package com.pingidentity.sdk.pingonewallet.storage.encrypted_storage;

import android.content.Context;
import android.content.SharedPreferences;
import android.os.Handler;
import android.util.Log;
import androidx.annotation.NonNull;
import androidx.biometric.BiometricManager;
import androidx.biometric.BiometricPrompt;
import androidx.core.content.ContextCompat;
import androidx.core.util.Consumer;
import androidx.fragment.app.FragmentActivity;
import androidx.security.crypto.EncryptedSharedPreferences;
import androidx.security.crypto.MasterKey;
import com.pingidentity.sdk.pingonewallet.R;
import com.pingidentity.sdk.pingonewallet.errors.BiometricException;
import com.pingidentity.sdk.pingonewallet.errors.WalletException;
import com.pingidentity.sdk.pingonewallet.storage.encrypted_storage.EncryptedStorageProviderImpl;
import com.pingidentity.sdk.pingonewallet.utils.BackgroundThreadHandler;
import h4.f;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableEntryException;
import java.security.cert.CertificateException;
import java.util.Objects;
import java.util.concurrent.Callable;

@f
/* loaded from: classes4.dex */
public class EncryptedStorageProviderImpl implements EncryptedStorageProvider {
    private static final int DEFAULT_AUTHENTICATION_VALIDITY_SECONDS = 3600;
    public static final String TAG = "com.pingidentity.sdk.pingonewallet.storage.encrypted_storage.EncryptedStorageProviderImpl";

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: com.pingidentity.sdk.pingonewallet.storage.encrypted_storage.EncryptedStorageProviderImpl$1, reason: invalid class name */
    /* loaded from: classes4.dex */
    public class AnonymousClass1 extends BiometricPrompt.AuthenticationCallback {
        final /* synthetic */ Consumer val$errorHandler;
        final /* synthetic */ Callable val$onAuthSuccess;
        final /* synthetic */ Consumer val$resultConsumer;

        AnonymousClass1(Consumer consumer, Consumer consumer2, Callable callable) {
            this.val$errorHandler = consumer;
            this.val$resultConsumer = consumer2;
            this.val$onAuthSuccess = callable;
        }

        /* JADX INFO: Access modifiers changed from: private */
        public static /* synthetic */ void lambda$onAuthenticationError$0(Consumer consumer, int i8, CharSequence charSequence) {
            consumer.accept(new Exception("Authentication Failed with code: " + i8 + ", error message: " + ((Object) charSequence)));
        }

        /* JADX INFO: Access modifiers changed from: private */
        public static /* synthetic */ void lambda$onAuthenticationSucceeded$1(Consumer consumer, Callable callable, Consumer consumer2) {
            try {
                consumer.accept(callable.call());
            } catch (Exception e8) {
                Log.e(EncryptedStorageProviderImpl.TAG, "Error executing Auth Success callable.", e8);
                consumer2.accept(new Exception("Failed to create encrypted storage.", e8));
            }
        }

        @Override // androidx.biometric.BiometricPrompt.AuthenticationCallback
        public void onAuthenticationError(final int i8, @NonNull final CharSequence charSequence) {
            super.onAuthenticationError(i8, charSequence);
            BackgroundThreadHandler singleBackgroundThreadHandler = BackgroundThreadHandler.singleBackgroundThreadHandler();
            final Consumer consumer = this.val$errorHandler;
            singleBackgroundThreadHandler.post(new Runnable() { // from class: com.pingidentity.sdk.pingonewallet.storage.encrypted_storage.d
                @Override // java.lang.Runnable
                public final void run() {
                    EncryptedStorageProviderImpl.AnonymousClass1.lambda$onAuthenticationError$0(Consumer.this, i8, charSequence);
                }
            });
        }

        @Override // androidx.biometric.BiometricPrompt.AuthenticationCallback
        public void onAuthenticationSucceeded(@NonNull BiometricPrompt.AuthenticationResult authenticationResult) {
            super.onAuthenticationSucceeded(authenticationResult);
            BackgroundThreadHandler singleBackgroundThreadHandler = BackgroundThreadHandler.singleBackgroundThreadHandler();
            final Consumer consumer = this.val$resultConsumer;
            final Callable callable = this.val$onAuthSuccess;
            final Consumer consumer2 = this.val$errorHandler;
            singleBackgroundThreadHandler.post(new Runnable() { // from class: com.pingidentity.sdk.pingonewallet.storage.encrypted_storage.c
                @Override // java.lang.Runnable
                public final void run() {
                    EncryptedStorageProviderImpl.AnonymousClass1.lambda$onAuthenticationSucceeded$1(Consumer.this, callable, consumer2);
                }
            });
        }
    }

    private SharedPreferences createEncryptedPreferences(Context context, @NonNull String str, int i8) throws GeneralSecurityException, IOException {
        MasterKey masterKey = CryptoUtil.getMasterKey(context, i8);
        Objects.requireNonNull(context);
        return EncryptedSharedPreferences.create(context, str, masterKey, EncryptedSharedPreferences.PrefKeyEncryptionScheme.AES256_SIV, EncryptedSharedPreferences.PrefValueEncryptionScheme.AES256_GCM);
    }

    private SharedPreferences createPreferences(@NonNull FragmentActivity fragmentActivity, @NonNull String str) {
        return fragmentActivity.getApplicationContext().getSharedPreferences(str, 0);
    }

    private <T> BiometricPrompt.AuthenticationCallback getAuthCallback(@NonNull Callable<T> callable, @NonNull Consumer<T> consumer, @NonNull Consumer<Throwable> consumer2) {
        return new AnonymousClass1(consumer2, consumer, callable);
    }

    private void getAuthenticatedPreferences(@NonNull final FragmentActivity fragmentActivity, @NonNull final String str, final int i8, @NonNull final Consumer<SharedPreferences> consumer, @NonNull final Consumer<Throwable> consumer2) {
        if (CryptoUtil.doesEncryptedSharedPreferencesExist(fragmentActivity, str)) {
            try {
                CryptoUtil.canRetrieveMasterKey(fragmentActivity);
            } catch (IOException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableEntryException | CertificateException e8) {
                consumer2.accept(e8);
                return;
            }
        }
        int authenticatorStatus = getAuthenticatorStatus(fragmentActivity.getApplicationContext());
        if (authenticatorStatus == 0) {
            new Handler(fragmentActivity.getMainLooper()).post(new Runnable() { // from class: com.pingidentity.sdk.pingonewallet.storage.encrypted_storage.a
                @Override // java.lang.Runnable
                public final void run() {
                    EncryptedStorageProviderImpl.this.lambda$getAuthenticatedPreferences$1(fragmentActivity, str, i8, consumer, consumer2);
                }
            });
            return;
        }
        consumer2.accept(new WalletException("Biometric Check Failed", new BiometricException("Strong/Weak Biometric authentication and/or Device password authentication is not available. Authenticator Status: " + getAuthenticatorStatus(authenticatorStatus))));
    }

    private int getAuthenticatorStatus(Context context) {
        Objects.requireNonNull(context);
        return BiometricManager.from(context).canAuthenticate(33023);
    }

    private String getAuthenticatorStatus(int i8) {
        if (i8 == -2) {
            return "BIOMETRIC_ERROR_UNSUPPORTED";
        }
        if (i8 == -1) {
            return "BIOMETRIC_STATUS_UNKNOWN";
        }
        if (i8 == 0) {
            return "BIOMETRIC_SUCCESS";
        }
        if (i8 == 1) {
            return "BIOMETRIC_ERROR_HW_UNAVAILABLE";
        }
        if (i8 == 11) {
            return "BIOMETRIC_ERROR_NONE_ENROLLED";
        }
        if (i8 == 12) {
            return "BIOMETRIC_ERROR_NO_HARDWARE";
        }
        if (i8 == 15) {
            return "BIOMETRIC_ERROR_SECURITY_UPDATE_REQUIRED";
        }
        return "Unknown value: " + i8;
    }

    private BiometricPrompt.PromptInfo getPromptInfo(@NonNull Context context) {
        return new BiometricPrompt.PromptInfo.Builder().setTitle(context.getString(R.string.auth_prompt_message)).setAllowedAuthenticators(33023).build();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public /* synthetic */ SharedPreferences lambda$getAuthenticatedPreferences$0(FragmentActivity fragmentActivity, String str, int i8) throws Exception {
        return createEncryptedPreferences(fragmentActivity.getApplicationContext(), str, i8);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public /* synthetic */ void lambda$getAuthenticatedPreferences$1(final FragmentActivity fragmentActivity, final String str, final int i8, Consumer consumer, Consumer consumer2) {
        new BiometricPrompt(fragmentActivity, ContextCompat.getMainExecutor(fragmentActivity), getAuthCallback(new Callable() { // from class: com.pingidentity.sdk.pingonewallet.storage.encrypted_storage.b
            @Override // java.util.concurrent.Callable
            public final Object call() {
                SharedPreferences lambda$getAuthenticatedPreferences$0;
                lambda$getAuthenticatedPreferences$0 = EncryptedStorageProviderImpl.this.lambda$getAuthenticatedPreferences$0(fragmentActivity, str, i8);
                return lambda$getAuthenticatedPreferences$0;
            }
        }, consumer, consumer2)).authenticate(getPromptInfo(fragmentActivity.getApplicationContext()));
    }

    @Override // com.pingidentity.sdk.pingonewallet.storage.encrypted_storage.EncryptedStorageProvider
    public void getAuthenticatedPreferences(@NonNull FragmentActivity fragmentActivity, @NonNull String str, @NonNull Consumer<SharedPreferences> consumer, @NonNull Consumer<Throwable> consumer2) {
        getAuthenticatedPreferences(fragmentActivity, str, DEFAULT_AUTHENTICATION_VALIDITY_SECONDS, consumer, consumer2);
    }

    @Override // com.pingidentity.sdk.pingonewallet.storage.encrypted_storage.EncryptedStorageProvider
    public void getPreferences(@NonNull FragmentActivity fragmentActivity, @NonNull String str, @NonNull Consumer<SharedPreferences> consumer) {
        consumer.accept(createPreferences(fragmentActivity, str));
    }
}
