package com.pivotaltracker.iron_encryption;

import android.util.Log;
import com.google.android.gms.common.util.IOUtils;
import com.google.firebase.crashlytics.internal.metadata.UserMetadata;
import com.pivotaltracker.iron.Encryption;
import com.pivotaltracker.iron.Iron;
import com.pivotaltracker.iron_encryption.AesCbcWithIntegrity;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.GeneralSecurityException;
import java.security.SecureRandom;
import java.util.concurrent.atomic.AtomicBoolean;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;

/* loaded from: classes2.dex */
public class IronEncryption implements Encryption {
    private static final int AES_KEY_LENGTH_BITS = 128;
    private static final String CIPHER = "AES";
    private static final String CIPHER_TRANSFORMATION = "AES";
    private static final String HMAC_ALGORITHM = "HmacSHA256";
    private static final int HMAC_KEY_LENGTH_BITS = 256;
    private static final int IV_LENGTH_BYTES = 16;
    private static final String RANDOM_ALGORITHM = "SHA1PRNG";
    private static final AtomicBoolean prngFixed = new AtomicBoolean(false);
    protected AesCbcWithIntegrity.SecretKeys mKey = getKey();

    public IronEncryption() {
        Log.d("crypt", "created with key:" + this.mKey.toString());
    }

    private static void fixPrng() {
        AtomicBoolean atomicBoolean = prngFixed;
        if (atomicBoolean.get()) {
            return;
        }
        synchronized (AesCbcWithIntegrity.PrngFixes.class) {
            if (!atomicBoolean.get()) {
                AesCbcWithIntegrity.PrngFixes.apply();
                atomicBoolean.set(true);
            }
        }
    }

    public static byte[] generateIv() throws GeneralSecurityException {
        return randomBytes(16);
    }

    public static AesCbcWithIntegrity.SecretKeys generateKey() throws GeneralSecurityException {
        fixPrng();
        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
        keyGenerator.init(128);
        SecretKey generateKey = keyGenerator.generateKey();
        AesCbcWithIntegrity.SecretKeySpec secretKeySpec = new AesCbcWithIntegrity.SecretKeySpec();
        secretKeySpec.algorithm = generateKey.getAlgorithm();
        secretKeySpec.format = generateKey.getFormat();
        secretKeySpec.encoded = generateKey.getEncoded();
        byte[] randomBytes = randomBytes(32);
        AesCbcWithIntegrity.SecretKeySpec secretKeySpec2 = new AesCbcWithIntegrity.SecretKeySpec();
        secretKeySpec2.generate(randomBytes, HMAC_ALGORITHM);
        AesCbcWithIntegrity.SecretKeys secretKeys = new AesCbcWithIntegrity.SecretKeys();
        secretKeys.setConfidentialityKey(secretKeySpec);
        secretKeys.setIntegrityKey(secretKeySpec2);
        return secretKeys;
    }

    private static byte[] randomBytes(int i) throws GeneralSecurityException {
        fixPrng();
        byte[] bArr = new byte[i];
        SecureRandom.getInstance(RANDOM_ALGORITHM).nextBytes(bArr);
        return bArr;
    }

    @Override // com.pivotaltracker.iron.Encryption
    public ByteArrayInputStream decrypt(InputStream inputStream) {
        try {
            return new ByteArrayInputStream(IOUtils.toByteArray(new CipherInputStream(inputStream, getCipher(2))));
        } catch (IOException e) {
            e.printStackTrace();
            return null;
        }
    }

    @Override // com.pivotaltracker.iron.Encryption
    public CipherOutputStream encrypt(OutputStream outputStream) {
        return new CipherOutputStream(outputStream, getCipher(1));
    }

    @Override // com.pivotaltracker.iron.Encryption
    public Cipher getCipher(int i) {
        try {
            byte[] generateIv = generateIv();
            Cipher cipher = Cipher.getInstance("AES");
            cipher.init(i, this.mKey.getConfidentialityKey(), new IvParameterSpec(generateIv));
            return cipher;
        } catch (GeneralSecurityException e) {
            e.printStackTrace();
            return null;
        }
    }

    public AesCbcWithIntegrity.SecretKeys getKey() {
        AesCbcWithIntegrity.SecretKeys secretKeys = (AesCbcWithIntegrity.SecretKeys) Iron.chest(UserMetadata.KEYDATA_FILENAME).read("key");
        if (secretKeys != null) {
            return secretKeys;
        }
        try {
            secretKeys = generateKey();
            Iron.chest(UserMetadata.KEYDATA_FILENAME).write("key", (String) secretKeys);
            return secretKeys;
        } catch (GeneralSecurityException e) {
            e.printStackTrace();
            return secretKeys;
        }
    }
}
