package wh;

import android.content.Context;
import android.content.pm.PackageManager;
import android.os.Build;
import android.security.keystore.KeyGenParameterSpec;
import android.security.keystore.KeyInfo;
import androidx.annotation.RequiresApi;
import androidx.annotation.VisibleForTesting;
import cc0.p;
import com.airwatch.crypto.SDKAndroidKeystoreException;
import com.airwatch.storage.PreferenceErrorListener;
import java.io.IOException;
import java.lang.reflect.InvocationTargetException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.KeySpec;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import jfqbusbmegebfij.C0560;
import jfqbusbmegebfij.C0586;
import jfqbusbmegebfij.C0588;
import jfqbusbmegebfij.C0589;
import kotlin.Metadata;
import kotlin.coroutines.jvm.internal.SuspendLambda;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.jvm.internal.n;
import kotlin.jvm.internal.s;
import kotlinx.coroutines.Job;
import org.apache.tika.mime.MimeTypesReaderMetKeys;
import pc0.a1;
import pc0.n0;
import pc0.o0;
import rb0.j;
import rb0.r;
import ym.g0;
import ym.s0;

@RequiresApi(api = 23)
@Metadata(d1 = {"\u0000X\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u000e\n\u0002\b\u0002\n\u0002\u0010\b\n\u0000\n\u0002\u0010\u000b\n\u0002\b\u0004\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0005\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0005\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0018\u0002\n\u0002\b\u0007\b\u0011\u0018\u0000 +2\u00020\u0001:\u0001\"B\u0011\b\u0002\u0012\u0006\u0010 \u001a\u00020\u001b¢\u0006\u0004\b)\u0010*J\b\u0010\u0003\u001a\u00020\u0002H\u0002J\b\u0010\u0004\u001a\u00020\u0002H\u0002J\u0010\u0010\u0007\u001a\u00020\u00022\u0006\u0010\u0006\u001a\u00020\u0005H\u0017J \u0010\f\u001a\u00020\u00022\u0006\u0010\u0006\u001a\u00020\u00052\u0006\u0010\t\u001a\u00020\b2\u0006\u0010\u000b\u001a\u00020\nH\u0016J\u0010\u0010\u000e\u001a\u00020\u00022\u0006\u0010\r\u001a\u00020\u0005H\u0016J\u0014\u0010\u0011\u001a\u00020\n2\n\u0010\u0004\u001a\u00060\u000fj\u0002`\u0010H\u0017J\u0017\u0010\u0014\u001a\u00020\u00022\u0006\u0010\u0013\u001a\u00020\u0012H\u0011¢\u0006\u0004\b\u0014\u0010\u0015J\u0010\u0010\u0016\u001a\u00020\u00022\u0006\u0010\r\u001a\u00020\u0005H\u0016J\u0010\u0010\u0017\u001a\u00020\n2\u0006\u0010\r\u001a\u00020\u0005H\u0016J\u0010\u0010\u0019\u001a\u00020\u00182\u0006\u0010\r\u001a\u00020\u0005H\u0016J\u0010\u0010\u001a\u001a\u00020\n2\u0006\u0010\r\u001a\u00020\u0005H\u0016R\u001a\u0010 \u001a\u00020\u001b8\u0016X\u0096\u0004¢\u0006\f\n\u0004\b\u001c\u0010\u001d\u001a\u0004\b\u001e\u0010\u001fR\u0016\u0010$\u001a\u00020!8\u0002@\u0002X\u0082.¢\u0006\u0006\n\u0004\b\"\u0010#R\u0014\u0010(\u001a\u00020%8\u0002X\u0082\u0004¢\u0006\u0006\n\u0004\b&\u0010'¨\u0006,"}, d2 = {"Lwh/g;", "", "Lrb0/r;", "p", "e", "", "keyAlias", "g", "", "validityTimeSeconds", "", "userAuthenticated", "h", MimeTypesReaderMetKeys.ALIAS_TAG, wg.f.f56340d, "Ljava/lang/Exception;", "Lkotlin/Exception;", "j", "Ljavax/crypto/KeyGenerator;", "keyGenerator", "l", "(Ljavax/crypto/KeyGenerator;)V", "i", "k", "Ljava/security/Key;", "o", "q", "Landroid/content/Context;", "a", "Landroid/content/Context;", "m", "()Landroid/content/Context;", "context", "Ljava/security/KeyStore;", "b", "Ljava/security/KeyStore;", "keystore", "Lkotlinx/coroutines/Job;", xj.c.f57529d, "Lkotlinx/coroutines/Job;", "initJob", "<init>", "(Landroid/content/Context;)V", "d", "AWFramework_release"}, k = 1, mv = {1, 5, 1})
/* loaded from: classes3.dex */
public class g {

    /* renamed from: d, reason: collision with root package name and from kotlin metadata */
    public static final Companion INSTANCE = new Companion(null);

    /* renamed from: e, reason: collision with root package name */
    private static g f56407e;

    /* renamed from: a, reason: collision with root package name and from kotlin metadata */
    private final Context context;

    /* renamed from: b, reason: collision with root package name and from kotlin metadata */
    private KeyStore keystore;

    /* renamed from: c, reason: collision with root package name and from kotlin metadata */
    private final Job initJob;

    @Metadata(d1 = {"\u0000\n\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0000\u0010\u0002\u001a\u00020\u0001*\u00020\u0000H\u008a@"}, d2 = {"Lpc0/n0;", "Lrb0/r;", "<anonymous>"}, k = 3, mv = {1, 5, 1})
    @kotlin.coroutines.jvm.internal.d(c = "com.airwatch.crypto.SDKAndroidKeystore$1", f = "SDKAndroidKeystore.kt", l = {}, m = "invokeSuspend")
    /* loaded from: classes3.dex */
    static final class a extends SuspendLambda implements p<n0, vb0.c<? super r>, Object> {

        /* renamed from: a, reason: collision with root package name */
        int f56411a;

        a(vb0.c<? super a> cVar) {
            super(2, cVar);
        }

        @Override // kotlin.coroutines.jvm.internal.BaseContinuationImpl
        public final vb0.c<r> create(Object obj, vb0.c<?> cVar) {
            return new a(cVar);
        }

        @Override // cc0.p
        /* renamed from: invoke, reason: avoid collision after fix types in other method and merged with bridge method [inline-methods] */
        public final Object mo3invoke(n0 n0Var, vb0.c<? super r> cVar) {
            return ((a) create(n0Var, cVar)).invokeSuspend(r.f51351a);
        }

        @Override // kotlin.coroutines.jvm.internal.BaseContinuationImpl
        public final Object invokeSuspend(Object obj) {
            kotlin.coroutines.intrinsics.b.d();
            if (this.f56411a != 0) {
                throw new IllegalStateException("call to 'resume' before 'invoke' with coroutine");
            }
            j.b(obj);
            g.this.p();
            return r.f51351a;
        }
    }

    @Metadata(d1 = {"\u0000\u001c\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u000e\n\u0002\b\u0007\b\u0086\u0003\u0018\u00002\u00020\u0001B\t\b\u0002¢\u0006\u0004\b\u000b\u0010\fJ\u0010\u0010\u0005\u001a\u00020\u00042\u0006\u0010\u0003\u001a\u00020\u0002H\u0007R\u0014\u0010\u0007\u001a\u00020\u00068\u0006X\u0086T¢\u0006\u0006\n\u0004\b\u0007\u0010\bR\u0018\u0010\t\u001a\u0004\u0018\u00010\u00048\u0002@\u0002X\u0082\u000e¢\u0006\u0006\n\u0004\b\t\u0010\n¨\u0006\r"}, d2 = {"Lwh/g$b;", "", "Landroid/content/Context;", "context", "Lwh/g;", "a", "", "DEVICE_CREDENTIAL_PROTECTION_KEY_ALIAS", "Ljava/lang/String;", "hwKeystoreInstance", "Lwh/g;", "<init>", "()V", "AWFramework_release"}, k = 1, mv = {1, 5, 1})
    /* renamed from: wh.g$b, reason: from kotlin metadata */
    /* loaded from: classes3.dex */
    public static final class Companion {
        private Companion() {
        }

        public /* synthetic */ Companion(DefaultConstructorMarker defaultConstructorMarker) {
            this();
        }

        public final g a(Context context) throws SDKAndroidKeystoreException {
            n.g(context, "context");
            if (g.f56407e == null) {
                synchronized (s.b(g.class)) {
                    if (g.f56407e == null) {
                        g.f56407e = new g(context, null);
                    }
                    r rVar = r.f51351a;
                }
            }
            g gVar = g.f56407e;
            n.d(gVar);
            return gVar;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @Metadata(d1 = {"\u0000\n\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0000\u0010\u0002\u001a\u00020\u0001*\u00020\u0000H\u008a@"}, d2 = {"Lpc0/n0;", "Lrb0/r;", "<anonymous>"}, k = 3, mv = {1, 5, 1})
    @kotlin.coroutines.jvm.internal.d(c = "com.airwatch.crypto.SDKAndroidKeystore$blockTillInit$1", f = "SDKAndroidKeystore.kt", l = {269}, m = "invokeSuspend")
    /* loaded from: classes3.dex */
    public static final class c extends SuspendLambda implements p<n0, vb0.c<? super r>, Object> {

        /* renamed from: a, reason: collision with root package name */
        int f56413a;

        c(vb0.c<? super c> cVar) {
            super(2, cVar);
        }

        @Override // kotlin.coroutines.jvm.internal.BaseContinuationImpl
        public final vb0.c<r> create(Object obj, vb0.c<?> cVar) {
            return new c(cVar);
        }

        @Override // cc0.p
        /* renamed from: invoke, reason: avoid collision after fix types in other method and merged with bridge method [inline-methods] */
        public final Object mo3invoke(n0 n0Var, vb0.c<? super r> cVar) {
            return ((c) create(n0Var, cVar)).invokeSuspend(r.f51351a);
        }

        @Override // kotlin.coroutines.jvm.internal.BaseContinuationImpl
        public final Object invokeSuspend(Object obj) {
            Object d11;
            d11 = kotlin.coroutines.intrinsics.b.d();
            int i11 = this.f56413a;
            if (i11 == 0) {
                j.b(obj);
                Job job = g.this.initJob;
                this.f56413a = 1;
                if (job.e(this) == d11) {
                    return d11;
                }
            } else {
                if (i11 != 1) {
                    throw new IllegalStateException("call to 'resume' before 'invoke' with coroutine");
                }
                j.b(obj);
            }
            return r.f51351a;
        }
    }

    private g(Context context) {
        this.context = context;
        this.initJob = pc0.h.d(o0.a(a1.a()), null, null, new a(null), 3, null);
    }

    public /* synthetic */ g(Context context, DefaultConstructorMarker defaultConstructorMarker) {
        this(context);
    }

    private final void e() {
        if (this.initJob.isActive()) {
            pc0.h.f(null, new c(null), 1, null);
        }
    }

    public static final g n(Context context) throws SDKAndroidKeystoreException {
        return INSTANCE.a(context);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public final void p() throws SDKAndroidKeystoreException {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            r rVar = r.f51351a;
            n.f(keyStore, "getInstance(ANDROID_KEYSTORE).apply { load(null) }");
            this.keystore = keyStore;
        } catch (Exception e11) {
            if (!(e11 instanceof KeyStoreException ? true : e11 instanceof IOException ? true : e11 instanceof NoSuchAlgorithmException ? true : e11 instanceof CertificateException)) {
                throw e11;
            }
            throw new SDKAndroidKeystoreException("Failed to initialize SessionKeyStore", e11);
        }
    }

    public void f(String alias) throws SDKAndroidKeystoreException {
        n.g(alias, "alias");
        e();
        KeyGenParameterSpec.Builder encryptionPaddings = new KeyGenParameterSpec.Builder(alias, 3).setKeySize(256).setBlockModes("GCM").setEncryptionPaddings("NoPadding");
        n.f(encryptionPaddings, "Builder(alias, KeyProper….ENCRYPTION_PADDING_NONE)");
        if (Build.VERSION.SDK_INT >= 28) {
            try {
                encryptionPaddings.setIsStrongBoxBacked(((PackageManager) Class.forName(C0560.m3754046704670467("+4W\u001fX|C,\u0012Lqz_T9oW'{*c\\a", (char) (C0588.m3808046E046E() ^ 994388206), (char) (C0589.m3809046E046E046E046E() ^ (-99068294)), (char) (C0589.m3809046E046E046E046E() ^ (-99068327)))).getMethod(C0560.m37510467046704670467("87G$69B9@?(=K?FES", (char) (C0588.m3808046E046E() ^ 994388086), (char) (C0586.m3802046E046E046E() ^ (-1117689870))), new Class[0]).invoke(getContext(), new Object[0])).hasSystemFeature("android.hardware.strongbox_keystore"));
            } catch (InvocationTargetException e11) {
                throw e11.getCause();
            }
        }
        try {
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", "AndroidKeyStore");
            keyGenerator.init(encryptionPaddings.build());
            n.f(keyGenerator, "keyGenerator");
            l(keyGenerator);
        } catch (Exception e12) {
            if (e12 instanceof KeyStoreException ? true : e12 instanceof NoSuchAlgorithmException) {
                throw new SDKAndroidKeystoreException("Failed to store key in AndroidKeyStore", e12);
            }
            if (Build.VERSION.SDK_INT < 28) {
                throw e12;
            }
            encryptionPaddings.setIsStrongBoxBacked(false);
            try {
                KeyGenerator keyGenerator2 = KeyGenerator.getInstance("AES", "AndroidKeyStore");
                keyGenerator2.init(encryptionPaddings.build());
                r rVar = r.f51351a;
                n.f(keyGenerator2, "getInstance(KeyPropertie…{ init(keySpec.build()) }");
                l(keyGenerator2);
            } catch (Exception e13) {
                j(e13);
            }
        }
    }

    @RequiresApi(24)
    public void g(String keyAlias) throws SDKAndroidKeystoreException {
        n.g(keyAlias, "keyAlias");
        KeyGenParameterSpec.Builder invalidatedByBiometricEnrollment = new KeyGenParameterSpec.Builder(keyAlias, 3).setBlockModes("GCM").setEncryptionPaddings("NoPadding").setKeySize(256).setUserAuthenticationRequired(true).setInvalidatedByBiometricEnrollment(true);
        n.f(invalidatedByBiometricEnrollment, "Builder(keyAlias, KeyPro…BiometricEnrollment(true)");
        try {
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", "AndroidKeyStore");
            keyGenerator.init(invalidatedByBiometricEnrollment.build());
            r rVar = r.f51351a;
            n.f(keyGenerator, "getInstance(KeyPropertie…(paramsBuilder.build()) }");
            l(keyGenerator);
        } catch (Exception e11) {
            if (!(e11 instanceof KeyStoreException ? true : e11 instanceof NoSuchAlgorithmException)) {
                throw e11;
            }
            throw new SDKAndroidKeystoreException("Failed to store key in AndroidKeyStore", e11);
        }
    }

    public void h(String keyAlias, int i11, boolean z11) throws SDKAndroidKeystoreException {
        n.g(keyAlias, "keyAlias");
        g0.i("HWBackedKeystore", "createDeviceCredentialProtectionKey entry!", null, 4, null);
        KeyGenParameterSpec.Builder randomizedEncryptionRequired = new KeyGenParameterSpec.Builder(keyAlias, 3).setBlockModes("GCM").setEncryptionPaddings("NoPadding").setKeySize(256).setRandomizedEncryptionRequired(false);
        n.f(randomizedEncryptionRequired, "Builder(keyAlias,\n      …EncryptionRequired(false)");
        if (z11 && Build.VERSION.SDK_INT >= 23) {
            randomizedEncryptionRequired.setUserAuthenticationRequired(true);
        }
        int i12 = Build.VERSION.SDK_INT;
        if (i12 >= 24) {
            randomizedEncryptionRequired.setInvalidatedByBiometricEnrollment(true);
        }
        if (i12 >= 28) {
            try {
                randomizedEncryptionRequired.setIsStrongBoxBacked(((PackageManager) Class.forName(C0560.m37510467046704670467("\u001e,#20+'q(55<.8?y\u0010==D6JG", (char) (C0588.m3808046E046E() ^ 994388018), (char) (C0588.m3808046E046E() ^ 994388000))).getMethod(C0560.m37510467046704670467("3\n'\u001eW\r\u0005B\u001e\u001b\u00057\u0016\u000f|\u001ct", (char) (C0589.m3809046E046E046E046E() ^ (-99068270)), (char) (C0588.m3808046E046E() ^ 994388003)), new Class[0]).invoke(getContext(), new Object[0])).hasSystemFeature("android.hardware.strongbox_keystore"));
            } catch (InvocationTargetException e11) {
                throw e11.getCause();
            }
        }
        if (i12 >= 30) {
            randomizedEncryptionRequired.setUserAuthenticationParameters(i11, 1);
        } else {
            randomizedEncryptionRequired.setUserAuthenticationValidityDurationSeconds(i11);
        }
        try {
            g0.i("HWBackedKeystore", "createDeviceCredentialKey trying to create key!", null, 4, null);
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", "AndroidKeyStore");
            keyGenerator.init(randomizedEncryptionRequired.build());
            r rVar = r.f51351a;
            n.f(keyGenerator, "getInstance(KeyPropertie…uild())\n                }");
            l(keyGenerator);
            g0.i("HWBackedKeystore", "createDeviceCredentialKey key created successfully", null, 4, null);
        } catch (Exception e12) {
            g0.i("HWBackedKeystore", n.p("Exception caught during device credential key generation=", e12), null, 4, null);
            if (!(e12 instanceof KeyStoreException ? true : e12 instanceof NoSuchAlgorithmException)) {
                throw e12;
            }
            throw new SDKAndroidKeystoreException("Failed to generate the device credential key", e12);
        }
    }

    public void i(String alias) throws SDKAndroidKeystoreException {
        n.g(alias, "alias");
        e();
        try {
            KeyStore keyStore = this.keystore;
            if (keyStore == null) {
                n.y("keystore");
                keyStore = null;
            }
            keyStore.deleteEntry(alias);
        } catch (KeyStoreException e11) {
            throw new SDKAndroidKeystoreException("Failed to delete key entry", e11);
        }
    }

    @VisibleForTesting
    public boolean j(Exception e11) throws SDKAndroidKeystoreException {
        n.g(e11, "e");
        if ((e11 instanceof KeyStoreException) || (e11 instanceof NoSuchAlgorithmException)) {
            throw new SDKAndroidKeystoreException("Failed to store key in AndroidKeyStore", e11);
        }
        throw e11;
    }

    public boolean k(String alias) throws SDKAndroidKeystoreException {
        n.g(alias, "alias");
        e();
        try {
            KeyStore keyStore = this.keystore;
            if (keyStore == null) {
                n.y("keystore");
                keyStore = null;
            }
            return keyStore.getKey(alias, null) != null;
        } catch (Exception e11) {
            if (e11 instanceof KeyStoreException ? true : e11 instanceof NoSuchAlgorithmException ? true : e11 instanceof UnrecoverableKeyException) {
                throw new SDKAndroidKeystoreException("Failed to get session key from AndroidKeyStore while checking exists", e11);
            }
            throw e11;
        }
    }

    @VisibleForTesting
    public void l(KeyGenerator keyGenerator) throws KeyStoreException {
        n.g(keyGenerator, "keyGenerator");
        keyGenerator.generateKey();
    }

    /* renamed from: m, reason: from getter */
    public Context getContext() {
        return this.context;
    }

    public Key o(String alias) throws SDKAndroidKeystoreException {
        n.g(alias, "alias");
        e();
        try {
            KeyStore keyStore = this.keystore;
            if (keyStore == null) {
                n.y("keystore");
                keyStore = null;
            }
            Key key = keyStore.getKey(alias, null);
            n.f(key, "keystore.getKey(alias, null)");
            return key;
        } catch (Exception e11) {
            if (e11 instanceof KeyStoreException ? true : e11 instanceof NoSuchAlgorithmException ? true : e11 instanceof UnrecoverableKeyException) {
                throw new SDKAndroidKeystoreException("Failed to get session key from AndroidKeyStore", e11);
            }
            throw e11;
        }
    }

    public boolean q(String alias) throws SDKAndroidKeystoreException {
        n.g(alias, "alias");
        e();
        try {
            KeyStore keyStore = this.keystore;
            if (keyStore == null) {
                n.y("keystore");
                keyStore = null;
            }
            Key key = keyStore.getKey(alias, null);
            SecretKey secretKey = key instanceof SecretKey ? (SecretKey) key : null;
            if (secretKey == null) {
                g0.q("HWBackedKeystore", "Keystore doesn't have the Key. Cannot determine if backed by device's hardware", null, 4, null);
                s0.b(getContext(), PreferenceErrorListener.PreferenceErrorCode.HW_KEYSTORE_KEY_UNAVAILABLE, "Keystore doesn't have the Key. Cannot determine if backed by device's hardware");
                throw new SDKAndroidKeystoreException("Failed to determine if device has hardware backed keystore");
            }
            KeySpec keySpec = SecretKeyFactory.getInstance(secretKey.getAlgorithm(), "AndroidKeyStore").getKeySpec(secretKey, KeyInfo.class);
            if (keySpec != null) {
                return ((KeyInfo) keySpec).isInsideSecureHardware();
            }
            throw new NullPointerException("null cannot be cast to non-null type android.security.keystore.KeyInfo");
        } catch (Exception e11) {
            if (e11 instanceof KeyStoreException ? true : e11 instanceof NoSuchAlgorithmException ? true : e11 instanceof NoSuchProviderException ? true : e11 instanceof InvalidKeySpecException ? true : e11 instanceof UnrecoverableKeyException) {
                throw new SDKAndroidKeystoreException("Failed to read key property", e11);
            }
            throw e11;
        }
    }
}
