package com.cordova.plugin.android.fingerprintauth;

import android.annotation.TargetApi;
import android.app.Activity;
import android.app.KeyguardManager;
import android.content.Context;
import android.content.SharedPreferences;
import android.content.res.Configuration;
import android.content.res.Resources;
import android.hardware.fingerprint.FingerprintManager;
import android.os.Build;
import android.security.keystore.KeyGenParameterSpec;
import android.support.v4.app.ActivityCompat;
import android.support.v4.content.ContextCompat;
import android.util.Base64;
import android.util.DisplayMetrics;
import android.util.Log;
import com.cordova.plugin.android.fingerprintauth.FingerprintAuthenticationDialogFragment;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.util.Locale;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import org.apache.cordova.CallbackContext;
import org.apache.cordova.CordovaInterface;
import org.apache.cordova.CordovaPlugin;
import org.apache.cordova.CordovaWebView;
import org.apache.cordova.PluginResult;
import org.json.JSONArray;
import org.json.JSONException;
import org.json.JSONObject;

@TargetApi(23)
/* loaded from: classes10.dex */
public class FingerprintAuth extends CordovaPlugin {
    private static final String ANDROID_KEY_STORE = "AndroidKeyStore";
    private static final String DIALOG_FRAGMENT_TAG = "FpAuthDialog";
    public static final String FINGERPRINT_PREF_IV = "aes_iv";
    private static final int PERMISSIONS_REQUEST_FINGERPRINT = 346437;
    public static final String TAG = "FingerprintAuth";
    public static Activity mActivity;
    public static CallbackContext mCallbackContext;
    public static Cipher mCipher;
    private static boolean mCipherModeCrypt;
    private static String mClientId;
    private static String mClientSecret;
    public static Context mContext;
    public static String mDialogHint;
    public static String mDialogMessage;
    public static String mDialogTitle;
    public static KeyGenerator mKeyGenerator;
    public static KeyStore mKeyStore;
    public static PluginResult mPluginResult;
    public static String packageName;
    public PluginAction mAction;
    private FingerprintManager mFingerPrintManager;
    public FingerprintAuthenticationDialogFragment mFragment;
    public KeyguardManager mKeyguardManager;
    private String mLangCode = "en_US";
    private static String mUsername = "";
    public static boolean mDisableBackup = false;
    public static int mMaxAttempts = 6;
    private static boolean mUserAuthRequired = true;

    /* loaded from: classes10.dex */
    public enum PluginAction {
        AVAILABILITY,
        ENCRYPT,
        DECRYPT,
        DELETE
    }

    /* loaded from: classes10.dex */
    public enum PluginError {
        BAD_PADDING_EXCEPTION,
        CERTIFICATE_EXCEPTION,
        FINGERPRINT_CANCELLED,
        FINGERPRINT_DATA_NOT_DELETED,
        FINGERPRINT_ERROR,
        FINGERPRINT_NOT_AVAILABLE,
        FINGERPRINT_PERMISSION_DENIED,
        FINGERPRINT_PERMISSION_DENIED_SHOW_REQUEST,
        ILLEGAL_BLOCK_SIZE_EXCEPTION,
        INIT_CIPHER_FAILED,
        INVALID_ALGORITHM_PARAMETER_EXCEPTION,
        IO_EXCEPTION,
        JSON_EXCEPTION,
        MINIMUM_SDK,
        MISSING_ACTION_PARAMETERS,
        MISSING_PARAMETERS,
        NO_SUCH_ALGORITHM_EXCEPTION,
        SECURITY_EXCEPTION
    }

    static /* synthetic */ boolean access$000() {
        return initCipher();
    }

    private void checkAndRequestPermission(String str, int i) {
        if (ContextCompat.checkSelfPermission(mContext, str) == 0) {
            sendAvailabilityResult();
        } else if (!ActivityCompat.shouldShowRequestPermissionRationale(mActivity, str)) {
            ActivityCompat.requestPermissions(mActivity, new String[]{str}, i);
        } else {
            Log.e(TAG, "Fingerprint permission denied. Show request permission rationale.");
            setPluginResultError(PluginError.FINGERPRINT_PERMISSION_DENIED_SHOW_REQUEST.name());
        }
    }

    public static boolean createKey() {
        String str = "";
        boolean z = false;
        try {
            mKeyStore.load(null);
            mKeyGenerator.init(new KeyGenParameterSpec.Builder(mClientId, 3).setBlockModes("CBC").setUserAuthenticationRequired(mUserAuthRequired).setEncryptionPaddings("PKCS7Padding").build());
            mKeyGenerator.generateKey();
            z = true;
        } catch (IOException e) {
            Log.e(TAG, "Failed to create key: IOException: " + e.toString());
            str = PluginError.IO_EXCEPTION.name();
        } catch (InvalidAlgorithmParameterException e2) {
            Log.e(TAG, "Failed to create key: InvalidAlgorithmParameterException: " + e2.toString());
            str = PluginError.INVALID_ALGORITHM_PARAMETER_EXCEPTION.name();
        } catch (NoSuchAlgorithmException e3) {
            Log.e(TAG, "Failed to create key: NoSuchAlgorithmException: " + e3.toString());
            str = PluginError.NO_SUCH_ALGORITHM_EXCEPTION.name();
        } catch (CertificateException e4) {
            Log.e(TAG, "Failed to create key: CertificateException: " + e4.toString());
            str = PluginError.CERTIFICATE_EXCEPTION.name();
        }
        if (!z) {
            Log.e(TAG, str);
            setPluginResultError(str);
        }
        return z;
    }

    public static boolean deleteIV() {
        return deleteStringPreference(mContext, mClientId + mUsername, FINGERPRINT_PREF_IV);
    }

    public static boolean deleteStringPreference(Context context, String str, String str2) {
        return context.getSharedPreferences(str, 0).edit().remove(str2).commit();
    }

    private static SecretKey getSecretKey() {
        String str = "";
        SecretKey secretKey = null;
        try {
            mKeyStore.load(null);
            secretKey = (SecretKey) mKeyStore.getKey(mClientId, null);
        } catch (IOException e) {
            str = "Failed to get SecretKey from KeyStore: IOException: " + e.toString();
        } catch (KeyStoreException e2) {
            str = "Failed to get SecretKey from KeyStore: KeyStoreException: " + e2.toString();
        } catch (NoSuchAlgorithmException e3) {
            str = "Failed to get SecretKey from KeyStore: NoSuchAlgorithmException: " + e3.toString();
        } catch (UnrecoverableKeyException e4) {
            str = "Failed to get SecretKey from KeyStore: UnrecoverableKeyException: " + e4.toString();
        } catch (CertificateException e5) {
            str = "Failed to get SecretKey from KeyStore: CertificateException: " + e5.toString();
        }
        if (secretKey == null) {
            Log.e(TAG, str);
        }
        return secretKey;
    }

    public static String getStringPreference(Context context, String str, String str2) {
        return context.getSharedPreferences(str, 0).getString(str2, null);
    }

    private static boolean initCipher() {
        boolean z = false;
        String str = "";
        try {
            SecretKey secretKey = getSecretKey();
            if (mCipherModeCrypt) {
                mCipher.init(1, secretKey);
                setStringPreference(mContext, mClientId + mUsername, FINGERPRINT_PREF_IV, new String(Base64.encode(mCipher.getIV(), 2)));
            } else {
                mCipher.init(2, secretKey, new IvParameterSpec(Base64.decode(getStringPreference(mContext, mClientId + mUsername, FINGERPRINT_PREF_IV), 2)));
            }
            z = true;
        } catch (Exception e) {
            str = "Failed to init Cipher: Exception: " + e.toString();
        }
        if (!z) {
            Log.e(TAG, str);
        }
        return z;
    }

    private boolean isFingerprintAuthAvailable() throws SecurityException {
        return this.mFingerPrintManager.isHardwareDetected() && this.mFingerPrintManager.hasEnrolledFingerprints();
    }

    public static void onAuthenticated(boolean z, FingerprintManager.AuthenticationResult authenticationResult) {
        JSONObject jSONObject = new JSONObject();
        String str = "";
        boolean z2 = false;
        try {
            if (z) {
                if (mCipherModeCrypt) {
                    jSONObject.put("token", Base64.encodeToString(authenticationResult.getCryptoObject().getCipher().doFinal(mClientSecret.getBytes("UTF-8")), 2));
                } else {
                    String[] split = new String(authenticationResult.getCryptoObject().getCipher().doFinal(Base64.decode(mClientSecret, 2)), "UTF-8").split(":");
                    if (split.length == 2) {
                        String str2 = split[0];
                        String str3 = split[1];
                        if (str2.equalsIgnoreCase(mClientId + mUsername)) {
                            jSONObject.put("password", split[1]);
                        }
                    }
                }
                jSONObject.put("withFingerprint", true);
            } else {
                jSONObject.put("withBackup", true);
                if (!initCipher()) {
                    createKey();
                }
            }
            z2 = true;
        } catch (UnsupportedEncodingException e) {
            e.printStackTrace();
        } catch (BadPaddingException e2) {
            Log.e(TAG, "Failed to encrypt the data with the generated key: BadPaddingException:  " + e2.toString());
            str = PluginError.BAD_PADDING_EXCEPTION.name();
        } catch (IllegalBlockSizeException e3) {
            Log.e(TAG, "Failed to encrypt the data with the generated key: IllegalBlockSizeException: " + e3.toString());
            str = PluginError.ILLEGAL_BLOCK_SIZE_EXCEPTION.name();
        } catch (JSONException e4) {
            Log.e(TAG, "Failed to set resultJson key value pair: " + e4.toString());
            str = PluginError.JSON_EXCEPTION.name();
        }
        if (z2) {
            mCallbackContext.success(jSONObject);
            mPluginResult = new PluginResult(PluginResult.Status.OK);
        } else {
            mCallbackContext.error(str);
            mPluginResult = new PluginResult(PluginResult.Status.ERROR);
        }
        mCallbackContext.sendPluginResult(mPluginResult);
    }

    public static void onCancelled() {
        mCallbackContext.error(PluginError.FINGERPRINT_CANCELLED.name());
    }

    public static void onError(CharSequence charSequence) {
        mCallbackContext.error(PluginError.FINGERPRINT_ERROR.name());
        Log.e(TAG, charSequence.toString());
    }

    private void sendAvailabilityResult() {
        String str = null;
        JSONObject jSONObject = new JSONObject();
        try {
            jSONObject.put("isAvailable", isFingerprintAuthAvailable());
            jSONObject.put("isHardwareDetected", this.mFingerPrintManager.isHardwareDetected());
            jSONObject.put("hasEnrolledFingerprints", this.mFingerPrintManager.hasEnrolledFingerprints());
            mPluginResult = new PluginResult(PluginResult.Status.OK);
            mCallbackContext.success(jSONObject);
            mCallbackContext.sendPluginResult(mPluginResult);
        } catch (SecurityException e) {
            Log.e(TAG, "Availability Result Error: SecurityException: " + e.toString());
            str = PluginError.SECURITY_EXCEPTION.name();
        } catch (JSONException e2) {
            Log.e(TAG, "Availability Result Error: JSONException: " + e2.toString());
            str = PluginError.JSON_EXCEPTION.name();
        }
        if (str != null) {
            Log.e(TAG, str);
            setPluginResultError(str);
        }
    }

    public static boolean setPluginResultError(String str) {
        mCallbackContext.error(str);
        mPluginResult = new PluginResult(PluginResult.Status.ERROR);
        return false;
    }

    public static void setStringPreference(Context context, String str, String str2, String str3) {
        SharedPreferences.Editor edit = context.getSharedPreferences(str, 0).edit();
        edit.putString(str2, str3);
        edit.apply();
    }

    @Override // org.apache.cordova.CordovaPlugin
    public boolean execute(String str, JSONArray jSONArray, CallbackContext callbackContext) throws JSONException {
        int i;
        mCallbackContext = callbackContext;
        if (Build.VERSION.SDK_INT < 23) {
            Log.e(TAG, "minimum SDK version 23 required");
            mPluginResult = new PluginResult(PluginResult.Status.ERROR);
            mCallbackContext.error(PluginError.MINIMUM_SDK.name());
            mCallbackContext.sendPluginResult(mPluginResult);
            return true;
        }
        Log.v(TAG, "FingerprintAuth action: " + str);
        if (str.equals("availability")) {
            this.mAction = PluginAction.AVAILABILITY;
        } else if (str.equals("encrypt")) {
            this.mAction = PluginAction.ENCRYPT;
            mCipherModeCrypt = true;
        } else if (str.equals("decrypt")) {
            this.mAction = PluginAction.DECRYPT;
            mCipherModeCrypt = false;
        } else if (str.equals("delete")) {
            this.mAction = PluginAction.DELETE;
        }
        if (this.mAction != null) {
            JSONObject jSONObject = jSONArray.getJSONObject(0);
            new JSONObject();
            if (this.mAction != PluginAction.AVAILABILITY) {
                if (!jSONObject.has("clientId")) {
                    Log.e(TAG, "Missing required parameters.");
                    mPluginResult = new PluginResult(PluginResult.Status.ERROR);
                    mCallbackContext.error(PluginError.MISSING_PARAMETERS.name());
                    mCallbackContext.sendPluginResult(mPluginResult);
                    return true;
                }
                mClientId = jSONObject.getString("clientId");
                if (jSONObject.has("username")) {
                    mUsername = jSONObject.getString("username");
                }
            }
            switch (this.mAction) {
                case ENCRYPT:
                case DECRYPT:
                    boolean z = false;
                    switch (this.mAction) {
                        case ENCRYPT:
                            mClientSecret = mClientId + mUsername + ":" + (jSONObject.has("password") ? jSONObject.getString("password") : "");
                            break;
                        case DECRYPT:
                            if (!jSONObject.has("token")) {
                                z = true;
                                break;
                            } else {
                                mClientSecret = jSONObject.getString("token");
                                break;
                            }
                    }
                    if (z) {
                        Log.e(TAG, "Missing required parameters for specified action.");
                        mPluginResult = new PluginResult(PluginResult.Status.ERROR);
                        mCallbackContext.error(PluginError.MISSING_ACTION_PARAMETERS.name());
                        mCallbackContext.sendPluginResult(mPluginResult);
                        return true;
                    }
                    if (jSONObject.has("disableBackup")) {
                        mDisableBackup = jSONObject.getBoolean("disableBackup");
                    }
                    if (jSONObject.has("locale")) {
                        this.mLangCode = jSONObject.getString("locale");
                        Log.d(TAG, "Change language to locale: " + this.mLangCode);
                    }
                    if (jSONObject.has("maxAttempts") && (i = jSONObject.getInt("maxAttempts")) < 5) {
                        mMaxAttempts = i;
                    }
                    if (jSONObject.has("userAuthRequired")) {
                        mUserAuthRequired = jSONObject.getBoolean("userAuthRequired");
                    }
                    if (jSONObject.has("dialogTitle")) {
                        mDialogTitle = jSONObject.getString("dialogTitle");
                    }
                    if (jSONObject.has("dialogMessage")) {
                        mDialogMessage = jSONObject.getString("dialogMessage");
                    }
                    if (jSONObject.has("dialogHint")) {
                        mDialogHint = jSONObject.getString("dialogHint");
                    }
                    Resources resources = this.cordova.getActivity().getResources();
                    DisplayMetrics displayMetrics = resources.getDisplayMetrics();
                    Configuration configuration = resources.getConfiguration();
                    if (this.mLangCode.length() == 5) {
                        configuration.locale = new Locale(this.mLangCode.substring(0, 2).toLowerCase(), this.mLangCode.substring(this.mLangCode.length() - 2).toUpperCase());
                    } else {
                        configuration.locale = new Locale(this.mLangCode.toLowerCase());
                    }
                    resources.updateConfiguration(configuration, displayMetrics);
                    if (isFingerprintAuthAvailable()) {
                        SecretKey secretKey = getSecretKey();
                        if (secretKey == null && createKey()) {
                            secretKey = getSecretKey();
                        }
                        if (secretKey != null) {
                            this.cordova.getActivity().runOnUiThread(new Runnable() { // from class: com.cordova.plugin.android.fingerprintauth.FingerprintAuth.1
                                @Override // java.lang.Runnable
                                public void run() {
                                    FingerprintAuth.this.mFragment = new FingerprintAuthenticationDialogFragment();
                                    if (FingerprintAuth.access$000()) {
                                        FingerprintAuth.this.mFragment.setCancelable(false);
                                        FingerprintAuth.this.mFragment.setCryptoObject(new FingerprintManager.CryptoObject(FingerprintAuth.mCipher));
                                        FingerprintAuth.this.mFragment.show(FingerprintAuth.this.cordova.getActivity().getFragmentManager(), FingerprintAuth.DIALOG_FRAGMENT_TAG);
                                    } else if (!FingerprintAuth.mDisableBackup) {
                                        FingerprintAuth.this.mFragment.setCryptoObject(new FingerprintManager.CryptoObject(FingerprintAuth.mCipher));
                                        FingerprintAuth.this.mFragment.setStage(FingerprintAuthenticationDialogFragment.Stage.NEW_FINGERPRINT_ENROLLED);
                                        FingerprintAuth.this.mFragment.show(FingerprintAuth.this.cordova.getActivity().getFragmentManager(), FingerprintAuth.DIALOG_FRAGMENT_TAG);
                                    } else {
                                        Log.e(FingerprintAuth.TAG, "Failed to init Cipher and backup disabled.");
                                        FingerprintAuth.mCallbackContext.error(PluginError.INIT_CIPHER_FAILED.name());
                                        FingerprintAuth.mPluginResult = new PluginResult(PluginResult.Status.ERROR);
                                        FingerprintAuth.mCallbackContext.sendPluginResult(FingerprintAuth.mPluginResult);
                                    }
                                }
                            });
                            mPluginResult.setKeepCallback(true);
                        } else {
                            mCallbackContext.sendPluginResult(mPluginResult);
                        }
                    } else {
                        Log.e(TAG, "Fingerprint authentication not available");
                        mPluginResult = new PluginResult(PluginResult.Status.ERROR);
                        mCallbackContext.error(PluginError.FINGERPRINT_NOT_AVAILABLE.name());
                        mCallbackContext.sendPluginResult(mPluginResult);
                    }
                    return true;
                case AVAILABILITY:
                    checkAndRequestPermission("android.permission.USE_FINGERPRINT", PERMISSIONS_REQUEST_FINGERPRINT);
                    return true;
                case DELETE:
                    boolean z2 = false;
                    boolean z3 = false;
                    try {
                        mKeyStore.deleteEntry(mClientId);
                        z3 = true;
                        z2 = deleteIV();
                    } catch (KeyStoreException e) {
                        Log.e(TAG, "Error while deleting SecretKey.");
                    }
                    if (z2 && z3) {
                        mPluginResult = new PluginResult(PluginResult.Status.OK);
                        mCallbackContext.success();
                    } else {
                        Log.e(TAG, "Error while deleting Fingerprint data.");
                        mPluginResult = new PluginResult(PluginResult.Status.ERROR);
                        mCallbackContext.error(PluginError.FINGERPRINT_DATA_NOT_DELETED.name());
                    }
                    mCallbackContext.sendPluginResult(mPluginResult);
                    return true;
            }
        }
        return false;
    }

    @Override // org.apache.cordova.CordovaPlugin
    public void initialize(CordovaInterface cordovaInterface, CordovaWebView cordovaWebView) {
        super.initialize(cordovaInterface, cordovaWebView);
        Log.v(TAG, "Init FingerprintAuth");
        packageName = cordovaInterface.getActivity().getApplicationContext().getPackageName();
        mPluginResult = new PluginResult(PluginResult.Status.NO_RESULT);
        mActivity = cordovaInterface.getActivity();
        mContext = cordovaInterface.getActivity().getApplicationContext();
        if (Build.VERSION.SDK_INT < 23) {
            return;
        }
        this.mKeyguardManager = (KeyguardManager) cordovaInterface.getActivity().getSystemService(KeyguardManager.class);
        this.mFingerPrintManager = (FingerprintManager) cordovaInterface.getActivity().getApplicationContext().getSystemService(FingerprintManager.class);
        try {
            mKeyGenerator = KeyGenerator.getInstance("AES", ANDROID_KEY_STORE);
            mKeyStore = KeyStore.getInstance(ANDROID_KEY_STORE);
            try {
                mCipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
            } catch (NoSuchAlgorithmException e) {
                throw new RuntimeException("Failed to get an instance of Cipher", e);
            } catch (NoSuchPaddingException e2) {
                throw new RuntimeException("Failed to get an instance of Cipher", e2);
            }
        } catch (KeyStoreException e3) {
            throw new RuntimeException("Failed to get an instance of KeyStore", e3);
        } catch (NoSuchAlgorithmException e4) {
            throw new RuntimeException("Failed to get an instance of KeyGenerator", e4);
        } catch (NoSuchProviderException e5) {
            throw new RuntimeException("Failed to get an instance of KeyGenerator", e5);
        }
    }

    @Override // org.apache.cordova.CordovaPlugin
    public void onRequestPermissionResult(int i, String[] strArr, int[] iArr) throws JSONException {
        super.onRequestPermissionResult(i, strArr, iArr);
        switch (i) {
            case PERMISSIONS_REQUEST_FINGERPRINT /* 346437 */:
                if (iArr.length > 0 && iArr[0] == 0) {
                    sendAvailabilityResult();
                    return;
                } else {
                    Log.e(TAG, "Fingerprint permission denied.");
                    setPluginResultError(PluginError.FINGERPRINT_PERMISSION_DENIED.name());
                    return;
                }
            default:
                return;
        }
    }
}
