package m;

import android.annotation.TargetApi;
import android.app.KeyguardManager;
import android.content.Context;
import android.hardware.fingerprint.FingerprintManager;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.security.keystore.KeyPermanentlyInvalidatedException;
import android.util.Base64;
import android.util.Log;
import androidx.core.content.ContextCompat;
import hk.com.sharppoint.dto.auth.KeyPair;
import hk.com.sharppoint.spapi.SPNativeApiProxyWrapper;
import hk.com.sharppoint.spapi.util.SPLog;
import hk.com.sharppoint.spmobile.sptraderprohd.ApiApplication;
import java.math.BigInteger;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.Signature;
import java.security.UnrecoverableKeyException;
import java.security.spec.AlgorithmParameterSpec;
import java.security.spec.RSAKeyGenParameterSpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Calendar;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.security.auth.x500.X500Principal;
import org.apache.commons.lang3.ArrayUtils;
import org.apache.commons.lang3.StringUtils;

/* loaded from: classes2.dex */
public class d {

    /* renamed from: a, reason: collision with root package name */
    public final String f6296a = getClass().getName();

    /* renamed from: b, reason: collision with root package name */
    private Context f6297b;

    /* renamed from: c, reason: collision with root package name */
    private ApiApplication f6298c;

    /* renamed from: d, reason: collision with root package name */
    private SPNativeApiProxyWrapper f6299d;

    /* renamed from: e, reason: collision with root package name */
    private FingerprintManager.CryptoObject f6300e;

    /* renamed from: f, reason: collision with root package name */
    private KeyguardManager f6301f;

    /* renamed from: g, reason: collision with root package name */
    private FingerprintManager f6302g;

    /* renamed from: h, reason: collision with root package name */
    private KeyStore f6303h;

    /* renamed from: i, reason: collision with root package name */
    private Cipher f6304i;

    /* renamed from: j, reason: collision with root package name */
    private boolean f6305j;

    /* renamed from: k, reason: collision with root package name */
    private b f6306k;

    public d(Context context, ApiApplication apiApplication, SPNativeApiProxyWrapper sPNativeApiProxyWrapper) {
        this.f6297b = context;
        this.f6298c = apiApplication;
        this.f6299d = sPNativeApiProxyWrapper;
        int i2 = Build.VERSION.SDK_INT;
        if (i2 >= 18) {
            r();
        }
        if (i2 >= 23) {
            this.f6301f = (KeyguardManager) context.getSystemService(Context.KEYGUARD_SERVICE);
            q();
        }
    }

    private String e(Cipher cipher, String str, e eVar) {
        byte[] decode = Base64.decode(eVar.a(), 2);
        byte[] decode2 = Base64.decode(eVar.b(), 2);
        Log.d(this.f6296a, "Crypto: key:" + str);
        Log.d(this.f6296a, "Crypto: encryptedData:" + eVar.b());
        Log.d(this.f6296a, "Crypto: encryption IV:" + eVar.a());
        SecretKey secretKey = (SecretKey) this.f6303h.getKey(str, null);
        if (cipher == null) {
            cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
            cipher.init(2, secretKey, new IvParameterSpec(decode));
        }
        String str2 = new String(cipher.doFinal(decode2), "UTF-8");
        Log.d(this.f6296a, "Crypto: decryptedData:" + str2);
        return str2;
    }

    private String l() {
        return this.f6298c.T(false);
    }

    private String m(String str) {
        String[] split = StringUtils.split(str, ":");
        return ArrayUtils.getLength(split) == 2 ? split[0] : str;
    }

    @TargetApi(23)
    private void q() {
        this.f6302g = (FingerprintManager) this.f6297b.getSystemService("fingerprint");
    }

    private void r() {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            this.f6303h = keyStore;
            keyStore.load(null);
        } catch (Exception e2) {
            Log.e(this.f6296a, "Error", e2);
        }
    }

    public void a() {
        b bVar = this.f6306k;
        if (bVar != null) {
            bVar.a();
        }
    }

    public String b(String str, e eVar) {
        try {
            byte[] decode = Base64.decode(eVar.a(), 2);
            byte[] decode2 = Base64.decode(eVar.b(), 2);
            SecretKey secretKey = (SecretKey) this.f6303h.getKey(str, null);
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
            cipher.init(2, secretKey, new IvParameterSpec(decode));
            return new String(cipher.doFinal(decode2), "UTF-8");
        } catch (Exception e2) {
            Log.e(this.f6296a, "Error", e2);
            return "";
        }
    }

    public String c(Cipher cipher, String str, e eVar) {
        try {
            if (Build.VERSION.SDK_INT < 23) {
                return e(cipher, str, eVar);
            }
            try {
                return e(cipher, str, eVar);
            } catch (KeyPermanentlyInvalidatedException e2) {
                Log.e(this.f6296a, "KeyPermanentlyInvalidatedException", e2);
                this.f6298c.E0().i1(true);
                return "";
            }
        } catch (Exception e3) {
            Log.e(this.f6296a, "Error", e3);
            return "";
        }
    }

    public String d(Cipher cipher, e eVar) {
        return c(cipher, l(), eVar);
    }

    public e f(String str) {
        return g(l(), str, true);
    }

    public e g(String str, String str2, boolean z2) {
        SecretKey secretKey;
        if (!z2) {
            try {
                SecretKey secretKey2 = (SecretKey) this.f6303h.getKey(str, null);
                if (secretKey2 != null) {
                    secretKey = secretKey2;
                    Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
                    cipher.init(1, secretKey);
                    return new e(Base64.encodeToString(cipher.doFinal(str2.getBytes("UTF-8")), 2), Base64.encodeToString(cipher.getIV(), 2));
                }
            } catch (Exception e2) {
                Log.e(this.f6296a, "Error", e2);
                return null;
            }
        }
        secretKey = j(str, false);
        Cipher cipher2 = Cipher.getInstance("AES/CBC/PKCS7Padding");
        cipher2.init(1, secretKey);
        return new e(Base64.encodeToString(cipher2.doFinal(str2.getBytes("UTF-8")), 2), Base64.encodeToString(cipher2.getIV(), 2));
    }

    public e h(Cipher cipher, String str) {
        try {
            return new e(Base64.encodeToString(cipher.doFinal(str.getBytes("UTF-8")), 2), Base64.encodeToString(cipher.getIV(), 2));
        } catch (Exception e2) {
            Log.e(this.f6296a, "Error", e2);
            return null;
        }
    }

    public boolean i() {
        try {
            if (Build.VERSION.SDK_INT >= 23 && this.f6302g.isHardwareDetected() && ContextCompat.checkSelfPermission(this.f6297b, "android.permission.USE_FINGERPRINT") == 0 && this.f6302g.hasEnrolledFingerprints()) {
                return this.f6301f.isKeyguardSecure();
            }
            return false;
        } catch (Exception e2) {
            SPLog.e(this.f6296a, "Exception: ", e2);
        }
        return false;
    }

    @TargetApi(23)
    public SecretKey j(String str, boolean z2) {
        try {
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", "AndroidKeyStore");
            KeyGenParameterSpec.Builder encryptionPaddings = new KeyGenParameterSpec.Builder(str, 3).setBlockModes("CBC").setUserAuthenticationRequired(z2).setEncryptionPaddings("PKCS7Padding");
            if (Build.VERSION.SDK_INT >= 24) {
                encryptionPaddings.setInvalidatedByBiometricEnrollment(true);
            }
            keyGenerator.init(encryptionPaddings.build());
            return keyGenerator.generateKey();
        } catch (Exception e2) {
            Log.e(this.f6296a, "Error", e2);
            throw new y.c(e2);
        }
    }

    public String k() {
        AlgorithmParameterSpec build;
        try {
            String B = this.f6298c.B(false);
            int i2 = Build.VERSION.SDK_INT;
            if (i2 < 18) {
                KeyPair x2 = this.f6299d.x();
                this.f6298c.I0().k(this.f6298c.B(true), x2.getPrivateKey());
                this.f6298c.I0().k(this.f6298c.D(this.f6299d.M().r(), this.f6299d.M().u()), x2.getPublicKey());
                return x2.getPublicKey();
            }
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
            if (i2 < 23) {
                if (i2 >= 18) {
                    Calendar calendar = Calendar.getInstance();
                    Calendar calendar2 = Calendar.getInstance();
                    calendar2.add(1, 30);
                    build = new KeyPairGeneratorSpec.Builder(this.f6297b).setAlias(B).setSubject(new X500Principal("CN=Sharp Point Limited , O=Sharp Point Limited C=HK")).setSerialNumber(BigInteger.ONE).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build();
                }
                String str = "-----BEGIN PUBLIC KEY-----\r\n" + Base64.encodeToString(new X509EncodedKeySpec(keyPairGenerator.generateKeyPair().getPublic().getEncoded()).getEncoded(), 4) + "-----END PUBLIC KEY-----";
                Log.d(this.f6296a, "Keystore Public Key: \n" + str);
                return str;
            }
            build = new KeyGenParameterSpec.Builder(B, 12).setAlgorithmParameterSpec(new RSAKeyGenParameterSpec(2048, RSAKeyGenParameterSpec.F4)).setBlockModes("CBC").setSignaturePaddings("PKCS1").setDigests("SHA-256").setUserAuthenticationRequired(false).build();
            keyPairGenerator.initialize(build);
            String str2 = "-----BEGIN PUBLIC KEY-----\r\n" + Base64.encodeToString(new X509EncodedKeySpec(keyPairGenerator.generateKeyPair().getPublic().getEncoded()).getEncoded(), 4) + "-----END PUBLIC KEY-----";
            Log.d(this.f6296a, "Keystore Public Key: \n" + str2);
            return str2;
        } catch (Exception e2) {
            Log.d(this.f6296a, Log.getStackTraceString(e2));
            return null;
        }
    }

    public String n(String str, String str2) {
        String d2;
        try {
            String N = this.f6298c.N("KEYPAIR-", str, str2);
            if (Build.VERSION.SDK_INT < 18) {
                d2 = this.f6298c.I0().d(this.f6298c.D(str, str2), null);
            } else {
                if (!(this.f6303h.getEntry(N, null) instanceof KeyStore.PrivateKeyEntry)) {
                    Log.d(this.f6296a, "Not an instance of a PrivateKeyEntry");
                    return null;
                }
                d2 = "-----BEGIN PUBLIC KEY-----\r\n" + Base64.encodeToString(new X509EncodedKeySpec(this.f6303h.getCertificate(N).getPublicKey().getEncoded()).getEncoded(), 4) + "-----END PUBLIC KEY-----";
            }
            return d2;
        } catch (Exception e2) {
            Log.e(this.f6296a, Log.getStackTraceString(e2));
            return null;
        }
    }

    @TargetApi(23)
    public boolean o() {
        return p(l());
    }

    @TargetApi(23)
    public boolean p(String str) {
        SPLog.d(this.f6296a, "Current Key name: " + str);
        String m2 = m(str);
        SPLog.d(this.f6296a, "Original Key name: " + m2);
        try {
            this.f6304i = Cipher.getInstance("AES/CBC/PKCS7Padding");
            try {
                this.f6304i.init(3, (SecretKey) this.f6303h.getKey(str, null));
                return true;
            } catch (UnrecoverableKeyException e2) {
                SPLog.e(this.f6296a, "Exception", (Exception) e2);
                int c2 = this.f6298c.I0().c(m2 + "KeySuffix", 0) + 1;
                String str2 = str + ":" + c2;
                this.f6298c.I0().j(m2 + "KeySuffix", c2);
                try {
                    SPLog.d(this.f6296a, "Next Key name: " + str2);
                    this.f6304i.init(3, (SecretKey) this.f6303h.getKey(str2, null));
                    return true;
                } catch (Exception unused) {
                    SPLog.e(this.f6296a, "Exception", (Exception) e2);
                    return false;
                }
            } catch (Exception e3) {
                throw new RuntimeException("Failed to init Cipher", e3);
            }
        } catch (NoSuchAlgorithmException | NoSuchPaddingException e4) {
            throw new RuntimeException("Failed to get Cipher", e4);
        }
    }

    public Cipher s(String str) {
        byte[] decode = Base64.decode(str, 2);
        SecretKey secretKey = (SecretKey) this.f6303h.getKey(l(), null);
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
        cipher.init(2, secretKey, new IvParameterSpec(decode));
        return cipher;
    }

    public Cipher t(String str, boolean z2, boolean z3) {
        SecretKey secretKey;
        SecretKey j2 = (z2 || (secretKey = (SecretKey) this.f6303h.getKey(str, null)) == null) ? j(str, z3) : secretKey;
        Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
        cipher.init(1, j2);
        return cipher;
    }

    public Cipher u(boolean z2) {
        return t(l(), true, z2);
    }

    public void v(boolean z2) {
        this.f6305j = z2;
    }

    public String w(String str) {
        String B;
        String str2;
        String str3;
        String str4 = null;
        try {
            B = this.f6298c.B(false);
        } catch (Exception e2) {
            Log.e(this.f6296a, "signMessage exception:", e2);
        }
        if (Build.VERSION.SDK_INT >= 18) {
            KeyStore.Entry entry = this.f6303h.getEntry(B, null);
            if (!(entry instanceof KeyStore.PrivateKeyEntry)) {
                Log.d(this.f6296a, "Not an instance of a PrivateKeyEntry");
                return null;
            }
            Signature signature = Signature.getInstance("SHA256withRSA");
            signature.initSign(((KeyStore.PrivateKeyEntry) entry).getPrivateKey());
            signature.update(str.getBytes());
            byte[] sign = signature.sign();
            SPLog.d(this.f6296a, "Signed by Android Crypto API");
            str4 = Base64.encodeToString(sign, 2);
            str2 = this.f6296a;
            str3 = "Signature: " + str4;
        } else {
            String d2 = this.f6298c.I0().d(this.f6298c.B(true), null);
            if (!StringUtils.isNotEmpty(d2)) {
                Log.d(this.f6296a, "Private Key not found");
                return str4;
            }
            SPLog.d(this.f6296a, "Signed by SPCrypto");
            str4 = this.f6299d.y0(d2, str);
            str2 = this.f6296a;
            str3 = "Signature: " + str4;
        }
        SPLog.d(str2, str3);
        return str4;
    }

    @TargetApi(23)
    public void x(FingerprintManager.AuthenticationCallback authenticationCallback) {
        o();
        this.f6300e = new FingerprintManager.CryptoObject(this.f6304i);
        b bVar = new b(this.f6298c, authenticationCallback);
        this.f6306k = bVar;
        bVar.b(this.f6302g, this.f6300e);
    }

    @TargetApi(23)
    public void y(String str, FingerprintManager.AuthenticationCallback authenticationCallback) {
        p(str);
        this.f6300e = new FingerprintManager.CryptoObject(this.f6304i);
        b bVar = new b(this.f6298c, authenticationCallback);
        this.f6306k = bVar;
        bVar.b(this.f6302g, this.f6300e);
    }

    @TargetApi(23)
    public void z(Cipher cipher, FingerprintManager.AuthenticationCallback authenticationCallback) {
        this.f6300e = new FingerprintManager.CryptoObject(cipher);
        b bVar = new b(this.f6298c, authenticationCallback);
        this.f6306k = bVar;
        bVar.b(this.f6302g, this.f6300e);
    }
}
