package com.epicshaggy.biometric;

import android.annotation.SuppressLint;
import android.app.KeyguardManager;
import android.content.Intent;
import android.content.SharedPreferences;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.security.keystore.StrongBoxUnavailableException;
import android.util.Base64;
import androidx.biometric.dW;
import com.google.firebase.crashlytics.BuildConfig;
import defpackage.InterfaceC0138_$;
import defpackage.ga;
import defpackage.ik0;
import defpackage.jk0;
import defpackage.qk0;
import defpackage.r60;
import defpackage.true_;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.Key;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.util.ArrayList;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.KeyGenerator;
import javax.crypto.spec.GCMParameterSpec;
import javax.crypto.spec.SecretKeySpec;

@ga(name = "NativeBiometric")
/* loaded from: classes.dex */
public class NativeBiometric extends ik0 {
    private static final String AES_MODE = "AES/ECB/PKCS7Padding";
    private static final String ANDROID_KEY_STORE = "AndroidKeyStore";
    private static final String ENCRYPTED_KEY = "NativeBiometricKey";
    private static final int FACE_AUTHENTICATION = 4;
    private static final int FINGERPRINT = 3;
    private static final byte[] FIXED_IV = new byte[12];
    private static final int IRIS_AUTHENTICATION = 5;
    private static final int MULTIPLE = 6;
    private static final String NATIVE_BIOMETRIC_SHARED_PREFERENCES = "NativeBiometricSharedPreferences";
    private static final int NONE = 0;
    private static final String RSA_MODE = "RSA/ECB/PKCS1Padding";
    private static final String TRANSFORMATION = "AES/GCM/NoPadding";
    private SharedPreferences encryptedSharedPreferences;
    private KeyStore keyStore;

    private String decryptString(String str, String str2) {
        byte[] decode = Base64.decode(str, 0);
        Cipher cipher = Cipher.getInstance(TRANSFORMATION);
        cipher.init(2, getKey(str2), new GCMParameterSpec(128, FIXED_IV));
        return new String(cipher.doFinal(decode), "UTF-8");
    }

    private boolean deviceHasCredentials() {
        return ((KeyguardManager) getActivity().getSystemService("keyguard")).isDeviceSecure();
    }

    private String encryptString(String str, String str2) {
        Cipher cipher = Cipher.getInstance(TRANSFORMATION);
        cipher.init(1, getKey(str2), new GCMParameterSpec(128, FIXED_IV));
        return Base64.encodeToString(cipher.doFinal(str.getBytes("UTF-8")), 0);
    }

    @SuppressLint({"NewAPI"})
    private Key generateKey(String str) {
        try {
            return generateKey(str, true);
        } catch (StrongBoxUnavailableException unused) {
            return generateKey(str, false);
        }
    }

    private Key generateKey(String str, boolean z) {
        int i = Build.VERSION.SDK_INT;
        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", ANDROID_KEY_STORE);
        KeyGenParameterSpec.Builder randomizedEncryptionRequired = new KeyGenParameterSpec.Builder(str, 3).setBlockModes("GCM").setEncryptionPaddings("NoPadding").setRandomizedEncryptionRequired(false);
        if (i >= 28) {
            randomizedEncryptionRequired.setUnlockedDeviceRequired(true);
            randomizedEncryptionRequired.setIsStrongBoxBacked(z);
        }
        keyGenerator.init(randomizedEncryptionRequired.build());
        return keyGenerator.generateKey();
    }

    private Key getAESKey(String str) {
        SharedPreferences sharedPreferences = getContext().getSharedPreferences(BuildConfig.FLAVOR, 0);
        String string = sharedPreferences.getString(ENCRYPTED_KEY, null);
        if (string != null) {
            return new SecretKeySpec(rsaDecrypt(Base64.decode(string, 0), str), "AES");
        }
        byte[] bArr = new byte[16];
        new SecureRandom().nextBytes(bArr);
        String encodeToString = Base64.encodeToString(rsaEncrypt(bArr, str), 0);
        SharedPreferences.Editor edit = sharedPreferences.edit();
        edit.putString(ENCRYPTED_KEY, encodeToString);
        edit.apply();
        return new SecretKeySpec(bArr, "AES");
    }

    private int getAvailableFeature() {
        int i = getContext().getPackageManager().hasSystemFeature("android.hardware.fingerprint") ? 3 : 0;
        if (getContext().getPackageManager().hasSystemFeature("android.hardware.biometrics.face")) {
            if (i != 0) {
                return 6;
            }
            i = 4;
        }
        return getContext().getPackageManager().hasSystemFeature("android.hardware.biometrics.iris") ? i != 0 ? 6 : 5 : i;
    }

    private Key getKey(String str) {
        KeyStore.SecretKeyEntry secretKeyEntry = (KeyStore.SecretKeyEntry) getKeyStore().getEntry(str, null);
        return secretKeyEntry != null ? secretKeyEntry.getSecretKey() : generateKey(str);
    }

    private KeyStore getKeyStore() {
        if (this.keyStore == null) {
            KeyStore keyStore = KeyStore.getInstance(ANDROID_KEY_STORE);
            this.keyStore = keyStore;
            keyStore.load(null);
        }
        return this.keyStore;
    }

    private KeyStore.PrivateKeyEntry getPrivateKeyEntry(String str) {
        KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) getKeyStore().getEntry(str, null);
        if (privateKeyEntry == null) {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", ANDROID_KEY_STORE);
            keyPairGenerator.initialize(new KeyPairGeneratorSpec.Builder(getContext()).setAlias(str).build());
            keyPairGenerator.generateKeyPair();
        }
        return privateKeyEntry;
    }

    private byte[] rsaDecrypt(byte[] bArr, String str) {
        KeyStore.PrivateKeyEntry privateKeyEntry = getPrivateKeyEntry(str);
        Cipher cipher = Cipher.getInstance(RSA_MODE, "AndroidOpenSSL");
        cipher.init(2, privateKeyEntry.getPrivateKey());
        CipherInputStream cipherInputStream = new CipherInputStream(new ByteArrayInputStream(bArr), cipher);
        ArrayList arrayList = new ArrayList();
        while (true) {
            int read = cipherInputStream.read();
            if (read == -1) {
                break;
            }
            arrayList.add(Byte.valueOf((byte) read));
        }
        int size = arrayList.size();
        byte[] bArr2 = new byte[size];
        for (int i = 0; i < size; i++) {
            bArr2[i] = ((Byte) arrayList.get(i)).byteValue();
        }
        return bArr2;
    }

    private byte[] rsaEncrypt(byte[] bArr, String str) {
        KeyStore.PrivateKeyEntry privateKeyEntry = getPrivateKeyEntry(str);
        Cipher cipher = Cipher.getInstance(RSA_MODE, "AndroidOpenSSL");
        cipher.init(1, privateKeyEntry.getCertificate().getPublicKey());
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, cipher);
        cipherOutputStream.write(bArr);
        cipherOutputStream.close();
        return byteArrayOutputStream.toByteArray();
    }

    @InterfaceC0138_$
    private void verifyResult(jk0 jk0Var, true_ true_Var) {
        char c = 65535;
        if (true_Var.bY() != -1) {
            jk0Var.uF("Something went wrong.");
            return;
        }
        Intent aZ = true_Var.aZ();
        if (aZ == null || !aZ.hasExtra("result")) {
            return;
        }
        String stringExtra = aZ.getStringExtra("result");
        stringExtra.hashCode();
        switch (stringExtra.hashCode()) {
            case -1867169789:
                if (stringExtra.equals("success")) {
                    c = 0;
                    break;
                }
                break;
            case -1281977283:
                if (stringExtra.equals("failed")) {
                    c = 1;
                    break;
                }
                break;
            case 96784904:
                if (stringExtra.equals("error")) {
                    c = 2;
                    break;
                }
                break;
        }
        switch (c) {
            case 0:
                jk0Var.m1213();
                return;
            case 1:
            case 2:
                jk0Var.wD(aZ.getStringExtra("errorDetails"), aZ.getStringExtra("errorCode"));
                return;
            default:
                jk0Var.uF("Something went wrong.");
                return;
        }
    }

    @qk0
    public void deleteCredentials(jk0 jk0Var) {
        String rI = jk0Var.rI("server", null);
        if (rI == null) {
            jk0Var.uF("No server name was provided");
            return;
        }
        try {
            getKeyStore().deleteEntry(rI);
            SharedPreferences.Editor edit = getContext().getSharedPreferences(NATIVE_BIOMETRIC_SHARED_PREFERENCES, 0).edit();
            edit.clear();
            edit.apply();
            jk0Var.m1213();
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            jk0Var.vE("Failed to delete", e);
        }
    }

    @qk0
    public void getCredentials(jk0 jk0Var) {
        String rI = jk0Var.rI("server", null);
        SharedPreferences sharedPreferences = getContext().getSharedPreferences(NATIVE_BIOMETRIC_SHARED_PREFERENCES, 0);
        String string = sharedPreferences.getString(rI + "-username", null);
        String string2 = sharedPreferences.getString(rI + "-password", null);
        if (rI == null) {
            jk0Var.uF("No server name was provided");
            return;
        }
        if (string == null || string2 == null) {
            jk0Var.uF("No credentials found");
            return;
        }
        try {
            r60 r60Var = new r60();
            r60Var.mN("username", decryptString(string, rI));
            r60Var.mN("password", decryptString(string2, rI));
            jk0Var.m1214(r60Var);
        } catch (IOException | GeneralSecurityException unused) {
            jk0Var.uF("Failed to get credentials");
        }
    }

    @qk0
    public void isAvailable(jk0 jk0Var) {
        r60 r60Var = new r60();
        boolean equals = Boolean.TRUE.equals(jk0Var.eV("useFallback", Boolean.FALSE));
        int aZ = dW.hS(getContext()).aZ();
        boolean z = equals && deviceHasCredentials();
        if (equals && !z) {
            aZ = 14;
        }
        boolean z2 = aZ == 0 || z;
        r60Var.put("isAvailable", z2);
        if (!z2) {
            r60Var.put("errorCode", AuthActivity.do_$(aZ));
        }
        r60Var.put("biometryType", getAvailableFeature());
        jk0Var.m1214(r60Var);
    }

    @qk0
    public void setCredentials(jk0 jk0Var) {
        String rI = jk0Var.rI("username", null);
        String rI2 = jk0Var.rI("password", null);
        String rI3 = jk0Var.rI("server", null);
        if (rI == null || rI2 == null || rI3 == null) {
            jk0Var.uF("Missing properties");
            return;
        }
        try {
            SharedPreferences.Editor edit = getContext().getSharedPreferences(NATIVE_BIOMETRIC_SHARED_PREFERENCES, 0).edit();
            edit.putString(rI3 + "-username", encryptString(rI, rI3));
            edit.putString(rI3 + "-password", encryptString(rI2, rI3));
            edit.apply();
            jk0Var.m1213();
        } catch (IOException | GeneralSecurityException e) {
            jk0Var.vE("Failed to save credentials", e);
            e.printStackTrace();
        }
    }

    @qk0
    public void verifyIdentity(jk0 jk0Var) {
        Intent intent = new Intent(getContext(), (Class<?>) AuthActivity.class);
        intent.putExtra("title", jk0Var.rI("title", "Authenticate"));
        if (jk0Var.sH("subtitle")) {
            intent.putExtra("subtitle", jk0Var.qJ("subtitle"));
        }
        if (jk0Var.sH("description")) {
            intent.putExtra("description", jk0Var.qJ("description"));
        }
        if (jk0Var.sH("negativeButtonText")) {
            intent.putExtra("negativeButtonText", jk0Var.qJ("negativeButtonText"));
        }
        if (jk0Var.sH("maxAttempts")) {
            intent.putExtra("maxAttempts", jk0Var.lO("maxAttempts"));
        }
        boolean equals = Boolean.TRUE.equals(jk0Var.eV("useFallback", Boolean.FALSE));
        if (equals) {
            equals = deviceHasCredentials();
        }
        intent.putExtra("useFallback", equals);
        startActivityForResult(jk0Var, intent, "verifyResult");
    }
}
