package hk.com.sharppoint.spmobile.sptraderprohd.auth;

import android.annotation.TargetApi;
import android.app.KeyguardManager;
import android.content.Context;
import android.hardware.fingerprint.FingerprintManager;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.security.keystore.KeyPermanentlyInvalidatedException;
import android.util.Base64;
import android.util.Log;
import androidx.legacy.app.ActivityCompat;
import hk.com.sharppoint.dto.auth.KeyPair;
import hk.com.sharppoint.spapi.SPNativeApiProxyWrapper;
import hk.com.sharppoint.spapi.util.SPLog;
import hk.com.sharppoint.spmobile.sptraderprohd.ApiApplication;
import java.math.BigInteger;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.Signature;
import java.security.UnrecoverableKeyException;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.RSAKeyGenParameterSpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Calendar;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.security.auth.x500.X500Principal;
import org.apache.commons.lang3.ArrayUtils;
import org.apache.commons.lang3.StringUtils;

/* loaded from: classes2.dex */
public class d {

    /* renamed from: a, reason: collision with root package name */
    public final String f1246a = getClass().getName();

    /* renamed from: b, reason: collision with root package name */
    private Context f1247b;
    private ApiApplication c;
    private SPNativeApiProxyWrapper d;
    private FingerprintManager.CryptoObject e;
    private KeyguardManager f;
    private FingerprintManager g;
    private KeyStore h;
    private Cipher i;
    private boolean j;
    private b k;

    public d(Context context, ApiApplication apiApplication, SPNativeApiProxyWrapper sPNativeApiProxyWrapper) {
        this.f1247b = context;
        this.c = apiApplication;
        this.d = sPNativeApiProxyWrapper;
        if (Build.VERSION.SDK_INT >= 18) {
            e();
        }
        if (Build.VERSION.SDK_INT >= 23) {
            this.f = (KeyguardManager) context.getSystemService(Context.KEYGUARD_SERVICE);
            f();
        }
    }

    private String b(Cipher cipher, String str, e eVar) {
        byte[] decode = Base64.decode(eVar.b(), 2);
        byte[] decode2 = Base64.decode(eVar.a(), 2);
        SecretKey secretKey = (SecretKey) this.h.getKey(str, null);
        if (cipher == null) {
            cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
            cipher.init(2, secretKey, new IvParameterSpec(decode));
        }
        return new String(cipher.doFinal(decode2), "UTF-8");
    }

    private String e(String str) {
        String[] split = StringUtils.split(str, ":");
        return ArrayUtils.getLength(split) == 2 ? split[0] : str;
    }

    private void e() {
        try {
            this.h = KeyStore.getInstance("AndroidKeyStore");
            this.h.load(null);
        } catch (Exception e) {
            Log.e(this.f1246a, "Error", e);
        }
    }

    @TargetApi(23)
    private void f() {
        this.g = (FingerprintManager) this.f1247b.getSystemService("fingerprint");
    }

    private String g() {
        return this.c.e(false);
    }

    public e a(String str, String str2, boolean z) {
        SecretKey secretKey;
        if (!z) {
            try {
                SecretKey secretKey2 = (SecretKey) this.h.getKey(str, null);
                if (secretKey2 != null) {
                    secretKey = secretKey2;
                    Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
                    cipher.init(1, secretKey);
                    return new e(Base64.encodeToString(cipher.doFinal(str2.getBytes("UTF-8")), 2), Base64.encodeToString(cipher.getIV(), 2));
                }
            } catch (Exception e) {
                Log.e(this.f1246a, "Error", e);
                return null;
            }
        }
        secretKey = a(str, false);
        Cipher cipher2 = Cipher.getInstance("AES/CBC/PKCS7Padding");
        cipher2.init(1, secretKey);
        return new e(Base64.encodeToString(cipher2.doFinal(str2.getBytes("UTF-8")), 2), Base64.encodeToString(cipher2.getIV(), 2));
    }

    public e a(Cipher cipher, String str) {
        try {
            return new e(Base64.encodeToString(cipher.doFinal(str.getBytes("UTF-8")), 2), Base64.encodeToString(cipher.getIV(), 2));
        } catch (Exception e) {
            Log.e(this.f1246a, "Error", e);
            return null;
        }
    }

    public String a(String str) {
        String f;
        String str2;
        String str3;
        String str4 = null;
        try {
            f = this.c.f(false);
        } catch (Exception e) {
            Log.e(this.f1246a, "signMessage exception:", e);
        }
        if (Build.VERSION.SDK_INT >= 18) {
            KeyStore.Entry entry = this.h.getEntry(f, null);
            if (!(entry instanceof KeyStore.PrivateKeyEntry)) {
                Log.d(this.f1246a, "Not an instance of a PrivateKeyEntry");
                return null;
            }
            Signature signature = Signature.getInstance("SHA256withRSA");
            signature.initSign(((KeyStore.PrivateKeyEntry) entry).getPrivateKey());
            signature.update(str.getBytes());
            byte[] sign = signature.sign();
            SPLog.d(this.f1246a, "Signed by Android Crypto API");
            str4 = Base64.encodeToString(sign, 2);
            str2 = this.f1246a;
            str3 = "Signature: " + str4;
        } else {
            String b2 = this.c.r().b(this.c.f(true), (String) null);
            if (!StringUtils.isNotEmpty(b2)) {
                Log.d(this.f1246a, "Private Key not found");
                return str4;
            }
            SPLog.d(this.f1246a, "Signed by SPCrypto");
            str4 = this.d.d(b2, str);
            str2 = this.f1246a;
            str3 = "Signature: " + str4;
        }
        SPLog.d(str2, str3);
        return str4;
    }

    public String a(String str, e eVar) {
        try {
            byte[] decode = Base64.decode(eVar.b(), 2);
            byte[] decode2 = Base64.decode(eVar.a(), 2);
            SecretKey secretKey = (SecretKey) this.h.getKey(str, null);
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
            cipher.init(2, secretKey, new IvParameterSpec(decode));
            return new String(cipher.doFinal(decode2), "UTF-8");
        } catch (Exception e) {
            Log.e(this.f1246a, "Error", e);
            return "";
        }
    }

    public String a(String str, String str2) {
        String b2;
        try {
            String a2 = this.c.a("KEYPAIR-", str, str2);
            if (Build.VERSION.SDK_INT < 18) {
                b2 = this.c.r().b(this.c.b(str, str2), (String) null);
            } else {
                if (!(this.h.getEntry(a2, null) instanceof KeyStore.PrivateKeyEntry)) {
                    Log.d(this.f1246a, "Not an instance of a PrivateKeyEntry");
                    return null;
                }
                b2 = "-----BEGIN PUBLIC KEY-----\r\n" + Base64.encodeToString(new X509EncodedKeySpec(this.h.getCertificate(a2).getPublicKey().getEncoded()).getEncoded(), 4) + "-----END PUBLIC KEY-----";
            }
            return b2;
        } catch (Exception e) {
            Log.e(this.f1246a, Log.getStackTraceString(e));
            return null;
        }
    }

    public String a(Cipher cipher, e eVar) {
        return a(cipher, g(), eVar);
    }

    public String a(Cipher cipher, String str, e eVar) {
        try {
            if (Build.VERSION.SDK_INT < 23) {
                return b(cipher, str, eVar);
            }
            try {
                return b(cipher, str, eVar);
            } catch (KeyPermanentlyInvalidatedException e) {
                Log.e(this.f1246a, "KeyPermanentlyInvalidatedException", e);
                this.c.y().C(true);
                return "";
            }
        } catch (Exception e2) {
            Log.e(this.f1246a, "Error", e2);
            return "";
        }
    }

    public Cipher a(String str, boolean z, boolean z2) {
        SecretKey secretKey;
        SecretKey a2 = (z || (secretKey = (SecretKey) this.h.getKey(str, null)) == null) ? a(str, z2) : secretKey;
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
        cipher.init(1, a2);
        return cipher;
    }

    @TargetApi(23)
    public SecretKey a(String str, boolean z) {
        try {
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", "AndroidKeyStore");
            KeyGenParameterSpec.Builder encryptionPaddings = new KeyGenParameterSpec.Builder(str, 3).setBlockModes("CBC").setUserAuthenticationRequired(z).setEncryptionPaddings("PKCS7Padding");
            if (Build.VERSION.SDK_INT >= 24) {
                encryptionPaddings.setInvalidatedByBiometricEnrollment(true);
            }
            keyGenerator.init(encryptionPaddings.build());
            return keyGenerator.generateKey();
        } catch (Exception e) {
            Log.e(this.f1246a, "Error", e);
            throw new hk.com.sharppoint.spmobile.sptraderprohd.c.c(e);
        }
    }

    @TargetApi(23)
    public void a(FingerprintManager.AuthenticationCallback authenticationCallback) {
        c();
        this.e = new FingerprintManager.CryptoObject(this.i);
        this.k = new b(this.c, authenticationCallback);
        this.k.a(this.g, this.e);
    }

    @TargetApi(23)
    public void a(String str, FingerprintManager.AuthenticationCallback authenticationCallback) {
        b(str);
        this.e = new FingerprintManager.CryptoObject(this.i);
        this.k = new b(this.c, authenticationCallback);
        this.k.a(this.g, this.e);
    }

    @TargetApi(23)
    public void a(Cipher cipher, FingerprintManager.AuthenticationCallback authenticationCallback) {
        this.e = new FingerprintManager.CryptoObject(cipher);
        this.k = new b(this.c, authenticationCallback);
        this.k.a(this.g, this.e);
    }

    public void a(boolean z) {
        this.j = z;
    }

    public boolean a() {
        try {
            if (Build.VERSION.SDK_INT >= 23 && this.g.isHardwareDetected() && ActivityCompat.checkSelfPermission(this.f1247b, "android.permission.USE_FINGERPRINT") == 0 && this.g.hasEnrolledFingerprints()) {
                return this.f.isKeyguardSecure();
            }
            return false;
        } catch (Exception e) {
            SPLog.e(this.f1246a, "Exception: ", e);
        }
        return false;
    }

    public String b() {
        AlgorithmParameterSpec build;
        try {
            String f = this.c.f(false);
            if (Build.VERSION.SDK_INT < 18) {
                KeyPair r = this.d.r();
                this.c.r().a(this.c.f(true), r.getPrivateKey());
                this.c.r().a(this.c.b(this.d.d().j(), this.d.d().h()), r.getPublicKey());
                return r.getPublicKey();
            }
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
            if (Build.VERSION.SDK_INT < 23) {
                if (Build.VERSION.SDK_INT >= 18) {
                    Calendar calendar = Calendar.getInstance();
                    Calendar calendar2 = Calendar.getInstance();
                    calendar2.add(1, 30);
                    build = new KeyPairGeneratorSpec.Builder(this.f1247b).setAlias(f).setSubject(new X500Principal("CN=Sharp Point Limited , O=Sharp Point Limited C=HK")).setSerialNumber(BigInteger.ONE).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build();
                }
                String str = "-----BEGIN PUBLIC KEY-----\r\n" + Base64.encodeToString(new X509EncodedKeySpec(keyPairGenerator.generateKeyPair().getPublic().getEncoded()).getEncoded(), 4) + "-----END PUBLIC KEY-----";
                Log.d(this.f1246a, "Keystore Public Key: \n" + str);
                return str;
            }
            build = new KeyGenParameterSpec.Builder(f, 12).setAlgorithmParameterSpec(new RSAKeyGenParameterSpec(2048, RSAKeyGenParameterSpec.F4)).setBlockModes("CBC").setSignaturePaddings("PKCS1").setDigests("SHA-256").setUserAuthenticationRequired(false).build();
            keyPairGenerator.initialize(build);
            String str2 = "-----BEGIN PUBLIC KEY-----\r\n" + Base64.encodeToString(new X509EncodedKeySpec(keyPairGenerator.generateKeyPair().getPublic().getEncoded()).getEncoded(), 4) + "-----END PUBLIC KEY-----";
            Log.d(this.f1246a, "Keystore Public Key: \n" + str2);
            return str2;
        } catch (Exception e) {
            Log.d(this.f1246a, Log.getStackTraceString(e));
            return null;
        }
    }

    public Cipher b(boolean z) {
        return a(g(), true, z);
    }

    @TargetApi(23)
    public boolean b(String str) {
        SPLog.d(this.f1246a, "Current Key name: " + str);
        String e = e(str);
        SPLog.d(this.f1246a, "Original Key name: " + e);
        try {
            this.i = Cipher.getInstance("AES/CBC/PKCS7Padding");
            try {
                this.i.init(3, (SecretKey) this.h.getKey(str, null));
                return true;
            } catch (UnrecoverableKeyException e2) {
                SPLog.e(this.f1246a, "Exception", (Exception) e2);
                int b2 = this.c.r().b(e + "KeySuffix", 0) + 1;
                String str2 = str + ":" + b2;
                this.c.r().a(e + "KeySuffix", b2);
                try {
                    SPLog.d(this.f1246a, "Next Key name: " + str2);
                    this.i.init(3, (SecretKey) this.h.getKey(str2, null));
                    return true;
                } catch (Exception unused) {
                    SPLog.e(this.f1246a, "Exception", (Exception) e2);
                    return false;
                }
            } catch (Exception e3) {
                throw new RuntimeException("Failed to init Cipher", e3);
            }
        } catch (NoSuchAlgorithmException | NoSuchPaddingException e4) {
            throw new RuntimeException("Failed to get Cipher", e4);
        }
    }

    public e c(String str) {
        return a(g(), str, true);
    }

    @TargetApi(23)
    public boolean c() {
        return b(g());
    }

    public Cipher d(String str) {
        byte[] decode = Base64.decode(str, 2);
        SecretKey secretKey = (SecretKey) this.h.getKey(g(), null);
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
        cipher.init(2, secretKey, new IvParameterSpec(decode));
        return cipher;
    }

    public void d() {
        b bVar = this.k;
        if (bVar != null) {
            bVar.a();
        }
    }
}
