package x.d0.d.m;

import android.content.Context;
import android.util.Base64;
import com.oath.mobile.shadowfax.ShadowfaxCache;
import com.yahoo.mail.util.EncryptedPushToken;
import com.yahoo.mobile.client.android.mailsdk.R;
import com.yahoo.mobile.client.share.logging.Log;
import java.io.InputStream;
import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.X509EncodedKeySpec;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.GCMParameterSpec;
import kotlin.jvm.JvmStatic;
import okio.Source;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;

/* compiled from: Yahoo */
/* loaded from: classes3.dex */
public final class s {
    public static final x.n.h.i d;
    public static final s e = new s();

    /* renamed from: a, reason: collision with root package name */
    public static final b f9407a = new b(null, null, 0, 0, 0, 31);
    public static final a b = new a(null, null, 0, 7);
    public static final p0 c = new p0(null, null, 3);

    static {
        x.n.h.j jVar = new x.n.h.j();
        jVar.m = false;
        d = jVar.a();
    }

    @JvmStatic
    @NotNull
    public static final r g(@NotNull String str, @NotNull o oVar, @NotNull Key key, @NotNull Key key2) {
        i5.h0.b.h.f(str, "data");
        i5.h0.b.h.f(oVar, "accountData");
        i5.h0.b.h.f(key, "providerPublicKey");
        i5.h0.b.h.f(key2, "deviceTokenPublicKey");
        KeyGenerator keyGenerator = KeyGenerator.getInstance(f9407a.f9386a);
        keyGenerator.init(f9407a.d);
        SecretKey generateKey = keyGenerator.generateKey();
        i5.h0.b.h.e(generateKey, "keygen.generateKey()");
        s sVar = e;
        String l = d.l(oVar);
        i5.h0.b.h.e(l, "gson.toJson(accountData)");
        SecretKey h = sVar.h();
        String encodeToString = Base64.encodeToString(sVar.c(str, h, sVar.i()), 2);
        String encodeToString2 = Base64.encodeToString(sVar.e(sVar.a(h), key), 2);
        String encodeToString3 = Base64.encodeToString(sVar.c(l, h, sVar.i()), 2);
        i5.h0.b.h.e(encodeToString2, "encryptedESK");
        i5.h0.b.h.e(encodeToString, "encryptedCred");
        i5.h0.b.h.e(encodeToString3, "encryptedAccountData");
        String l2 = d.l(new q(encodeToString2, encodeToString, encodeToString3));
        i5.h0.b.h.e(l2, "gson.toJson(envelop)");
        SecureRandom secureRandom = new SecureRandom();
        byte[] bArr = new byte[f9407a.c];
        secureRandom.nextBytes(bArr);
        String encodeToString4 = Base64.encodeToString(sVar.c(l2, generateKey, bArr), 2);
        s sVar2 = e;
        String encodeToString5 = Base64.encodeToString(sVar2.e(sVar2.a(generateKey), key2), 2);
        i5.h0.b.h.e(encodeToString4, "encryptedCredL2");
        i5.h0.b.h.e(encodeToString5, "encryptedDevToken");
        return new r(encodeToString4, encodeToString5);
    }

    public final String a(SecretKey secretKey) {
        String encodeToString = Base64.encodeToString(secretKey.getEncoded(), 2);
        i5.h0.b.h.e(encodeToString, "Base64.encodeToString(key.encoded, Base64.NO_WRAP)");
        String str = f9407a.b;
        if (str == null) {
            throw new NullPointerException("null cannot be cast to non-null type java.lang.String");
        }
        String lowerCase = str.toLowerCase();
        i5.h0.b.h.e(lowerCase, "(this as java.lang.String).toLowerCase()");
        b bVar = f9407a;
        String l = d.l(new p(encodeToString, lowerCase, bVar.e, bVar.c));
        i5.h0.b.h.e(l, "gson.toJson(clientKey)");
        return l;
    }

    @Nullable
    public final String b(@NotNull String str, @NotNull String str2) throws IllegalStateException {
        i5.h0.b.h.f(str, "encryptedData");
        i5.h0.b.h.f(str2, "passwordId");
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            KeyStore.Entry entry = keyStore.getEntry(str2, null);
            if (entry == null) {
                throw new NullPointerException("null cannot be cast to non-null type java.security.KeyStore.SecretKeyEntry");
            }
            SecretKey secretKey = ((KeyStore.SecretKeyEntry) entry).getSecretKey();
            i5.h0.b.h.e(secretKey, "secretKeyEntry.secretKey");
            i5.h0.b.h.f(str, "encryptedData");
            i5.h0.b.h.f(secretKey, "key");
            Cipher cipher = Cipher.getInstance(f9407a.b);
            byte[] decode = Base64.decode(str, 0);
            b bVar = f9407a;
            cipher.init(2, secretKey, new GCMParameterSpec(bVar.e, decode, 0, bVar.c));
            int i = f9407a.c;
            byte[] doFinal = cipher.doFinal(decode, i, decode.length - i);
            i5.h0.b.h.e(doFinal, "cipher.doFinal(encrypted…esGcmCipherMode.ivLength)");
            return new String(doFinal, i5.m0.a.f4937a);
        } catch (Exception unused) {
            throw new IllegalStateException("Can't retrieve keys from Keystore");
        }
    }

    public final byte[] c(String str, SecretKey secretKey, byte[] bArr) {
        Cipher cipher = Cipher.getInstance(f9407a.b);
        int i = f9407a.c;
        Charset charset = StandardCharsets.UTF_8;
        i5.h0.b.h.e(charset, "StandardCharsets.UTF_8");
        if (str == null) {
            throw new NullPointerException("null cannot be cast to non-null type java.lang.String");
        }
        byte[] bytes = str.getBytes(charset);
        i5.h0.b.h.e(bytes, "(this as java.lang.String).getBytes(charset)");
        cipher.init(1, secretKey, new GCMParameterSpec(f9407a.e, bArr));
        byte[] bArr2 = new byte[cipher.getOutputSize(bytes.length) + i];
        System.arraycopy(bArr, 0, bArr2, 0, f9407a.c);
        cipher.doFinal(bytes, 0, bytes.length, bArr2, i);
        return bArr2;
    }

    @NotNull
    public final EncryptedPushToken d(@NotNull String str, @NotNull PublicKey publicKey) {
        i5.h0.b.h.f(str, ShadowfaxCache.KEY_PUSH_TOKEN);
        i5.h0.b.h.f(publicKey, "publicRSAKey");
        SecretKey h = h();
        i5.h0.b.h.f(str, "data");
        i5.h0.b.h.f(h, "key");
        Cipher cipher = Cipher.getInstance(b.b);
        cipher.init(1, h);
        byte[] bytes = str.getBytes(i5.m0.a.f4937a);
        i5.h0.b.h.e(bytes, "(this as java.lang.String).getBytes(charset)");
        String encodeToString = Base64.encodeToString(cipher.doFinal(bytes), 0);
        i5.h0.b.h.e(encodeToString, "Base64.encodeToString(en…ptedData, Base64.DEFAULT)");
        byte[] encoded = h.getEncoded();
        i5.h0.b.h.e(encoded, "aesKey.encoded");
        String encodeToString2 = Base64.encodeToString(f(encoded, publicKey), 2);
        i5.h0.b.h.e(encodeToString2, "encryptedAesKey");
        return new EncryptedPushToken(encodeToString, encodeToString2);
    }

    public final byte[] e(String str, Key key) {
        byte[] bytes = str.getBytes(i5.m0.a.f4937a);
        i5.h0.b.h.e(bytes, "(this as java.lang.String).getBytes(charset)");
        return f(bytes, key);
    }

    public final byte[] f(byte[] bArr, Key key) {
        Cipher cipher = Cipher.getInstance(c.b);
        cipher.init(1, key);
        byte[] doFinal = cipher.doFinal(bArr);
        i5.h0.b.h.e(doFinal, "cipher.doFinal(data)");
        return doFinal;
    }

    public final SecretKey h() {
        KeyGenerator keyGenerator = KeyGenerator.getInstance(f9407a.f9386a);
        keyGenerator.init(f9407a.d);
        SecretKey generateKey = keyGenerator.generateKey();
        i5.h0.b.h.e(generateKey, "keygen.generateKey()");
        return generateKey;
    }

    public final byte[] i() {
        SecureRandom secureRandom = new SecureRandom();
        byte[] bArr = new byte[f9407a.c];
        secureRandom.nextBytes(bArr);
        return bArr;
    }

    @NotNull
    public final PublicKey j(@NotNull String str) throws InvalidKeySpecException {
        i5.h0.b.h.f(str, "key");
        byte[] bytes = str.getBytes(i5.m0.a.f4937a);
        i5.h0.b.h.e(bytes, "(this as java.lang.String).getBytes(charset)");
        PublicKey generatePublic = KeyFactory.getInstance(c.f9405a).generatePublic(new X509EncodedKeySpec(Base64.decode(bytes, 0)));
        i5.h0.b.h.e(generatePublic, "KeyFactory.getInstance(r…ratePublic(x509publicKey)");
        return generatePublic;
    }

    @NotNull
    public final PublicKey k(@NotNull Context context) {
        i5.h0.b.h.f(context, "appContext");
        InputStream openRawResource = context.getResources().openRawResource(R.raw.pushtoken_pub);
        i5.h0.b.h.e(openRawResource, "appContext.resources.ope…urce(R.raw.pushtoken_pub)");
        Source k = o5.r.k(openRawResource);
        o5.i iVar = new o5.i();
        iVar.writeAll(k);
        PublicKey generatePublic = KeyFactory.getInstance(c.f9405a).generatePublic(new X509EncodedKeySpec(iVar.readByteArray()));
        i5.h0.b.h.e(generatePublic, "KeyFactory.getInstance(r…e.key).generatePublic(ks)");
        return generatePublic;
    }

    public final void l(@NotNull String str) {
        i5.h0.b.h.f(str, "keyId");
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            keyStore.deleteEntry(str);
        } catch (KeyStoreException unused) {
            Log.f("EncryptionUtil", "Fail to remove key from Keystore");
        }
    }
}
