package defpackage;

import android.annotation.SuppressLint;
import android.annotation.TargetApi;
import android.content.Context;
import android.hardware.fingerprint.FingerprintManager;
import android.security.keystore.KeyGenParameterSpec;
import android.security.keystore.KeyPermanentlyInvalidatedException;
import android.util.Base64;
import com.gosbank.gosbankmobile.MyApplication;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.MGF1ParameterSpec;
import java.security.spec.X509EncodedKeySpec;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.OAEPParameterSpec;
import javax.crypto.spec.PSource;
import org.spongycastle.pqc.jcajce.spec.McElieceCCA2KeyGenParameterSpec;

/* loaded from: classes.dex */
public class avq {
    private static KeyStore a;
    private static KeyPairGenerator b;
    private static Cipher c;

    /* loaded from: classes.dex */
    public enum a {
        NOT_SUPPORTED,
        NOT_BLOCKED,
        NO_FINGERPRINTS,
        READY
    }

    @TargetApi(23)
    public static FingerprintManager.CryptoObject a() {
        if (b() && a(2)) {
            return new FingerprintManager.CryptoObject(c);
        }
        return null;
    }

    public static String a(String str) {
        try {
            if (b() && a(1)) {
                return Base64.encodeToString(c.doFinal(str.getBytes()), 2);
            }
            return null;
        } catch (BadPaddingException | IllegalBlockSizeException e) {
            si.a(e);
            return null;
        }
    }

    private static String a(String str, Cipher cipher) {
        try {
            return new String(cipher.doFinal(Base64.decode(str, 2)));
        } catch (BadPaddingException | IllegalBlockSizeException e) {
            si.a(e);
            return null;
        }
    }

    public static String a(Cipher cipher) {
        return a(MyApplication.a().j().e("EXTRA_PIN"), cipher);
    }

    @TargetApi(23)
    private static boolean a(int i) {
        try {
            a.load(null);
            switch (i) {
                case 1:
                    c(i);
                    return true;
                case 2:
                    b(i);
                    return true;
                default:
                    return false;
            }
        } catch (KeyPermanentlyInvalidatedException unused) {
            h();
            return false;
        } catch (IOException | InvalidAlgorithmParameterException | InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException | CertificateException | InvalidKeySpecException e) {
            si.a(e);
            return false;
        }
    }

    public static boolean a(Context context, avn avnVar) {
        if (!avp.a(a.READY, context)) {
            return false;
        }
        FingerprintManager.CryptoObject a2 = a();
        if (a2 != null) {
            avnVar.a(a2);
            return true;
        }
        avp.b();
        return false;
    }

    private static void b(int i) {
        c.init(i, (PrivateKey) a.getKey("ForaFPPinKey", null));
    }

    public static void b(String str) {
        if (avp.a() != avo.ENABLED.ordinal()) {
            avp.b();
        } else if (str != null) {
            c(str);
        }
    }

    private static boolean b() {
        return c() && e() && f();
    }

    private static void c(int i) {
        PublicKey publicKey = a.getCertificate("ForaFPPinKey").getPublicKey();
        c.init(i, KeyFactory.getInstance(publicKey.getAlgorithm()).generatePublic(new X509EncodedKeySpec(publicKey.getEncoded())), new OAEPParameterSpec(McElieceCCA2KeyGenParameterSpec.SHA256, "MGF1", MGF1ParameterSpec.SHA1, PSource.PSpecified.DEFAULT));
    }

    private static void c(String str) {
        MyApplication.a().j().a("EXTRA_PIN", a(str));
    }

    private static boolean c() {
        try {
            a = KeyStore.getInstance("AndroidKeyStore");
            a.load(null);
            return true;
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            si.a(e);
            return false;
        }
    }

    @TargetApi(23)
    private static boolean d() {
        try {
            b = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
            return true;
        } catch (NoSuchAlgorithmException | NoSuchProviderException e) {
            si.a(e);
            return false;
        }
    }

    @SuppressLint({"GetInstance"})
    private static boolean e() {
        try {
            c = Cipher.getInstance("RSA/ECB/OAEPWithSHA-256AndMGF1Padding");
            return true;
        } catch (NoSuchAlgorithmException | NoSuchPaddingException e) {
            si.a(e);
            return false;
        }
    }

    private static boolean f() {
        try {
            if (!a.containsAlias("ForaFPPinKey")) {
                if (!g()) {
                    return false;
                }
            }
            return true;
        } catch (KeyStoreException e) {
            si.a(e);
            return false;
        }
    }

    @TargetApi(23)
    private static boolean g() {
        if (d()) {
            try {
                b.initialize(new KeyGenParameterSpec.Builder("ForaFPPinKey", 3).setDigests(McElieceCCA2KeyGenParameterSpec.SHA256, McElieceCCA2KeyGenParameterSpec.SHA512).setEncryptionPaddings("OAEPPadding").setUserAuthenticationRequired(true).build());
                b.generateKeyPair();
                return true;
            } catch (InvalidAlgorithmParameterException e) {
                si.a(e);
            }
        }
        return false;
    }

    private static void h() {
        if (c()) {
            try {
                a.deleteEntry("ForaFPPinKey");
            } catch (KeyStoreException e) {
                si.a(e);
            }
        }
    }
}
