package minkasu2fa;

import android.app.KeyguardManager;
import android.content.Context;
import android.hardware.fingerprint.FingerprintManager;
import android.os.Build;
import android.security.keystore.KeyGenParameterSpec;
import android.security.keystore.KeyPermanentlyInvalidatedException;
import android.widget.Toast;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.GCMParameterSpec;
import javax.crypto.spec.IvParameterSpec;
import minkasu2fa.core.data.MKCryptoException;

/* loaded from: classes5.dex */
public abstract class k1 {
    public static final String a = k1.class.getSimpleName() + "-Minkasu";

    public static Signature A(String str) {
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null);
        PrivateKey privateKey = (PrivateKey) keyStore.getKey(str, null);
        if (privateKey == null) {
            return null;
        }
        Signature signature = Signature.getInstance("SHA256withRSA");
        signature.initSign(privateKey);
        return signature;
    }

    public static PublicKey B(String str) {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            return keyStore.getCertificate(str).getPublicKey();
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            throw new MKCryptoException(a, e);
        }
    }

    public static SecretKey C(String str) {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            return (SecretKey) keyStore.getKey(str, null);
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException | CertificateException e) {
            throw new MKCryptoException(a, "Failed to get key from keystore", e);
        }
    }

    public static String a(Context context) {
        Object systemService;
        Object systemService2;
        boolean isHardwareDetected;
        boolean hasEnrolledFingerprints;
        if (context == null) {
            return "Context Missing";
        }
        if (!r1.b0()) {
            return context.getResources().getString(com.minkasu.android.twofa.d.minkasu2fa_fp_un_avail);
        }
        systemService = context.getSystemService((Class<Object>) KeyguardManager.class);
        KeyguardManager keyguardManager = (KeyguardManager) systemService;
        systemService2 = context.getSystemService((Class<Object>) FingerprintManager.class);
        FingerprintManager a2 = l.a(systemService2);
        if (a2 == null || keyguardManager == null) {
            return context.getResources().getString(com.minkasu.android.twofa.d.minkasu2fa_fp_api_missing);
        }
        isHardwareDetected = a2.isHardwareDetected();
        if (!isHardwareDetected) {
            return context.getResources().getString(com.minkasu.android.twofa.d.minkasu2fa_fp_hardware_un_avail);
        }
        if (!keyguardManager.isKeyguardSecure()) {
            return context.getResources().getString(com.minkasu.android.twofa.d.minkasu2fa_keyguard_fp_not_enrolled);
        }
        if (w(context)) {
            return context.getResources().getString(com.minkasu.android.twofa.d.minkasu2fa_fp_permission_missing);
        }
        hasEnrolledFingerprints = a2.hasEnrolledFingerprints();
        if (hasEnrolledFingerprints) {
            return null;
        }
        return context.getResources().getString(com.minkasu.android.twofa.d.minkasu2fa_keyguard_fp_not_enrolled);
    }

    public static Signature b(String str, p0 p0Var) {
        try {
            t(str);
            y(str);
            Signature A = A(str);
            if (A == null) {
                throw new MKCryptoException(a, "Failed to create signature");
            }
            if (p0Var != null) {
                p0Var.q("minkasu2fa_new_biometric_signature", true);
            }
            return A;
        } catch (IOException | InvalidAlgorithmParameterException | InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | UnrecoverableKeyException | CertificateException e) {
            throw new MKCryptoException(a, e);
        }
    }

    public static Cipher c() {
        try {
            return Cipher.getInstance("AES/CBC/PKCS7Padding");
        } catch (NoSuchAlgorithmException | NoSuchPaddingException e) {
            throw new MKCryptoException(a, "Failed to get an instance of Cipher", e);
        }
    }

    public static s1 d(p0 p0Var) {
        return p0Var.j("minkasu2fa_use_fingerprint", false) ? s1.ENABLED : s1.DISABLED;
    }

    public static void e(KeyGenParameterSpec keyGenParameterSpec) {
        try {
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", "AndroidKeyStore");
            keyGenerator.init(keyGenParameterSpec);
            keyGenerator.generateKey();
        } catch (InvalidAlgorithmParameterException | NoSuchAlgorithmException | NoSuchProviderException e) {
            r1.z(a, "Failed to generate key using KeyGenerator", e);
            throw e;
        }
    }

    public static void f(p0 p0Var, int i, boolean z) {
        if ((i & 2) > 0) {
            try {
                p0Var.r("minkasu2fa_iv");
                t("mk_fingerPrint_key");
            } catch (MKCryptoException e) {
                if (z) {
                    throw e;
                }
                return;
            }
        }
        if ((i & 4) > 0) {
            p0Var.r("minkasu2fa_bm_iv");
            t("mk_biometric_key");
        }
    }

    public static boolean g(Context context, boolean z) {
        Object systemService;
        Object systemService2;
        boolean isHardwareDetected;
        boolean hasEnrolledFingerprints;
        if (r1.b0()) {
            systemService = context.getSystemService((Class<Object>) KeyguardManager.class);
            KeyguardManager keyguardManager = (KeyguardManager) systemService;
            systemService2 = context.getSystemService((Class<Object>) FingerprintManager.class);
            FingerprintManager a2 = l.a(systemService2);
            if (keyguardManager != null && a2 != null) {
                isHardwareDetected = a2.isHardwareDetected();
                if (!isHardwareDetected) {
                    return false;
                }
                if (!keyguardManager.isKeyguardSecure()) {
                    if (z) {
                        Toast.makeText(context, context.getResources().getString(com.minkasu.android.twofa.d.minkasu2fa_fp_toast_message), 1).show();
                    }
                    return false;
                }
                if (w(context)) {
                    if (z) {
                        Toast.makeText(context, "Fingerprint authentication permission not enabled", 1).show();
                    }
                    return false;
                }
                hasEnrolledFingerprints = a2.hasEnrolledFingerprints();
                if (hasEnrolledFingerprints) {
                    return true;
                }
                if (z) {
                    Toast.makeText(context, context.getResources().getString(com.minkasu.android.twofa.d.minkasu2fa_fp_toast_message), 1).show();
                }
                return false;
            }
        }
        return false;
    }

    public static boolean h(String str) {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            return keyStore.containsAlias(str);
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            throw new MKCryptoException(a, e);
        }
    }

    public static boolean i(String str, String str2) {
        return r(str, str2) == null;
    }

    public static boolean j(Cipher cipher, String str, String str2) {
        try {
            SecretKey C = C(str);
            if (r1.W(str2)) {
                cipher.init(2, C, new IvParameterSpec(o.b(str2)));
                return true;
            }
        } catch (InvalidAlgorithmParameterException e) {
            throw new MKCryptoException(a, "Failed to init cipher in decrypt mode", e);
        } catch (InvalidKeyException unused) {
        }
        return false;
    }

    public static s1[] k(Context context, p0 p0Var) {
        s1 s1Var = s1.UNKNOWN;
        s1[] s1VarArr = {s1Var, s1Var, s1Var};
        if (context != null) {
            s1VarArr[0] = s(context);
            s1VarArr[1] = n(context);
            s1VarArr[2] = d(p0Var);
        }
        return s1VarArr;
    }

    public static Signature l(String str, p0 p0Var) {
        try {
            Signature A = A(str);
            if (A != null) {
                return A;
            }
            throw new MKCryptoException(a, "Failed to create signature");
        } catch (IOException | InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException | CertificateException e) {
            throw new MKCryptoException(a, e);
        }
    }

    public static Cipher m() {
        try {
            return Cipher.getInstance("AES/GCM/NoPadding");
        } catch (NoSuchAlgorithmException | NoSuchPaddingException e) {
            throw new MKCryptoException(a, "Failed to get an instance of Cipher", e);
        }
    }

    public static s1 n(Context context) {
        Object systemService;
        Object systemService2;
        boolean isHardwareDetected;
        boolean hasEnrolledFingerprints;
        if (r1.b0()) {
            systemService = context.getSystemService((Class<Object>) KeyguardManager.class);
            KeyguardManager keyguardManager = (KeyguardManager) systemService;
            systemService2 = context.getSystemService((Class<Object>) FingerprintManager.class);
            FingerprintManager a2 = l.a(systemService2);
            if (keyguardManager != null && a2 != null) {
                if (!keyguardManager.isKeyguardSecure()) {
                    return s1.DISABLED;
                }
                if (w(context)) {
                    return s1.NO_PERMISSION;
                }
                isHardwareDetected = a2.isHardwareDetected();
                if (isHardwareDetected) {
                    hasEnrolledFingerprints = a2.hasEnrolledFingerprints();
                    if (hasEnrolledFingerprints) {
                        return s1.ENABLED;
                    }
                }
                return s1.DISABLED;
            }
        }
        return s1.UNKNOWN;
    }

    public static boolean o(String str) {
        try {
            return A(str) == null;
        } catch (KeyPermanentlyInvalidatedException unused) {
            return true;
        } catch (IOException e) {
            e = e;
            throw new MKCryptoException(a, e);
        } catch (InvalidKeyException e2) {
            e = e2;
            throw new MKCryptoException(a, e);
        } catch (KeyStoreException e3) {
            e = e3;
            throw new MKCryptoException(a, e);
        } catch (NoSuchAlgorithmException e4) {
            e = e4;
            throw new MKCryptoException(a, e);
        } catch (UnrecoverableKeyException e5) {
            e = e5;
            throw new MKCryptoException(a, e);
        } catch (CertificateException e6) {
            e = e6;
            throw new MKCryptoException(a, e);
        }
    }

    public static boolean p(String str, String str2) {
        return v(str, str2) == null;
    }

    public static boolean q(Cipher cipher, String str, String str2) {
        try {
            SecretKey C = C(str);
            if (!r1.W(str2)) {
                return false;
            }
            cipher.init(2, C, new GCMParameterSpec(128, o.b(str2)));
            return true;
        } catch (InvalidAlgorithmParameterException e) {
            throw new MKCryptoException(a, "Failed to init cipher in decrypt mode", e);
        } catch (InvalidKeyException unused) {
            return false;
        }
    }

    public static Cipher r(String str, String str2) {
        Cipher c = c();
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            if (!keyStore.containsAlias(str)) {
                e(u(str));
            }
            if (j(c, str, str2)) {
                return c;
            }
            return null;
        } catch (IOException | InvalidAlgorithmParameterException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | CertificateException e) {
            throw new MKCryptoException(a, "Failed to get instance of Keystore", e);
        }
    }

    public static s1 s(Context context) {
        Object systemService;
        boolean isHardwareDetected;
        if (r1.b0()) {
            if (w(context)) {
                return s1.NO_PERMISSION;
            }
            systemService = context.getSystemService((Class<Object>) FingerprintManager.class);
            FingerprintManager a2 = l.a(systemService);
            if (a2 != null) {
                isHardwareDetected = a2.isHardwareDetected();
                return isHardwareDetected ? s1.ENABLED : s1.DISABLED;
            }
        }
        return s1.UNKNOWN;
    }

    public static void t(String str) {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            if (keyStore.containsAlias(str)) {
                keyStore.deleteEntry(str);
            }
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            throw new MKCryptoException(a, "Failed to get an instance of KeyStore", e);
        }
    }

    public static KeyGenParameterSpec u(String str) {
        KeyGenParameterSpec.Builder blockModes;
        KeyGenParameterSpec.Builder encryptionPaddings;
        KeyGenParameterSpec.Builder userAuthenticationRequired;
        KeyGenParameterSpec build;
        androidx.security.crypto.l.a();
        blockModes = androidx.security.crypto.k.a(str, 3).setBlockModes("CBC");
        encryptionPaddings = blockModes.setEncryptionPaddings("PKCS7Padding");
        userAuthenticationRequired = encryptionPaddings.setUserAuthenticationRequired(true);
        if (Build.VERSION.SDK_INT >= 24) {
            userAuthenticationRequired.setInvalidatedByBiometricEnrollment(true);
        }
        build = userAuthenticationRequired.build();
        return build;
    }

    public static Cipher v(String str, String str2) {
        Cipher m = m();
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            if (!keyStore.containsAlias(str)) {
                e(x(str));
            }
            if (q(m, str, str2)) {
                return m;
            }
            return null;
        } catch (IOException | InvalidAlgorithmParameterException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | CertificateException e) {
            throw new MKCryptoException(a, "Failed to get instance of Keystore", e);
        }
    }

    public static boolean w(Context context) {
        return androidx.core.content.a.a(context, "android.permission.USE_FINGERPRINT") != 0;
    }

    public static KeyGenParameterSpec x(String str) {
        KeyGenParameterSpec.Builder blockModes;
        KeyGenParameterSpec.Builder encryptionPaddings;
        KeyGenParameterSpec.Builder userAuthenticationRequired;
        KeyGenParameterSpec build;
        androidx.security.crypto.l.a();
        blockModes = androidx.security.crypto.k.a(str, 3).setBlockModes("GCM");
        encryptionPaddings = blockModes.setEncryptionPaddings("NoPadding");
        userAuthenticationRequired = encryptionPaddings.setUserAuthenticationRequired(true);
        if (Build.VERSION.SDK_INT >= 24) {
            userAuthenticationRequired.setInvalidatedByBiometricEnrollment(true);
        }
        build = userAuthenticationRequired.build();
        return build;
    }

    public static void y(String str) {
        try {
            KeyGenParameterSpec z = z(str);
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
            keyPairGenerator.initialize(z);
            keyPairGenerator.generateKeyPair();
        } catch (InvalidAlgorithmParameterException | NoSuchAlgorithmException | NoSuchProviderException e) {
            r1.z(a, "Failed to generate keypair using KeyGenerator", e);
            throw e;
        }
    }

    public static KeyGenParameterSpec z(String str) {
        KeyGenParameterSpec.Builder digests;
        KeyGenParameterSpec.Builder signaturePaddings;
        KeyGenParameterSpec.Builder userAuthenticationRequired;
        KeyGenParameterSpec build;
        androidx.security.crypto.l.a();
        digests = androidx.security.crypto.k.a(str, 12).setDigests("SHA-256", "SHA-512");
        signaturePaddings = digests.setSignaturePaddings("PKCS1");
        userAuthenticationRequired = signaturePaddings.setUserAuthenticationRequired(true);
        int i = Build.VERSION.SDK_INT;
        if (i >= 30) {
            userAuthenticationRequired.setUserAuthenticationParameters(0, 2);
        }
        if (i >= 24) {
            userAuthenticationRequired.setInvalidatedByBiometricEnrollment(true);
        }
        build = userAuthenticationRequired.build();
        return build;
    }
}
