package defpackage;

import android.annotation.SuppressLint;
import android.annotation.TargetApi;
import android.content.Context;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.security.keystore.KeyPermanentlyInvalidatedException;
import com.texode.secureapp.data.crypt.CryptoException;
import com.texode.secureapp.data.models.exceptions.InvalidPinException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.MGF1ParameterSpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.ArrayList;
import java.util.Calendar;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.List;
import java.util.Objects;
import java.util.Random;
import java.util.concurrent.Callable;
import javax.crypto.Cipher;
import javax.crypto.spec.OAEPParameterSpec;
import javax.crypto.spec.PSource;
import javax.security.auth.x500.X500Principal;
import org.spongycastle.pqc.jcajce.spec.McElieceCCA2KeyGenParameterSpec;

/* loaded from: classes2.dex */
public class wv implements qv {
    private final Context a;
    private final yj3 b;
    private final f50 c;
    private final lf<xv> d;
    private String e;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes2.dex */
    public interface a {
        public static final List<String> a = gz1.a("xiaomi");
    }

    public wv(Context context, yj3 yj3Var, f50 f50Var) {
        lf<xv> z0 = lf.z0();
        this.d = z0;
        this.a = context;
        this.b = yj3Var;
        this.c = f50Var;
        try {
            String B = B(null);
            this.e = B;
            z0.d(G(B));
        } catch (Exception unused) {
            this.d.d(new xv(null, null, null));
        }
    }

    private boolean A(String str) {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            String B = B(str);
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                if (aliases.nextElement().equals(B)) {
                    return true;
                }
            }
            return false;
        } catch (Exception e) {
            e.printStackTrace();
            return false;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static /* synthetic */ Boolean C(xv xvVar) throws Throwable {
        return Boolean.valueOf(xvVar.a() == null);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static /* synthetic */ Boolean D(xv xvVar) throws Throwable {
        return Boolean.valueOf(xvVar.a() == null || xvVar.c() != rx1.UNLOCKED);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public /* synthetic */ Object E(String str) throws Exception {
        if (str == null) {
            this.b.c(null);
            return null;
        }
        String B = B(str);
        this.b.c(B);
        return B;
    }

    private xv G(String str) throws InvalidPinException, CryptoException {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            Certificate certificate = keyStore.getCertificate(str);
            if (certificate == null) {
                throw new InvalidPinException();
            }
            KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry(str, null);
            if (privateKeyEntry != null) {
                return z(certificate.getPublicKey(), privateKeyEntry.getPrivateKey(), str.equals("default") ? rx1.UNLOCKED : rx1.PIN);
            }
            throw new InvalidPinException();
        } catch (Exception e) {
            if (e instanceof InvalidPinException) {
                throw ((InvalidPinException) e);
            }
            throw new CryptoException(null, e);
        }
    }

    private String H() {
        String b = this.b.b();
        return b == null ? "default" : b;
    }

    private void I(String str) {
        this.b.d(str);
    }

    private boolean J() {
        for (String str : a.a) {
            if (dx3.a(Build.MANUFACTURER, str) || dx3.a(Build.BRAND, str)) {
                return false;
            }
        }
        return true;
    }

    @SuppressLint({"NewApi"})
    @TargetApi(19)
    private void w(boolean z) throws CryptoException {
        AlgorithmParameterSpec build;
        try {
            if (J()) {
                build = new KeyGenParameterSpec.Builder("fingerprint", 3).setDigests(McElieceCCA2KeyGenParameterSpec.SHA256, McElieceCCA2KeyGenParameterSpec.SHA512).setEncryptionPaddings("OAEPPadding").setUserAuthenticationRequired(z).setInvalidatedByBiometricEnrollment(false).build();
            } else {
                Calendar calendar = Calendar.getInstance();
                Calendar calendar2 = Calendar.getInstance();
                calendar2.add(1, 25);
                build = new KeyPairGeneratorSpec.Builder(this.a).setAlias("fingerprint").setSubject(new X500Principal("CN=SecureCard, O=Texode Technologies LLC")).setSerialNumber(new BigInteger(1024, new Random())).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build();
            }
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
            keyPairGenerator.initialize(build);
            keyPairGenerator.generateKeyPair();
        } catch (Exception e) {
            throw new CryptoException(null, e);
        }
    }

    private xv x(String str, String str2) throws CryptoException {
        try {
            X500Principal x500Principal = new X500Principal("CN=SecureCard, O=Texode Technologies LLC");
            BigInteger bigInteger = new BigInteger(1024, new Random());
            Calendar calendar = Calendar.getInstance();
            Calendar.getInstance().add(1, 25);
            KeyGenParameterSpec build = new KeyGenParameterSpec.Builder(str, 3).setCertificateSubject(x500Principal).setCertificateSerialNumber(bigInteger).setCertificateNotBefore(calendar.getTime()).setCertificateNotAfter(calendar.getTime()).setEncryptionPaddings("PKCS1Padding").setBlockModes("ECB").build();
            ArrayList arrayList = new ArrayList();
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                if (nextElement.startsWith("pin_") || "default".equals(nextElement)) {
                    if (!str.equals(nextElement)) {
                        arrayList.add(nextElement);
                    }
                }
            }
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
            keyPairGenerator.initialize(build);
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            Iterator it = arrayList.iterator();
            while (it.hasNext()) {
                keyStore.deleteEntry((String) it.next());
            }
            return z(generateKeyPair.getPublic(), generateKeyPair.getPrivate(), str2 == null ? rx1.UNLOCKED : rx1.PIN);
        } catch (Exception e) {
            throw new CryptoException(null, e);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* renamed from: y, reason: merged with bridge method [inline-methods] */
    public String B(String str) {
        if (str == null) {
            return "default";
        }
        try {
            MessageDigest messageDigest = MessageDigest.getInstance(McElieceCCA2KeyGenParameterSpec.SHA256);
            messageDigest.update(str.getBytes(ev.b));
            return "pin_" + this.c.c(messageDigest.digest());
        } catch (NoSuchAlgorithmException e) {
            throw new CryptoException(e);
        }
    }

    private xv z(Key key, Key key2, rx1 rx1Var) throws GeneralSecurityException {
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
        cipher.init(1, key);
        Cipher cipher2 = Cipher.getInstance("RSA/ECB/PKCS1Padding");
        cipher2.init(2, key2);
        return new xv(cipher, cipher2, rx1Var);
    }

    public Cipher F(boolean z) throws InvalidPinException {
        xv G = G(H());
        return z ? G.b() : G.a();
    }

    @Override // defpackage.qv
    public as3<String> a() {
        final yj3 yj3Var = this.b;
        Objects.requireNonNull(yj3Var);
        return as3.o(new Callable() { // from class: vv
            @Override // java.util.concurrent.Callable
            public final Object call() {
                return yj3.this.a();
            }
        });
    }

    @Override // defpackage.qv
    public bz b(final String str) {
        return bz.p(new Callable() { // from class: uv
            @Override // java.util.concurrent.Callable
            public final Object call() {
                Object E;
                E = wv.this.E(str);
                return E;
            }
        });
    }

    @Override // defpackage.qv
    public void c() throws Exception {
        String B = B(null);
        xv x = x(B, null);
        this.e = B;
        I(B);
        this.d.d(x);
        I(null);
    }

    @Override // defpackage.qv
    public nd1<Boolean> d() {
        return this.d.v0(pd.LATEST).C(new xh1() { // from class: rv
            @Override // defpackage.xh1
            public final Object apply(Object obj) {
                Boolean C;
                C = wv.C((xv) obj);
                return C;
            }
        });
    }

    @Override // defpackage.qv
    @TargetApi(19)
    public Cipher e() {
        KeyStore keyStore;
        try {
            keyStore = KeyStore.getInstance("AndroidKeyStore");
            try {
                keyStore.load(null);
                PrivateKey privateKey = (PrivateKey) keyStore.getKey("fingerprint", null);
                if (privateKey == null) {
                    throw new CryptoException("Can't get fingerprint private key", null);
                }
                Cipher cipher = J() ? Cipher.getInstance("RSA/ECB/OAEPWithSHA-256AndMGF1Padding") : Cipher.getInstance("RSA/ECB/PKCS1Padding");
                cipher.init(2, privateKey);
                return cipher;
            } catch (Exception unused) {
                if (keyStore != null) {
                    try {
                        keyStore.deleteEntry("fingerprint");
                    } catch (Exception unused2) {
                    }
                }
                return null;
            }
        } catch (Exception unused3) {
            keyStore = null;
        }
    }

    @Override // defpackage.qv
    public boolean f(String str) {
        return A(str);
    }

    @Override // defpackage.qv
    public nd1<Boolean> g() {
        return this.d.v0(pd.LATEST).C(new xh1() { // from class: sv
            @Override // defpackage.xh1
            public final Object apply(Object obj) {
                Boolean D;
                D = wv.D((xv) obj);
                return D;
            }
        });
    }

    @Override // defpackage.qv
    public void h(String str) throws CryptoException, InvalidPinException {
        String B = B(str);
        xv G = G(B);
        this.e = B;
        I(B);
        this.d.d(G);
    }

    @Override // defpackage.qv
    public as3<String> i(final String str) {
        return as3.o(new Callable() { // from class: tv
            @Override // java.util.concurrent.Callable
            public final Object call() {
                String B;
                B = wv.this.B(str);
                return B;
            }
        });
    }

    @Override // defpackage.qv
    public boolean j() {
        xv B0 = this.d.B0();
        return B0.a() == null || B0.c() != rx1.UNLOCKED;
    }

    @Override // defpackage.qv
    public void lock() {
        xv B0 = this.d.B0();
        if (B0 == null || B0.c() == rx1.UNLOCKED || B0.c() == null) {
            return;
        }
        this.d.d(new xv(null, null, null));
    }

    @Override // defpackage.qv
    public boolean n() {
        xv B0 = this.d.B0();
        return B0 == null || B0.a() == null || B0.c() != rx1.UNLOCKED;
    }

    @Override // defpackage.qv
    public void o(tg3<Cipher> tg3Var) throws Exception {
        String B = B(null);
        xv x = x(B, null);
        this.e = B;
        I(B);
        tg3Var.a(x.b());
        this.d.d(x);
    }

    @Override // defpackage.qv
    public boolean p(ah3<Cipher, Boolean> ah3Var) {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            String str = null;
            keyStore.load(null);
            Enumeration<String> aliases = keyStore.aliases();
            while (true) {
                if (!aliases.hasMoreElements()) {
                    break;
                }
                String nextElement = aliases.nextElement();
                if (nextElement.startsWith("pin_")) {
                    str = nextElement;
                    break;
                }
            }
            if (str != null) {
                return ah3Var.a(G(str).a()).booleanValue();
            }
            throw new IllegalStateException("Can't find key alias for current pin");
        } catch (Exception e) {
            e.printStackTrace();
            return false;
        }
    }

    @Override // defpackage.qv
    public void q(String str, String str2, tg3<Cipher> tg3Var) throws Exception {
        xv B0 = this.d.B0();
        if (B0 == null) {
            return;
        }
        if (B0.a() == null) {
            throw new IllegalStateException("Can't change PIN in Locked state");
        }
        if (str != null) {
            if (B0.c() == rx1.UNLOCKED) {
                throw new IllegalStateException("PinLock is not active. Changing/deactivating not allowed");
            }
            if (!A(str)) {
                throw new IllegalStateException("Old PIN is not valid");
            }
        } else if (B0.c() != rx1.UNLOCKED) {
            throw new IllegalStateException("PIN already exists. Creating not allowed");
        }
        String B = B(str2);
        xv x = x(B, str2);
        this.e = B;
        I(B);
        tg3Var.a(x.b());
        this.d.d(x);
    }

    @Override // defpackage.qv
    public void r(Cipher cipher, byte[] bArr) throws CryptoException, InvalidPinException {
        try {
            String str = new String(cipher.doFinal(bArr), ev.b);
            this.e = str;
            I(str);
            this.d.d(G(this.e));
        } catch (Exception e) {
            throw new CryptoException(null, e);
        }
    }

    @Override // defpackage.qv
    public void s() throws CryptoException {
        this.d.d(x(B(null), null));
    }

    @Override // defpackage.qv
    public Cipher t(boolean z) {
        return F(z);
    }

    @Override // defpackage.qv
    @SuppressLint({"NewApi"})
    @TargetApi(19)
    public byte[] u(boolean z, boolean z2) throws CryptoException {
        String str;
        Cipher cipher;
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            w(z);
            if (e() == null) {
                throw new InvalidPinException();
            }
            Enumeration<String> aliases = keyStore.aliases();
            while (true) {
                if (!aliases.hasMoreElements()) {
                    str = null;
                    break;
                }
                str = aliases.nextElement();
                if (str.startsWith("pin_")) {
                    break;
                }
            }
            if (str == null) {
                throw new IllegalStateException("Can't find key alias for current pin");
            }
            if (J()) {
                Certificate certificate = keyStore.getCertificate("fingerprint");
                if (certificate == null) {
                    throw new KeyPermanentlyInvalidatedException("Fingerprint key not found");
                }
                PublicKey publicKey = certificate.getPublicKey();
                PublicKey generatePublic = KeyFactory.getInstance(publicKey.getAlgorithm()).generatePublic(new X509EncodedKeySpec(publicKey.getEncoded()));
                OAEPParameterSpec oAEPParameterSpec = new OAEPParameterSpec(McElieceCCA2KeyGenParameterSpec.SHA256, "MGF1", MGF1ParameterSpec.SHA1, PSource.PSpecified.DEFAULT);
                cipher = Cipher.getInstance("RSA/ECB/OAEPWithSHA-256AndMGF1Padding");
                cipher.init(1, generatePublic, oAEPParameterSpec);
            } else {
                Certificate certificate2 = keyStore.getCertificate("fingerprint");
                if (certificate2 == null) {
                    throw new InvalidPinException();
                }
                cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
                cipher.init(1, certificate2.getPublicKey());
            }
            this.e = str;
            I(str);
            return cipher.doFinal(str.getBytes(ev.b));
        } catch (Exception e) {
            if (z2 || !((e instanceof KeyPermanentlyInvalidatedException) || (e instanceof InvalidPinException))) {
                throw new CryptoException(null, e);
            }
            w(z);
            return u(z, true);
        }
    }
}
