package com.epicshaggy.biometric;

import android.app.KeyguardManager;
import android.content.Intent;
import android.content.SharedPreferences;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.security.keystore.StrongBoxUnavailableException;
import android.util.Base64;
import androidx.activity.result.a;
import androidx.biometric.p;
import com.getcapacitor.JSObject;
import com.getcapacitor.Plugin;
import com.getcapacitor.PluginCall;
import com.getcapacitor.PluginMethod;
import com.getcapacitor.annotation.ActivityCallback;
import com.getcapacitor.annotation.CapacitorPlugin;
import hidden.org.apache.commons.lang.CharEncoding;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.Key;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.CertificateException;
import java.util.ArrayList;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.KeyGenerator;
import javax.crypto.spec.GCMParameterSpec;
import javax.crypto.spec.SecretKeySpec;

@CapacitorPlugin(name = "NativeBiometric")
/* loaded from: classes.dex */
public class NativeBiometric extends Plugin {

    /* renamed from: b, reason: collision with root package name */
    private static final byte[] f4041b = new byte[12];

    /* renamed from: a, reason: collision with root package name */
    private KeyStore f4042a;

    private String c(String str, String str2) {
        Cipher cipher;
        byte[] decode = Base64.decode(str, 0);
        if (Build.VERSION.SDK_INT >= 23) {
            cipher = Cipher.getInstance("AES/GCM/NoPadding");
            cipher.init(2, j(str2), new GCMParameterSpec(128, f4041b));
        } else {
            cipher = Cipher.getInstance("AES/ECB/PKCS7Padding", "BC");
            cipher.init(2, j(str2));
        }
        return new String(cipher.doFinal(decode), CharEncoding.UTF_8);
    }

    private boolean d() {
        boolean isDeviceSecure;
        isDeviceSecure = ((KeyguardManager) getActivity().getSystemService("keyguard")).isDeviceSecure();
        return isDeviceSecure;
    }

    private String e(String str, String str2) {
        Cipher cipher;
        if (Build.VERSION.SDK_INT >= 23) {
            cipher = Cipher.getInstance("AES/GCM/NoPadding");
            cipher.init(1, j(str2), new GCMParameterSpec(128, f4041b));
        } else {
            cipher = Cipher.getInstance("AES/ECB/PKCS7Padding", "BC");
            cipher.init(1, j(str2));
        }
        return Base64.encodeToString(cipher.doFinal(str.getBytes(CharEncoding.UTF_8)), 0);
    }

    private Key f(String str) {
        try {
            return g(str, true);
        } catch (StrongBoxUnavailableException unused) {
            return g(str, false);
        }
    }

    private Key g(String str, boolean z9) {
        KeyGenParameterSpec.Builder blockModes;
        KeyGenParameterSpec.Builder encryptionPaddings;
        KeyGenParameterSpec.Builder randomizedEncryptionRequired;
        KeyGenParameterSpec build;
        int i9 = Build.VERSION.SDK_INT;
        if (i9 < 23) {
            return h(str);
        }
        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", "AndroidKeyStore");
        blockModes = new KeyGenParameterSpec.Builder(str, 3).setBlockModes("GCM");
        encryptionPaddings = blockModes.setEncryptionPaddings("NoPadding");
        randomizedEncryptionRequired = encryptionPaddings.setRandomizedEncryptionRequired(false);
        if (i9 >= 28) {
            randomizedEncryptionRequired.setUnlockedDeviceRequired(true);
            randomizedEncryptionRequired.setIsStrongBoxBacked(z9);
        }
        build = randomizedEncryptionRequired.build();
        keyGenerator.init(build);
        return keyGenerator.generateKey();
    }

    private Key h(String str) {
        SharedPreferences sharedPreferences = getContext().getSharedPreferences("", 0);
        String string = sharedPreferences.getString("NativeBiometricKey", null);
        if (string != null) {
            return new SecretKeySpec(m(Base64.decode(string, 0), str), "AES");
        }
        byte[] bArr = new byte[16];
        new SecureRandom().nextBytes(bArr);
        String encodeToString = Base64.encodeToString(n(bArr, str), 0);
        SharedPreferences.Editor edit = sharedPreferences.edit();
        edit.putString("NativeBiometricKey", encodeToString);
        edit.apply();
        return new SecretKeySpec(bArr, "AES");
    }

    private int i() {
        int i9 = getContext().getPackageManager().hasSystemFeature("android.hardware.fingerprint") ? 3 : 0;
        if (getContext().getPackageManager().hasSystemFeature("android.hardware.biometrics.face")) {
            if (i9 != 0) {
                return 6;
            }
            i9 = 4;
        }
        return getContext().getPackageManager().hasSystemFeature("android.hardware.biometrics.iris") ? i9 != 0 ? 6 : 5 : i9;
    }

    private Key j(String str) {
        KeyStore.SecretKeyEntry secretKeyEntry = (KeyStore.SecretKeyEntry) k().getEntry(str, null);
        return secretKeyEntry != null ? secretKeyEntry.getSecretKey() : f(str);
    }

    private KeyStore k() {
        if (this.f4042a == null) {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            this.f4042a = keyStore;
            keyStore.load(null);
        }
        return this.f4042a;
    }

    private KeyStore.PrivateKeyEntry l(String str) {
        KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) k().getEntry(str, null);
        if (privateKeyEntry == null) {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
            keyPairGenerator.initialize(new KeyPairGeneratorSpec.Builder(getContext()).setAlias(str).build());
            keyPairGenerator.generateKeyPair();
        }
        return privateKeyEntry;
    }

    private byte[] m(byte[] bArr, String str) {
        KeyStore.PrivateKeyEntry l9 = l(str);
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", "AndroidOpenSSL");
        cipher.init(2, l9.getPrivateKey());
        CipherInputStream cipherInputStream = new CipherInputStream(new ByteArrayInputStream(bArr), cipher);
        ArrayList arrayList = new ArrayList();
        while (true) {
            int read = cipherInputStream.read();
            if (read == -1) {
                break;
            }
            arrayList.add(Byte.valueOf((byte) read));
        }
        int size = arrayList.size();
        byte[] bArr2 = new byte[size];
        for (int i9 = 0; i9 < size; i9++) {
            bArr2[i9] = ((Byte) arrayList.get(i9)).byteValue();
        }
        return bArr2;
    }

    private byte[] n(byte[] bArr, String str) {
        KeyStore.PrivateKeyEntry l9 = l(str);
        Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", "AndroidOpenSSL");
        cipher.init(1, l9.getCertificate().getPublicKey());
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, cipher);
        cipherOutputStream.write(bArr);
        cipherOutputStream.close();
        return byteArrayOutputStream.toByteArray();
    }

    @ActivityCallback
    private void verifyResult(PluginCall pluginCall, a aVar) {
        char c9 = 65535;
        if (aVar.c() == -1) {
            Intent b10 = aVar.b();
            if (b10 == null || !b10.hasExtra("result")) {
                return;
            }
            String stringExtra = b10.getStringExtra("result");
            stringExtra.hashCode();
            switch (stringExtra.hashCode()) {
                case -1867169789:
                    if (stringExtra.equals("success")) {
                        c9 = 0;
                        break;
                    }
                    break;
                case -1281977283:
                    if (stringExtra.equals("failed")) {
                        c9 = 1;
                        break;
                    }
                    break;
                case 96784904:
                    if (stringExtra.equals("error")) {
                        c9 = 2;
                        break;
                    }
                    break;
            }
            switch (c9) {
                case 0:
                    pluginCall.resolve();
                    return;
                case 1:
                case 2:
                    pluginCall.reject(b10.getStringExtra("errorDetails"), b10.getStringExtra("errorCode"));
                    return;
            }
        }
        pluginCall.reject("Something went wrong.");
    }

    @PluginMethod
    public void deleteCredentials(PluginCall pluginCall) {
        String string = pluginCall.getString("server", null);
        if (string == null) {
            pluginCall.reject("No server name was provided");
            return;
        }
        try {
            k().deleteEntry(string);
            SharedPreferences.Editor edit = getContext().getSharedPreferences("NativeBiometricSharedPreferences", 0).edit();
            edit.clear();
            edit.apply();
            pluginCall.resolve();
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e9) {
            pluginCall.reject("Failed to delete", e9);
        }
    }

    @PluginMethod
    public void getCredentials(PluginCall pluginCall) {
        String str;
        String string = pluginCall.getString("server", null);
        SharedPreferences sharedPreferences = getContext().getSharedPreferences("NativeBiometricSharedPreferences", 0);
        String string2 = sharedPreferences.getString(string + "-username", null);
        String string3 = sharedPreferences.getString(string + "-password", null);
        if (string == null) {
            str = "No server name was provided";
        } else if (string2 == null || string3 == null) {
            str = "No credentials found";
        } else {
            try {
                JSObject jSObject = new JSObject();
                jSObject.put("username", c(string2, string));
                jSObject.put("password", c(string3, string));
                pluginCall.resolve(jSObject);
                return;
            } catch (IOException | GeneralSecurityException unused) {
                str = "Failed to get credentials";
            }
        }
        pluginCall.reject(str);
    }

    @PluginMethod
    public void isAvailable(PluginCall pluginCall) {
        JSObject jSObject = new JSObject();
        boolean equals = Boolean.TRUE.equals(pluginCall.getBoolean("useFallback", Boolean.FALSE));
        int a10 = p.b(getContext()).a();
        boolean z9 = true;
        boolean z10 = equals && d();
        if (equals && !z10) {
            a10 = 14;
        }
        if (a10 != 0 && !z10) {
            z9 = false;
        }
        jSObject.put("isAvailable", z9);
        if (!z9) {
            jSObject.put("errorCode", AuthActivity.h(a10));
        }
        jSObject.put("biometryType", i());
        pluginCall.resolve(jSObject);
    }

    @PluginMethod
    public void setCredentials(PluginCall pluginCall) {
        String string = pluginCall.getString("username", null);
        String string2 = pluginCall.getString("password", null);
        String string3 = pluginCall.getString("server", null);
        if (string == null || string2 == null || string3 == null) {
            pluginCall.reject("Missing properties");
            return;
        }
        try {
            SharedPreferences.Editor edit = getContext().getSharedPreferences("NativeBiometricSharedPreferences", 0).edit();
            edit.putString(string3 + "-username", e(string, string3));
            edit.putString(string3 + "-password", e(string2, string3));
            edit.apply();
            pluginCall.resolve();
        } catch (IOException | GeneralSecurityException e9) {
            pluginCall.reject("Failed to save credentials", e9);
            e9.printStackTrace();
        }
    }

    @PluginMethod
    public void verifyIdentity(PluginCall pluginCall) {
        Intent intent = new Intent(getContext(), (Class<?>) AuthActivity.class);
        intent.putExtra("title", pluginCall.getString("title", "Authenticate"));
        if (pluginCall.hasOption("subtitle")) {
            intent.putExtra("subtitle", pluginCall.getString("subtitle"));
        }
        if (pluginCall.hasOption("description")) {
            intent.putExtra("description", pluginCall.getString("description"));
        }
        if (pluginCall.hasOption("negativeButtonText")) {
            intent.putExtra("negativeButtonText", pluginCall.getString("negativeButtonText"));
        }
        if (pluginCall.hasOption("maxAttempts")) {
            intent.putExtra("maxAttempts", pluginCall.getInt("maxAttempts"));
        }
        boolean equals = Boolean.TRUE.equals(pluginCall.getBoolean("useFallback", Boolean.FALSE));
        if (equals) {
            equals = d();
        }
        intent.putExtra("useFallback", equals);
        startActivityForResult(pluginCall, intent, "verifyResult");
    }
}
