package com.avg.vault.a;

import android.content.Context;
import android.support.v4.app.FragmentTransaction;
import java.io.ByteArrayOutputStream;
import java.io.DataInputStream;
import java.io.DataOutputStream;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.GeneralSecurityException;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.SecureRandom;
import java.util.Arrays;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;
import org.apache.http.protocol.HTTP;

/* loaded from: classes.dex */
public class c {

    /* renamed from: a, reason: collision with root package name */
    private byte[] f145a = null;
    private final Context b;
    private String c;
    private String d;

    public c(Context context, String str, String str2) {
        this.b = context;
        this.c = str;
        this.d = str2;
        if (this.d != null && this.d.length() == 0) {
            this.d = null;
        }
        if (this.d == null) {
            throw new KeyStoreException("Password cannot be null");
        }
        if (this.c == null || this.c.isEmpty()) {
            this.c = "AVG_KeyStore";
        }
        try {
            FileInputStream openFileInput = this.b.openFileInput(this.c);
            boolean a2 = a(openFileInput, this.d);
            openFileInput.close();
            if (a2) {
            } else {
                throw new GeneralSecurityException("Wrong Password");
            }
        } catch (FileNotFoundException e) {
            a();
            d();
            e.printStackTrace();
        } catch (IOException e2) {
            throw new KeyStoreException("IO exception while reading secure key");
        }
    }

    static byte[] a(byte[] bArr, byte[] bArr2) {
        MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
        messageDigest.update(bArr);
        return SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1").generateSecret(new PBEKeySpec(new String(messageDigest.digest()).toCharArray(), bArr2, 100, 128)).getEncoded();
    }

    public void a() {
        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
        keyGenerator.init(256, SecureRandom.getInstance("SHA1PRNG"));
        a(keyGenerator.generateKey().getEncoded());
    }

    public void a(OutputStream outputStream, String str) {
        a(outputStream, str.getBytes(HTTP.UTF_8));
    }

    public void a(OutputStream outputStream, byte[] bArr) {
        byte[] b = b(bArr);
        outputStream.write(b, 0, b.length);
        outputStream.flush();
    }

    public void a(String str) {
        this.d = str;
    }

    public void a(byte[] bArr) {
        if (bArr.length != 32) {
            throw new b("Not a supported AES key");
        }
        this.f145a = bArr;
    }

    public boolean a(InputStream inputStream, String str) {
        return a(inputStream, str.getBytes(HTTP.UTF_8));
    }

    public boolean a(InputStream inputStream, byte[] bArr) {
        byte[] bArr2 = new byte[16];
        byte[] bArr3 = new byte[64];
        DataInputStream dataInputStream = new DataInputStream(inputStream);
        if (dataInputStream.readInt() != 1) {
            throw new b("Invalid version of master key stream");
        }
        if (dataInputStream.read(bArr2, 0, bArr2.length) != 16) {
            throw new b("The stream is too short; can not read salt");
        }
        if (dataInputStream.read(bArr3, 0, bArr3.length) != 64) {
            throw new b("The stream is too short; missing encrypted content");
        }
        SecretKeySpec secretKeySpec = new SecretKeySpec(a(bArr, bArr2), "AES");
        Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
        cipher.init(2, secretKeySpec, new IvParameterSpec(bArr2));
        byte[] update = cipher.update(bArr3, 0, 32);
        if (update == null || update.length != 32) {
            throw new b("Failed to decrypt password verification block");
        }
        byte[] update2 = cipher.update(bArr3, 32, 32);
        if (update2 == null || update2.length != 32) {
            throw new b("Failed to decrypt stored data");
        }
        MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
        messageDigest.update(update2);
        if (!Arrays.equals(update, messageDigest.digest())) {
            return false;
        }
        this.f145a = update2;
        return true;
    }

    public String b() {
        return this.d;
    }

    public byte[] b(byte[] bArr) {
        if (this.f145a == null) {
            throw new IllegalArgumentException("no master key specified");
        }
        Cipher cipher = Cipher.getInstance("AES/CBC/NoPadding");
        byte[] bArr2 = new byte[16];
        new SecureRandom().nextBytes(bArr2);
        cipher.init(1, new SecretKeySpec(a(bArr, bArr2), "AES"), new IvParameterSpec(bArr2));
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream(FragmentTransaction.TRANSIT_ENTER_MASK);
        DataOutputStream dataOutputStream = new DataOutputStream(byteArrayOutputStream);
        dataOutputStream.writeInt(1);
        dataOutputStream.write(bArr2, 0, bArr2.length);
        MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
        messageDigest.update(this.f145a);
        byte[] digest = messageDigest.digest();
        if (digest != null) {
            dataOutputStream.write(cipher.update(digest));
        }
        dataOutputStream.write(cipher.doFinal(this.f145a));
        dataOutputStream.flush();
        return byteArrayOutputStream.toByteArray();
    }

    public byte[] c() {
        return this.f145a;
    }

    public void d() {
        try {
            FileOutputStream openFileOutput = this.b.openFileOutput(this.c, 0);
            a(openFileOutput, this.d);
            openFileOutput.close();
        } catch (FileNotFoundException e) {
            throw new KeyStoreException("Key storage file not found", e);
        } catch (IOException e2) {
            throw new KeyStoreException("Key storage file not found", e2);
        } catch (GeneralSecurityException e3) {
            throw new KeyStoreException("Security update failed", e3);
        }
    }
}
