package net.tjado.passwdsafe;

import android.annotation.TargetApi;
import android.content.Context;
import android.content.SharedPreferences;
import android.net.Uri;
import android.security.keystore.KeyGenParameterSpec;
import android.text.TextUtils;
import android.util.Base64;
import android.util.Log;
import androidx.core.hardware.fingerprint.FingerprintManagerCompat;
import androidx.core.os.CancellationSignal;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.util.Collections;
import java.util.Iterator;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.IvParameterSpec;
import net.tjado.passwdsafe.lib.PasswdSafeUtil;

/* loaded from: classes.dex */
public final class SavedPasswordsMgr {
    private static final String KEYSTORE = "AndroidKeyStore";
    private static final String TAG = "SavedPasswordsMgr";
    private final Context itsContext;
    private final FingerprintManagerCompat itsFingerprintMgr;

    /* loaded from: classes.dex */
    public static abstract class User extends FingerprintManagerCompat.AuthenticationCallback implements CancellationSignal.OnCancelListener {
        private final CancellationSignal itsCancelSignal = new CancellationSignal();

        public User() {
            this.itsCancelSignal.setOnCancelListener(this);
        }

        /* JADX INFO: Access modifiers changed from: private */
        public CancellationSignal getCancelSignal() {
            return this.itsCancelSignal;
        }

        public void cancel() {
            this.itsCancelSignal.cancel();
        }

        protected abstract boolean isEncrypt();

        protected abstract void onStart();
    }

    public SavedPasswordsMgr(Context context) {
        this.itsFingerprintMgr = FingerprintManagerCompat.from(context);
        this.itsContext = context;
    }

    private String getIvPrefsKey(String str) {
        return "iv_" + str;
    }

    @TargetApi(23)
    private Cipher getKeyCipher(Uri uri, boolean z) throws CertificateException, NoSuchAlgorithmException, KeyStoreException, IOException, UnrecoverableKeyException, NoSuchPaddingException, InvalidKeyException, InvalidAlgorithmParameterException {
        String prefsKey = getPrefsKey(uri);
        Key key = getKeystore().getKey(prefsKey, null);
        if (key == null) {
            throw new IOException(this.itsContext.getString(R.string.key_not_found, uri));
        }
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
        if (z) {
            cipher.init(1, key);
        } else {
            String string = getPrefs().getString(getIvPrefsKey(prefsKey), null);
            if (TextUtils.isEmpty(string)) {
                throw new IOException("Key IV not found for " + uri);
            }
            cipher.init(2, key, new IvParameterSpec(Base64.decode(string, 2)));
        }
        return cipher;
    }

    private KeyStore getKeystore() throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException {
        KeyStore keyStore = KeyStore.getInstance(KEYSTORE);
        keyStore.load(null);
        return keyStore;
    }

    private SharedPreferences getPrefs() {
        return this.itsContext.getSharedPreferences("saved", 0);
    }

    private String getPrefsKey(Uri uri) {
        return "key_" + uri.toString();
    }

    public void addSavedPassword(Uri uri, String str, Cipher cipher) throws UnsupportedEncodingException, BadPaddingException, IllegalBlockSizeException {
        String encodeToString = Base64.encodeToString(cipher.doFinal(str.getBytes("UTF-8")), 2);
        String encodeToString2 = Base64.encodeToString(cipher.getIV(), 2);
        String prefsKey = getPrefsKey(uri);
        getPrefs().edit().putString(prefsKey, encodeToString).putString(getIvPrefsKey(prefsKey), encodeToString2).apply();
    }

    @TargetApi(23)
    public synchronized void generateKey(Uri uri) throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, NoSuchProviderException, IOException {
        PasswdSafeUtil.dbginfo(TAG, "generateKey: %s", uri);
        if (!this.itsFingerprintMgr.hasEnrolledFingerprints()) {
            throw new IOException(this.itsContext.getString(R.string.no_fingerprints_registered));
        }
        String prefsKey = getPrefsKey(uri);
        try {
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", KEYSTORE);
            keyGenerator.init(new KeyGenParameterSpec.Builder(prefsKey, 3).setBlockModes("CBC").setEncryptionPaddings("PKCS7Padding").setKeySize(256).setUserAuthenticationRequired(true).build());
            keyGenerator.generateKey();
        } catch (InvalidAlgorithmParameterException | NoSuchAlgorithmException | NoSuchProviderException e) {
            Log.e(TAG, "generateKey failure", e);
            removeSavedPassword(uri);
            throw e;
        }
    }

    public boolean isAvailable() {
        return this.itsFingerprintMgr.isHardwareDetected();
    }

    public synchronized boolean isSaved(Uri uri) {
        return getPrefs().contains(getPrefsKey(uri));
    }

    public String loadSavedPassword(Uri uri, Cipher cipher) throws IOException, BadPaddingException, IllegalBlockSizeException {
        String string = getPrefs().getString(getPrefsKey(uri), null);
        if (TextUtils.isEmpty(string)) {
            throw new IOException(this.itsContext.getString(R.string.password_not_found, uri));
        }
        return new String(cipher.doFinal(Base64.decode(string, 2)), "UTF-8");
    }

    public synchronized void removeAllSavedPasswords() {
        getPrefs().edit().clear().apply();
        if (isAvailable()) {
            try {
                KeyStore keystore = getKeystore();
                Iterator it = Collections.list(keystore.aliases()).iterator();
                while (it.hasNext()) {
                    String str = (String) it.next();
                    PasswdSafeUtil.dbginfo(TAG, "removeAllSavedPasswords key: %s", str);
                    keystore.deleteEntry(str);
                }
            } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
                e.printStackTrace();
            }
        }
    }

    public synchronized void removeSavedPassword(Uri uri) {
        String prefsKey = getPrefsKey(uri);
        getPrefs().edit().remove(prefsKey).remove(getIvPrefsKey(prefsKey)).apply();
        if (isAvailable()) {
            PasswdSafeUtil.dbginfo(TAG, "removeSavedPassword: %s", uri);
            try {
                getKeystore().deleteEntry(prefsKey);
            } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
                e.printStackTrace();
            }
        }
    }

    public void startPasswordAccess(Uri uri, User user) {
        try {
            this.itsFingerprintMgr.authenticate(new FingerprintManagerCompat.CryptoObject(getKeyCipher(uri, user.isEncrypt())), 0, user.getCancelSignal(), user, null);
            user.onStart();
        } catch (IOException | InvalidAlgorithmParameterException | InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException | CertificateException | NoSuchPaddingException e) {
            String string = this.itsContext.getString(R.string.key_error, uri, e.getLocalizedMessage());
            Log.e(TAG, string, e);
            user.onAuthenticationError(0, string);
        }
    }
}
