package com.kunzisoft.keepass.fingerprint;

import android.annotation.SuppressLint;
import android.app.KeyguardManager;
import android.content.Context;
import android.hardware.fingerprint.FingerprintManager;
import android.os.CancellationSignal;
import android.security.keystore.KeyGenParameterSpec;
import android.security.keystore.KeyPermanentlyInvalidatedException;
import android.support.annotation.RequiresApi;
import android.util.Base64;
import android.util.Log;
import java.io.IOException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;

@RequiresApi(api = 23)
/* loaded from: classes.dex */
public class FingerPrintHelper {
    private static final String FINGERPRINT_KEYSTORE_KEY = "com.kunzisoft.keepass.fingerprint.key";
    private static final String TAG = "com.kunzisoft.keepass.fingerprint.FingerPrintHelper";
    private FingerprintManager.AuthenticationCallback authenticationCallback;
    private CancellationSignal cancellationSignal;
    private Cipher cipher;
    private FingerprintManager.CryptoObject cryptoObject;
    private FingerPrintCallback fingerPrintCallback;
    private FingerprintManager fingerprintManager;
    private boolean initOk = false;
    private KeyGenerator keyGenerator;
    private KeyStore keyStore;
    private KeyguardManager keyguardManager;

    /* loaded from: classes.dex */
    public interface FingerPrintCallback extends FingerPrintErrorCallback {
        void handleDecryptedResult(String str);

        void handleEncryptedResult(String str, String str2);
    }

    /* loaded from: classes.dex */
    public interface FingerPrintErrorCallback {
        void onFingerPrintException(Exception exc);

        void onInvalidKeyException(Exception exc);
    }

    /* loaded from: classes.dex */
    public enum Mode {
        NOT_CONFIGURED_MODE,
        WAITING_PASSWORD_MODE,
        STORE_MODE,
        OPEN_MODE
    }

    public FingerPrintHelper(Context context, FingerPrintCallback fingerPrintCallback) {
        this.keyStore = null;
        this.keyGenerator = null;
        this.cipher = null;
        this.keyguardManager = null;
        this.cryptoObject = null;
        this.fingerprintManager = (FingerprintManager) context.getSystemService(FingerprintManager.class);
        if (!isFingerprintSupported(this.fingerprintManager)) {
            setInitOk(false);
            return;
        }
        this.keyguardManager = (KeyguardManager) context.getSystemService("keyguard");
        this.fingerPrintCallback = fingerPrintCallback;
        if (hasEnrolledFingerprints()) {
            try {
                this.keyStore = KeyStore.getInstance("AndroidKeyStore");
                this.keyGenerator = KeyGenerator.getInstance("AES", "AndroidKeyStore");
                this.cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
                this.cryptoObject = new FingerprintManager.CryptoObject(this.cipher);
                setInitOk(true);
            } catch (Exception e) {
                Log.e(TAG, "Unable to initialize the keystore", e);
                setInitOk(false);
                fingerPrintCallback.onFingerPrintException(e);
            }
        }
    }

    @SuppressLint({"NewApi"})
    private void createNewKeyIfNeeded(boolean z) {
        if (isFingerprintInitialized()) {
            try {
                this.keyStore.load(null);
                if (z && this.keyStore.containsAlias(FINGERPRINT_KEYSTORE_KEY)) {
                    this.keyStore.deleteEntry(FINGERPRINT_KEYSTORE_KEY);
                }
                if (this.keyStore.containsAlias(FINGERPRINT_KEYSTORE_KEY)) {
                    return;
                }
                this.keyGenerator.init(new KeyGenParameterSpec.Builder(FINGERPRINT_KEYSTORE_KEY, 3).setBlockModes("CBC").setUserAuthenticationRequired(true).setEncryptionPaddings("PKCS7Padding").build());
                this.keyGenerator.generateKey();
            } catch (Exception e) {
                Log.e(TAG, "Unable to create a key in keystore", e);
                this.fingerPrintCallback.onFingerPrintException(e);
            }
        }
    }

    public static void deleteEntryKeyInKeystoreForFingerprints(Context context, final FingerPrintErrorCallback fingerPrintErrorCallback) {
        new FingerPrintHelper(context, new FingerPrintCallback() { // from class: com.kunzisoft.keepass.fingerprint.FingerPrintHelper.1
            @Override // com.kunzisoft.keepass.fingerprint.FingerPrintHelper.FingerPrintCallback
            public void handleDecryptedResult(String str) {
            }

            @Override // com.kunzisoft.keepass.fingerprint.FingerPrintHelper.FingerPrintCallback
            public void handleEncryptedResult(String str, String str2) {
            }

            @Override // com.kunzisoft.keepass.fingerprint.FingerPrintHelper.FingerPrintErrorCallback
            public void onFingerPrintException(Exception exc) {
                FingerPrintErrorCallback.this.onFingerPrintException(exc);
            }

            @Override // com.kunzisoft.keepass.fingerprint.FingerPrintHelper.FingerPrintErrorCallback
            public void onInvalidKeyException(Exception exc) {
                FingerPrintErrorCallback.this.onInvalidKeyException(exc);
            }
        }).deleteEntryKey();
    }

    private boolean isFingerprintInitialized(boolean z) {
        boolean z2 = hasEnrolledFingerprints() && this.initOk;
        if (!z2 && this.fingerPrintCallback != null && z) {
            this.fingerPrintCallback.onFingerPrintException(new Exception("FingerPrint not initialized"));
        }
        return z2;
    }

    public static boolean isFingerprintSupported(FingerprintManager fingerprintManager) {
        return fingerprintManager != null && fingerprintManager.isHardwareDetected();
    }

    private void setInitOk(boolean z) {
        this.initOk = z;
    }

    public void decryptData(String str) {
        if (isFingerprintInitialized()) {
            try {
                this.fingerPrintCallback.handleDecryptedResult(new String(this.cipher.doFinal(Base64.decode(str, 2))));
            } catch (BadPaddingException e) {
                Log.e(TAG, "Unable to decrypt data", e);
                this.fingerPrintCallback.onInvalidKeyException(e);
            } catch (Exception e2) {
                Log.e(TAG, "Unable to decrypt data", e2);
                this.fingerPrintCallback.onFingerPrintException(e2);
            }
        }
    }

    public void deleteEntryKey() {
        try {
            this.keyStore.load(null);
            this.keyStore.deleteEntry(FINGERPRINT_KEYSTORE_KEY);
        } catch (IOException | NullPointerException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            Log.e(TAG, "Unable to delete entry key in keystore", e);
            if (this.fingerPrintCallback != null) {
                this.fingerPrintCallback.onFingerPrintException(e);
            }
        }
    }

    public void encryptData(String str) {
        if (isFingerprintInitialized()) {
            try {
                this.fingerPrintCallback.handleEncryptedResult(Base64.encodeToString(this.cipher.doFinal(str.getBytes()), 2), Base64.encodeToString(((IvParameterSpec) this.cipher.getParameters().getParameterSpec(IvParameterSpec.class)).getIV(), 2));
            } catch (Exception e) {
                Log.e(TAG, "Unable to encrypt data", e);
                this.fingerPrintCallback.onFingerPrintException(e);
            }
        }
    }

    @SuppressLint({"NewApi"})
    public boolean hasEnrolledFingerprints() {
        return isFingerprintSupported(this.fingerprintManager) && this.fingerprintManager.hasEnrolledFingerprints() && this.keyguardManager.isKeyguardSecure();
    }

    public void initDecryptData(String str) {
        if (isFingerprintInitialized()) {
            try {
                stopListening();
                createNewKeyIfNeeded(false);
                this.keyStore.load(null);
                this.cipher.init(2, (SecretKey) this.keyStore.getKey(FINGERPRINT_KEYSTORE_KEY, null), new IvParameterSpec(Base64.decode(str, 2)));
                startListening();
            } catch (KeyPermanentlyInvalidatedException e) {
                Log.e(TAG, "Unable to initialize decrypt data", e);
                this.fingerPrintCallback.onInvalidKeyException(e);
            } catch (UnrecoverableKeyException e2) {
                Log.e(TAG, "Unable to initialize decrypt data", e2);
                deleteEntryKey();
            } catch (Exception e3) {
                Log.e(TAG, "Unable to initialize decrypt data", e3);
                this.fingerPrintCallback.onFingerPrintException(e3);
            }
        }
    }

    public void initEncryptData() {
        if (isFingerprintInitialized()) {
            try {
                stopListening();
                createNewKeyIfNeeded(false);
                this.keyStore.load(null);
                this.cipher.init(1, (SecretKey) this.keyStore.getKey(FINGERPRINT_KEYSTORE_KEY, null));
                startListening();
            } catch (KeyPermanentlyInvalidatedException e) {
                Log.e(TAG, "Unable to initialize encrypt data", e);
                this.fingerPrintCallback.onInvalidKeyException(e);
            } catch (UnrecoverableKeyException e2) {
                Log.e(TAG, "Unable to initialize encrypt data", e2);
                deleteEntryKey();
            } catch (Exception e3) {
                Log.e(TAG, "Unable to initialize encrypt data", e3);
                this.fingerPrintCallback.onFingerPrintException(e3);
            }
        }
    }

    public boolean isFingerprintInitialized() {
        return isFingerprintInitialized(true);
    }

    public void setAuthenticationCallback(FingerprintManager.AuthenticationCallback authenticationCallback) {
        this.authenticationCallback = authenticationCallback;
    }

    public synchronized void startListening() {
        this.cancellationSignal = new CancellationSignal();
        this.fingerprintManager.authenticate(this.cryptoObject, this.cancellationSignal, 0, this.authenticationCallback, null);
    }

    public synchronized void stopListening() {
        if (isFingerprintInitialized(false)) {
            if (this.cancellationSignal != null) {
                this.cancellationSignal.cancel();
                this.cancellationSignal = null;
            }
        }
    }
}
