package com.google.commerce.tapandpay.android.security.storagekey;

import android.app.Application;
import android.database.Cursor;
import android.database.sqlite.SQLiteDatabase;
import android.os.Build;
import android.util.Pair;
import com.google.android.libraries.tapandpay.proto.StorageKeyProto$EncryptedStorageKey;
import com.google.android.libraries.tapandpay.proto.StorageKeyProto$StorageKey;
import com.google.commerce.tapandpay.android.accountscope.api.QualifierAnnotations;
import com.google.commerce.tapandpay.android.attestation.DeviceAttestationClient;
import com.google.commerce.tapandpay.android.infrastructure.rpc.RpcCaller;
import com.google.commerce.tapandpay.android.infrastructure.rpc.ServerException;
import com.google.commerce.tapandpay.android.infrastructure.rpc.TapAndPayApiException;
import com.google.commerce.tapandpay.android.logging.CLog;
import com.google.commerce.tapandpay.android.migration.state.MigrationStateManager;
import com.google.commerce.tapandpay.android.security.SecureHardwareEncryptionUtil;
import com.google.commerce.tapandpay.android.security.storagekey.StorageKeyCache;
import com.google.commerce.tapandpay.android.serverlog.SLog;
import com.google.commerce.tapandpay.android.transit.transitbundle.datastore.TransitBundleDatastore;
import com.google.internal.tapandpay.v1.SecurityProto$ConfirmStorageKeyRotationRequest;
import com.google.internal.tapandpay.v1.SecurityProto$ConfirmStorageKeyRotationResponse;
import com.google.internal.tapandpay.v1.SecurityProto$GetStorageKeyRequest;
import com.google.internal.tapandpay.v1.SecurityProto$GetStorageKeyResponse;
import com.google.internal.tapandpay.v1.SecurityProto$StorageKey;
import com.google.protobuf.ByteString;
import java.io.IOException;
import javax.inject.Inject;

/* loaded from: classes.dex */
public class StorageKeyManager {
    private final String accountName;
    public final DeviceAttestationClient attestationClient;
    private final Application context;
    private final RpcCaller rpcCaller;
    private final StorageKeyCache storageKeyCache;
    private final TransitBundleDatastore transitBundleDatastore;

    @Inject
    public StorageKeyManager(DeviceAttestationClient deviceAttestationClient, StorageKeyCache storageKeyCache, @QualifierAnnotations.AccountName String str, Application application, RpcCaller rpcCaller, TransitBundleDatastore transitBundleDatastore) {
        this.attestationClient = deviceAttestationClient;
        this.accountName = str;
        this.storageKeyCache = storageKeyCache;
        this.context = application;
        this.rpcCaller = rpcCaller;
        this.transitBundleDatastore = transitBundleDatastore;
    }

    public final void fetchStorageKey$ar$ds() {
        CLog.d("StorageKeyManager", "Start fetching storage keys.");
        try {
            getStorageKey$ar$ds(this.attestationClient.getAttestationVerdictUsingSafetyNet());
        } catch (RpcCaller.RpcAuthError e) {
            e = e;
            CLog.d("StorageKeyManager", "fetchStorageKey error", e);
        } catch (ServerException e2) {
            e = e2;
            CLog.d("StorageKeyManager", "fetchStorageKey error", e);
        } catch (TapAndPayApiException e3) {
            CLog.d("StorageKeyManager", "fetchStorageKey error", e3);
            this.attestationClient.checkAndHandleAttestationFailure(e3);
        } catch (IOException e4) {
            e = e4;
            CLog.d("StorageKeyManager", "fetchStorageKey error", e);
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r11v2, types: [java.lang.String] */
    public final void getStorageKey$ar$ds(String str) {
        SQLiteDatabase sQLiteDatabase;
        try {
            this.storageKeyCache.get(false);
        } catch (StorageKeyCache.StorageKeyException e) {
            CLog.dfmt("StorageKeyManager", "storage key missing for %s", this.accountName);
            SecurityProto$GetStorageKeyRequest.Builder builder = (SecurityProto$GetStorageKeyRequest.Builder) SecurityProto$GetStorageKeyRequest.DEFAULT_INSTANCE.createBuilder();
            if (!builder.instance.isMutable()) {
                builder.copyOnWriteInternal();
            }
            SecurityProto$GetStorageKeyRequest securityProto$GetStorageKeyRequest = (SecurityProto$GetStorageKeyRequest) builder.instance;
            str.getClass();
            securityProto$GetStorageKeyRequest.attestationVerdict_ = str;
            SecurityProto$GetStorageKeyResponse securityProto$GetStorageKeyResponse = (SecurityProto$GetStorageKeyResponse) this.rpcCaller.blockingCallTapAndPay("t/security/getstoragekey", (SecurityProto$GetStorageKeyRequest) builder.build(), SecurityProto$GetStorageKeyResponse.DEFAULT_INSTANCE);
            SecurityProto$StorageKey securityProto$StorageKey = securityProto$GetStorageKeyResponse.key_;
            if (securityProto$StorageKey == null) {
                securityProto$StorageKey = SecurityProto$StorageKey.DEFAULT_INSTANCE;
            }
            if (securityProto$StorageKey.value_.size() != 32) {
                throw new IOException("received a storage key with a length not equal to 32.");
            }
            StorageKeyProto$StorageKey.Builder builder2 = (StorageKeyProto$StorageKey.Builder) StorageKeyProto$StorageKey.DEFAULT_INSTANCE.createBuilder();
            SecurityProto$StorageKey securityProto$StorageKey2 = securityProto$GetStorageKeyResponse.key_;
            if (securityProto$StorageKey2 == null) {
                securityProto$StorageKey2 = SecurityProto$StorageKey.DEFAULT_INSTANCE;
            }
            String str2 = securityProto$StorageKey2.id_;
            if (!builder2.instance.isMutable()) {
                builder2.copyOnWriteInternal();
            }
            StorageKeyProto$StorageKey storageKeyProto$StorageKey = (StorageKeyProto$StorageKey) builder2.instance;
            str2.getClass();
            storageKeyProto$StorageKey.id_ = str2;
            SecurityProto$StorageKey securityProto$StorageKey3 = securityProto$GetStorageKeyResponse.key_;
            if (securityProto$StorageKey3 == null) {
                securityProto$StorageKey3 = SecurityProto$StorageKey.DEFAULT_INSTANCE;
            }
            ByteString byteString = securityProto$StorageKey3.value_;
            if (!builder2.instance.isMutable()) {
                builder2.copyOnWriteInternal();
            }
            StorageKeyProto$StorageKey storageKeyProto$StorageKey2 = (StorageKeyProto$StorageKey) builder2.instance;
            byteString.getClass();
            storageKeyProto$StorageKey2.value_ = byteString;
            StorageKeyProto$StorageKey storageKeyProto$StorageKey3 = (StorageKeyProto$StorageKey) builder2.build();
            if (securityProto$GetStorageKeyResponse.newKey_ == null) {
                CLog.dfmt("StorageKeyManager", "Retrieved storage key for %s", this.accountName);
            } else if (MigrationStateManager.hasClosedLoopHceMigrationStarted(this.context)) {
                CLog.w("StorageKeyManager", "Tried to rotate storage keys mid-migration");
            } else {
                try {
                    StorageKeyProto$StorageKey.Builder builder3 = (StorageKeyProto$StorageKey.Builder) StorageKeyProto$StorageKey.DEFAULT_INSTANCE.createBuilder();
                    SecurityProto$StorageKey securityProto$StorageKey4 = securityProto$GetStorageKeyResponse.newKey_;
                    if (securityProto$StorageKey4 == null) {
                        securityProto$StorageKey4 = SecurityProto$StorageKey.DEFAULT_INSTANCE;
                    }
                    String str3 = securityProto$StorageKey4.id_;
                    if (!builder3.instance.isMutable()) {
                        builder3.copyOnWriteInternal();
                    }
                    StorageKeyProto$StorageKey storageKeyProto$StorageKey4 = (StorageKeyProto$StorageKey) builder3.instance;
                    str3.getClass();
                    storageKeyProto$StorageKey4.id_ = str3;
                    SecurityProto$StorageKey securityProto$StorageKey5 = securityProto$GetStorageKeyResponse.newKey_;
                    if (securityProto$StorageKey5 == null) {
                        securityProto$StorageKey5 = SecurityProto$StorageKey.DEFAULT_INSTANCE;
                    }
                    ByteString byteString2 = securityProto$StorageKey5.value_;
                    if (!builder3.instance.isMutable()) {
                        builder3.copyOnWriteInternal();
                    }
                    StorageKeyProto$StorageKey storageKeyProto$StorageKey5 = (StorageKeyProto$StorageKey) builder3.instance;
                    byteString2.getClass();
                    storageKeyProto$StorageKey5.value_ = byteString2;
                    StorageKeyProto$StorageKey storageKeyProto$StorageKey6 = (StorageKeyProto$StorageKey) builder3.build();
                    TransitBundleDatastore transitBundleDatastore = this.transitBundleDatastore;
                    SQLiteDatabase writableDb = transitBundleDatastore.getWritableDb();
                    writableDb.beginTransaction();
                    try {
                        ?? r11 = "key_id=?";
                        SQLiteDatabase sQLiteDatabase2 = writableDb;
                        try {
                            Cursor query = writableDb.query("transit_bundles", new String[]{"bundle_card_id"}, "key_id=?", new String[]{storageKeyProto$StorageKey3.id_}, null, null, null);
                            sQLiteDatabase = r11;
                            while (query.moveToNext()) {
                                try {
                                    try {
                                        sQLiteDatabase = sQLiteDatabase2;
                                        try {
                                            transitBundleDatastore.updateBundleInTransaction(transitBundleDatastore.readBundleByCardId(query.getLong(0), sQLiteDatabase, storageKeyProto$StorageKey3), sQLiteDatabase, storageKeyProto$StorageKey6);
                                            sQLiteDatabase2 = sQLiteDatabase;
                                            sQLiteDatabase = sQLiteDatabase;
                                        } catch (Throwable th) {
                                            th = th;
                                            Throwable th2 = th;
                                            if (query == null) {
                                                throw th2;
                                            }
                                            try {
                                                query.close();
                                                throw th2;
                                            } catch (Throwable th3) {
                                                Throwable.class.getDeclaredMethod("addSuppressed", Throwable.class).invoke(th2, th3);
                                                throw th2;
                                            }
                                        }
                                    } catch (Throwable th4) {
                                        th = th4;
                                        sQLiteDatabase.endTransaction();
                                        throw th;
                                    }
                                } catch (Throwable th5) {
                                    th = th5;
                                    sQLiteDatabase = sQLiteDatabase2;
                                }
                            }
                            sQLiteDatabase = sQLiteDatabase2;
                            CLog.i("TransitBundleDB", "Successfully rotated keys");
                            sQLiteDatabase.setTransactionSuccessful();
                            if (query != null) {
                                query.close();
                            }
                            sQLiteDatabase.endTransaction();
                            SecurityProto$ConfirmStorageKeyRotationRequest.Builder builder4 = (SecurityProto$ConfirmStorageKeyRotationRequest.Builder) SecurityProto$ConfirmStorageKeyRotationRequest.DEFAULT_INSTANCE.createBuilder();
                            SecurityProto$StorageKey securityProto$StorageKey6 = securityProto$GetStorageKeyResponse.newKey_;
                            if (securityProto$StorageKey6 == null) {
                                securityProto$StorageKey6 = SecurityProto$StorageKey.DEFAULT_INSTANCE;
                            }
                            String str4 = securityProto$StorageKey6.id_;
                            if (!builder4.instance.isMutable()) {
                                builder4.copyOnWriteInternal();
                            }
                            SecurityProto$ConfirmStorageKeyRotationRequest securityProto$ConfirmStorageKeyRotationRequest = (SecurityProto$ConfirmStorageKeyRotationRequest) builder4.instance;
                            str4.getClass();
                            securityProto$ConfirmStorageKeyRotationRequest.newKeyId_ = str4;
                            this.rpcCaller.callTapAndPay("t/security/confirmstoragekeyrotation", (SecurityProto$ConfirmStorageKeyRotationRequest) builder4.build(), SecurityProto$ConfirmStorageKeyRotationResponse.DEFAULT_INSTANCE, new RpcCaller.NoOpCallback());
                            CLog.dfmt("StorageKeyManager", "Successfully retrieved and rotated storage key for %s", this.accountName);
                            storageKeyProto$StorageKey3 = storageKeyProto$StorageKey6;
                        } catch (Throwable th6) {
                            th = th6;
                            sQLiteDatabase = sQLiteDatabase2;
                        }
                    } catch (Throwable th7) {
                        th = th7;
                        sQLiteDatabase = writableDb;
                    }
                } catch (TransitBundleDatastore.UnexpectedDbStateException e2) {
                    SLog.log("StorageKeyManager", "rotateKeys error", e2, this.accountName);
                }
            }
            StorageKeyCache storageKeyCache = this.storageKeyCache;
            StorageKeyProto$StorageKey alias = storageKeyCache.setAlias(storageKeyProto$StorageKey3);
            storageKeyCache.putInMemoryCache(alias, false);
            StorageKeyProto$EncryptedStorageKey storageKeyProto$EncryptedStorageKey = null;
            if (Build.VERSION.SDK_INT >= 23) {
                SecureHardwareEncryptionUtil secureHardwareEncryptionUtil = storageKeyCache.encryptionUtil;
                Pair encryptInSecureHardware$ar$ds = SecureHardwareEncryptionUtil.encryptInSecureHardware$ar$ds(alias.value_.toByteArray());
                if (encryptInSecureHardware$ar$ds != null) {
                    StorageKeyProto$EncryptedStorageKey.Builder builder5 = (StorageKeyProto$EncryptedStorageKey.Builder) StorageKeyProto$EncryptedStorageKey.DEFAULT_INSTANCE.createBuilder();
                    String str5 = alias.id_;
                    if (!builder5.instance.isMutable()) {
                        builder5.copyOnWriteInternal();
                    }
                    StorageKeyProto$EncryptedStorageKey storageKeyProto$EncryptedStorageKey2 = (StorageKeyProto$EncryptedStorageKey) builder5.instance;
                    str5.getClass();
                    storageKeyProto$EncryptedStorageKey2.id_ = str5;
                    ByteString copyFrom = ByteString.copyFrom((byte[]) encryptInSecureHardware$ar$ds.first);
                    if (!builder5.instance.isMutable()) {
                        builder5.copyOnWriteInternal();
                    }
                    ((StorageKeyProto$EncryptedStorageKey) builder5.instance).ciphertext_ = copyFrom;
                    ByteString copyFrom2 = ByteString.copyFrom((byte[]) encryptInSecureHardware$ar$ds.second);
                    if (!builder5.instance.isMutable()) {
                        builder5.copyOnWriteInternal();
                    }
                    ((StorageKeyProto$EncryptedStorageKey) builder5.instance).iv_ = copyFrom2;
                    storageKeyProto$EncryptedStorageKey = (StorageKeyProto$EncryptedStorageKey) builder5.build();
                }
            }
            if (storageKeyProto$EncryptedStorageKey != null) {
                storageKeyCache.keyValueStore.put(storageKeyCache.buildEncryptedStorageKeyKey(), storageKeyProto$EncryptedStorageKey.toByteArray());
            } else {
                storageKeyCache.keyValueStore.remove(storageKeyCache.buildEncryptedStorageKeyKey());
            }
        }
    }
}
