package ru.softlab.mobile.plugins.fingerprint;

import android.app.FragmentTransaction;
import android.app.KeyguardManager;
import android.content.SharedPreferences;
import android.content.res.Configuration;
import android.content.res.Resources;
import android.hardware.fingerprint.FingerprintManager;
import android.os.Build;
import android.security.keystore.KeyGenParameterSpec;
import android.security.keystore.KeyPermanentlyInvalidatedException;
import android.util.Base64;
import android.util.DisplayMetrics;
import android.util.Log;
import com.github.kevinsawicki.http.HttpRequest;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.util.Date;
import java.util.Locale;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import org.apache.cordova.CallbackContext;
import org.apache.cordova.CordovaInterface;
import org.apache.cordova.CordovaPlugin;
import org.apache.cordova.CordovaWebView;
import org.json.JSONArray;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: classes2.dex */
public class FingerprintPlugin extends CordovaPlugin {
    private static final String ALIAS_SALT = "alias_salt";
    private static final String CODE = "code";
    private static final String CODE_ALIAS = "key_for_code";
    private static final String DIALOG_FRAGMENT_TAG = "myFragment";
    private static final String KEY_STORE = "AndroidKeyStore";
    private static final int PERMISSIONS_REQUEST_FINGERPRINT = 346437;
    private static final String PIN = "pin";
    private static final String PIN_ALIAS = "key_for_pin";
    private static final String PREFERENCES_NAME = "16718f0a-0797-4e33-bda7-af0072e7be55";
    private static final String TAG = "FingerprintPlugin";
    private static final String TRANSFORMATION = "AES/CBC/PKCS7Padding";
    private static String aes_iv_key = null;
    private static String aliasSalt = null;
    static Boolean mButtonTextAllCaps = true;
    private static CallbackContext mCallbackContext = null;
    private static Cipher mCipher = null;
    private static byte[] mCipherIV = null;
    private static int mCipherMode = 0;
    static String mDialogHint = null;
    static String mDialogMessage = null;
    static String mDialogTitle = null;
    private static String mKeyAlias = null;
    private static KeyGenerator mKeyGenerator = null;
    private static KeyStore mKeyStore = null;
    private static String mKindCode = null;
    static String mLangCode = "ru";
    private static String mPIN;
    private static SharedPreferences mSharedPreferences;
    static String packageName;
    private FingerprintManager mFingerprintManager;
    private FingerprintAuthenticationDialogFragment mFragment;
    private KeyguardManager mKeyguardManager;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes2.dex */
    public enum PluginError {
        ERROR_NOT_AVAILABLE,
        ERROR_PASSCODE_NOT_SET,
        ERROR_NOT_ENROLLED,
        ERROR_FINGERPRINT_PERMISSION_DENIED,
        ERROR_LOCKOUT,
        ERROR_SECURITY,
        ERROR_CHANGED_FINGERPRINTS,
        CANCELLED
    }

    private void checkFingerprint(JSONObject jSONObject) {
        try {
            initParams(jSONObject);
            if (isFingerprintAuthAvailable()) {
                mCipherMode = 2;
                mKeyAlias = PIN_ALIAS;
                mKindCode = PIN;
                if (prepare() && initCipher(true)) {
                    showFingerprintDialog();
                } else {
                    mCallbackContext.error(PluginError.ERROR_SECURITY.name());
                }
            } else {
                sendAvailabilityResult();
            }
        } catch (KeyPermanentlyInvalidatedException e) {
            Log.e(TAG, "checkFingerprint", e);
            generateNewKey();
            mCallbackContext.error(PluginError.ERROR_CHANGED_FINGERPRINTS.name());
        } catch (Exception e2) {
            Log.e(TAG, "checkFingerprint", e2);
            mCallbackContext.error(PluginError.ERROR_SECURITY.name());
        }
    }

    private static void clear() {
        mPIN = null;
        mDialogTitle = null;
        mDialogMessage = null;
        mDialogHint = null;
        mButtonTextAllCaps = true;
        mLangCode = "ru";
    }

    private void close() {
        FingerprintAuthenticationDialogFragment fingerprintAuthenticationDialogFragment = this.mFragment;
        if (fingerprintAuthenticationDialogFragment != null) {
            fingerprintAuthenticationDialogFragment.dismiss();
        }
    }

    private static String decode(Cipher cipher) {
        try {
            return new String(cipher.doFinal(Base64.decode(mSharedPreferences.getString(mKindCode, null), 2)), HttpRequest.CHARSET_UTF8);
        } catch (UnsupportedEncodingException e) {
            Log.e(TAG, "decode exception:", e);
            return null;
        } catch (BadPaddingException e2) {
            Log.e(TAG, "decode exception:", e2);
            return null;
        } catch (IllegalBlockSizeException e3) {
            Log.e(TAG, "decode exception:", e3);
            removePermanentlyInvalidatedKey();
            try {
                return new String(cipher.doFinal(Base64.decode(mSharedPreferences.getString(mKindCode, null), 2)), HttpRequest.CHARSET_UTF8);
            } catch (UnsupportedEncodingException e4) {
                Log.e(TAG, "decode exception:", e4);
                return null;
            } catch (BadPaddingException e5) {
                Log.e(TAG, "decode exception:", e5);
                return null;
            } catch (IllegalBlockSizeException e6) {
                Log.e(TAG, "decode exception:", e6);
                return null;
            }
        }
    }

    private void deleteConfirmFingerprintCode() {
        mSharedPreferences.edit().remove(CODE).apply();
    }

    private void deletePIN() {
        mSharedPreferences.edit().remove(PIN).apply();
    }

    private static boolean encode(Cipher cipher) {
        try {
            mCipherIV = mCipher.getIV();
            mSharedPreferences.edit().putString(aes_iv_key, Base64.encodeToString(mCipherIV, 2)).apply();
            mSharedPreferences.edit().putString(mKindCode, Base64.encodeToString(cipher.doFinal(mPIN.getBytes(HttpRequest.CHARSET_UTF8)), 2)).apply();
            return true;
        } catch (UnsupportedEncodingException e) {
            Log.e(TAG, "encode exception:", e);
            return false;
        } catch (BadPaddingException e2) {
            Log.e(TAG, "encode exception:", e2);
            return false;
        } catch (IllegalBlockSizeException e3) {
            Log.e(TAG, "encode exception:", e3);
            removePermanentlyInvalidatedKey();
            byte[] bArr = new byte[0];
            try {
                bArr = cipher.doFinal(mPIN.getBytes(HttpRequest.CHARSET_UTF8));
            } catch (UnsupportedEncodingException e4) {
                Log.e(TAG, "encode exception:", e4);
            } catch (BadPaddingException e5) {
                Log.e(TAG, "encode exception:", e5);
            } catch (IllegalBlockSizeException e6) {
                Log.e(TAG, "encode exception:", e6);
            }
            mSharedPreferences.edit().putString(mKindCode, Base64.encodeToString(bArr, 2)).apply();
            return true;
        }
    }

    private static void generateAliasSalt() {
        removePermanentlyInvalidatedKey();
        saveAliasSalt(Long.toString(new Date().getTime()));
        generateNewKey();
    }

    private static boolean generateNewKey() {
        if (!getKeyGenerator()) {
            return false;
        }
        try {
            mKeyStore.load(null);
            mKeyGenerator.init(new KeyGenParameterSpec.Builder(mKeyAlias + aliasSalt, 3).setBlockModes("CBC").setUserAuthenticationRequired(true).setEncryptionPaddings("PKCS7Padding").build());
            mKeyGenerator.generateKey();
            return true;
        } catch (IOException e) {
            Log.e(TAG, "generateNewKey exception:", e);
            return false;
        } catch (InvalidAlgorithmParameterException e2) {
            Log.e(TAG, "generateNewKey exception:", e2);
            return false;
        } catch (NoSuchAlgorithmException e3) {
            Log.e(TAG, "generateNewKey exception:", e3);
            return false;
        } catch (CertificateException e4) {
            Log.e(TAG, "generateNewKey exception:", e4);
            return false;
        }
    }

    private static boolean getCipher() {
        try {
            mCipher = Cipher.getInstance(TRANSFORMATION);
            return true;
        } catch (NoSuchAlgorithmException e) {
            Log.e(TAG, "getCipher exception:", e);
            return false;
        } catch (NoSuchPaddingException e2) {
            Log.e(TAG, "getCipher exception:", e2);
            return false;
        }
    }

    private void getConfirmFingerprintCode(JSONObject jSONObject) {
        try {
            initParams(jSONObject);
            if (isFingerprintAuthAvailable()) {
                mCipherMode = 2;
                mKeyAlias = CODE_ALIAS;
                mKindCode = CODE;
                if (prepare() && initCipher(true)) {
                    showFingerprintDialog();
                } else {
                    mCallbackContext.error(PluginError.ERROR_SECURITY.name());
                }
            } else {
                mCallbackContext.error(PluginError.ERROR_NOT_AVAILABLE.name());
            }
        } catch (KeyPermanentlyInvalidatedException e) {
            Log.e(TAG, "getConfirmFingerprintCode", e);
            mCallbackContext.error(PluginError.ERROR_CHANGED_FINGERPRINTS.name());
        } catch (Exception e2) {
            Log.e(TAG, "getConfirmFingerprintCode", e2);
            mCallbackContext.error(PluginError.ERROR_SECURITY.name());
        }
    }

    private static boolean getKey() {
        try {
            if (!mKeyStore.containsAlias(mKeyAlias + aliasSalt)) {
                if (!generateNewKey()) {
                    return false;
                }
            }
            return true;
        } catch (KeyStoreException e) {
            Log.e(TAG, "getKey exception", e);
            return false;
        }
    }

    private static boolean getKeyGenerator() {
        try {
            mKeyGenerator = KeyGenerator.getInstance("AES", KEY_STORE);
            return true;
        } catch (NoSuchAlgorithmException e) {
            Log.e(TAG, "getKeyPairGenerator exception:", e);
            return false;
        } catch (NoSuchProviderException e2) {
            Log.e(TAG, "getKeyPairGenerator exception:", e2);
            return false;
        }
    }

    private static boolean getKeyStore() {
        try {
            KeyStore keyStore = KeyStore.getInstance(KEY_STORE);
            mKeyStore = keyStore;
            keyStore.load(null);
            return true;
        } catch (IOException e) {
            Log.e(TAG, "getKeyStore exception:", e);
            return false;
        } catch (KeyStoreException e2) {
            Log.e(TAG, "getKeyStore exception:", e2);
            return false;
        } catch (NoSuchAlgorithmException e3) {
            Log.e(TAG, "getKeyStore exception:", e3);
            return false;
        } catch (CertificateException e4) {
            Log.e(TAG, "getKeyStore exception:", e4);
            return false;
        }
    }

    private Boolean hasChangedFingerPrints() {
        if (Build.VERSION.SDK_INT >= 23) {
            try {
                mKeyAlias = PIN_ALIAS;
                if (prepare()) {
                    initCipher(true);
                }
            } catch (KeyPermanentlyInvalidatedException unused) {
                generateAliasSalt();
                return true;
            } catch (Exception e) {
                e.printStackTrace();
            }
        }
        return false;
    }

    private boolean initCipher() throws InvalidKeyException {
        return initCipher(false);
    }

    private boolean initCipher(Boolean bool) throws InvalidKeyException {
        String str;
        try {
            mKeyStore.load(null);
            SecretKey secretKey = (SecretKey) mKeyStore.getKey(mKeyAlias + aliasSalt, null);
            if (mKeyAlias.equals(PIN_ALIAS)) {
                str = "aes_iv";
            } else {
                str = "aes_iv_" + mKeyAlias;
            }
            aes_iv_key = str;
            int i = mCipherMode;
            if (i == 1) {
                mCipher.init(1, secretKey);
            } else if (i == 2) {
                mCipherIV = Base64.decode(mSharedPreferences.getString(str, null), 2);
                mCipher.init(2, secretKey, new IvParameterSpec(mCipherIV));
            }
            return true;
        } catch (IOException e) {
            Log.e(TAG, "initCipher exception:", e);
            return false;
        } catch (InvalidAlgorithmParameterException e2) {
            Log.e(TAG, "initCipher exception:", e2);
            return false;
        } catch (KeyStoreException e3) {
            Log.e(TAG, "initCipher exception:", e3);
            return false;
        } catch (NoSuchAlgorithmException e4) {
            Log.e(TAG, "initCipher exception:", e4);
            return false;
        } catch (UnrecoverableKeyException e5) {
            Log.e(TAG, "initCipher exception:", e5);
            if (bool.booleanValue()) {
                throw new KeyPermanentlyInvalidatedException();
            }
            generateAliasSalt();
            return initCipher(true);
        } catch (CertificateException e6) {
            Log.e(TAG, "initCipher exception:", e6);
            return false;
        }
    }

    private void initLocale() {
        Resources resources = this.f1458cordova.getActivity().getResources();
        DisplayMetrics displayMetrics = resources.getDisplayMetrics();
        Configuration configuration = resources.getConfiguration();
        configuration.setLocale(new Locale(mLangCode.toLowerCase()));
        resources.updateConfiguration(configuration, displayMetrics);
    }

    private void initParams(JSONObject jSONObject) throws JSONException {
        clear();
        if (jSONObject.has(PIN)) {
            mPIN = jSONObject.getString(PIN);
        }
        if (jSONObject.has(CODE)) {
            mPIN = jSONObject.getString(CODE);
        }
        if (jSONObject.has("dialogTitle")) {
            mDialogTitle = jSONObject.getString("dialogTitle");
        }
        if (jSONObject.has("dialogMessage")) {
            mDialogMessage = jSONObject.getString("dialogMessage");
        }
        if (jSONObject.has("dialogHint")) {
            mDialogHint = jSONObject.getString("dialogHint");
        }
        if (jSONObject.has("buttonTextAllCaps")) {
            mButtonTextAllCaps = Boolean.valueOf(jSONObject.getBoolean("buttonTextAllCaps"));
        }
        if (jSONObject.has("locale")) {
            mLangCode = jSONObject.getString("locale");
        }
        initLocale();
    }

    private void isAvailable() {
        if (!isHigherAndroid6()) {
            mCallbackContext.error(PluginError.ERROR_NOT_AVAILABLE.name());
        } else if (this.f1458cordova.hasPermission("android.permission.USE_FINGERPRINT")) {
            sendAvailabilityResult();
        } else {
            this.f1458cordova.requestPermission(this, PERMISSIONS_REQUEST_FINGERPRINT, "android.permission.USE_FINGERPRINT");
        }
    }

    private boolean isFingerprintAuthAvailable() throws SecurityException {
        return this.mFingerprintManager.isHardwareDetected() && this.mFingerprintManager.hasEnrolledFingerprints() && this.mKeyguardManager.isKeyguardSecure();
    }

    private boolean isHigherAndroid6() {
        return Build.VERSION.SDK_INT >= 23;
    }

    private static void loadAliasSalt() {
        aliasSalt = mSharedPreferences.getString(ALIAS_SALT, "");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void onAuthenticated(FingerprintManager.AuthenticationResult authenticationResult) {
        int i = mCipherMode;
        if (i == 1) {
            if (encode(authenticationResult.getCryptoObject().getCipher())) {
                mCallbackContext.success();
            } else {
                mCallbackContext.error(PluginError.ERROR_SECURITY.name());
            }
            mPIN = null;
            return;
        }
        if (i != 2) {
            return;
        }
        String decode = decode(authenticationResult.getCryptoObject().getCipher());
        if (decode != null) {
            mCallbackContext.success(decode);
        } else {
            mCallbackContext.error(PluginError.ERROR_SECURITY.name());
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void onError(int i) {
        if (i == 7) {
            mCallbackContext.error(PluginError.ERROR_LOCKOUT.name());
        } else if (i == 5) {
            mCallbackContext.error(PluginError.CANCELLED.name());
        }
    }

    private static boolean prepare() {
        return getKeyStore() && getCipher() && getKey();
    }

    private static void removePermanentlyInvalidatedKey() {
        try {
            mKeyStore.deleteEntry(mKeyAlias + aliasSalt);
            Log.i(TAG, "Permanently invalidated key was removed.");
        } catch (KeyStoreException e) {
            Log.e(TAG, e.getMessage());
        }
    }

    private static void saveAliasSalt(String str) {
        aliasSalt = str;
        mSharedPreferences.edit().putString(ALIAS_SALT, aliasSalt).apply();
    }

    private void saveConfirmFingerprintCode(JSONObject jSONObject) {
        try {
            initParams(jSONObject);
            if (isFingerprintAuthAvailable()) {
                mCipherMode = 1;
                mKeyAlias = CODE_ALIAS;
                mKindCode = CODE;
                if (prepare() && initCipher()) {
                    showFingerprintDialog();
                } else {
                    mCallbackContext.error(PluginError.ERROR_SECURITY.name());
                }
            } else {
                mCallbackContext.error(PluginError.ERROR_NOT_AVAILABLE.name());
            }
        } catch (KeyPermanentlyInvalidatedException e) {
            Log.e(TAG, "saveConfirmFingerprintCode", e);
            try {
                mKeyStore.deleteEntry(mKeyAlias + aliasSalt);
                generateNewKey();
                if (initCipher()) {
                    showFingerprintDialog();
                } else {
                    mCallbackContext.error(PluginError.ERROR_SECURITY.name());
                }
            } catch (InvalidKeyException unused) {
                Log.e(TAG, "saveConfirmFingerprintCode", e);
                mCallbackContext.error(PluginError.ERROR_SECURITY.name());
            } catch (KeyStoreException unused2) {
                Log.e(TAG, "saveConfirmFingerprintCode", e);
                mCallbackContext.error(PluginError.ERROR_SECURITY.name());
            }
        } catch (Exception e2) {
            Log.e(TAG, "saveConfirmFingerprintCode", e2);
            mCallbackContext.error(PluginError.ERROR_SECURITY.name());
        }
    }

    private void savePIN(JSONObject jSONObject) {
        try {
            initParams(jSONObject);
            if (isFingerprintAuthAvailable()) {
                mCipherMode = 1;
                mKeyAlias = PIN_ALIAS;
                mKindCode = PIN;
                if (prepare() && initCipher()) {
                    showFingerprintDialog();
                } else {
                    mCallbackContext.error(PluginError.ERROR_SECURITY.name());
                }
            } else {
                mCallbackContext.error(PluginError.ERROR_NOT_AVAILABLE.name());
            }
        } catch (KeyPermanentlyInvalidatedException e) {
            Log.e(TAG, "savePIN", e);
            try {
                mKeyStore.deleteEntry(mKeyAlias + aliasSalt);
                generateNewKey();
                if (initCipher()) {
                    showFingerprintDialog();
                } else {
                    mCallbackContext.error(PluginError.ERROR_SECURITY.name());
                }
            } catch (InvalidKeyException unused) {
                Log.e(TAG, "savePIN", e);
                mCallbackContext.error(PluginError.ERROR_SECURITY.name());
            } catch (KeyStoreException unused2) {
                Log.e(TAG, "savePIN", e);
                mCallbackContext.error(PluginError.ERROR_SECURITY.name());
            }
        } catch (Exception e2) {
            Log.e(TAG, "savePIN", e2);
            mCallbackContext.error(PluginError.ERROR_SECURITY.name());
        }
    }

    private void sendAvailabilityResult() {
        if (!this.mFingerprintManager.isHardwareDetected()) {
            mCallbackContext.error(PluginError.ERROR_NOT_AVAILABLE.name());
            return;
        }
        if (!this.mKeyguardManager.isKeyguardSecure()) {
            mCallbackContext.error(PluginError.ERROR_PASSCODE_NOT_SET.name());
            return;
        }
        if (!this.mFingerprintManager.hasEnrolledFingerprints()) {
            mCallbackContext.error(PluginError.ERROR_NOT_ENROLLED.name());
        } else if (hasChangedFingerPrints().booleanValue()) {
            mCallbackContext.error(PluginError.ERROR_CHANGED_FINGERPRINTS.name());
        } else {
            mCallbackContext.success();
        }
    }

    private void showFingerprintDialog() {
        this.f1458cordova.getActivity().runOnUiThread(new Runnable() { // from class: ru.softlab.mobile.plugins.fingerprint.FingerprintPlugin.1
            @Override // java.lang.Runnable
            public void run() {
                FingerprintPlugin.this.mFragment = new FingerprintAuthenticationDialogFragment();
                FingerprintPlugin.this.mFragment.setCancelable(false);
                FingerprintPlugin.this.mFragment.setCryptoObject(new FingerprintManager.CryptoObject(FingerprintPlugin.mCipher));
                FragmentTransaction beginTransaction = FingerprintPlugin.this.f1458cordova.getActivity().getFragmentManager().beginTransaction();
                beginTransaction.add(FingerprintPlugin.this.mFragment, FingerprintPlugin.DIALOG_FRAGMENT_TAG);
                beginTransaction.commitAllowingStateLoss();
            }
        });
    }

    @Override // org.apache.cordova.CordovaPlugin
    public boolean execute(String str, JSONArray jSONArray, CallbackContext callbackContext) throws JSONException {
        mCallbackContext = callbackContext;
        if ("isAvailable".equals(str)) {
            isAvailable();
            return true;
        }
        if ("savePIN".equals(str)) {
            savePIN(jSONArray.getJSONObject(0));
            return true;
        }
        if ("deletePIN".equals(str)) {
            deletePIN();
            return true;
        }
        if ("checkFingerprint".equals(str)) {
            checkFingerprint(jSONArray.getJSONObject(0));
            return true;
        }
        if ("close".equals(str)) {
            close();
            return true;
        }
        if ("saveConfirmFingerprintCode".equals(str)) {
            saveConfirmFingerprintCode(jSONArray.getJSONObject(0));
            return true;
        }
        if ("getConfirmFingerprintCode".equals(str)) {
            getConfirmFingerprintCode(jSONArray.getJSONObject(0));
            return true;
        }
        if ("deleteConfirmFingerprintCode".equals(str)) {
            deleteConfirmFingerprintCode();
            return true;
        }
        mCallbackContext.error("Not supported action");
        return false;
    }

    @Override // org.apache.cordova.CordovaPlugin
    public void initialize(CordovaInterface cordovaInterface, CordovaWebView cordovaWebView) {
        super.initialize(cordovaInterface, cordovaWebView);
        packageName = cordovaInterface.getActivity().getApplicationContext().getPackageName();
        mSharedPreferences = cordovaInterface.getActivity().getApplicationContext().getSharedPreferences(PREFERENCES_NAME, 0);
        loadAliasSalt();
        if (isHigherAndroid6()) {
            this.mFingerprintManager = (FingerprintManager) cordovaInterface.getActivity().getSystemService(FingerprintManager.class);
            this.mKeyguardManager = (KeyguardManager) cordovaInterface.getActivity().getSystemService(KeyguardManager.class);
        }
    }

    @Override // org.apache.cordova.CordovaPlugin
    public void onRequestPermissionResult(int i, String[] strArr, int[] iArr) throws JSONException {
        super.onRequestPermissionResult(i, strArr, iArr);
        if (i == PERMISSIONS_REQUEST_FINGERPRINT) {
            if (iArr.length <= 0 || iArr[0] != 0) {
                mCallbackContext.error(PluginError.ERROR_FINGERPRINT_PERMISSION_DENIED.name());
            } else {
                sendAvailabilityResult();
            }
        }
    }
}
