package me.proton.core.crypto.android.keystore;

import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import ch.protonmail.android.navigation.HomeKt$$ExternalSyntheticLambda0;
import com.airbnb.lottie.L;
import io.sentry.DateUtils;
import java.security.GeneralSecurityException;
import java.security.Key;
import java.security.KeyStore;
import java.security.ProviderException;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import kotlin.Result;
import kotlin.ResultKt;
import kotlin.SynchronizedLazyImpl;
import kotlin.jvm.functions.Function0;
import kotlin.jvm.internal.Intrinsics;
import kotlin.text.Charsets;
import kotlin.text.StringsKt__StringsJVMKt;
import me.proton.core.compose.theme.TypographyKt$$ExternalSyntheticLambda0;
import me.proton.core.crypto.common.keystore.EncryptedByteArray;
import me.proton.core.crypto.common.keystore.KeyStoreCrypto;
import me.proton.core.crypto.common.keystore.PlainByteArray;
import me.proton.core.util.android.sentry.TimberLogger;
import okio.Okio;

/* loaded from: classes4.dex */
public final class AndroidKeyStoreCrypto implements KeyStoreCrypto {
    public final TypographyKt$$ExternalSyntheticLambda0 cipherFactory;
    public final TypographyKt$$ExternalSyntheticLambda0 keyGeneratorFactory;
    public final TypographyKt$$ExternalSyntheticLambda0 keyStoreFactory;
    public volatile Key secretKey;
    public volatile boolean secretKeyInitialized;
    public static final Object lock = new Object();
    public static final SynchronizedLazyImpl default$delegate = L.lazy(new TypographyKt$$ExternalSyntheticLambda0(2));

    public AndroidKeyStoreCrypto(TypographyKt$$ExternalSyntheticLambda0 typographyKt$$ExternalSyntheticLambda0, TypographyKt$$ExternalSyntheticLambda0 typographyKt$$ExternalSyntheticLambda02, TypographyKt$$ExternalSyntheticLambda0 typographyKt$$ExternalSyntheticLambda03) {
        this.keyStoreFactory = typographyKt$$ExternalSyntheticLambda0;
        this.keyGeneratorFactory = typographyKt$$ExternalSyntheticLambda02;
        this.cipherFactory = typographyKt$$ExternalSyntheticLambda03;
    }

    public static Object logAndRetry$crypto_android_release(String str, Exception exc, Function0 function0) {
        TimberLogger timberLogger = DateUtils.logger;
        if (timberLogger != null) {
            timberLogger.e(str, exc);
        }
        try {
            Thread.sleep((long) (Math.random() * 100.0d));
        } catch (InterruptedException unused) {
        }
        return function0.invoke();
    }

    public static Object runOrRetryOnce(String str, Function0 function0) {
        try {
            return function0.invoke();
        } catch (GeneralSecurityException e) {
            return logAndRetry$crypto_android_release(str, e, function0);
        } catch (ProviderException e2) {
            return logAndRetry$crypto_android_release(str, e2, function0);
        }
    }

    public final String decrypt(String value) {
        Intrinsics.checkNotNullParameter(value, "value");
        Key secretKeySync$crypto_android_release = getSecretKeySync$crypto_android_release();
        return secretKeySync$crypto_android_release != null ? decryptOrRetry(value, secretKeySync$crypto_android_release) : value;
    }

    public final String decryptOrRetry(String str, Key key) {
        byte[] decode = Base64.decode(str, 2);
        Intrinsics.checkNotNull(decode);
        PlainByteArray plainByteArray = (PlainByteArray) runOrRetryOnce("core.crypto.common.keystore.decrypt.retry", new HomeKt$$ExternalSyntheticLambda0(this, new EncryptedByteArray(decode), key, 24));
        try {
            String str2 = new String(plainByteArray.array, Charsets.UTF_8);
            Okio.closeFinally(plainByteArray, null);
            return str2;
        } finally {
        }
    }

    public final String encryptOrRetry(String str, Key key) {
        PlainByteArray plainByteArray = new PlainByteArray(StringsKt__StringsJVMKt.encodeToByteArray(str));
        try {
            String encodeToString = Base64.encodeToString(((EncryptedByteArray) runOrRetryOnce("core.crypto.common.keystore.encrypt.retry", new HomeKt$$ExternalSyntheticLambda0(this, plainByteArray, key, 23))).array, 2);
            Okio.closeFinally(plainByteArray, null);
            Intrinsics.checkNotNullExpressionValue(encodeToString, "use(...)");
            return encodeToString;
        } finally {
        }
    }

    public final Key getSecretKeySync$crypto_android_release() {
        Key key;
        Object obj = lock;
        synchronized (obj) {
            try {
                if (!this.secretKeyInitialized) {
                    Key initKey$crypto_android_release = initKey$crypto_android_release();
                    synchronized (obj) {
                        this.secretKey = initKey$crypto_android_release;
                        this.secretKeyInitialized = true;
                    }
                }
                key = this.secretKey;
            } catch (Throwable th) {
                throw th;
            }
        }
        return key;
    }

    public final Key initKey$crypto_android_release() {
        Object createFailure;
        Object createFailure2;
        Object createFailure3;
        final KeyStore keyStore = (KeyStore) this.keyStoreFactory.invoke();
        keyStore.load(null);
        try {
            final int i = 1;
            createFailure = (Key) runOrRetryOnce("core.crypto.common.keystore.init.retry", new Function0(this) { // from class: me.proton.core.crypto.android.keystore.AndroidKeyStoreCrypto$$ExternalSyntheticLambda5
                public final /* synthetic */ AndroidKeyStoreCrypto f$0;

                {
                    this.f$0 = this;
                }

                @Override // kotlin.jvm.functions.Function0
                public final Object invoke() {
                    switch (i) {
                        case 0:
                            AndroidKeyStoreCrypto androidKeyStoreCrypto = this.f$0;
                            androidKeyStoreCrypto.getClass();
                            KeyStore keyStore2 = keyStore;
                            if (keyStore2.containsAlias("_me_proton_core_data_crypto_master_key_")) {
                                keyStore2.deleteEntry("_me_proton_core_data_crypto_master_key_");
                                TimberLogger timberLogger = DateUtils.logger;
                                if (timberLogger != null) {
                                    timberLogger.i("core.crypto.common.keystore.init.delete.key", "Deleted '_me_proton_core_data_crypto_master_key_' entry from this keystore.");
                                }
                            }
                            KeyGenerator keyGenerator = (KeyGenerator) androidKeyStoreCrypto.keyGeneratorFactory.invoke();
                            keyGenerator.init(new KeyGenParameterSpec.Builder("_me_proton_core_data_crypto_master_key_", 3).setBlockModes("GCM").setEncryptionPaddings("NoPadding").setKeySize(256).build());
                            SecretKey generateKey = keyGenerator.generateKey();
                            TimberLogger timberLogger2 = DateUtils.logger;
                            if (timberLogger2 != null) {
                                timberLogger2.i("core.crypto.common.keystore.init.add.key", "Added '_me_proton_core_data_crypto_master_key_' entry in this keystore.");
                            }
                            Intrinsics.checkNotNullExpressionValue(generateKey, "run(...)");
                            return generateKey;
                        default:
                            this.f$0.getClass();
                            KeyStore keyStore3 = keyStore;
                            Intrinsics.checkNotNullParameter(keyStore3, "keyStore");
                            if (keyStore3.containsAlias("_me_proton_core_data_crypto_master_key_")) {
                                return keyStore3.getKey("_me_proton_core_data_crypto_master_key_", null);
                            }
                            return null;
                    }
                }
            });
        } catch (Throwable th) {
            createFailure = ResultKt.createFailure(th);
        }
        if (createFailure instanceof Result.Failure) {
            createFailure = null;
        }
        Key key = (Key) createFailure;
        if (key == null) {
            try {
                final int i2 = 0;
                createFailure2 = (Key) runOrRetryOnce("core.crypto.common.keystore.init.retry", new Function0(this) { // from class: me.proton.core.crypto.android.keystore.AndroidKeyStoreCrypto$$ExternalSyntheticLambda5
                    public final /* synthetic */ AndroidKeyStoreCrypto f$0;

                    {
                        this.f$0 = this;
                    }

                    @Override // kotlin.jvm.functions.Function0
                    public final Object invoke() {
                        switch (i2) {
                            case 0:
                                AndroidKeyStoreCrypto androidKeyStoreCrypto = this.f$0;
                                androidKeyStoreCrypto.getClass();
                                KeyStore keyStore2 = keyStore;
                                if (keyStore2.containsAlias("_me_proton_core_data_crypto_master_key_")) {
                                    keyStore2.deleteEntry("_me_proton_core_data_crypto_master_key_");
                                    TimberLogger timberLogger = DateUtils.logger;
                                    if (timberLogger != null) {
                                        timberLogger.i("core.crypto.common.keystore.init.delete.key", "Deleted '_me_proton_core_data_crypto_master_key_' entry from this keystore.");
                                    }
                                }
                                KeyGenerator keyGenerator = (KeyGenerator) androidKeyStoreCrypto.keyGeneratorFactory.invoke();
                                keyGenerator.init(new KeyGenParameterSpec.Builder("_me_proton_core_data_crypto_master_key_", 3).setBlockModes("GCM").setEncryptionPaddings("NoPadding").setKeySize(256).build());
                                SecretKey generateKey = keyGenerator.generateKey();
                                TimberLogger timberLogger2 = DateUtils.logger;
                                if (timberLogger2 != null) {
                                    timberLogger2.i("core.crypto.common.keystore.init.add.key", "Added '_me_proton_core_data_crypto_master_key_' entry in this keystore.");
                                }
                                Intrinsics.checkNotNullExpressionValue(generateKey, "run(...)");
                                return generateKey;
                            default:
                                this.f$0.getClass();
                                KeyStore keyStore3 = keyStore;
                                Intrinsics.checkNotNullParameter(keyStore3, "keyStore");
                                if (keyStore3.containsAlias("_me_proton_core_data_crypto_master_key_")) {
                                    return keyStore3.getKey("_me_proton_core_data_crypto_master_key_", null);
                                }
                                return null;
                        }
                    }
                });
            } catch (Throwable th2) {
                createFailure2 = ResultKt.createFailure(th2);
            }
            if (createFailure2 instanceof Result.Failure) {
                createFailure2 = null;
            }
            key = (Key) createFailure2;
        }
        if (key == null) {
            return null;
        }
        try {
        } catch (Throwable th3) {
            createFailure3 = ResultKt.createFailure(th3);
        }
        if (!"message".equals(decryptOrRetry(encryptOrRetry("message", key), key))) {
            throw new IllegalStateException("Check failed.");
        }
        createFailure3 = Boolean.TRUE;
        Throwable m1262exceptionOrNullimpl = Result.m1262exceptionOrNullimpl(createFailure3);
        if (m1262exceptionOrNullimpl != null) {
            TimberLogger timberLogger = DateUtils.logger;
            if (timberLogger != null) {
                timberLogger.e("core.crypto.common.keystore.init", m1262exceptionOrNullimpl);
            }
            createFailure3 = Boolean.FALSE;
        }
        if (((Boolean) createFailure3).booleanValue()) {
            return key;
        }
        return null;
    }
}
