKey(PrivateKey privateKey) {
        D.func();
        try {
            Signature.getInstance(SIGNATURE_ALGORITHM).initSign(privateKey);
            return true;
        } catch (Exception e2) {
            D.error(e2);
            return false;
        }
    }
}
