package defpackage;

import android.content.Context;
import android.content.SharedPreferences;
import android.os.Build;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import com.alibaba.ailabs.iot.aisbase.AESUtil;
import java.nio.charset.StandardCharsets;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;

/* compiled from: KeystoreSecureStorage.java */
/* loaded from: classes2.dex */
public class ca {

    /* renamed from: a, reason: collision with root package name */
    public static volatile ca f2384a = null;

    /* renamed from: b, reason: collision with root package name */
    public static Context f2385b = null;
    public static boolean c = false;
    public KeyStore d;
    public SharedPreferences e;
    public aa f;
    public String g;

    public ca(Context context) {
        this.e = context.getSharedPreferences("SecureDataStore", 0);
        if (Build.VERSION.SDK_INT >= 23) {
            try {
                KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
                this.d = keyStore;
                keyStore.load(null);
                a();
                c = true;
            } catch (Exception unused) {
                c = false;
            }
        }
        aa aaVar = new aa();
        this.f = aaVar;
        if (aaVar.getAppKey() != null) {
            this.g = this.f.sign("safe-key-level-21" + fa.a(context), "HmacSHA1").substring(0, 16);
        }
    }

    public static ca c(Context context) {
        if (f2384a == null) {
            synchronized (ca.class) {
                if (f2384a == null) {
                    try {
                        Context applicationContext = context.getApplicationContext();
                        f2385b = applicationContext;
                        f2384a = new ca(applicationContext);
                    } catch (Exception e) {
                        String str = "init failed. e=" + e;
                    }
                }
            }
        }
        return f2384a;
    }

    public final void a() throws Exception {
        if (this.d.containsAlias("IOT-KeyAlias")) {
            return;
        }
        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", "AndroidKeyStore");
        if (Build.VERSION.SDK_INT >= 23) {
            keyGenerator.init(new KeyGenParameterSpec.Builder("IOT-KeyAlias", 3).setBlockModes("CBC").setEncryptionPaddings("PKCS7Padding").build());
        }
        keyGenerator.generateKey();
    }

    public String b(String str) throws da {
        String string = this.e.getString(str, null);
        String string2 = this.e.getString(str + "_iv", null);
        if (string == null) {
            return null;
        }
        if (Build.VERSION.SDK_INT < 23 || !c) {
            try {
                return ea.a(this.g, string);
            } catch (Exception e) {
                throw new RuntimeException(e);
            }
        }
        try {
            SecretKey secretKey = (SecretKey) this.d.getKey("IOT-KeyAlias", null);
            Cipher cipher = Cipher.getInstance(AESUtil.PKCS7PADDING_CIPHER_ALGORITHM);
            cipher.init(2, secretKey, new IvParameterSpec(Base64.decode(string2, 0)));
            return new String(cipher.doFinal(Base64.decode(string, 0)), StandardCharsets.UTF_8);
        } catch (GeneralSecurityException e2) {
            throw new da("Failed to decrypt and retrieve data", e2);
        }
    }

    public void d(String str, String str2) throws da {
        SharedPreferences.Editor edit = this.e.edit();
        if (Build.VERSION.SDK_INT < 23 || !c) {
            try {
                edit.putString(str, ea.b(this.g, str2));
            } catch (Exception e) {
                throw new RuntimeException(e);
            }
        } else {
            try {
                SecretKey secretKey = (SecretKey) this.d.getKey("IOT-KeyAlias", null);
                Cipher cipher = Cipher.getInstance(AESUtil.PKCS7PADDING_CIPHER_ALGORITHM);
                cipher.init(1, secretKey);
                edit.putString(str, Base64.encodeToString(cipher.doFinal(str2.getBytes(StandardCharsets.UTF_8)), 0));
                edit.putString(str + "_iv", Base64.encodeToString(cipher.getIV(), 0)).apply();
            } catch (GeneralSecurityException e2) {
                throw new da("Failed to encrypt and save data", e2);
            }
        }
        edit.apply();
    }

    public void e(String str) throws da {
        try {
            this.e.edit().remove(str).apply();
        } catch (Exception e) {
            throw new da("Failed to remove data from secure storage", e);
        }
    }
}
