package com.samsung.android.scloud.keystore;

import android.os.Bundle;
import com.samsung.android.scloud.common.logger.LOG;
import com.samsung.android.scloud.keystore.KeyStoreContract;
import com.samsung.android.sdk.scloud.decorator.certificate.AesKey;
import javax.crypto.SecretKey;

/* loaded from: classes2.dex */
abstract class CryptoExecutor implements ProviderExecutor {
    private final String TAG = getClass().getSimpleName();

    private int findValidKey(AesKey[] aesKeyArr) {
        for (int i = 0; i < aesKeyArr.length; i++) {
            if (aesKeyArr[i].expireTime > System.currentTimeMillis()) {
                return i;
            }
        }
        return -1;
    }

    abstract byte[] doFinal(CryptoManager cryptoManager, SecretKey secretKey, byte[] bArr, byte[] bArr2) throws Exception;

    @Override // com.samsung.android.scloud.keystore.ProviderExecutor
    public Bundle execute(KeyStoreContext keyStoreContext, KeyStoreContract.Argument argument, Bundle bundle, int i) {
        LOG.i(this.TAG, "execute");
        Bundle bundle2 = new Bundle();
        bundle2.putBoolean(KeyStoreContract.Key.RESULT, false);
        byte[] byteArray = bundle.getByteArray(KeyStoreContract.Key.IV);
        byte[] byteArray2 = bundle.getByteArray(KeyStoreContract.Key.BYTES);
        KeyStoreContract.CipherAlgorithm from = KeyStoreContract.CipherAlgorithm.from(bundle.getString(KeyStoreContract.Key.ALGORITHM));
        if (byteArray == null || byteArray.length == 0) {
            LOG.e(this.TAG, "IV is invalid");
            bundle2.putInt(KeyStoreContract.Key.ERROR_CODE, KeyStoreContract.ErrorCode.INVALID_PARAMETER.value());
            return bundle2;
        }
        if (byteArray2 == null || byteArray2.length == 0) {
            LOG.e(this.TAG, "Plain text is invalid");
            bundle2.putInt(KeyStoreContract.Key.ERROR_CODE, KeyStoreContract.ErrorCode.INVALID_PARAMETER.value());
            return bundle2;
        }
        if (from == KeyStoreContract.CipherAlgorithm.NONE) {
            LOG.e(this.TAG, "Cipher algorithm is invalid");
            bundle2.putInt(KeyStoreContract.Key.ERROR_CODE, KeyStoreContract.ErrorCode.INVALID_PARAMETER.value());
            return bundle2;
        }
        try {
            byte[] doFinal = doFinal(keyStoreContext.cryptoManager, getSecretKey(keyStoreContext, from, bundle), byteArray, byteArray2);
            bundle2.putBoolean(KeyStoreContract.Key.RESULT, true);
            bundle2.putByteArray(KeyStoreContract.Key.BYTES, doFinal);
        } catch (KeyStoreException e) {
            LOG.e(this.TAG, "Failed to encrypt or decrypt. [CODE] : " + e.getCode());
            bundle2.putInt(KeyStoreContract.Key.ERROR_CODE, e.getCode());
        } catch (Exception e2) {
            LOG.e(this.TAG, "Failed to encrypt or decrypt. [MSG] : " + e2.getMessage());
            e2.printStackTrace();
            bundle2.putInt(KeyStoreContract.Key.ERROR_CODE, KeyStoreExceptionHandler.getErrorCode(e2));
        }
        return bundle2;
    }

    protected SecretKey getSecretKey(KeyStoreContext keyStoreContext, KeyStoreContract.CipherAlgorithm cipherAlgorithm, Bundle bundle) throws KeyStoreException {
        KeyStoreDatabaseManager keyStoreDatabaseManager = keyStoreContext.databaseManager;
        AesKey[] userAesKeyAlias = keyStoreDatabaseManager.getUserAesKeyAlias();
        int findValidKey = userAesKeyAlias != null ? findValidKey(userAesKeyAlias) : -1;
        if (findValidKey == -1) {
            LOG.d(this.TAG, "User secret key does not exist");
            int execute = keyStoreContext.serverApiManager.execute(keyStoreContext, KeyStoreContract.ServerApi.RETRIEVE_CERT, bundle);
            if (execute != KeyStoreContract.ErrorCode.SUCCESS.value()) {
                throw new KeyStoreException(execute);
            }
            userAesKeyAlias = keyStoreDatabaseManager.getUserAesKeyAlias();
            if (userAesKeyAlias != null) {
                findValidKey = findValidKey(userAesKeyAlias);
            }
        }
        if (userAesKeyAlias == null || findValidKey == -1) {
            LOG.e(this.TAG, "User secret key does not exist");
            throw new KeyStoreException(KeyStoreContract.ErrorCode.INVALID_DB.value());
        }
        String str = KeyStoreContract.CipherAlgorithm.AES128 == cipherAlgorithm ? userAesKeyAlias[findValidKey].aes128Key : null;
        if (KeyStoreContract.CipherAlgorithm.AES256 == cipherAlgorithm) {
            str = userAesKeyAlias[findValidKey].aes256Key;
        }
        LOG.i(this.TAG, "[Key] " + str);
        try {
            return keyStoreContext.keyStoreManager.getSecretKey(str);
        } catch (Exception e) {
            LOG.e(this.TAG, "User secret key does not exist. " + e.getMessage());
            throw new KeyStoreException(KeyStoreExceptionHandler.getErrorCode(e));
        }
    }
}
