package com.ofss.digx.mobile.android.plugins;

import android.content.Context;
import android.content.SharedPreferences;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import androidx.security.crypto.EncryptedSharedPreferences;
import androidx.security.crypto.MasterKeys;
import com.google.android.gms.stats.CodePackage;
import com.ofss.digx.mobile.android.constants.KeySet;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.util.Enumeration;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.GCMParameterSpec;
import org.apache.commons.lang3.CharEncoding;
import org.apache.cordova.CallbackContext;
import org.apache.cordova.CordovaPlugin;
import org.json.JSONArray;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: classes2.dex */
public class PinPatternAuth extends CordovaPlugin {
    private static final String ANDROID_KEY_STORE = "AndroidKeyStore";
    private static String IV = "iv";
    private static String TAG = "PinPatternAuth";
    private static final String TRANSFORMATION = "AES/GCM/NoPadding";
    private static String mClientId = "OBDXAPP";
    private static String mPrefName = "OBDX_PREF";
    private byte[] encryption;
    private Context mContext;

    private void decrypt(JSONObject jSONObject, CallbackContext callbackContext, String str) throws JSONException {
        JSONObject jSONObject2 = new JSONObject();
        String string = jSONObject.has("pin") ? jSONObject.getString("pin") : "";
        try {
            KeyStore keyStore = KeyStore.getInstance(ANDROID_KEY_STORE);
            keyStore.load(null);
            SecretKey secretKey = (SecretKey) keyStore.getKey(string, null);
            if (secretKey == null) {
                jSONObject2.put("error", "Invalid Pin");
                callbackContext.error(jSONObject2);
                return;
            }
            Cipher cipher = Cipher.getInstance(TRANSFORMATION);
            cipher.init(2, secretKey, new GCMParameterSpec(128, Base64.decode(getSharedPreferences().getString(IV, null), 0)));
            String string2 = getSharedPreferences().getString(mClientId + str, null);
            if (string2 != null) {
                jSONObject2.put("password", new String(cipher.doFinal(Base64.decode(string2, 2)), CharEncoding.UTF_8));
                callbackContext.success(jSONObject2);
            }
        } catch (Exception unused) {
            callbackContext.error("ERROR");
        }
    }

    private void deleteAll(CallbackContext callbackContext) {
        try {
            KeyStore keyStore = KeyStore.getInstance(ANDROID_KEY_STORE);
            keyStore.load(null);
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                keyStore.deleteEntry(aliases.nextElement());
            }
            SharedPreferences.Editor edit = getSharedPreferences().edit();
            edit.clear();
            edit.commit();
            callbackContext.success();
        } catch (Exception unused) {
            callbackContext.error("ERROR");
        }
    }

    private void encrypt(JSONObject jSONObject, CallbackContext callbackContext, String str) throws JSONException {
        JSONObject jSONObject2 = new JSONObject();
        String string = jSONObject.has("password") ? jSONObject.getString("password") : "";
        String string2 = jSONObject.has("pin") ? jSONObject.getString("pin") : "";
        try {
            KeyStore.getInstance(ANDROID_KEY_STORE).load(null);
            if (getSharedPreferences().getString(IV, null) == null) {
                byte[] bArr = new byte[12];
                new SecureRandom().nextBytes(bArr);
                getSharedPreferences().edit().putString(IV, Base64.encodeToString(bArr, 0)).apply();
            }
            SecretKey secretKey = getSecretKey(string2);
            if (secretKey == null) {
                callbackContext.error("ERROR");
                return;
            }
            Cipher cipher = Cipher.getInstance(TRANSFORMATION);
            cipher.init(1, secretKey, new GCMParameterSpec(128, Base64.decode(getSharedPreferences().getString(IV, null), 0)));
            byte[] doFinal = cipher.doFinal(string.getBytes(CharEncoding.UTF_8));
            this.encryption = doFinal;
            String encodeToString = Base64.encodeToString(doFinal, 2);
            SharedPreferences.Editor edit = getSharedPreferences().edit();
            edit.putString(mClientId + str, encodeToString);
            edit.apply();
            jSONObject2.put(KeySet.TOKEN, encodeToString);
            callbackContext.success(jSONObject2);
        } catch (Exception unused) {
            callbackContext.error("ERROR");
        }
    }

    private SecretKey getSecretKey(String str) {
        SecretKey secretKey;
        try {
            KeyStore keyStore = KeyStore.getInstance(ANDROID_KEY_STORE);
            keyStore.load(null);
            if (keyStore.containsAlias(str)) {
                secretKey = (SecretKey) keyStore.getKey(str, null);
            } else {
                KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", ANDROID_KEY_STORE);
                keyGenerator.init(new KeyGenParameterSpec.Builder(str, 3).setBlockModes(CodePackage.GCM).setEncryptionPaddings("NoPadding").setRandomizedEncryptionRequired(false).build());
                secretKey = keyGenerator.generateKey();
            }
            return secretKey;
        } catch (Exception unused) {
            return null;
        }
    }

    private SharedPreferences getSharedPreferences() {
        try {
            return EncryptedSharedPreferences.create(mPrefName, MasterKeys.getOrCreate(MasterKeys.AES256_GCM_SPEC), this.cordova.getContext(), EncryptedSharedPreferences.PrefKeyEncryptionScheme.AES256_SIV, EncryptedSharedPreferences.PrefValueEncryptionScheme.AES256_GCM);
        } catch (IOException | GeneralSecurityException unused) {
            return null;
        }
    }

    @Override // org.apache.cordova.CordovaPlugin
    public boolean execute(String str, JSONArray jSONArray, CallbackContext callbackContext) throws JSONException {
        this.mContext = this.cordova.getActivity().getApplicationContext();
        mClientId = this.cordova.getActivity().getApplicationContext().getPackageName();
        if (str.equals("encryptToken")) {
            encrypt(jSONArray.getJSONObject(0), callbackContext, "JWTToken");
            return true;
        }
        if (str.equals("encryptOwner")) {
            encrypt(jSONArray.getJSONObject(0), callbackContext, "DeviceOwner");
            return true;
        }
        if (str.equals("encryptSnapshot")) {
            encrypt(jSONArray.getJSONObject(0), callbackContext, "JWTSnapshotToken");
            return true;
        }
        if (str.equals("decryptToken")) {
            decrypt(jSONArray.getJSONObject(0), callbackContext, "JWTToken");
            return true;
        }
        if (str.equals("decryptOwner")) {
            decrypt(jSONArray.getJSONObject(0), callbackContext, "DeviceOwner");
            return true;
        }
        if (str.equals("decryptSnapshot")) {
            decrypt(jSONArray.getJSONObject(0), callbackContext, "JWTSnapshotToken");
            return true;
        }
        if (!str.equals("delete")) {
            return false;
        }
        deleteAll(callbackContext);
        return true;
    }
}
