package com.tapptic.gigya.storage;

import android.content.Context;
import android.os.Build;
import android.security.keystore.KeyGenParameterSpec;
import c.a.a.w0.e0;
import com.tapptic.gigya.adapter.AccountAdapter;
import com.tapptic.gigya.storage.EncryptedFileAccountStorageRepository;
import i.e.d.a.g;
import i.e.d.a.j;
import i.e.d.a.k;
import i.e.d.a.n;
import i.e.d.a.o;
import i.e.d.a.p;
import i.e.d.a.q.a.a;
import i.e.d.a.q.a.e;
import i.e.d.a.r.j;
import i.e.d.a.r.n;
import i.e.d.a.s.a.i;
import i.h.a.f0;
import i.h.a.s;
import i.i.b.a0;
import i.i.b.y0.f;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.nio.ByteBuffer;
import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.ProviderException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.List;
import java.util.Objects;
import java.util.Set;
import java.util.concurrent.Callable;
import java.util.logging.Logger;
import javax.crypto.KeyGenerator;
import p.d0.a.a;
import p.d0.a.b;
import p.d0.a.c;
import q.a.e0.e.a.h;
import q.a.e0.e.c.q;
import s.d;
import s.v.c.j;

/* compiled from: EncryptedFileAccountStorageRepository.kt */
/* loaded from: classes3.dex */
public final class EncryptedFileAccountStorageRepository implements f {
    public final a0 a;
    public final s<i.i.b.x0.a> b;

    /* renamed from: c, reason: collision with root package name */
    public final b f8827c;
    public final File d;
    public final d e;

    /* compiled from: EncryptedFileAccountStorageRepository.kt */
    /* loaded from: classes3.dex */
    public static final class a extends j implements s.v.b.a<p.d0.a.a> {
        public final /* synthetic */ Context j;
        public final /* synthetic */ EncryptedFileAccountStorageRepository k;

        /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
        public a(Context context, EncryptedFileAccountStorageRepository encryptedFileAccountStorageRepository) {
            super(0);
            this.j = context;
            this.k = encryptedFileAccountStorageRepository;
        }

        @Override // s.v.b.a
        public p.d0.a.a c() {
            i.e.d.a.q.a.a aVar;
            g b;
            byte[] C0;
            Context context = this.j;
            EncryptedFileAccountStorageRepository encryptedFileAccountStorageRepository = this.k;
            File file = encryptedFileAccountStorageRepository.d;
            b bVar = encryptedFileAccountStorageRepository.f8827c;
            a.c cVar = a.c.AES256_GCM_HKDF_4KB;
            Context applicationContext = context.getApplicationContext();
            String str = bVar.a;
            i.e.d.a.t.d.a();
            a.b bVar2 = new a.b();
            bVar2.e = cVar.a();
            if (applicationContext == null) {
                throw new IllegalArgumentException("need an Android context");
            }
            bVar2.a = new i.e.d.a.q.a.d(applicationContext, "__androidx_security_crypto_encrypted_file_keyset__", "__androidx_security_crypto_encrypted_file_pref__");
            bVar2.b = new e(applicationContext, "__androidx_security_crypto_encrypted_file_keyset__", "__androidx_security_crypto_encrypted_file_pref__");
            String D = i.b.c.a.a.D("android-keystore://", str);
            if (!D.startsWith("android-keystore://")) {
                throw new IllegalArgumentException("key URI must start with android-keystore://");
            }
            bVar2.f12910c = D;
            synchronized (bVar2) {
                if (bVar2.f12910c != null) {
                    bVar2.d = bVar2.c();
                }
                bVar2.f = bVar2.b();
                aVar = new i.e.d.a.q.a.a(bVar2, null);
            }
            synchronized (aVar) {
                b = aVar.b.b();
            }
            k<?, ?> kVar = n.e.get(o.class);
            Class<?> a = kVar != null ? kVar.a() : null;
            if (a == null) {
                throw new GeneralSecurityException(i.b.c.a.a.u(o.class, i.b.c.a.a.b0("No wrapper found for ")));
            }
            Logger logger = n.a;
            i.e.d.a.r.n nVar = b.a;
            int i2 = p.a;
            int C = nVar.C();
            byte b2 = 1;
            int i3 = 0;
            boolean z = false;
            boolean z2 = true;
            for (n.c cVar2 : nVar.B()) {
                if (cVar2.E() == i.e.d.a.r.k.ENABLED) {
                    if (!cVar2.F()) {
                        throw new GeneralSecurityException(String.format("key %d has no key data", Integer.valueOf(cVar2.C())));
                    }
                    if (cVar2.D() == i.e.d.a.r.p.UNKNOWN_PREFIX) {
                        throw new GeneralSecurityException(String.format("key %d has unknown prefix", Integer.valueOf(cVar2.C())));
                    }
                    if (cVar2.E() == i.e.d.a.r.k.UNKNOWN_STATUS) {
                        throw new GeneralSecurityException(String.format("key %d has unknown status", Integer.valueOf(cVar2.C())));
                    }
                    if (cVar2.C() == C) {
                        if (z) {
                            throw new GeneralSecurityException("keyset contains multiple primary keys");
                        }
                        z = true;
                    }
                    if (cVar2.B().B() != j.c.ASYMMETRIC_PUBLIC) {
                        z2 = false;
                    }
                    i3++;
                }
            }
            if (i3 == 0) {
                throw new GeneralSecurityException("keyset must contain at least one ENABLED key");
            }
            if (!z && !z2) {
                throw new GeneralSecurityException("keyset doesn't contain a valid primary key");
            }
            i.e.d.a.j<?> jVar = new i.e.d.a.j<>(a);
            for (n.c cVar3 : b.a.B()) {
                i.e.d.a.r.k E = cVar3.E();
                i.e.d.a.r.k kVar2 = i.e.d.a.r.k.ENABLED;
                if (E == kVar2) {
                    String C2 = cVar3.B().C();
                    i D2 = cVar3.B().D();
                    n.a b3 = i.e.d.a.n.b(C2);
                    if (!b3.d().contains(a)) {
                        StringBuilder b0 = i.b.c.a.a.b0("Primitive type ");
                        b0.append(a.getName());
                        b0.append(" not supported by key manager of type ");
                        b0.append(b3.c());
                        b0.append(", supported primitives: ");
                        Set<Class<?>> d = b3.d();
                        StringBuilder sb = new StringBuilder();
                        boolean z3 = true;
                        for (Class<?> cls : d) {
                            if (!z3) {
                                sb.append(", ");
                            }
                            sb.append(cls.getCanonicalName());
                            z3 = false;
                        }
                        b0.append(sb.toString());
                        throw new GeneralSecurityException(b0.toString());
                    }
                    Object a2 = ((i.e.d.a.d) b3.a(a)).a(D2);
                    if (cVar3.E() != kVar2) {
                        throw new GeneralSecurityException("only ENABLED key is allowed");
                    }
                    int ordinal = cVar3.D().ordinal();
                    if (ordinal != b2) {
                        if (ordinal != 2) {
                            if (ordinal == 3) {
                                C0 = i.e.d.a.b.a;
                            } else if (ordinal != 4) {
                                throw new GeneralSecurityException("unknown output prefix type");
                            }
                        }
                        C0 = i.b.c.a.a.C0(cVar3, ByteBuffer.allocate(5).put((byte) 0));
                    } else {
                        C0 = i.b.c.a.a.C0(cVar3, ByteBuffer.allocate(5).put(b2));
                    }
                    j.b<P> bVar3 = new j.b<>(a2, C0, cVar3.E(), cVar3.D(), cVar3.C());
                    ArrayList arrayList = new ArrayList();
                    arrayList.add(bVar3);
                    byte[] bArr = bVar3.b;
                    j.c cVar4 = new j.c(bArr == null ? null : Arrays.copyOf(bArr, bArr.length), null);
                    List<j.b<?>> put = jVar.a.put(cVar4, Collections.unmodifiableList(arrayList));
                    if (put != null) {
                        ArrayList arrayList2 = new ArrayList();
                        arrayList2.addAll(put);
                        arrayList2.add(bVar3);
                        jVar.a.put(cVar4, Collections.unmodifiableList(arrayList2));
                    }
                    if (cVar3.C() == b.a.C()) {
                        if (bVar3.f12907c != kVar2) {
                            throw new IllegalArgumentException("the primary entry has to be ENABLED");
                        }
                        byte[] bArr2 = bVar3.b;
                        if (jVar.a(bArr2 != null ? Arrays.copyOf(bArr2, bArr2.length) : null).isEmpty()) {
                            throw new IllegalArgumentException("the primary entry cannot be set to an entry which is not held by this primitive set");
                        }
                        jVar.b = bVar3;
                    }
                    b2 = 1;
                }
            }
            k<?, ?> kVar3 = i.e.d.a.n.e.get(o.class);
            if (kVar3 == null) {
                throw new GeneralSecurityException(i.b.c.a.a.u(jVar.f12906c, i.b.c.a.a.b0("No wrapper found for ")));
            }
            if (kVar3.a().equals(jVar.f12906c)) {
                p.d0.a.a aVar2 = new p.d0.a.a(file, "__androidx_security_crypto_encrypted_file_keyset__", (o) kVar3.b(jVar), applicationContext);
                s.v.c.i.d(aVar2, "Builder(\n            context,\n            accountFile,\n            masterKey,\n            EncryptedFile.FileEncryptionScheme.AES256_GCM_HKDF_4KB\n        ).build()");
                return aVar2;
            }
            StringBuilder b02 = i.b.c.a.a.b0("Wrong input primitive class, expected ");
            b02.append(kVar3.a());
            b02.append(", got ");
            b02.append(jVar.f12906c);
            throw new GeneralSecurityException(b02.toString());
        }
    }

    public EncryptedFileAccountStorageRepository(Context context, a0 a0Var) {
        b bVar;
        s.v.c.i.e(context, "context");
        s.v.c.i.e(a0Var, "accountStorageErrorReporter");
        this.a = a0Var;
        f0.a aVar = new f0.a();
        aVar.b(new AccountAdapter());
        s<i.i.b.x0.a> a2 = new f0(aVar).a(i.i.b.x0.a.class);
        s.v.c.i.d(a2, "Builder()\n            .add(AccountAdapter())\n            .build()\n            .adapter(Account::class.java)");
        this.b = a2;
        context.getApplicationContext();
        b.a aVar2 = b.a.AES256_GCM;
        if (aVar2.ordinal() != 0) {
            throw new IllegalArgumentException("Unsupported scheme: " + aVar2);
        }
        if (Build.VERSION.SDK_INT >= 23) {
            KeyGenParameterSpec build = aVar2 == aVar2 ? new KeyGenParameterSpec.Builder("master_key_gigya_account", 3).setBlockModes("GCM").setEncryptionPaddings("NoPadding").setKeySize(256).build() : null;
            Objects.requireNonNull(build, "KeyGenParameterSpec was null after build() check");
            int i2 = c.a;
            if (build.getKeySize() != 256) {
                StringBuilder b0 = i.b.c.a.a.b0("invalid key size, want 256 bits got ");
                b0.append(build.getKeySize());
                b0.append(" bits");
                throw new IllegalArgumentException(b0.toString());
            }
            if (!Arrays.equals(build.getBlockModes(), new String[]{"GCM"})) {
                StringBuilder b02 = i.b.c.a.a.b0("invalid block mode, want GCM got ");
                b02.append(Arrays.toString(build.getBlockModes()));
                throw new IllegalArgumentException(b02.toString());
            }
            if (build.getPurposes() != 3) {
                StringBuilder b03 = i.b.c.a.a.b0("invalid purposes mode, want PURPOSE_ENCRYPT | PURPOSE_DECRYPT got ");
                b03.append(build.getPurposes());
                throw new IllegalArgumentException(b03.toString());
            }
            if (!Arrays.equals(build.getEncryptionPaddings(), new String[]{"NoPadding"})) {
                StringBuilder b04 = i.b.c.a.a.b0("invalid padding mode, want NoPadding got ");
                b04.append(Arrays.toString(build.getEncryptionPaddings()));
                throw new IllegalArgumentException(b04.toString());
            }
            if (build.isUserAuthenticationRequired() && build.getUserAuthenticationValidityDurationSeconds() < 1) {
                throw new IllegalArgumentException("per-operation authentication is not supported (UserAuthenticationValidityDurationSeconds must be >0)");
            }
            String keystoreAlias = build.getKeystoreAlias();
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            if (!keyStore.containsAlias(keystoreAlias)) {
                try {
                    KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", "AndroidKeyStore");
                    keyGenerator.init(build);
                    keyGenerator.generateKey();
                } catch (ProviderException e) {
                    throw new GeneralSecurityException(e.getMessage(), e);
                }
            }
            bVar = new b(build.getKeystoreAlias(), build);
        } else {
            bVar = new b("master_key_gigya_account", null);
        }
        s.v.c.i.d(bVar, "Builder(context, MASTER_KEY_ALIAS)\n            .setKeyScheme(MasterKey.KeyScheme.AES256_GCM)\n            .build()");
        this.f8827c = bVar;
        this.d = new File(context.getFilesDir(), "current_gigya_account.json");
        this.e = e0.D0(new a(context, this));
    }

    @Override // i.i.b.y0.f
    public boolean a() {
        return this.d.exists() && this.d.canRead();
    }

    @Override // i.i.b.y0.f
    public q.a.b b(final i.i.b.x0.a aVar) {
        s.v.c.i.e(aVar, "account");
        q.a.b s2 = new h(new q.a.d0.a() { // from class: i.i.b.y0.c
            @Override // q.a.d0.a
            public final void run() {
                EncryptedFileAccountStorageRepository encryptedFileAccountStorageRepository = EncryptedFileAccountStorageRepository.this;
                i.i.b.x0.a aVar2 = aVar;
                s.v.c.i.e(encryptedFileAccountStorageRepository, "this$0");
                s.v.c.i.e(aVar2, "$account");
                String f = encryptedFileAccountStorageRepository.b.f(aVar2);
                encryptedFileAccountStorageRepository.clear();
                p.d0.a.a aVar3 = (p.d0.a.a) encryptedFileAccountStorageRepository.e.getValue();
                if (aVar3.a.exists()) {
                    StringBuilder b0 = i.b.c.a.a.b0("output file already exists, please use a new file: ");
                    b0.append(aVar3.a.getName());
                    throw new IOException(b0.toString());
                }
                FileOutputStream fileOutputStream = new FileOutputStream(aVar3.a);
                a.b bVar = new a.b(fileOutputStream.getFD(), aVar3.b.a(fileOutputStream, aVar3.a.getName().getBytes(StandardCharsets.UTF_8)));
                try {
                    s.v.c.i.d(f, "accountJson");
                    Charset charset = StandardCharsets.UTF_8;
                    s.v.c.i.d(charset, "UTF_8");
                    byte[] bytes = f.getBytes(charset);
                    s.v.c.i.d(bytes, "(this as java.lang.String).getBytes(charset)");
                    bVar.write(bytes);
                    e0.q(bVar, null);
                } finally {
                }
            }
        }).k(new q.a.d0.e() { // from class: i.i.b.y0.d
            @Override // q.a.d0.e
            public final void d(Object obj) {
                EncryptedFileAccountStorageRepository encryptedFileAccountStorageRepository = EncryptedFileAccountStorageRepository.this;
                s.v.c.i.e(encryptedFileAccountStorageRepository, "this$0");
                encryptedFileAccountStorageRepository.a.c();
            }
        }).o().s(q.a.g0.a.f15647c);
        s.v.c.i.d(s2, "fromAction {\n        val accountJson = adapter.toJson(account)\n\n        // File cannot exist before using openFileOutput\n        clear()\n\n        encryptedFile.openFileOutput().use { fos ->\n            fos.write(accountJson.toByteArray(StandardCharsets.UTF_8))\n        }\n    }\n        .doOnError { accountStorageErrorReporter.reportAccountStorageWriteError() }\n        .onErrorComplete()\n        .subscribeOn(Schedulers.io())");
        return s2;
    }

    @Override // i.i.b.y0.f
    public void clear() {
        if (this.d.exists()) {
            this.d.delete();
        }
    }

    @Override // i.i.b.y0.f
    public q.a.i<i.i.b.x0.a> read() {
        q.a.i j = new q(new q.a.e0.e.c.j(new Callable() { // from class: i.i.b.y0.e
            @Override // java.util.concurrent.Callable
            public final Object call() {
                EncryptedFileAccountStorageRepository encryptedFileAccountStorageRepository = EncryptedFileAccountStorageRepository.this;
                s.v.c.i.e(encryptedFileAccountStorageRepository, "this$0");
                p.d0.a.a aVar = (p.d0.a.a) encryptedFileAccountStorageRepository.e.getValue();
                if (!aVar.a.exists()) {
                    StringBuilder b0 = i.b.c.a.a.b0("file doesn't exist: ");
                    b0.append(aVar.a.getName());
                    throw new IOException(b0.toString());
                }
                FileInputStream fileInputStream = new FileInputStream(aVar.a);
                a.C0321a c0321a = new a.C0321a(fileInputStream.getFD(), aVar.b.b(fileInputStream, aVar.a.getName().getBytes(StandardCharsets.UTF_8)));
                s.v.c.i.d(c0321a, "encryptedFile.openFileInput()");
                return encryptedFileAccountStorageRepository.b.c(e0.k(e0.E1(c0321a)));
            }
        }).d(new q.a.d0.e() { // from class: i.i.b.y0.b
            @Override // q.a.d0.e
            public final void d(Object obj) {
                EncryptedFileAccountStorageRepository encryptedFileAccountStorageRepository = EncryptedFileAccountStorageRepository.this;
                s.v.c.i.e(encryptedFileAccountStorageRepository, "this$0");
                encryptedFileAccountStorageRepository.a.b();
            }
        }).c(new q.a.d0.e() { // from class: i.i.b.y0.a
            @Override // q.a.d0.e
            public final void d(Object obj) {
                EncryptedFileAccountStorageRepository encryptedFileAccountStorageRepository = EncryptedFileAccountStorageRepository.this;
                s.v.c.i.e(encryptedFileAccountStorageRepository, "this$0");
                encryptedFileAccountStorageRepository.clear();
                encryptedFileAccountStorageRepository.a.a();
            }
        }), q.a.e0.b.a.f).j(q.a.g0.a.f15647c);
        s.v.c.i.d(j, "fromCallable<Account> {\n        val input: FileInputStream = encryptedFile.openFileInput()\n        adapter.fromJson(input.source().buffer())\n    }\n        .doOnSuccess { accountStorageErrorReporter.reportAccountStorageCacheUsage() }\n        .doOnError {\n            clear()\n            accountStorageErrorReporter.reportAccountStorageReadError()\n        }\n        .onErrorComplete()\n        .subscribeOn(Schedulers.io())");
        return j;
    }
}
