package com.booking.identity.storage;

import android.security.keystore.KeyGenParameterSpec;
import com.booking.business.data.TaxiOffer;
import com.booking.core.exps3.SharedPreferencesEarlyExperimentationRepo;
import com.booking.identity.squeak.SqueaksKt;
import com.booking.identity.storage.MessageRow;
import java.nio.ByteBuffer;
import java.security.KeyStore;
import java.util.Arrays;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import kotlin.Metadata;
import kotlin.Result;
import kotlin.ResultKt;
import kotlin.Unit;
import kotlin.collections.ArraysKt___ArraysJvmKt;
import kotlin.jvm.functions.Function0;
import kotlin.jvm.functions.Function2;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.jvm.internal.Intrinsics;
import kotlin.text.Charsets;

/* compiled from: IdentityEncryptor.kt */
@Metadata(d1 = {"\u00008\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0005\n\u0002\u0010\u0012\n\u0002\b\u0003\n\u0002\u0010\b\n\u0002\b\u0006\n\u0002\u0010\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0003\u0018\u0000 \u001b2\u00020\u0001:\u0002\u001a\u001bB\r\u0012\u0006\u0010\u0002\u001a\u00020\u0003¢\u0006\u0002\u0010\u0004J\u0010\u0010\u0013\u001a\u0004\u0018\u00010\f2\u0006\u0010\u0014\u001a\u00020\fJ\u000e\u0010\u0015\u001a\u00020\f2\u0006\u0010\u0014\u001a\u00020\fJ\u0016\u0010\u0016\u001a\u00020\u00172\f\u0010\u0018\u001a\b\u0012\u0004\u0012\u00020\u00170\u0019H\u0002R\u0011\u0010\u0005\u001a\u00020\u0006¢\u0006\b\n\u0000\u001a\u0004\b\u0007\u0010\bR\u0011\u0010\u0002\u001a\u00020\u0003¢\u0006\b\n\u0000\u001a\u0004\b\t\u0010\nR\u0011\u0010\u000b\u001a\u00020\f¢\u0006\b\n\u0000\u001a\u0004\b\r\u0010\u000eR\u0014\u0010\u000f\u001a\u00020\u0010X\u0086D¢\u0006\b\n\u0000\u001a\u0004\b\u0011\u0010\u0012¨\u0006\u001c"}, d2 = {"Lcom/booking/identity/storage/IdentityEncryptor;", "", "key", "Ljavax/crypto/SecretKey;", "(Ljavax/crypto/SecretKey;)V", "algorithm", "Lcom/booking/identity/storage/MessageRow$Algorithm;", "getAlgorithm", "()Lcom/booking/identity/storage/MessageRow$Algorithm;", "getKey", "()Ljavax/crypto/SecretKey;", "signature", "", "getSignature", "()[B", "version", "", "getVersion", "()I", "decryptBytes", "bytes", "encryptBytes", "keyStoreWorkaroundForAndroid10", "", "init", "Lkotlin/Function0;", "Builder", "Companion", "storage_release"}, k = 1, mv = {1, 7, 1}, xi = 48)
/* loaded from: classes8.dex */
public final class IdentityEncryptor {

    /* renamed from: Companion, reason: from kotlin metadata */
    public static final Companion INSTANCE = new Companion(null);
    public final MessageRow.Algorithm algorithm;
    public final SecretKey key;
    public final byte[] signature;
    public final int version;

    /* compiled from: IdentityEncryptor.kt */
    @Metadata(d1 = {"\u0000@\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0002\b\u0002\n\u0002\u0010\u000e\n\u0000\n\u0002\u0018\u0002\n\u0002\u0010\u0003\n\u0002\u0010\u0002\n\u0002\b\u0002\n\u0002\u0010\u000b\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0006\u0018\u00002\u00020\u0001B\u0005¢\u0006\u0002\u0010\u0002J\b\u0010\f\u001a\u0004\u0018\u00010\rJ\u0012\u0010\u000e\u001a\u0004\u0018\u00010\r2\u0006\u0010\u000f\u001a\u00020\u0010H\u0002J\n\u0010\u0011\u001a\u0004\u0018\u00010\rH\u0002J \u0010\u0005\u001a\u00020\u00002\u0018\u0010\u0005\u001a\u0014\u0012\u0004\u0012\u00020\u0004\u0012\u0004\u0012\u00020\u0007\u0012\u0004\u0012\u00020\b0\u0006J\b\u0010\u0012\u001a\u00020\u0013H\u0002J\u0018\u0010\u0014\u001a\u00020\u00002\u0006\u0010\u0003\u001a\u00020\u00042\b\b\u0002\u0010\n\u001a\u00020\u000bJ\u000e\u0010\u0015\u001a\u00020\u00002\u0006\u0010\t\u001a\u00020\u0004J\u0012\u0010\u0016\u001a\u0004\u0018\u00010\u00132\u0006\u0010\u000f\u001a\u00020\u0010H\u0002J\u0010\u0010\u0017\u001a\u00020\u000b2\u0006\u0010\u0018\u001a\u00020\rH\u0002R\u000e\u0010\u0003\u001a\u00020\u0004X\u0082.¢\u0006\u0002\n\u0000R \u0010\u0005\u001a\u0014\u0012\u0004\u0012\u00020\u0004\u0012\u0004\u0012\u00020\u0007\u0012\u0004\u0012\u00020\b0\u0006X\u0082\u000e¢\u0006\u0002\n\u0000R\u000e\u0010\t\u001a\u00020\u0004X\u0082.¢\u0006\u0002\n\u0000R\u000e\u0010\n\u001a\u00020\u000bX\u0082\u000e¢\u0006\u0002\n\u0000¨\u0006\u0019"}, d2 = {"Lcom/booking/identity/storage/IdentityEncryptor$Builder;", "", "()V", "alias", "", "errorListener", "Lkotlin/Function2;", "", "", TaxiOffer.KEY_PROVIDER, "recreate", "", "build", "Lcom/booking/identity/storage/IdentityEncryptor;", "createEncryptor", "keyStore", "Ljava/security/KeyStore;", "doBuild", "generateKey", "Ljavax/crypto/SecretKey;", "keyAlias", "keyStoreProvider", "recreateKey", "verifyEncryptor", "encryptor", "storage_release"}, k = 1, mv = {1, 7, 1}, xi = 48)
    /* loaded from: classes8.dex */
    public static final class Builder {
        public String alias;
        public Function2<? super String, ? super Throwable, Unit> errorListener = new Function2<String, Throwable, Unit>() { // from class: com.booking.identity.storage.IdentityEncryptor$Builder$errorListener$1
            @Override // kotlin.jvm.functions.Function2
            public /* bridge */ /* synthetic */ Unit invoke(String str, Throwable th) {
                invoke2(str, th);
                return Unit.INSTANCE;
            }

            /* renamed from: invoke, reason: avoid collision after fix types in other method */
            public final void invoke2(String str, Throwable th) {
                Intrinsics.checkNotNullParameter(str, "<anonymous parameter 0>");
                Intrinsics.checkNotNullParameter(th, "<anonymous parameter 1>");
            }
        };
        public String provider;
        public boolean recreate;

        public static /* synthetic */ Builder keyAlias$default(Builder builder, String str, boolean z, int i, Object obj) {
            if ((i & 2) != 0) {
                z = false;
            }
            return builder.keyAlias(str, z);
        }

        public final IdentityEncryptor build() {
            Object m6309constructorimpl;
            Unit unit;
            long nanoTime = System.nanoTime();
            SqueaksKt.idpEvent$default("identity_encryptor_build_start", null, 2, null);
            try {
                Result.Companion companion = Result.INSTANCE;
                m6309constructorimpl = Result.m6309constructorimpl(doBuild());
            } catch (Throwable th) {
                Result.Companion companion2 = Result.INSTANCE;
                m6309constructorimpl = Result.m6309constructorimpl(ResultKt.createFailure(th));
            }
            Object obj = m6309constructorimpl;
            Throwable m6312exceptionOrNullimpl = Result.m6312exceptionOrNullimpl(obj);
            if (m6312exceptionOrNullimpl != null) {
                SqueaksKt.idpError$default("identity_encryptor_build_failure_exception", m6312exceptionOrNullimpl, null, 4, null);
                SqueaksKt.idpTimeKpi$default("identity_encryptor_build_failure_exception", nanoTime, null, 4, null);
            }
            if (Result.m6315isSuccessimpl(obj)) {
                if (((IdentityEncryptor) obj) != null) {
                    SqueaksKt.idpEvent$default("identity_encryptor_build_success", null, 2, null);
                    SqueaksKt.idpTimeKpi$default("identity_encryptor_build_success", nanoTime, null, 4, null);
                    unit = Unit.INSTANCE;
                } else {
                    unit = null;
                }
                if (unit == null) {
                    SqueaksKt.idpWarning$default("identity_encryptor_build_failure", null, 2, null);
                    SqueaksKt.idpTimeKpi$default("identity_encryptor_build_failure", nanoTime, null, 4, null);
                }
            }
            ResultKt.throwOnFailure(obj);
            return (IdentityEncryptor) obj;
        }

        public final IdentityEncryptor createEncryptor(KeyStore keyStore) {
            Object m6309constructorimpl;
            Object m6309constructorimpl2;
            Object obj = null;
            try {
                Result.Companion companion = Result.INSTANCE;
                String str = this.alias;
                if (str == null) {
                    Intrinsics.throwUninitializedPropertyAccessException("alias");
                    str = null;
                }
                KeyStore.Entry entry = keyStore.getEntry(str, null);
                Intrinsics.checkNotNull(entry, "null cannot be cast to non-null type java.security.KeyStore.SecretKeyEntry");
                m6309constructorimpl = Result.m6309constructorimpl(((KeyStore.SecretKeyEntry) entry).getSecretKey());
            } catch (Throwable th) {
                Result.Companion companion2 = Result.INSTANCE;
                m6309constructorimpl = Result.m6309constructorimpl(ResultKt.createFailure(th));
            }
            Throwable m6312exceptionOrNullimpl = Result.m6312exceptionOrNullimpl(m6309constructorimpl);
            if (m6312exceptionOrNullimpl != null) {
                SqueaksKt.idpWarning$default("identity_encryptor_key_not_loaded", m6312exceptionOrNullimpl, null, 4, null);
                this.errorListener.invoke("Key can't be loaded", m6312exceptionOrNullimpl);
                m6309constructorimpl = recreateKey(keyStore);
                if (m6309constructorimpl == null) {
                    return null;
                }
            }
            SecretKey secretKey = (SecretKey) m6309constructorimpl;
            try {
                Intrinsics.checkNotNullExpressionValue(secretKey, "secretKey");
                m6309constructorimpl2 = Result.m6309constructorimpl(new IdentityEncryptor(secretKey));
            } catch (Throwable th2) {
                Result.Companion companion3 = Result.INSTANCE;
                m6309constructorimpl2 = Result.m6309constructorimpl(ResultKt.createFailure(th2));
            }
            Throwable m6312exceptionOrNullimpl2 = Result.m6312exceptionOrNullimpl(m6309constructorimpl2);
            if (m6312exceptionOrNullimpl2 == null) {
                obj = m6309constructorimpl2;
            } else {
                SqueaksKt.idpWarning$default("identity_encryptor_not_created", m6312exceptionOrNullimpl2, null, 4, null);
                this.errorListener.invoke("Identity Encryptor can not be created", m6312exceptionOrNullimpl2);
            }
            return (IdentityEncryptor) obj;
        }

        public final IdentityEncryptor doBuild() {
            Object m6309constructorimpl;
            String str = this.provider;
            if (!(str != null)) {
                throw new IllegalStateException("KeyStore Provider is not assigned to IdentityEncryptor".toString());
            }
            if (!(this.alias != null)) {
                throw new IllegalStateException("Key alias is not assigned to IdentityEncryptor".toString());
            }
            try {
                Result.Companion companion = Result.INSTANCE;
                if (str == null) {
                    Intrinsics.throwUninitializedPropertyAccessException(TaxiOffer.KEY_PROVIDER);
                    str = null;
                }
                KeyStore keyStore = KeyStore.getInstance(str);
                keyStore.load(null, null);
                if (this.recreate) {
                    Intrinsics.checkNotNullExpressionValue(keyStore, "this");
                    recreateKey(keyStore);
                }
                String str2 = this.alias;
                if (str2 == null) {
                    Intrinsics.throwUninitializedPropertyAccessException("alias");
                    str2 = null;
                }
                if (!keyStore.containsAlias(str2)) {
                    generateKey();
                }
                m6309constructorimpl = Result.m6309constructorimpl(keyStore);
            } catch (Throwable th) {
                Result.Companion companion2 = Result.INSTANCE;
                m6309constructorimpl = Result.m6309constructorimpl(ResultKt.createFailure(th));
            }
            Throwable m6312exceptionOrNullimpl = Result.m6312exceptionOrNullimpl(m6309constructorimpl);
            if (m6312exceptionOrNullimpl != null) {
                SqueaksKt.idpWarning$default("identity_encryptor_key_store_not_loaded", m6312exceptionOrNullimpl, null, 4, null);
                this.errorListener.invoke("Error while loading key store or generating secret key", m6312exceptionOrNullimpl);
                return null;
            }
            KeyStore keyStore2 = (KeyStore) m6309constructorimpl;
            Intrinsics.checkNotNullExpressionValue(keyStore2, "keyStore");
            IdentityEncryptor createEncryptor = createEncryptor(keyStore2);
            if ((createEncryptor == null || !verifyEncryptor(createEncryptor)) && (recreateKey(keyStore2) == null || (createEncryptor = createEncryptor(keyStore2)) == null || !verifyEncryptor(createEncryptor))) {
                return null;
            }
            return createEncryptor;
        }

        public final Builder errorListener(Function2<? super String, ? super Throwable, Unit> errorListener) {
            Intrinsics.checkNotNullParameter(errorListener, "errorListener");
            this.errorListener = errorListener;
            return this;
        }

        public final SecretKey generateKey() {
            long nanoTime = System.nanoTime();
            String str = this.provider;
            String str2 = null;
            if (str == null) {
                Intrinsics.throwUninitializedPropertyAccessException(TaxiOffer.KEY_PROVIDER);
                str = null;
            }
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", str);
            String str3 = this.alias;
            if (str3 == null) {
                Intrinsics.throwUninitializedPropertyAccessException("alias");
            } else {
                str2 = str3;
            }
            keyGenerator.init(new KeyGenParameterSpec.Builder(str2, 3).setBlockModes("CBC").setEncryptionPaddings("PKCS7Padding").setKeySize(128).setUserAuthenticationRequired(false).build());
            SecretKey generateKey = keyGenerator.generateKey();
            SqueaksKt.idpTimeKpi$default("identity_encryptor_secret_key_generation_end", nanoTime, null, 4, null);
            Intrinsics.checkNotNullExpressionValue(generateKey, "getInstance(\n           …rtTime)\n                }");
            return generateKey;
        }

        public final Builder keyAlias(String alias, boolean recreate) {
            Intrinsics.checkNotNullParameter(alias, "alias");
            this.alias = alias;
            this.recreate = recreate;
            return this;
        }

        public final Builder keyStoreProvider(String provider) {
            Intrinsics.checkNotNullParameter(provider, "provider");
            this.provider = provider;
            return this;
        }

        public final SecretKey recreateKey(KeyStore keyStore) {
            Object m6309constructorimpl;
            Object obj = null;
            try {
                Result.Companion companion = Result.INSTANCE;
                String str = this.alias;
                if (str == null) {
                    Intrinsics.throwUninitializedPropertyAccessException("alias");
                    str = null;
                }
                if (keyStore.containsAlias(str)) {
                    String str2 = this.alias;
                    if (str2 == null) {
                        Intrinsics.throwUninitializedPropertyAccessException("alias");
                        str2 = null;
                    }
                    keyStore.deleteEntry(str2);
                }
                m6309constructorimpl = Result.m6309constructorimpl(generateKey());
            } catch (Throwable th) {
                Result.Companion companion2 = Result.INSTANCE;
                m6309constructorimpl = Result.m6309constructorimpl(ResultKt.createFailure(th));
            }
            Throwable m6312exceptionOrNullimpl = Result.m6312exceptionOrNullimpl(m6309constructorimpl);
            if (m6312exceptionOrNullimpl == null) {
                obj = m6309constructorimpl;
            } else {
                SqueaksKt.idpWarning$default("identity_encryptor_key_not_created", m6312exceptionOrNullimpl, null, 4, null);
                this.errorListener.invoke("Key can't be recreated", m6312exceptionOrNullimpl);
            }
            return (SecretKey) obj;
        }

        public final boolean verifyEncryptor(IdentityEncryptor encryptor) {
            Object m6309constructorimpl;
            try {
                Result.Companion companion = Result.INSTANCE;
                m6309constructorimpl = Result.m6309constructorimpl(Boolean.valueOf(Arrays.equals(encryptor.getSignature(), encryptor.decryptBytes(encryptor.encryptBytes(encryptor.getSignature())))));
            } catch (Throwable th) {
                Result.Companion companion2 = Result.INSTANCE;
                m6309constructorimpl = Result.m6309constructorimpl(ResultKt.createFailure(th));
            }
            Throwable m6312exceptionOrNullimpl = Result.m6312exceptionOrNullimpl(m6309constructorimpl);
            if (m6312exceptionOrNullimpl != null) {
                SqueaksKt.idpWarning$default("identity_encryptor_verification_error", m6312exceptionOrNullimpl, null, 4, null);
                this.errorListener.invoke("Error while verifying encryptor", m6312exceptionOrNullimpl);
                m6309constructorimpl = Boolean.FALSE;
            }
            return ((Boolean) m6309constructorimpl).booleanValue();
        }
    }

    /* compiled from: IdentityEncryptor.kt */
    @Metadata(d1 = {"\u0000(\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0002\b\u0002\n\u0002\u0010\u000e\n\u0000\n\u0002\u0010\t\n\u0002\b\u0003\n\u0002\u0010\b\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0000\b\u0086\u0003\u0018\u00002\u00020\u0001B\u0007\b\u0002¢\u0006\u0002\u0010\u0002J\u0006\u0010\f\u001a\u00020\rR\u000e\u0010\u0003\u001a\u00020\u0004X\u0082T¢\u0006\u0002\n\u0000R\u000e\u0010\u0005\u001a\u00020\u0006X\u0082T¢\u0006\u0002\n\u0000R\u000e\u0010\u0007\u001a\u00020\u0004X\u0086T¢\u0006\u0002\n\u0000R\u000e\u0010\b\u001a\u00020\u0004X\u0086T¢\u0006\u0002\n\u0000R\u000e\u0010\t\u001a\u00020\nX\u0082T¢\u0006\u0002\n\u0000R\u000e\u0010\u000b\u001a\u00020\nX\u0086T¢\u0006\u0002\n\u0000¨\u0006\u000e"}, d2 = {"Lcom/booking/identity/storage/IdentityEncryptor$Companion;", "", "()V", "CIPHER_AES_MODE", "", "CIPHER_RETRY_DELAY_MS", "", "KEYSTORE_AKS_PROVIDER", "KEY_ALIAS", "KEY_SIZE", "", SharedPreferencesEarlyExperimentationRepo.SHARED_PREFERENCE_VERSION, "builder", "Lcom/booking/identity/storage/IdentityEncryptor$Builder;", "storage_release"}, k = 1, mv = {1, 7, 1}, xi = 48)
    /* loaded from: classes8.dex */
    public static final class Companion {
        public Companion() {
        }

        public /* synthetic */ Companion(DefaultConstructorMarker defaultConstructorMarker) {
            this();
        }

        public final Builder builder() {
            return new Builder();
        }
    }

    public IdentityEncryptor(SecretKey key) {
        Intrinsics.checkNotNullParameter(key, "key");
        this.key = key;
        this.version = 1;
        MessageRow.Algorithm.Companion companion = MessageRow.Algorithm.INSTANCE;
        String algorithm = key.getAlgorithm();
        Intrinsics.checkNotNullExpressionValue(algorithm, "key.algorithm");
        this.algorithm = companion.byKey(algorithm);
        byte[] bytes = "AES/CBC/PKCS7Padding".getBytes(Charsets.UTF_8);
        Intrinsics.checkNotNullExpressionValue(bytes, "this as java.lang.String).getBytes(charset)");
        byte[] array = ByteBuffer.wrap(new byte[bytes.length + 1]).put((byte) 1).put(bytes).array();
        Intrinsics.checkNotNullExpressionValue(array, "let {\n        val mode =…           .array()\n    }");
        this.signature = array;
    }

    public final byte[] decryptBytes(byte[] bytes) {
        Intrinsics.checkNotNullParameter(bytes, "bytes");
        final Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
        final byte[] copyOfRange = ArraysKt___ArraysJvmKt.copyOfRange(bytes, 0, 16);
        byte[] copyOfRange2 = ArraysKt___ArraysJvmKt.copyOfRange(bytes, 16, bytes.length);
        keyStoreWorkaroundForAndroid10(new Function0<Unit>() { // from class: com.booking.identity.storage.IdentityEncryptor$decryptBytes$1
            /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
            {
                super(0);
            }

            @Override // kotlin.jvm.functions.Function0
            public /* bridge */ /* synthetic */ Unit invoke() {
                invoke2();
                return Unit.INSTANCE;
            }

            /* renamed from: invoke, reason: avoid collision after fix types in other method */
            public final void invoke2() {
                cipher.init(2, this.getKey(), new IvParameterSpec(copyOfRange));
            }
        });
        return cipher.doFinal(copyOfRange2);
    }

    public final byte[] encryptBytes(byte[] bytes) {
        Intrinsics.checkNotNullParameter(bytes, "bytes");
        final Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
        keyStoreWorkaroundForAndroid10(new Function0<Unit>() { // from class: com.booking.identity.storage.IdentityEncryptor$encryptBytes$1
            /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
            {
                super(0);
            }

            @Override // kotlin.jvm.functions.Function0
            public /* bridge */ /* synthetic */ Unit invoke() {
                invoke2();
                return Unit.INSTANCE;
            }

            /* renamed from: invoke, reason: avoid collision after fix types in other method */
            public final void invoke2() {
                cipher.init(1, this.getKey());
            }
        });
        byte[] doFinal = cipher.doFinal(bytes);
        byte[] iv = cipher.getIV();
        ByteBuffer wrap = ByteBuffer.wrap(new byte[iv.length + doFinal.length]);
        wrap.put(iv);
        wrap.put(doFinal);
        byte[] array = wrap.array();
        Intrinsics.checkNotNullExpressionValue(array, "buff.array()");
        return array;
    }

    public final MessageRow.Algorithm getAlgorithm() {
        return this.algorithm;
    }

    public final SecretKey getKey() {
        return this.key;
    }

    public final byte[] getSignature() {
        return this.signature;
    }

    public final int getVersion() {
        return this.version;
    }

    public final void keyStoreWorkaroundForAndroid10(Function0<Unit> init) {
        for (int i = 1; i < 5; i++) {
            try {
                Result.Companion companion = Result.INSTANCE;
                init.invoke();
                return;
            } catch (Throwable th) {
                Result.Companion companion2 = Result.INSTANCE;
                Throwable m6312exceptionOrNullimpl = Result.m6312exceptionOrNullimpl(Result.m6309constructorimpl(ResultKt.createFailure(th)));
                if (m6312exceptionOrNullimpl != null) {
                    SqueaksKt.idpWarning$default("identity_encryptor_cipher_failure_" + i, m6312exceptionOrNullimpl, null, 4, null);
                    Thread.sleep(100L);
                }
            }
        }
    }
}
