package com.goodreads.android.util;

import android.content.Context;
import android.security.keystore.KeyGenParameterSpec;
import android.text.TextUtils;
import android.util.Base64;
import com.amazon.security.DataClassification;
import com.goodreads.android.log.Log;
import com.goodreads.kindle.analytics.AnalyticsPage;
import com.goodreads.kindle.analytics.AnalyticsReporter;
import com.goodreads.kindle.analytics.CounterReporter;
import com.goodreads.kindle.analytics.DebugMetricConstants;
import com.goodreads.kindle.application.Constants;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.UnrecoverableEntryException;
import java.security.cert.CertificateException;
import java.security.spec.AlgorithmParameterSpec;
import java.util.ArrayList;
import java.util.GregorianCalendar;
import java.util.Locale;
import java.util.concurrent.ConcurrentHashMap;
import java.util.concurrent.atomic.AtomicInteger;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.NoSuchPaddingException;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes2.dex */
public class KeyStoreManager {
    private static final String ALGORITHM = "RSA/ECB/PKCS1Padding";
    private static final String ALGORITHM_M = "RSA/None/PKCS1Padding";
    private static final String ALIAS = "GoodreadsAuthKeyStore";
    private static final String ENCODING = "UTF-8";
    private static final String KEYSTORE = "AndroidKeyStore";
    private static final String TYPE_RSA = "RSA";
    private AnalyticsReporter analyticsReporter;
    private KeyStore keyStore;
    private PreferenceManager preferenceManager;
    private static final Log LOG = new Log("KeyStoreManager");
    private static AtomicInteger retryAttempts = new AtomicInteger(0);
    private static ConcurrentHashMap<String, String> cache = new ConcurrentHashMap<>();

    public KeyStoreManager(Context context, PreferenceManager preferenceManager, AnalyticsReporter analyticsReporter) {
        this.analyticsReporter = analyticsReporter;
        this.preferenceManager = preferenceManager;
        try {
            initialize(context);
        } catch (Exception e) {
            LOG.e(DataClassification.NONE, false, "Error occurred during KeyStoreManager initialization!", e);
            analyticsReporter.reportException(e, AnalyticsPage.KEYSTORE_INITIALIZATION.getPageName(), DebugMetricConstants.METRIC_KEYSTORE_INITALIZATION_ERROR);
            if (isUnrecoverableKeyStoreReported(preferenceManager) || retryAttempts.get() >= 1) {
                recordFailure();
                return;
            }
            AnalyticsPage analyticsPage = AnalyticsPage.KEYSTORE_INITIALIZATION;
            analyticsReporter.debug(analyticsPage.getPageName(), DebugMetricConstants.METRIC_KEYSTORE_INITIALIZATION_RETRY_ATTEMPT, "KeyStoreError: initialization failed, attempting to retry.", CounterReporter.DebugType.WARN);
            analyticsReporter.recordError(DebugMetricConstants.METRIC_KEYSTORE_INITIALIZATION_RETRY_ATTEMPT, analyticsPage.getPageName() + " - KeyStoreError: initialization failed, attempting to retry.");
            try {
                restoreKeyStoreState();
            } catch (Exception unused) {
                analyticsReporter.recordError(DebugMetricConstants.METRIC_KEYSTORE_DELETE_ALIAS_ERROR, AnalyticsPage.KEYSTORE_INITIALIZATION.getPageName() + " - KeyStoreError: deleteEntry(ALIAS) failed!");
                analyticsReporter.debug(AnalyticsPage.KEYSTORE_INITIALIZATION.getPageName(), DebugMetricConstants.METRIC_KEYSTORE_DELETE_ALIAS_ERROR, "KeyStoreError: deleteEntry(ALIAS) failed!", CounterReporter.DebugType.WARN);
            }
            retryAttempts.incrementAndGet();
            attemptSecondKeyStoreRetrieval(context);
        }
    }

    private void attemptSecondKeyStoreRetrieval(Context context) {
        try {
            initialize(context);
        } catch (Exception unused) {
            recordFailure();
        }
    }

    /* JADX WARN: Removed duplicated region for block: B:31:0x0076  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private void createKeys(android.content.Context r11) throws com.goodreads.android.util.KeyStoreManagerException {
        /*
            r10 = this;
            java.util.Locale r0 = java.util.Locale.getDefault()
            r1 = 1
            r2 = 0
            boolean r3 = r10.shouldPerformLocaleWorkaround(r0)     // Catch: java.lang.Throwable -> L50 java.lang.IllegalArgumentException -> L52
            if (r3 == 0) goto L13
            java.util.Locale r3 = java.util.Locale.ENGLISH     // Catch: java.lang.Throwable -> L50 java.lang.IllegalArgumentException -> L52
            com.goodreads.kindle.utils.LocaleUtils.setLocale(r11, r3)     // Catch: java.lang.Throwable -> L50 java.lang.IllegalArgumentException -> L52
            r3 = r1
            goto L14
        L13:
            r3 = r2
        L14:
            java.security.spec.AlgorithmParameterSpec r4 = r10.getAlgorithmParameterSpec(r11)     // Catch: java.lang.Throwable -> L48 java.lang.IllegalArgumentException -> L4b
            java.lang.String r5 = "RSA"
            java.lang.String r6 = "AndroidKeyStore"
            java.security.KeyPairGenerator r5 = java.security.KeyPairGenerator.getInstance(r5, r6)     // Catch: java.security.InvalidAlgorithmParameterException -> L2c java.security.NoSuchProviderException -> L2e java.security.NoSuchAlgorithmException -> L30 java.lang.Throwable -> L48 java.lang.IllegalArgumentException -> L4b
            r5.initialize(r4)     // Catch: java.security.InvalidAlgorithmParameterException -> L2c java.security.NoSuchProviderException -> L2e java.security.NoSuchAlgorithmException -> L30 java.lang.Throwable -> L48 java.lang.IllegalArgumentException -> L4b
            r5.generateKeyPair()     // Catch: java.lang.Throwable -> L48 java.lang.IllegalArgumentException -> L4b
            if (r3 == 0) goto L71
        L28:
            com.goodreads.kindle.utils.LocaleUtils.setLocale(r11, r0)
            goto L71
        L2c:
            r4 = move-exception
            goto L31
        L2e:
            r4 = move-exception
            goto L31
        L30:
            r4 = move-exception
        L31:
            com.goodreads.android.log.Log r5 = com.goodreads.android.util.KeyStoreManager.LOG     // Catch: java.lang.Throwable -> L48 java.lang.IllegalArgumentException -> L4b
            com.amazon.security.DataClassification r6 = com.amazon.security.DataClassification.NONE     // Catch: java.lang.Throwable -> L48 java.lang.IllegalArgumentException -> L4b
            java.lang.String r7 = "createKeys error while initializing KeyPairGenerator "
            java.lang.Object[] r8 = new java.lang.Object[r1]     // Catch: java.lang.Throwable -> L48 java.lang.IllegalArgumentException -> L4b
            r8[r2] = r4     // Catch: java.lang.Throwable -> L48 java.lang.IllegalArgumentException -> L4b
            r5.e(r6, r2, r7, r8)     // Catch: java.lang.Throwable -> L48 java.lang.IllegalArgumentException -> L4b
            com.goodreads.android.util.KeyStoreManagerException r5 = new com.goodreads.android.util.KeyStoreManagerException     // Catch: java.lang.Throwable -> L48 java.lang.IllegalArgumentException -> L4b
            java.lang.String r4 = r4.getMessage()     // Catch: java.lang.Throwable -> L48 java.lang.IllegalArgumentException -> L4b
            r5.<init>(r4)     // Catch: java.lang.Throwable -> L48 java.lang.IllegalArgumentException -> L4b
            throw r5     // Catch: java.lang.Throwable -> L48 java.lang.IllegalArgumentException -> L4b
        L48:
            r1 = move-exception
            r2 = r3
            goto L74
        L4b:
            r4 = move-exception
            r9 = r4
            r4 = r3
            r3 = r9
            goto L54
        L50:
            r1 = move-exception
            goto L74
        L52:
            r3 = move-exception
            r4 = r2
        L54:
            com.goodreads.kindle.analytics.AnalyticsReporter r5 = r10.analyticsReporter     // Catch: java.lang.Throwable -> L72
            com.goodreads.kindle.analytics.AnalyticsPage r6 = com.goodreads.kindle.analytics.AnalyticsPage.KEYSTORE_INITIALIZATION     // Catch: java.lang.Throwable -> L72
            java.lang.String r6 = r6.getPageName()     // Catch: java.lang.Throwable -> L72
            java.lang.String r7 = "KeystoreGenerationError"
            r5.reportException(r3, r6, r7)     // Catch: java.lang.Throwable -> L72
            com.goodreads.android.log.Log r5 = com.goodreads.android.util.KeyStoreManager.LOG     // Catch: java.lang.Throwable -> L72
            com.amazon.security.DataClassification r6 = com.amazon.security.DataClassification.NONE     // Catch: java.lang.Throwable -> L72
            java.lang.String r7 = "createKeys error while generating key pair."
            java.lang.Object[] r1 = new java.lang.Object[r1]     // Catch: java.lang.Throwable -> L72
            r1[r2] = r3     // Catch: java.lang.Throwable -> L72
            r5.e(r6, r2, r7, r1)     // Catch: java.lang.Throwable -> L72
            if (r4 == 0) goto L71
            goto L28
        L71:
            return
        L72:
            r1 = move-exception
            r2 = r4
        L74:
            if (r2 == 0) goto L79
            com.goodreads.kindle.utils.LocaleUtils.setLocale(r11, r0)
        L79:
            throw r1
        */
        throw new UnsupportedOperationException("Method not decompiled: com.goodreads.android.util.KeyStoreManager.createKeys(android.content.Context):void");
    }

    private AlgorithmParameterSpec getAlgorithmParameterSpec(Context context) {
        new GregorianCalendar();
        new GregorianCalendar().add(1, 25);
        BigInteger.valueOf(4663L);
        return new KeyGenParameterSpec.Builder(ALIAS, 3).setCertificateSubject(new X500Principal("CN=GoodreadsAuthKeyStore")).setDigests("SHA-256", "SHA-512").setEncryptionPaddings("PKCS1Padding").build();
    }

    private Cipher getCipher() throws NoSuchAlgorithmException, NoSuchPaddingException {
        return isSdkMOrAfter() ? Cipher.getInstance(ALGORITHM_M) : Cipher.getInstance(ALGORITHM);
    }

    private void initialize(Context context) throws KeyStoreManagerException, KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException {
        KeyStore keyStore = KeyStore.getInstance(KEYSTORE);
        this.keyStore = keyStore;
        keyStore.load(null);
        if (!this.keyStore.containsAlias(ALIAS)) {
            createKeys(context);
            KeyStore keyStore2 = KeyStore.getInstance(KEYSTORE);
            this.keyStore = keyStore2;
            keyStore2.load(null);
        }
        try {
            if (((PrivateKey) this.keyStore.getKey(ALIAS, null)) == null) {
                throw new KeyStoreManagerException("Empty KeyStore entry!");
            }
        } catch (UnrecoverableEntryException e) {
            this.analyticsReporter.reportException(e, AnalyticsPage.KEYSTORE_INITIALIZATION.getPageName(), DebugMetricConstants.METRIC_KEYSTORE_UNRECOVERABLE_KEY);
            throw new KeyStoreManagerException(e.getMessage());
        }
    }

    private boolean isSdkMOrAfter() {
        return true;
    }

    private static boolean isUnrecoverableKeyStoreReported(PreferenceManager preferenceManager) {
        return preferenceManager.getBoolean(Constants.Preferences.PREF_KEY_UNRECOVERABLE_KEYSTORE_REPORTED, false);
    }

    private void recordFailure() {
        this.preferenceManager.setBoolean(Constants.Preferences.PREF_KEY_UNRECOVERABLE_KEYSTORE_REPORTED, true);
        AnalyticsReporter analyticsReporter = this.analyticsReporter;
        AnalyticsPage analyticsPage = AnalyticsPage.KEYSTORE_INITIALIZATION;
        analyticsReporter.debug(analyticsPage.getPageName(), DebugMetricConstants.METRIC_KEYSTORE_INITIALIZATION_NOT_SUPPORTED, "KeyStore not supported on this device.", CounterReporter.DebugType.WARN);
        this.analyticsReporter.recordError(DebugMetricConstants.METRIC_KEYSTORE_INITIALIZATION_NOT_SUPPORTED, analyticsPage.getPageName() + " - KeyStore not supported on this device.");
    }

    private void restoreKeyStoreState() throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException {
        KeyStore keyStore = KeyStore.getInstance(KEYSTORE);
        if (keyStore != null) {
            keyStore.load(null);
            keyStore.deleteEntry(ALIAS);
        }
    }

    private boolean shouldPerformLocaleWorkaround(Locale locale) {
        Locale.ENGLISH.equals(locale);
        return false;
    }

    public void clearCache() {
        ConcurrentHashMap<String, String> concurrentHashMap = cache;
        if (concurrentHashMap != null) {
            concurrentHashMap.clear();
        }
    }

    public synchronized String decryptString(String str) throws KeyStoreManagerException {
        int size;
        byte[] bArr;
        try {
            PrivateKey privateKey = (PrivateKey) this.keyStore.getKey(ALIAS, null);
            Cipher cipher = getCipher();
            cipher.init(2, privateKey);
            CipherInputStream cipherInputStream = new CipherInputStream(new ByteArrayInputStream(Base64.decode(str, 0)), cipher);
            ArrayList arrayList = new ArrayList();
            while (true) {
                int read = cipherInputStream.read();
                if (read == -1) {
                    break;
                }
                arrayList.add(Byte.valueOf((byte) read));
            }
            size = arrayList.size();
            bArr = new byte[size];
            for (int i = 0; i < size; i++) {
                bArr[i] = ((Byte) arrayList.get(i)).byteValue();
            }
        } catch (Exception e) {
            throw new KeyStoreManagerException(e.getMessage() + ":   " + e.getCause());
        }
        return new String(bArr, 0, size, "UTF-8");
    }

    public synchronized String encryptString(String str) throws KeyStoreManagerException {
        ByteArrayOutputStream byteArrayOutputStream;
        try {
            PublicKey publicKey = this.keyStore.getCertificate(ALIAS).getPublicKey();
            Cipher cipher = getCipher();
            cipher.init(1, publicKey);
            byteArrayOutputStream = new ByteArrayOutputStream();
            CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, cipher);
            cipherOutputStream.write(str.getBytes("UTF-8"));
            cipherOutputStream.close();
        } catch (Exception e) {
            throw new KeyStoreManagerException(e.getMessage() + ":   " + e.getCause());
        }
        return Base64.encodeToString(byteArrayOutputStream.toByteArray(), 0);
    }

    public String get(String str) {
        String string = this.preferenceManager.getString(str, "");
        if (!TextUtils.isEmpty(string)) {
            try {
                if (!cache.containsKey(str)) {
                    if (!isUnrecoverableKeyStoreReported(this.preferenceManager)) {
                        string = decryptString(string);
                    }
                    cache.put(str, string);
                }
                return cache.get(str);
            } catch (KeyStoreManagerException e) {
                this.analyticsReporter.reportException(e, AnalyticsPage.KEYSTORE_INITIALIZATION.getPageName(), DebugMetricConstants.METRIC_KEYSTORE_DECRYPTING_ERROR);
                LOG.e(DataClassification.NONE, false, "error occurred while decrypting", e);
            }
        }
        return null;
    }

    public void put(String str, String str2) {
        if (str != null) {
            cache.remove(str);
        }
        if (str2 == null) {
            this.preferenceManager.remove(str);
            return;
        }
        try {
            if (!isUnrecoverableKeyStoreReported(this.preferenceManager)) {
                str2 = encryptString(str2);
            }
            this.preferenceManager.setString(str, str2);
        } catch (KeyStoreManagerException e) {
            String str3 = "KeyStoreManager: error occurred while encrypting: " + str;
            AnalyticsReporter analyticsReporter = this.analyticsReporter;
            AnalyticsPage analyticsPage = AnalyticsPage.KEYSTORE_INITIALIZATION;
            analyticsReporter.debug(analyticsPage.getPageName(), DebugMetricConstants.METRIC_KEYSTORE_ENCRYPTING_ERROR, str3, CounterReporter.DebugType.ERROR);
            this.analyticsReporter.recordError(DebugMetricConstants.METRIC_KEYSTORE_ENCRYPTING_ERROR, analyticsPage.getPageName() + " - " + str3);
            LOG.e(DataClassification.NONE, false, "error occurred while encrypting", e);
            throw new RuntimeException(str3, e);
        }
    }
}
