package com.crypho.plugins;

import android.app.KeyguardManager;
import android.content.Context;
import android.content.Intent;
import android.content.SharedPreferences;
import android.os.Build;
import android.security.keystore.UserNotAuthenticatedException;
import android.util.Base64;
import android.util.Log;
import java.io.File;
import java.security.SecureRandom;
import java.util.Collection;
import java.util.Enumeration;
import java.util.Hashtable;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import org.apache.cordova.CallbackContext;
import org.apache.cordova.CordovaArgs;
import org.apache.cordova.CordovaPlugin;
import org.json.JSONArray;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: classes.dex */
public class SecureStorage extends CordovaPlugin {
    public static final String MIGRATED_FOR_SECURITY = "_SS_MIGRATED_FOR_SECURITY";
    private static final String MSG_AUTH_SKIPPED = "Authentication screen skipped";
    private static final String MSG_DEVICE_NOT_SECURE = "Device is not secure";
    private static final String MSG_NOT_SUPPORTED;
    private static final boolean SUPPORTED;
    private static final boolean SUPPORTS_NATIVE_AES;
    private static final String TAG = "SecureStorage";
    private IntentRequestQueue intentRequestQueue;
    private final ExecutorService threadPool = Executors.newCachedThreadPool();
    private final Hashtable<String, SharedPreferencesHandler> SERVICE_STORAGE = new Hashtable<>();

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: com.crypho.plugins.SecureStorage$5, reason: invalid class name */
    /* loaded from: classes.dex */
    public static /* synthetic */ class AnonymousClass5 {
        static final /* synthetic */ int[] $SwitchMap$com$crypho$plugins$IntentRequestType;

        static {
            int[] iArr = new int[IntentRequestType.values().length];
            $SwitchMap$com$crypho$plugins$IntentRequestType = iArr;
            try {
                iArr[IntentRequestType.INIT.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                $SwitchMap$com$crypho$plugins$IntentRequestType[IntentRequestType.SECURE_DEVICE.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
            try {
                $SwitchMap$com$crypho$plugins$IntentRequestType[IntentRequestType.AUTHENTICATION_SKIPPED.ordinal()] = 3;
            } catch (NoSuchFieldError unused3) {
            }
        }
    }

    static {
        SUPPORTS_NATIVE_AES = Build.VERSION.SDK_INT >= 21;
        SUPPORTED = Build.VERSION.SDK_INT >= 19;
        MSG_NOT_SUPPORTED = "API 19 (Android 4.4 KitKat) is required. This device is running API " + Build.VERSION.SDK_INT;
    }

    private boolean checkForSecurityMigration() {
        Context context = getContext();
        SharedPreferences sharedPreferences = context.getSharedPreferences(context.getPackageName() + "_SM", 0);
        String string = sharedPreferences.getString(MIGRATED_FOR_SECURITY, "");
        if (Build.VERSION.SDK_INT > 23) {
            int initializePreferences = initializePreferences();
            if (string.equals("TRUE")) {
                return false;
            }
            if (initializePreferences > 0) {
                return true;
            }
            markAsMigrated(sharedPreferences);
        }
        return false;
    }

    private boolean clear(CordovaArgs cordovaArgs, CallbackContext callbackContext) throws JSONException {
        Log.v(TAG, "Called clear action");
        getStorage(cordovaArgs.getString(0)).clear();
        callbackContext.success();
        return true;
    }

    private ExecutorResult decryptHelper(String str, String str2, CallbackContext callbackContext) throws JSONException {
        ExecutorResult executorResult;
        JSONObject jSONObject = new JSONObject(str);
        byte[] decode = Base64.decode(jSONObject.getString("key"), 0);
        JSONObject jSONObject2 = jSONObject.getJSONObject("value");
        byte[] decode2 = Base64.decode(jSONObject2.getString("ct"), 0);
        try {
            return (ExecutorResult) this.f5cordova.getThreadPool().submit(new DecryptionExecutor(decode, service2alias(str2), Base64.decode(jSONObject2.getString("iv"), 0), decode2, Base64.decode(jSONObject2.getString("adata"), 0))).get();
        } catch (InterruptedException e) {
            executorResult = new ExecutorResult(ExecutorResultType.ERROR, e.getMessage());
            return executorResult;
        } catch (ExecutionException e2) {
            executorResult = new ExecutorResult(ExecutorResultType.ERROR, e2.getMessage());
            return executorResult;
        }
    }

    private boolean decrypt_rsa(CordovaArgs cordovaArgs, final CallbackContext callbackContext) throws JSONException {
        Log.v(TAG, "Called decrypt_rsa action");
        final String string = cordovaArgs.getString(0);
        final byte[] arrayBuffer = cordovaArgs.getArrayBuffer(1);
        this.f5cordova.getThreadPool().execute(new Runnable() { // from class: com.crypho.plugins.SecureStorage.1
            @Override // java.lang.Runnable
            public void run() {
                try {
                    callbackContext.success(new String(RSA.decrypt(arrayBuffer, SecureStorage.this.service2alias(string))));
                } catch (Exception e) {
                    Log.e(SecureStorage.TAG, "Decrypt (RSA) failed :", e);
                    callbackContext.error(e.getMessage());
                }
            }
        });
        return true;
    }

    private boolean encrypt_rsa(CordovaArgs cordovaArgs, final CallbackContext callbackContext) throws JSONException {
        Log.v(TAG, "Called encrypt_rsa action");
        final String string = cordovaArgs.getString(0);
        final String string2 = cordovaArgs.getString(1);
        this.f5cordova.getThreadPool().execute(new Runnable() { // from class: com.crypho.plugins.SecureStorage.2
            @Override // java.lang.Runnable
            public void run() {
                try {
                    callbackContext.success(Base64.encodeToString(RSA.encrypt(string2.getBytes(), SecureStorage.this.service2alias(string)), 0));
                } catch (Exception e) {
                    Log.e(SecureStorage.TAG, "Encrypt (RSA) failed :", e);
                    callbackContext.error(e.getMessage());
                }
            }
        });
        return true;
    }

    private ExecutorResult encrytionHelper(String str, String str2, String str3) {
        try {
            ExecutorResult executorResult = (ExecutorResult) this.f5cordova.getThreadPool().submit(new EncryptionExecutor(str, str2, str3, this.f5cordova.getContext())).get();
            if (executorResult.type != ExecutorResultType.SUCCESS) {
                return executorResult;
            }
            getStorage(str).store(str2, executorResult.result);
            return executorResult;
        } catch (InterruptedException e) {
            return new ExecutorResult(ExecutorResultType.ERROR, e.getMessage());
        } catch (ExecutionException e2) {
            return new ExecutorResult(ExecutorResultType.ERROR, e2.getMessage());
        }
    }

    private boolean fetch(CordovaArgs cordovaArgs, CallbackContext callbackContext) throws JSONException {
        Log.v(TAG, "Called fetch action");
        String string = cordovaArgs.getString(0);
        String string2 = cordovaArgs.getString(1);
        String fetch = getStorage(string).fetch(string2);
        if (fetch != null) {
            callbackContext.success(fetch);
        } else {
            callbackContext.error("Key [" + string2 + "] not found.");
        }
        return true;
    }

    private boolean get(CordovaArgs cordovaArgs, CallbackContext callbackContext) throws JSONException {
        Log.v(TAG, "Called get action");
        String string = cordovaArgs.getString(0);
        String string2 = cordovaArgs.getString(1);
        String fetch = getStorage(string).fetch(string2);
        if (fetch != null) {
            ExecutorResult decryptHelper = decryptHelper(fetch, string, callbackContext);
            if (decryptHelper.type != ExecutorResultType.ERROR) {
                callbackContext.success(decryptHelper.result);
            } else {
                callbackContext.error(decryptHelper.result);
            }
        } else {
            callbackContext.error("Key [" + string2 + "] not found.");
        }
        return true;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public Context getContext() {
        return this.f5cordova.getActivity().getApplicationContext();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public SharedPreferencesHandler getStorage(String str) {
        SharedPreferencesHandler sharedPreferencesHandler;
        synchronized (this.SERVICE_STORAGE) {
            sharedPreferencesHandler = this.SERVICE_STORAGE.get(str);
        }
        return sharedPreferencesHandler;
    }

    private void handleAuthenticationSkipped(CallbackContext callbackContext) {
        Log.v(TAG, "Completed request with error if the user skipp the Authentication screen");
        callbackContext.error(MSG_AUTH_SKIPPED);
    }

    private void handleCompletedInit(final String str, final CallbackContext callbackContext) {
        this.f5cordova.getThreadPool().execute(new Runnable() { // from class: com.crypho.plugins.SecureStorage.4
            @Override // java.lang.Runnable
            public void run() {
                try {
                    synchronized (SecureStorage.this) {
                        Log.v(SecureStorage.TAG, "Completed request is of init action");
                        String service2alias = SecureStorage.this.service2alias(str);
                        try {
                            if (!RSA.isEntryAvailable(service2alias)) {
                                SecureStorage.this.getStorage(str).clear();
                                RSA.createKeyPair(SecureStorage.this.getContext(), service2alias);
                            }
                        } catch (UserNotAuthenticatedException unused) {
                            Log.v(SecureStorage.TAG, "Authentication validity expired, request a new login.");
                        }
                    }
                    Log.v(SecureStorage.TAG, "init returned success");
                    SecureStorage.this.initSuccess(callbackContext);
                } catch (Exception e) {
                    Log.e(SecureStorage.TAG, "Init returned error because: ", e);
                    callbackContext.error(e.getMessage());
                }
            }
        });
    }

    private void handleCompletedRequest(IntentRequestType intentRequestType, String str, CallbackContext callbackContext) {
        Log.v(TAG, "Request has completed (maybe from an intent)");
        int i = AnonymousClass5.$SwitchMap$com$crypho$plugins$IntentRequestType[intentRequestType.ordinal()];
        if (i == 1) {
            handleCompletedInit(str, callbackContext);
            return;
        }
        if (i == 2) {
            handleCompletedSecureDevice(callbackContext);
        } else if (i != 3) {
            Log.w(TAG, "Request completion was not handled");
        } else {
            handleAuthenticationSkipped(callbackContext);
        }
    }

    private void handleCompletedSecureDevice(CallbackContext callbackContext) {
        Log.v(TAG, "Completed request is of secureDevice action");
        if (isDeviceSecure()) {
            Log.v(TAG, "secureDevice returned success");
            callbackContext.success();
        } else {
            Log.v(TAG, "secureDevice returned error");
            callbackContext.error(MSG_DEVICE_NOT_SECURE);
        }
    }

    private void handleLockScreen(final IntentRequestType intentRequestType, final String str, final CallbackContext callbackContext) {
        this.f5cordova.getActivity().runOnUiThread(new Runnable() { // from class: com.crypho.plugins.SecureStorage.3
            @Override // java.lang.Runnable
            public void run() {
                Log.v(SecureStorage.TAG, "Handling lock screen");
                if (Build.VERSION.SDK_INT > 23) {
                    SecureStorage.this.handleLockScreenUsingNoOpOrSetNewPasswordIntent(intentRequestType, str, callbackContext);
                } else {
                    SecureStorage.this.handleLockScreenUsingUnlockIntent(intentRequestType, str, callbackContext);
                }
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void handleLockScreenUsingNoOpOrSetNewPasswordIntent(IntentRequestType intentRequestType, String str, CallbackContext callbackContext) {
        Log.v(TAG, "Handling lock screen via KeyguardManager or ACTION_SET_NEW_PASSWORD intent (Android 6 or newer)");
        if (isDeviceSecure()) {
            Log.v(TAG, "Unlocking Android devices above 6 using KeyguardManager");
            this.intentRequestQueue.queueRequest(intentRequestType, str, ((KeyguardManager) getContext().getSystemService("keyguard")).createConfirmDeviceCredentialIntent(null, null), callbackContext);
        } else {
            Log.v(TAG, "Lock screen is not defined, requesting one via ACTION_SET_NEW_PASSWORD intent");
            this.intentRequestQueue.queueRequest(intentRequestType, str, new Intent("android.app.action.SET_NEW_PASSWORD"), callbackContext);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void handleLockScreenUsingUnlockIntent(IntentRequestType intentRequestType, String str, CallbackContext callbackContext) {
        Log.v(TAG, "Handling lock screen via UNLOCK intent (Android 6 or earlier)");
        this.intentRequestQueue.queueRequest(intentRequestType, str, new Intent("com.android.credentials.UNLOCK"), callbackContext);
    }

    private boolean init(CordovaArgs cordovaArgs, CallbackContext callbackContext) throws JSONException {
        Log.v(TAG, "Called init action");
        String string = cordovaArgs.getString(0);
        String service2alias = service2alias(string);
        putStorage(string, new SharedPreferencesHandler(service2alias + "_SS", getContext()));
        if (checkForSecurityMigration()) {
            try {
                securityMigration(callbackContext);
            } catch (JSONException e) {
                e.printStackTrace();
            }
        }
        try {
            if (!isDeviceSecure()) {
                Log.e(TAG, MSG_DEVICE_NOT_SECURE);
                callbackContext.error(MSG_DEVICE_NOT_SECURE);
                return true;
            }
            if (RSA.isEntryAvailable(service2alias)) {
                initSuccess(callbackContext);
                return true;
            }
            handleLockScreen(IntentRequestType.INIT, string, callbackContext);
            return true;
        } catch (UserNotAuthenticatedException unused) {
            handleLockScreen(IntentRequestType.INIT, string, callbackContext);
            return true;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void initSuccess(CallbackContext callbackContext) {
        callbackContext.success(SUPPORTS_NATIVE_AES ? 1 : 0);
    }

    private int initializePreferences() {
        Context context = getContext();
        int i = 0;
        for (String str : new File(context.getApplicationInfo().dataDir, "shared_prefs").list()) {
            context.getPackageName();
            if (str.startsWith(context.getPackageName()) && str.endsWith("_SS.xml")) {
                String substring = str.substring(0, str.length() - 4);
                putStorage(substring.substring(context.getPackageName().length() + 1, substring.length() - 3), new SharedPreferencesHandler(substring, getContext()));
                i++;
            }
        }
        return i;
    }

    private boolean isDeviceSecure() {
        KeyguardManager keyguardManager = (KeyguardManager) getContext().getSystemService("keyguard");
        try {
            return ((Boolean) keyguardManager.getClass().getMethod("isDeviceSecure", new Class[0]).invoke(keyguardManager, new Object[0])).booleanValue();
        } catch (Exception unused) {
            return keyguardManager.isKeyguardSecure();
        }
    }

    private boolean keys(CordovaArgs cordovaArgs, CallbackContext callbackContext) throws JSONException {
        Log.v(TAG, "Called keys action");
        callbackContext.success(new JSONArray((Collection) getStorage(cordovaArgs.getString(0)).keys()));
        return true;
    }

    private void markAsMigrated(SharedPreferences sharedPreferences) {
        SharedPreferences.Editor edit = sharedPreferences.edit();
        edit.putString(MIGRATED_FOR_SECURITY, "TRUE");
        edit.commit();
    }

    private void putStorage(String str, SharedPreferencesHandler sharedPreferencesHandler) {
        synchronized (this.SERVICE_STORAGE) {
            this.SERVICE_STORAGE.put(str, sharedPreferencesHandler);
        }
    }

    private boolean remove(CordovaArgs cordovaArgs, CallbackContext callbackContext) throws JSONException {
        Log.v(TAG, "Called remove action");
        String string = cordovaArgs.getString(0);
        getStorage(string).remove(cordovaArgs.getString(1));
        callbackContext.success();
        return true;
    }

    private boolean secureDevice(CallbackContext callbackContext) {
        Log.v(TAG, "Called secureDevice action");
        handleLockScreen(IntentRequestType.SECURE_DEVICE, null, callbackContext);
        return true;
    }

    private void securityMigration(CallbackContext callbackContext) throws JSONException {
        Hashtable hashtable = new Hashtable();
        Hashtable hashtable2 = new Hashtable();
        Enumeration<String> keys = this.SERVICE_STORAGE.keys();
        while (keys.hasMoreElements()) {
            String nextElement = keys.nextElement();
            hashtable2.put(nextElement, false);
            SharedPreferencesHandler sharedPreferencesHandler = this.SERVICE_STORAGE.get(nextElement);
            for (String str : sharedPreferencesHandler.keys()) {
                ExecutorResult decryptHelper = decryptHelper(sharedPreferencesHandler.fetch(str), nextElement, callbackContext);
                if (decryptHelper.type == ExecutorResultType.ERROR) {
                    callbackContext.error("MIGRATION FAILED : " + decryptHelper.result);
                    return;
                }
                hashtable.put(Integer.valueOf(new SecureRandom().nextInt()), new TransitionValue(nextElement, str, decryptHelper.result));
            }
        }
        Enumeration keys2 = hashtable.keys();
        while (keys2.hasMoreElements()) {
            TransitionValue transitionValue = (TransitionValue) hashtable.get((Integer) keys2.nextElement());
            if (!((Boolean) hashtable2.get(transitionValue.getService())).booleanValue()) {
                try {
                    RSA.createKeyPair(getContext(), service2alias(transitionValue.getService()));
                    hashtable2.put(transitionValue.getService(), true);
                } catch (Exception e) {
                    e.printStackTrace();
                }
            }
            ExecutorResult encrytionHelper = encrytionHelper(transitionValue.getService(), transitionValue.getKey(), transitionValue.getValue());
            if (encrytionHelper.type == ExecutorResultType.ERROR) {
                callbackContext.error("MIGRATION FAILED : " + encrytionHelper.result);
                return;
            }
        }
        Context context = getContext();
        markAsMigrated(context.getSharedPreferences(context.getPackageName() + "_SM", 0));
    }

    /* JADX INFO: Access modifiers changed from: private */
    public String service2alias(String str) {
        return getContext().getPackageName() + "." + str;
    }

    private boolean set(CordovaArgs cordovaArgs, CallbackContext callbackContext) throws JSONException {
        Log.v(TAG, "Called set action");
        ExecutorResult encrytionHelper = encrytionHelper(cordovaArgs.getString(0), cordovaArgs.getString(1), cordovaArgs.getString(2));
        if (encrytionHelper.type != ExecutorResultType.ERROR) {
            callbackContext.success();
        } else {
            callbackContext.error(encrytionHelper.result);
        }
        return true;
    }

    private boolean store(CordovaArgs cordovaArgs, CallbackContext callbackContext) throws JSONException {
        Log.v(TAG, "Called store action");
        String string = cordovaArgs.getString(0);
        getStorage(string).store(cordovaArgs.getString(1), cordovaArgs.getString(2));
        callbackContext.success();
        return true;
    }

    @Override // org.apache.cordova.CordovaPlugin
    public boolean execute(String str, CordovaArgs cordovaArgs, CallbackContext callbackContext) throws JSONException {
        if (!SUPPORTED) {
            String str2 = MSG_NOT_SUPPORTED;
            Log.w(TAG, str2);
            callbackContext.error(str2);
            return false;
        }
        Log.v("ACTION: ", str);
        str.hashCode();
        char c = 65535;
        switch (str.hashCode()) {
            case -934610812:
                if (str.equals("remove")) {
                    c = 0;
                    break;
                }
                break;
            case -376654706:
                if (str.equals("decrypt_rsa")) {
                    c = 1;
                    break;
                }
                break;
            case 102230:
                if (str.equals("get")) {
                    c = 2;
                    break;
                }
                break;
            case 113762:
                if (str.equals("set")) {
                    c = 3;
                    break;
                }
                break;
            case 3237136:
                if (str.equals("init")) {
                    c = 4;
                    break;
                }
                break;
            case 3288564:
                if (str.equals("keys")) {
                    c = 5;
                    break;
                }
                break;
            case 94746189:
                if (str.equals("clear")) {
                    c = 6;
                    break;
                }
                break;
            case 97322682:
                if (str.equals("fetch")) {
                    c = 7;
                    break;
                }
                break;
            case 109770977:
                if (str.equals("store")) {
                    c = '\b';
                    break;
                }
                break;
            case 161525933:
                if (str.equals("secureDevice")) {
                    c = '\t';
                    break;
                }
                break;
            case 352739686:
                if (str.equals("encrypt_rsa")) {
                    c = '\n';
                    break;
                }
                break;
        }
        switch (c) {
            case 0:
                return remove(cordovaArgs, callbackContext);
            case 1:
                return decrypt_rsa(cordovaArgs, callbackContext);
            case 2:
                return get(cordovaArgs, callbackContext);
            case 3:
                return set(cordovaArgs, callbackContext);
            case 4:
                return init(cordovaArgs, callbackContext);
            case 5:
                return keys(cordovaArgs, callbackContext);
            case 6:
                return clear(cordovaArgs, callbackContext);
            case 7:
                return fetch(cordovaArgs, callbackContext);
            case '\b':
                return store(cordovaArgs, callbackContext);
            case '\t':
                return secureDevice(callbackContext);
            case '\n':
                return encrypt_rsa(cordovaArgs, callbackContext);
            default:
                return false;
        }
    }

    @Override // org.apache.cordova.CordovaPlugin
    public void onActivityResult(int i, int i2, Intent intent) {
        Log.v(TAG, "Activity started by intent has finished");
        super.onActivityResult(i, i2, intent);
        IntentRequest notifyActivityResultCalled = this.intentRequestQueue.notifyActivityResultCalled();
        String service = notifyActivityResultCalled.getService();
        CallbackContext callbackContext = notifyActivityResultCalled.getCallbackContext();
        IntentRequestType type = notifyActivityResultCalled.getType();
        if (i2 == 0) {
            type = IntentRequestType.AUTHENTICATION_SKIPPED;
        }
        handleCompletedRequest(type, service, callbackContext);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // org.apache.cordova.CordovaPlugin
    public void pluginInitialize() {
        super.pluginInitialize();
        this.intentRequestQueue = new IntentRequestQueue(this);
    }
}
