package com.tapptic.gigya.storage;

import android.content.Context;
import android.os.Build;
import android.security.keystore.KeyGenParameterSpec;
import com.tapptic.gigya.adapter.AccountAdapter;
import com.tapptic.gigya.storage.EncryptedFileAccountStorageRepository;
import h.x.c.j;
import j$.util.Spliterator;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.nio.ByteBuffer;
import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.ProviderException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
import java.util.Objects;
import java.util.Set;
import java.util.concurrent.Callable;
import java.util.logging.Logger;
import javax.crypto.KeyGenerator;
import t.c0.a.a;
import t.c0.a.b;
import t.c0.a.c;
import u.d.d.a.g;
import u.d.d.a.j;
import u.d.d.a.k;
import u.d.d.a.n;
import u.d.d.a.o;
import u.d.d.a.p;
import u.d.d.a.q.a.a;
import u.d.d.a.q.a.e;
import u.d.d.a.r.j;
import u.d.d.a.r.n;
import u.d.d.a.s.a.i;
import u.d.d.a.t.d;
import u.g.a.f0;
import u.g.a.s;
import u.h.b.a0;
import u.h.b.y0.f;
import v.a.d0.e.c.q;
import v.a.h;

/* compiled from: EncryptedFileAccountStorageRepository.kt */
/* loaded from: classes.dex */
public final class EncryptedFileAccountStorageRepository implements f {
    public final a0 a;
    public final s<u.h.b.x0.a> b;

    /* renamed from: c, reason: collision with root package name */
    public final b f4349c;
    public final File d;
    public final h.f e;

    /* compiled from: EncryptedFileAccountStorageRepository.kt */
    /* loaded from: classes.dex */
    public static final class a extends j implements h.x.b.a<t.c0.a.a> {
        public final /* synthetic */ Context b;

        /* renamed from: c, reason: collision with root package name */
        public final /* synthetic */ EncryptedFileAccountStorageRepository f4350c;

        /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
        public a(Context context, EncryptedFileAccountStorageRepository encryptedFileAccountStorageRepository) {
            super(0);
            this.b = context;
            this.f4350c = encryptedFileAccountStorageRepository;
        }

        @Override // h.x.b.a
        public t.c0.a.a invoke() {
            u.d.d.a.q.a.a aVar;
            g b;
            byte[] z0;
            Context context = this.b;
            EncryptedFileAccountStorageRepository encryptedFileAccountStorageRepository = this.f4350c;
            File file = encryptedFileAccountStorageRepository.d;
            b bVar = encryptedFileAccountStorageRepository.f4349c;
            a.c cVar = a.c.a;
            Context applicationContext = context.getApplicationContext();
            String str = bVar.a;
            d.a();
            a.b bVar2 = new a.b();
            bVar2.e = cVar.f6682c;
            if (applicationContext == null) {
                throw new IllegalArgumentException("need an Android context");
            }
            bVar2.a = new u.d.d.a.q.a.d(applicationContext, "__androidx_security_crypto_encrypted_file_keyset__", "__androidx_security_crypto_encrypted_file_pref__");
            bVar2.b = new e(applicationContext, "__androidx_security_crypto_encrypted_file_keyset__", "__androidx_security_crypto_encrypted_file_pref__");
            String B = u.a.c.a.a.B("android-keystore://", str);
            if (!B.startsWith("android-keystore://")) {
                throw new IllegalArgumentException("key URI must start with android-keystore://");
            }
            bVar2.f8635c = B;
            synchronized (bVar2) {
                if (bVar2.f8635c != null) {
                    bVar2.d = bVar2.b();
                }
                bVar2.f = bVar2.a();
                aVar = new u.d.d.a.q.a.a(bVar2, null);
            }
            synchronized (aVar) {
                b = aVar.b.b();
            }
            k<?, ?> kVar = n.e.get(o.class);
            Class<?> a = kVar != null ? kVar.a() : null;
            if (a == null) {
                throw new GeneralSecurityException(u.a.c.a.a.s(o.class, u.a.c.a.a.Z("No wrapper found for ")));
            }
            Logger logger = n.a;
            u.d.d.a.r.k kVar2 = u.d.d.a.r.k.ENABLED;
            u.d.d.a.r.n nVar = b.a;
            int i = p.a;
            int C = nVar.C();
            int i2 = 0;
            boolean z2 = false;
            boolean z3 = true;
            for (n.c cVar2 : nVar.B()) {
                if (cVar2.E() == kVar2) {
                    if (!cVar2.F()) {
                        throw new GeneralSecurityException(String.format("key %d has no key data", Integer.valueOf(cVar2.C())));
                    }
                    if (cVar2.D() == u.d.d.a.r.p.UNKNOWN_PREFIX) {
                        throw new GeneralSecurityException(String.format("key %d has unknown prefix", Integer.valueOf(cVar2.C())));
                    }
                    if (cVar2.E() == u.d.d.a.r.k.UNKNOWN_STATUS) {
                        throw new GeneralSecurityException(String.format("key %d has unknown status", Integer.valueOf(cVar2.C())));
                    }
                    if (cVar2.C() == C) {
                        if (z2) {
                            throw new GeneralSecurityException("keyset contains multiple primary keys");
                        }
                        z2 = true;
                    }
                    if (cVar2.B().B() != j.c.ASYMMETRIC_PUBLIC) {
                        z3 = false;
                    }
                    i2++;
                }
            }
            byte b2 = 1;
            if (i2 == 0) {
                throw new GeneralSecurityException("keyset must contain at least one ENABLED key");
            }
            if (!z2 && !z3) {
                throw new GeneralSecurityException("keyset doesn't contain a valid primary key");
            }
            u.d.d.a.j<?> jVar = new u.d.d.a.j<>(a);
            for (n.c cVar3 : b.a.B()) {
                if (cVar3.E() == kVar2) {
                    String C2 = cVar3.B().C();
                    i D = cVar3.B().D();
                    n.a b3 = u.d.d.a.n.b(C2);
                    if (!b3.d().contains(a)) {
                        StringBuilder Z = u.a.c.a.a.Z("Primitive type ");
                        Z.append(a.getName());
                        Z.append(" not supported by key manager of type ");
                        Z.append(b3.c());
                        Z.append(", supported primitives: ");
                        Set<Class<?>> d = b3.d();
                        StringBuilder sb = new StringBuilder();
                        boolean z4 = true;
                        for (Class<?> cls : d) {
                            if (!z4) {
                                sb.append(", ");
                            }
                            sb.append(cls.getCanonicalName());
                            z4 = false;
                        }
                        Z.append(sb.toString());
                        throw new GeneralSecurityException(Z.toString());
                    }
                    Object a2 = ((u.d.d.a.d) b3.a(a)).a(D);
                    if (cVar3.E() != kVar2) {
                        throw new GeneralSecurityException("only ENABLED key is allowed");
                    }
                    int ordinal = cVar3.D().ordinal();
                    if (ordinal != b2) {
                        if (ordinal != 2) {
                            if (ordinal == 3) {
                                z0 = u.d.d.a.b.a;
                            } else if (ordinal != 4) {
                                throw new GeneralSecurityException("unknown output prefix type");
                            }
                        }
                        z0 = u.a.c.a.a.z0(cVar3, ByteBuffer.allocate(5).put((byte) 0));
                    } else {
                        z0 = u.a.c.a.a.z0(cVar3, ByteBuffer.allocate(5).put(b2));
                    }
                    j.b<P> bVar3 = new j.b<>(a2, z0, cVar3.E(), cVar3.D(), cVar3.C());
                    ArrayList arrayList = new ArrayList();
                    arrayList.add(bVar3);
                    byte[] bArr = bVar3.b;
                    j.c cVar4 = new j.c(bArr == null ? null : Arrays.copyOf(bArr, bArr.length), null);
                    List<j.b<?>> put = jVar.a.put(cVar4, Collections.unmodifiableList(arrayList));
                    if (put != null) {
                        ArrayList arrayList2 = new ArrayList();
                        arrayList2.addAll(put);
                        arrayList2.add(bVar3);
                        jVar.a.put(cVar4, Collections.unmodifiableList(arrayList2));
                    }
                    if (cVar3.C() == b.a.C()) {
                        if (bVar3.f8633c != kVar2) {
                            throw new IllegalArgumentException("the primary entry has to be ENABLED");
                        }
                        byte[] bArr2 = bVar3.b;
                        if (jVar.a(bArr2 != null ? Arrays.copyOf(bArr2, bArr2.length) : null).isEmpty()) {
                            throw new IllegalArgumentException("the primary entry cannot be set to an entry which is not held by this primitive set");
                        }
                        jVar.b = bVar3;
                    }
                    b2 = 1;
                }
            }
            k<?, ?> kVar3 = u.d.d.a.n.e.get(o.class);
            if (kVar3 == null) {
                throw new GeneralSecurityException(u.a.c.a.a.s(jVar.f8632c, u.a.c.a.a.Z("No wrapper found for ")));
            }
            if (kVar3.a().equals(jVar.f8632c)) {
                t.c0.a.a aVar2 = new t.c0.a.a(file, "__androidx_security_crypto_encrypted_file_keyset__", (o) kVar3.b(jVar), applicationContext);
                h.x.c.i.d(aVar2, "Builder(\n            context,\n            accountFile,\n            masterKey,\n            EncryptedFile.FileEncryptionScheme.AES256_GCM_HKDF_4KB\n        ).build()");
                return aVar2;
            }
            StringBuilder Z2 = u.a.c.a.a.Z("Wrong input primitive class, expected ");
            Z2.append(kVar3.a());
            Z2.append(", got ");
            Z2.append(jVar.f8632c);
            throw new GeneralSecurityException(Z2.toString());
        }
    }

    public EncryptedFileAccountStorageRepository(Context context, a0 a0Var) {
        b bVar;
        h.x.c.i.e(context, "context");
        h.x.c.i.e(a0Var, "accountStorageErrorReporter");
        this.a = a0Var;
        f0.a aVar = new f0.a();
        aVar.b(new AccountAdapter());
        s<u.h.b.x0.a> a2 = new f0(aVar).a(u.h.b.x0.a.class);
        h.x.c.i.d(a2, "Builder()\n            .add(AccountAdapter())\n            .build()\n            .adapter(Account::class.java)");
        this.b = a2;
        context.getApplicationContext();
        if (Build.VERSION.SDK_INT >= 23) {
            KeyGenParameterSpec build = new KeyGenParameterSpec.Builder("master_key_gigya_account", 3).setBlockModes("GCM").setEncryptionPaddings("NoPadding").setKeySize(Spliterator.NONNULL).build();
            Objects.requireNonNull(build, "KeyGenParameterSpec was null after build() check");
            int i = c.a;
            if (build.getKeySize() != 256) {
                StringBuilder Z = u.a.c.a.a.Z("invalid key size, want 256 bits got ");
                Z.append(build.getKeySize());
                Z.append(" bits");
                throw new IllegalArgumentException(Z.toString());
            }
            if (!Arrays.equals(build.getBlockModes(), new String[]{"GCM"})) {
                StringBuilder Z2 = u.a.c.a.a.Z("invalid block mode, want GCM got ");
                Z2.append(Arrays.toString(build.getBlockModes()));
                throw new IllegalArgumentException(Z2.toString());
            }
            if (build.getPurposes() != 3) {
                StringBuilder Z3 = u.a.c.a.a.Z("invalid purposes mode, want PURPOSE_ENCRYPT | PURPOSE_DECRYPT got ");
                Z3.append(build.getPurposes());
                throw new IllegalArgumentException(Z3.toString());
            }
            if (!Arrays.equals(build.getEncryptionPaddings(), new String[]{"NoPadding"})) {
                StringBuilder Z4 = u.a.c.a.a.Z("invalid padding mode, want NoPadding got ");
                Z4.append(Arrays.toString(build.getEncryptionPaddings()));
                throw new IllegalArgumentException(Z4.toString());
            }
            if (build.isUserAuthenticationRequired() && build.getUserAuthenticationValidityDurationSeconds() < 1) {
                throw new IllegalArgumentException("per-operation authentication is not supported (UserAuthenticationValidityDurationSeconds must be >0)");
            }
            String keystoreAlias = build.getKeystoreAlias();
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            if (!keyStore.containsAlias(keystoreAlias)) {
                try {
                    KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", "AndroidKeyStore");
                    keyGenerator.init(build);
                    keyGenerator.generateKey();
                } catch (ProviderException e) {
                    throw new GeneralSecurityException(e.getMessage(), e);
                }
            }
            bVar = new b(build.getKeystoreAlias(), build);
        } else {
            bVar = new b("master_key_gigya_account", null);
        }
        h.x.c.i.d(bVar, "Builder(context, MASTER_KEY_ALIAS)\n            .setKeyScheme(MasterKey.KeyScheme.AES256_GCM)\n            .build()");
        this.f4349c = bVar;
        this.d = new File(context.getFilesDir(), "current_gigya_account.json");
        this.e = v.a.f0.a.Z1(new a(context, this));
    }

    @Override // u.h.b.y0.f
    public boolean a() {
        return this.d.exists() && this.d.canRead();
    }

    @Override // u.h.b.y0.f
    public v.a.a b(final u.h.b.x0.a aVar) {
        h.x.c.i.e(aVar, "account");
        v.a.a t2 = new v.a.d0.e.a.g(new v.a.c0.a() { // from class: u.h.b.y0.c
            @Override // v.a.c0.a
            public final void run() {
                EncryptedFileAccountStorageRepository encryptedFileAccountStorageRepository = EncryptedFileAccountStorageRepository.this;
                u.h.b.x0.a aVar2 = aVar;
                h.x.c.i.e(encryptedFileAccountStorageRepository, "this$0");
                h.x.c.i.e(aVar2, "$account");
                String f = encryptedFileAccountStorageRepository.b.f(aVar2);
                encryptedFileAccountStorageRepository.clear();
                t.c0.a.a aVar3 = (t.c0.a.a) encryptedFileAccountStorageRepository.e.getValue();
                if (aVar3.a.exists()) {
                    StringBuilder Z = u.a.c.a.a.Z("output file already exists, please use a new file: ");
                    Z.append(aVar3.a.getName());
                    throw new IOException(Z.toString());
                }
                FileOutputStream fileOutputStream = new FileOutputStream(aVar3.a);
                a.b bVar = new a.b(fileOutputStream.getFD(), aVar3.b.a(fileOutputStream, aVar3.a.getName().getBytes(StandardCharsets.UTF_8)));
                try {
                    h.x.c.i.d(f, "accountJson");
                    Charset charset = StandardCharsets.UTF_8;
                    h.x.c.i.d(charset, "UTF_8");
                    byte[] bytes = f.getBytes(charset);
                    h.x.c.i.d(bytes, "(this as java.lang.String).getBytes(charset)");
                    bVar.write(bytes);
                    v.a.f0.a.B(bVar, null);
                } finally {
                }
            }
        }).l(new v.a.c0.e() { // from class: u.h.b.y0.d
            @Override // v.a.c0.e
            public final void accept(Object obj) {
                EncryptedFileAccountStorageRepository encryptedFileAccountStorageRepository = EncryptedFileAccountStorageRepository.this;
                h.x.c.i.e(encryptedFileAccountStorageRepository, "this$0");
                encryptedFileAccountStorageRepository.a.c();
            }
        }).p().t(v.a.g0.a.f9111c);
        h.x.c.i.d(t2, "fromAction {\n        val accountJson = adapter.toJson(account)\n\n        // File cannot exist before using openFileOutput\n        clear()\n\n        encryptedFile.openFileOutput().use { fos ->\n            fos.write(accountJson.toByteArray(StandardCharsets.UTF_8))\n        }\n    }\n        .doOnError { accountStorageErrorReporter.reportAccountStorageWriteError() }\n        .onErrorComplete()\n        .subscribeOn(Schedulers.io())");
        return t2;
    }

    @Override // u.h.b.y0.f
    public void clear() {
        if (this.d.exists()) {
            this.d.delete();
        }
    }

    @Override // u.h.b.y0.f
    public h<u.h.b.x0.a> read() {
        h j = new q(new v.a.d0.e.c.j(new Callable() { // from class: u.h.b.y0.e
            @Override // java.util.concurrent.Callable
            public final Object call() {
                EncryptedFileAccountStorageRepository encryptedFileAccountStorageRepository = EncryptedFileAccountStorageRepository.this;
                h.x.c.i.e(encryptedFileAccountStorageRepository, "this$0");
                t.c0.a.a aVar = (t.c0.a.a) encryptedFileAccountStorageRepository.e.getValue();
                if (!aVar.a.exists()) {
                    StringBuilder Z = u.a.c.a.a.Z("file doesn't exist: ");
                    Z.append(aVar.a.getName());
                    throw new IOException(Z.toString());
                }
                FileInputStream fileInputStream = new FileInputStream(aVar.a);
                a.C0272a c0272a = new a.C0272a(fileInputStream.getFD(), aVar.b.b(fileInputStream, aVar.a.getName().getBytes(StandardCharsets.UTF_8)));
                h.x.c.i.d(c0272a, "encryptedFile.openFileInput()");
                return encryptedFileAccountStorageRepository.b.c(h.a.a.a.s0.m.j1.c.i(h.a.a.a.s0.m.j1.c.f0(c0272a)));
            }
        }).d(new v.a.c0.e() { // from class: u.h.b.y0.b
            @Override // v.a.c0.e
            public final void accept(Object obj) {
                EncryptedFileAccountStorageRepository encryptedFileAccountStorageRepository = EncryptedFileAccountStorageRepository.this;
                h.x.c.i.e(encryptedFileAccountStorageRepository, "this$0");
                encryptedFileAccountStorageRepository.a.b();
            }
        }).c(new v.a.c0.e() { // from class: u.h.b.y0.a
            @Override // v.a.c0.e
            public final void accept(Object obj) {
                EncryptedFileAccountStorageRepository encryptedFileAccountStorageRepository = EncryptedFileAccountStorageRepository.this;
                h.x.c.i.e(encryptedFileAccountStorageRepository, "this$0");
                encryptedFileAccountStorageRepository.clear();
                encryptedFileAccountStorageRepository.a.a();
            }
        }), v.a.d0.b.a.f).j(v.a.g0.a.f9111c);
        h.x.c.i.d(j, "fromCallable<Account> {\n        val input: FileInputStream = encryptedFile.openFileInput()\n        adapter.fromJson(input.source().buffer())\n    }\n        .doOnSuccess { accountStorageErrorReporter.reportAccountStorageCacheUsage() }\n        .doOnError {\n            clear()\n            accountStorageErrorReporter.reportAccountStorageReadError()\n        }\n        .onErrorComplete()\n        .subscribeOn(Schedulers.io())");
        return j;
    }
}
