package com.netgear.commonaccount.util.FingerprintDialog;

import android.annotation.SuppressLint;
import android.annotation.TargetApi;
import android.app.KeyguardManager;
import android.content.Context;
import android.hardware.fingerprint.FingerprintManager;
import android.os.Build;
import android.security.KeyChain;
import android.security.keystore.KeyGenParameterSpec;
import android.security.keystore.KeyInfo;
import android.util.Base64;
import androidx.core.hardware.fingerprint.FingerprintManagerCompat;
import com.clarisite.mobile.e.m;
import com.netgear.commonaccount.singleton.PreferenceManager;
import com.netgear.commonaccount.util.Util;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.UnrecoverableEntryException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.InvalidParameterSpecException;
import java.util.GregorianCalendar;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import org.jose4j.keys.AesKey;

/* loaded from: classes3.dex */
public class FingerprintModule {
    private static final String KEY_NAME = "com.netgear.password.key";
    private static final String TAG = "FingerprintModule";
    private final Context mContext;
    private Cipher mDecryptCipher;
    private Cipher mEncryptCipher;
    private PreferenceManager mSharedPreferences;
    private PasswordStorageImpl passwordStorage = null;
    private KeyStore mKeyStore = providesKeystore();
    private KeyGenerator mKeyGenerator = providesKeyGenerator();

    /* loaded from: classes3.dex */
    private static class PasswordStorageHelper_SDK16 implements PasswordStorageImpl {
        PreferenceManager mSharedPreferences;

        public PasswordStorageHelper_SDK16(PreferenceManager preferenceManager) {
            this.mSharedPreferences = preferenceManager;
        }

        @Override // com.netgear.commonaccount.util.FingerprintDialog.FingerprintModule.PasswordStorageImpl
        public String getData() {
            String keyPassword = this.mSharedPreferences.getKeyPassword();
            if (keyPassword == null) {
                return null;
            }
            return new String(Base64.decode(keyPassword, 0));
        }

        @Override // com.netgear.commonaccount.util.FingerprintDialog.FingerprintModule.PasswordStorageImpl
        public boolean init(Context context) {
            return true;
        }

        @Override // com.netgear.commonaccount.util.FingerprintDialog.FingerprintModule.PasswordStorageImpl
        public void setData(String str) {
            if (str == null) {
                return;
            }
            this.mSharedPreferences.setKeyPassword(Base64.encodeToString(str.getBytes(), 0));
        }
    }

    /* loaded from: classes3.dex */
    private static class PasswordStorageHelper_SDK18 implements PasswordStorageImpl {
        private static final String KEYSTORE_PROVIDER_ANDROID_KEYSTORE = "AndroidKeyStore";
        private static final String KEY_ALGORITHM_RSA = "RSA";
        private static final String RSA_ECB_PKCS1_PADDING = "RSA/ECB/PKCS1Padding";
        private String KEY_NAME = FingerprintModule.KEY_NAME;
        private PreferenceManager mSharedPreferences;

        public PasswordStorageHelper_SDK18(PreferenceManager preferenceManager) {
            this.mSharedPreferences = preferenceManager;
        }

        private static byte[] decrypt(PrivateKey privateKey, String str) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException, NoSuchProviderException {
            if (str == null) {
                return null;
            }
            byte[] decode = Base64.decode(str, 0);
            Cipher cipher = Cipher.getInstance(RSA_ECB_PKCS1_PADDING);
            cipher.init(2, privateKey);
            return cipher.doFinal(decode);
        }

        @SuppressLint({"TrulyRandom"})
        private static String encrypt(PublicKey publicKey, byte[] bArr) throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, IllegalBlockSizeException, BadPaddingException, NoSuchProviderException, InvalidKeySpecException {
            Cipher cipher = Cipher.getInstance(RSA_ECB_PKCS1_PADDING);
            cipher.init(1, publicKey);
            return Base64.encodeToString(cipher.doFinal(bArr), 0);
        }

        @Override // com.netgear.commonaccount.util.FingerprintDialog.FingerprintModule.PasswordStorageImpl
        public String getData() {
            KeyStore keyStore;
            try {
                keyStore = KeyStore.getInstance(KEYSTORE_PROVIDER_ANDROID_KEYSTORE);
                try {
                    keyStore.load(null);
                    return new String(decrypt((PrivateKey) keyStore.getKey(this.KEY_NAME, null), this.mSharedPreferences.getKeyPassword()));
                } catch (IOException | InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | UnrecoverableEntryException | CertificateException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException unused) {
                    if (keyStore != null) {
                        try {
                            keyStore.deleteEntry(this.KEY_NAME);
                        } catch (Exception unused2) {
                        }
                    }
                    return null;
                }
            } catch (IOException | InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | UnrecoverableEntryException | CertificateException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException unused3) {
                keyStore = null;
            }
        }

        @Override // com.netgear.commonaccount.util.FingerprintDialog.FingerprintModule.PasswordStorageImpl
        @SuppressLint({"NewApi", "TrulyRandom"})
        public boolean init(Context context) {
            this.KEY_NAME = FingerprintModule.KEY_NAME;
            try {
                KeyStore keyStore = KeyStore.getInstance(KEYSTORE_PROVIDER_ANDROID_KEYSTORE);
                keyStore.load(null);
                if (((PrivateKey) keyStore.getKey(this.KEY_NAME, null)) != null && keyStore.getCertificate(this.KEY_NAME) != null) {
                    if (keyStore.getCertificate(this.KEY_NAME).getPublicKey() != null) {
                        return true;
                    }
                }
                new GregorianCalendar();
                new GregorianCalendar().add(1, 10);
                KeyGenParameterSpec build = new KeyGenParameterSpec.Builder(this.KEY_NAME, 2).setDigests("SHA-256", "SHA-512").setEncryptionPaddings(m.m).build();
                try {
                    try {
                        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", KEYSTORE_PROVIDER_ANDROID_KEYSTORE);
                        keyPairGenerator.initialize(build);
                        keyPairGenerator.generateKeyPair();
                    } catch (InvalidAlgorithmParameterException | NoSuchAlgorithmException | NoSuchProviderException unused) {
                        keyStore.deleteEntry(this.KEY_NAME);
                    }
                } catch (Exception unused2) {
                }
                try {
                    PrivateKey privateKey = (PrivateKey) keyStore.getKey(this.KEY_NAME, null);
                    KeyChain.isBoundKeyAlgorithm("RSA");
                    boolean isInsideSecureHardware = ((KeyInfo) KeyFactory.getInstance(privateKey.getAlgorithm(), KEYSTORE_PROVIDER_ANDROID_KEYSTORE).getKeySpec(privateKey, KeyInfo.class)).isInsideSecureHardware();
                    Util.showLog(FingerprintModule.TAG, "Hardware-Backed Keystore Supported: " + isInsideSecureHardware);
                } catch (KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | UnrecoverableKeyException | InvalidKeySpecException unused3) {
                }
                return true;
            } catch (Exception unused4) {
                return false;
            }
        }

        @Override // com.netgear.commonaccount.util.FingerprintDialog.FingerprintModule.PasswordStorageImpl
        public void setData(String str) {
            KeyStore keyStore = null;
            try {
                KeyStore keyStore2 = KeyStore.getInstance(KEYSTORE_PROVIDER_ANDROID_KEYSTORE);
                try {
                    keyStore2.load(null);
                    if (keyStore2.getCertificate(this.KEY_NAME) == null) {
                        return;
                    }
                    PublicKey publicKey = keyStore2.getCertificate(this.KEY_NAME).getPublicKey();
                    if (publicKey == null) {
                        Util.showLog(FingerprintModule.TAG, "Error: Public key was not found in Keystore");
                    } else {
                        this.mSharedPreferences.setKeyPassword(encrypt(publicKey, str.getBytes()));
                    }
                } catch (IOException | InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | CertificateException | InvalidKeySpecException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException unused) {
                    keyStore = keyStore2;
                    if (keyStore != null) {
                        try {
                            keyStore.deleteEntry(this.KEY_NAME);
                        } catch (Exception unused2) {
                        }
                    }
                }
            } catch (IOException | InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | CertificateException | InvalidKeySpecException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException unused3) {
            }
        }
    }

    /* loaded from: classes3.dex */
    private interface PasswordStorageImpl {
        String getData();

        boolean init(Context context);

        void setData(String str);
    }

    public FingerprintModule(Context context) {
        this.mContext = context;
        this.mSharedPreferences = PreferenceManager.getInstance(context);
    }

    @TargetApi(23)
    private void createKey() {
        try {
            KeyGenParameterSpec.Builder encryptionPaddings = new KeyGenParameterSpec.Builder(KEY_NAME, 3).setBlockModes("CBC").setUserAuthenticationRequired(false).setEncryptionPaddings("PKCS7Padding");
            if (Build.VERSION.SDK_INT >= 24) {
                encryptionPaddings.setInvalidatedByBiometricEnrollment(false);
            }
            this.mKeyGenerator.init(encryptionPaddings.build());
            this.mKeyGenerator.generateKey();
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    public Cipher getCipher(int i) {
        try {
            this.mKeyStore.load(null);
            Cipher providesCipher = providesCipher();
            SecretKey secretKey = (SecretKey) this.mKeyStore.getKey(KEY_NAME, null);
            if (i == 1) {
                providesCipher.init(i, secretKey);
            } else {
                providesCipher.init(i, secretKey, new IvParameterSpec(Base64.decode(this.mSharedPreferences.getKeyPasswordIV(), 0)));
            }
            return providesCipher;
        } catch (IOException e) {
            e.printStackTrace();
            return null;
        } catch (InvalidAlgorithmParameterException e2) {
            e2.printStackTrace();
            return null;
        } catch (InvalidKeyException e3) {
            e3.printStackTrace();
            return null;
        } catch (KeyStoreException e4) {
            e4.printStackTrace();
            return null;
        } catch (NoSuchAlgorithmException e5) {
            e5.printStackTrace();
            return null;
        } catch (UnrecoverableKeyException e6) {
            e6.printStackTrace();
            return null;
        } catch (CertificateException e7) {
            e7.printStackTrace();
            return null;
        }
    }

    public Cipher getDecryptCipher() {
        return this.mDecryptCipher;
    }

    public String getDecryptData() {
        PasswordStorageImpl passwordStorageImpl = this.passwordStorage;
        if (passwordStorageImpl != null) {
            return passwordStorageImpl.getData();
        }
        return null;
    }

    public String getKeyPassword() {
        return this.mSharedPreferences.getKeyPassword();
    }

    public boolean initDecryptCipher() {
        Cipher cipher = getCipher(2);
        this.mDecryptCipher = cipher;
        return cipher != null;
    }

    public boolean initEncryptCipher() {
        createKey();
        Cipher cipher = getCipher(1);
        this.mEncryptCipher = cipher;
        return cipher != null;
    }

    public Cipher providesCipher() {
        try {
            return Cipher.getInstance("AES/CBC/PKCS7Padding");
        } catch (NoSuchAlgorithmException | NoSuchPaddingException e) {
            throw new RuntimeException("Failed to get an instance of Cipher", e);
        }
    }

    public FingerprintManager providesFingerprintManager() {
        return (FingerprintManager) this.mContext.getSystemService(FingerprintManager.class);
    }

    public FingerprintManagerCompat providesFingerprintManagerCompat() {
        return FingerprintManagerCompat.from(this.mContext);
    }

    public KeyGenerator providesKeyGenerator() {
        try {
            return KeyGenerator.getInstance(AesKey.ALGORITHM, "AndroidKeyStore");
        } catch (NoSuchAlgorithmException | NoSuchProviderException e) {
            throw new RuntimeException("Failed to get an instance of KeyGenerator", e);
        }
    }

    public KeyguardManager providesKeyguardManager() {
        return (KeyguardManager) this.mContext.getSystemService(KeyguardManager.class);
    }

    public KeyStore providesKeystore() {
        try {
            return KeyStore.getInstance("AndroidKeyStore");
        } catch (KeyStoreException e) {
            throw new RuntimeException("Failed to get an instance of KeyStore", e);
        }
    }

    public void setEncryptData(String str) {
        PasswordStorageImpl passwordStorageImpl = this.passwordStorage;
        if (passwordStorageImpl != null) {
            passwordStorageImpl.setData(str);
        }
    }

    public String tryDecrypt() {
        try {
            return new String(this.mDecryptCipher.doFinal(Base64.decode(this.mSharedPreferences.getKeyPassword(), 0)));
        } catch (BadPaddingException | IllegalBlockSizeException e) {
            e.printStackTrace();
            return null;
        }
    }

    public boolean tryEncrypt(String str) {
        try {
            byte[] doFinal = this.mEncryptCipher.doFinal(str.getBytes());
            IvParameterSpec ivParameterSpec = (IvParameterSpec) this.mEncryptCipher.getParameters().getParameterSpec(IvParameterSpec.class);
            this.mSharedPreferences.setKeyPassword(Base64.encodeToString(doFinal, 0));
            this.mSharedPreferences.setKeyPasswordIV(Base64.encodeToString(ivParameterSpec.getIV(), 0));
            return true;
        } catch (InvalidParameterSpecException e) {
            e.printStackTrace();
            return false;
        } catch (BadPaddingException | IllegalBlockSizeException unused) {
            return false;
        }
    }
}
