package ru.eftr.RNSecurity;

import android.app.Activity;
import android.app.KeyguardManager;
import android.content.Context;
import android.os.Build;
import android.security.keystore.KeyGenParameterSpec;
import android.text.TextUtils;
import android.util.Base64;
import androidx.biometric.BiometricManager;
import androidx.biometric.BiometricPrompt;
import androidx.core.app.ActivityCompat;
import com.facebook.react.bridge.Callback;
import com.facebook.react.bridge.ReactApplicationContext;
import com.facebook.react.bridge.ReactContextBaseJavaModule;
import com.facebook.react.bridge.ReactMethod;
import com.google.gson.Gson;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import ru.eftr.RNSecurity.FingerprintHandler;
import ru.eftr.RNSecurity.model.AuthResponse;
import ru.eftr.RNSecurity.model.ErrorCode;
import ru.eftr.RNSecurity.model.ErrorResponse;
import ru.eftr.RNSecurity.model.RNException;
import ru.eftr.RNSecurity.sharedPreferences.DataHelper;

/* loaded from: classes3.dex */
public class SecurityAuthModule extends ReactContextBaseJavaModule {
    private static final String KEY_NAME = "ru..touchId_key";
    private static final int PINCODE_MAX_ATTEMPTS = 3;
    private static final int TOUCH_ID_MAX_ATTEMPTS = 3;
    public static final int TOUCH_ID_REQUEST = 1012;
    public static boolean inProgress = false;
    private Cipher cipher;
    private KeyStore keyStore;
    private FingerprintHandler mFingerprintHandler;
    private Callback saveByBiometryErrorCallback;
    private Callback unlockByBiometryErrorCallback;

    public SecurityAuthModule(ReactApplicationContext reactApplicationContext) {
        super(reactApplicationContext);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void cancelSaveByBiometry(ErrorResponse errorResponse) {
        if (this.saveByBiometryErrorCallback != null) {
            this.saveByBiometryErrorCallback.invoke(new Gson().toJson(errorResponse));
            this.saveByBiometryErrorCallback = null;
        }
        FingerprintHandler fingerprintHandler = this.mFingerprintHandler;
        if (fingerprintHandler != null) {
            fingerprintHandler.endAuth();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void cancelUnlockByBiometry(ErrorResponse errorResponse) {
        if (this.unlockByBiometryErrorCallback != null) {
            this.unlockByBiometryErrorCallback.invoke(new Gson().toJson(errorResponse));
            this.unlockByBiometryErrorCallback = null;
        }
        FingerprintHandler fingerprintHandler = this.mFingerprintHandler;
        if (fingerprintHandler != null) {
            fingerprintHandler.endAuth();
        }
    }

    private Context getContext() throws RNException {
        Activity currentActivity = getCurrentActivity();
        if (currentActivity != null) {
            return currentActivity;
        }
        throw new RNException(ErrorCode.ACTIVITY_NOT_FOUND);
    }

    private ErrorResponse getErrorWithException(String str, Exception exc) {
        return new ErrorResponse(ErrorCode.UNDEFINED.getCode());
    }

    private boolean initCipher(Context context, int i) throws RNException {
        try {
            if (this.keyStore == null) {
                this.keyStore = KeyStore.getInstance("AndroidKeyStore");
            }
            this.cipher = Cipher.getInstance("AES/GCM/NoPadding");
            this.keyStore.load(null);
            if (i == 1) {
                createKey();
                this.cipher.init(i, (SecretKey) this.keyStore.getKey(KEY_NAME, null));
                DataHelper.setCipherIV(context, Base64.encodeToString(this.cipher.getIV(), 2));
            } else if (i == 2) {
                this.cipher.init(i, (SecretKey) this.keyStore.getKey(KEY_NAME, null), new IvParameterSpec(Base64.decode(DataHelper.getCipherIV(context), 2)));
            }
            return true;
        } catch (IOException | InvalidAlgorithmParameterException | InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | UnrecoverableKeyException | CertificateException | NoSuchPaddingException e) {
            e.printStackTrace();
            throw new RNException(ErrorCode.BIOMETRY_NEED_RENEW, "", e.getClass().getSimpleName());
        }
    }

    private boolean isFingerprintAuthAvailable(Context context) throws RNException {
        if (Build.VERSION.SDK_INT < 23) {
            throw new RNException(ErrorCode.FINGERPRINT_NOT_SUPPORTED);
        }
        if (ActivityCompat.checkSelfPermission(context, "android.permission.USE_FINGERPRINT") != 0) {
            isPermitionsGranted(context);
            return false;
        }
        KeyguardManager keyguardManager = (KeyguardManager) context.getSystemService("keyguard");
        return keyguardManager != null && keyguardManager.isKeyguardSecure() && FingerprintHandler.isFingerprintAuthAvailable(BiometricManager.from(context)) && keyguardManager.isKeyguardSecure() && keyguardManager.isDeviceSecure();
    }

    @ReactMethod
    public void CancelSaveCredByBiometry() {
        cancelSaveByBiometry(new ErrorResponse(ErrorCode.FINGERPRINT_CANCELED.getCode()));
    }

    @ReactMethod
    public void CancelUnlockByBiometry() {
        cancelUnlockByBiometry(new ErrorResponse(ErrorCode.FINGERPRINT_CANCELED.getCode()));
    }

    @ReactMethod
    public void Clean(Callback callback, Callback callback2) {
        Gson gson = new Gson();
        try {
            DataHelper.clean(getContext());
            callback2.invoke(gson.toJson(new AuthResponse(ErrorCode.NONE.getCode())));
        } catch (RNException e) {
            callback.invoke(gson.toJson(new ErrorResponse(e.code.getCode())));
        } catch (Exception e2) {
            callback.invoke(gson.toJson(new ErrorResponse(ErrorCode.UNDEFINED.getCode(), e2.getMessage())));
        }
    }

    @ReactMethod
    public void IsSupported(Callback callback, Callback callback2) {
        Gson gson = new Gson();
        try {
            if (Build.VERSION.SDK_INT < 23) {
                callback2.invoke(gson.toJson(new ErrorResponse(ErrorCode.FINGERPRINT_NOT_SUPPORTED.getCode(), "")));
            } else if (FingerprintHandler.isFingerprintAuthAvailable(BiometricManager.from(getContext()))) {
                callback2.invoke(gson.toJson(new ErrorResponse(ErrorCode.NONE.getCode(), "TouchID")));
            } else {
                callback2.invoke(gson.toJson(new ErrorResponse(ErrorCode.FINGERPRINT_NOT_SUPPORTED.getCode(), "")));
            }
        } catch (RNException e) {
            callback.invoke(gson.toJson(new ErrorResponse(e.code.getCode())));
        } catch (Exception e2) {
            callback.invoke(gson.toJson(new ErrorResponse(ErrorCode.UNDEFINED.getCode(), e2.getMessage())));
        }
    }

    @ReactMethod
    public void SaveCred(String str, String str2, String str3, Callback callback, Callback callback2) {
        Gson gson = new Gson();
        try {
            Context context = getContext();
            PincodeModule.encryptByPincode(context, str, str2, str3);
            DataHelper.cleatPinCodeAttempts(context);
            DataHelper.cleatFingerPrintAttempts(context);
            callback2.invoke(gson.toJson(new AuthResponse(ErrorCode.NONE.getCode())));
        } catch (RNException e) {
            callback.invoke(gson.toJson(new ErrorResponse(e.code.getCode())));
        } catch (Exception e2) {
            callback.invoke(gson.toJson(new ErrorResponse(ErrorCode.UNDEFINED.getCode(), e2.getMessage())));
        }
    }

    @ReactMethod
    public void SaveCredByBiometry(final String str, final String str2, String str3, String str4, Callback callback, final Callback callback2) {
        try {
            if (this.saveByBiometryErrorCallback != null) {
                callback.invoke(ErrorCode.FINGERPRINT_BUSY.getCode());
                CancelSaveCredByBiometry();
                return;
            }
            this.saveByBiometryErrorCallback = callback;
            final Context context = getContext();
            if (!isFingerprintAuthAvailable(context)) {
                cancelSaveByBiometry(new ErrorResponse(ErrorCode.FINGERPRINT_NOT_SUPPORTED.getCode()));
                return;
            }
            if (inProgress) {
                return;
            }
            inProgress = true;
            if (!initCipher(context, 1)) {
                inProgress = false;
                cancelSaveByBiometry(new ErrorResponse(ErrorCode.FINGERPRINT_ENCRYPT_INIT_FAILED.getCode()));
                return;
            }
            if (this.cipher != null) {
                this.mFingerprintHandler = new FingerprintHandler(BiometricManager.from(getContext()), new FingerprintHandler.Callback() { // from class: ru.eftr.RNSecurity.SecurityAuthModule.2
                    @Override // ru.eftr.RNSecurity.FingerprintHandler.Callback
                    public void onAuthenticated(BiometricPrompt.AuthenticationResult authenticationResult) {
                        try {
                            String str5 = str + "some_separator" + str2 + "some_separator" + PincodeModule.sha256(str + "some_separator" + str2);
                            BiometricPrompt.CryptoObject cryptoObject = authenticationResult.getCryptoObject();
                            Cipher cipher = cryptoObject != null ? cryptoObject.getCipher() : null;
                            byte[] doFinal = cipher != null ? cipher.doFinal(str5.getBytes()) : null;
                            DataHelper.setFingerptintSecret(context, doFinal != null ? Base64.encodeToString(doFinal, 2) : "");
                            DataHelper.cleatFingerPrintAttempts(context);
                            DataHelper.cleatPinCodeAttempts(context);
                            Gson gson = new Gson();
                            SecurityAuthModule.this.saveByBiometryErrorCallback = null;
                            callback2.invoke(gson.toJson(new AuthResponse(ErrorCode.NONE.getCode())));
                        } catch (Exception e) {
                            SecurityAuthModule.this.cancelSaveByBiometry(new ErrorResponse(ErrorCode.UNDEFINED.getCode(), e.getMessage()));
                        }
                    }

                    @Override // ru.eftr.RNSecurity.FingerprintHandler.Callback
                    public void onCancelled() {
                        SecurityAuthModule.this.cancelSaveByBiometry(new ErrorResponse(ErrorCode.FINGERPRINT_CANCELED.getCode()));
                    }

                    @Override // ru.eftr.RNSecurity.FingerprintHandler.Callback
                    public void onError(String str5, String str6) {
                        SecurityAuthModule.this.cancelSaveByBiometry(new ErrorResponse(ErrorCode.FINGERPRINT_FAILED.getCode(), str5, str6));
                    }
                });
                if (FingerprintHandler.isFingerprintAuthAvailable(BiometricManager.from(getContext()))) {
                    this.mFingerprintHandler.startAuth(getContext(), new BiometricPrompt.PromptInfo.Builder().setTitle(str3).setSubtitle(str4).build(), null);
                } else {
                    cancelSaveByBiometry(new ErrorResponse(ErrorCode.FINGERPRINT_NOT_SUPPORTED.getCode()));
                }
            } else {
                cancelSaveByBiometry(new ErrorResponse(ErrorCode.FINGERPRINT_ENCRYPT_INIT_FAILED.getCode()));
            }
            inProgress = false;
        } catch (RNException e) {
            cancelSaveByBiometry(new ErrorResponse(e.code.getCode()));
        } catch (Exception e2) {
            cancelSaveByBiometry(getErrorWithException(ErrorCode.UNDEFINED.getCode(), e2));
        }
    }

    @ReactMethod
    public void UnlockByBiometry(String str, String str2, Callback callback, final Callback callback2) {
        try {
            if (this.unlockByBiometryErrorCallback != null) {
                callback.invoke(ErrorCode.FINGERPRINT_BUSY.getCode());
                CancelUnlockByBiometry();
                return;
            }
            this.unlockByBiometryErrorCallback = callback;
            final Context context = getContext();
            if (TextUtils.isEmpty(DataHelper.getFingerptintSecret(context))) {
                cancelUnlockByBiometry(new ErrorResponse(ErrorCode.FINGERPRINT_NOT_SETUP.getCode()));
                return;
            }
            if (DataHelper.getFingerPrintAttempt(context) >= 3) {
                cancelUnlockByBiometry(new ErrorResponse(ErrorCode.FINGERPRINT_TO_MUCH_ATTEMPTS.getCode()));
                return;
            }
            if (!isFingerprintAuthAvailable(context)) {
                cancelUnlockByBiometry(new ErrorResponse(ErrorCode.FINGERPRINT_NOT_SUPPORTED.getCode()));
                return;
            }
            if (inProgress) {
                cancelUnlockByBiometry(new ErrorResponse(ErrorCode.FINGERPRINT_BUSY.getCode()));
                return;
            }
            if (initCipher(context, 2)) {
                if (this.cipher == null) {
                    inProgress = false;
                    cancelUnlockByBiometry(new ErrorResponse(ErrorCode.FINGERPRINT_ENCRYPT_INIT_FAILED.getCode()));
                    return;
                }
                this.mFingerprintHandler = new FingerprintHandler(BiometricManager.from(getContext()), new FingerprintHandler.Callback() { // from class: ru.eftr.RNSecurity.SecurityAuthModule.1
                    @Override // ru.eftr.RNSecurity.FingerprintHandler.Callback
                    public void onAuthenticated(BiometricPrompt.AuthenticationResult authenticationResult) {
                        try {
                            byte[] decode = Base64.decode(DataHelper.getFingerptintSecret(context), 2);
                            BiometricPrompt.CryptoObject cryptoObject = authenticationResult.getCryptoObject();
                            Cipher cipher = cryptoObject != null ? cryptoObject.getCipher() : null;
                            String str3 = cipher != null ? new String(cipher.doFinal(decode)) : null;
                            if (str3 == null) {
                                SecurityAuthModule.this.cancelUnlockByBiometry(new ErrorResponse(ErrorCode.FINGERPRINT_DECRYPT_FAILED.getCode()));
                                return;
                            }
                            String[] split = str3.split("some_separator");
                            if (split.length != 3) {
                                SecurityAuthModule.this.cancelUnlockByBiometry(new ErrorResponse(ErrorCode.FINGERPRINT_DECRYPT_FAILED.getCode()));
                                return;
                            }
                            if (!PincodeModule.sha256(split[0] + "some_separator" + split[1]).equals(split[2])) {
                                SecurityAuthModule.this.cancelUnlockByBiometry(new ErrorResponse(ErrorCode.FINGERPRINT_DECRYPT_FAILED.getCode()));
                                return;
                            }
                            DataHelper.cleatFingerPrintAttempts(context);
                            DataHelper.cleatPinCodeAttempts(context);
                            Gson gson = new Gson();
                            SecurityAuthModule.this.unlockByBiometryErrorCallback = null;
                            callback2.invoke(gson.toJson(new AuthResponse(ErrorCode.NONE.getCode(), split[0], split[1])));
                        } catch (Exception e) {
                            DataHelper.addFingerPrintAttempt(context);
                            SecurityAuthModule.this.cancelUnlockByBiometry(new ErrorResponse(ErrorCode.UNDEFINED.getCode(), e.getMessage()));
                        }
                    }

                    @Override // ru.eftr.RNSecurity.FingerprintHandler.Callback
                    public void onCancelled() {
                        SecurityAuthModule.this.cancelUnlockByBiometry(new ErrorResponse(ErrorCode.FINGERPRINT_CANCELED.getCode()));
                    }

                    @Override // ru.eftr.RNSecurity.FingerprintHandler.Callback
                    public void onError(String str3, String str4) {
                        DataHelper.addFingerPrintAttempt(context);
                        SecurityAuthModule.this.cancelUnlockByBiometry(new ErrorResponse(ErrorCode.FINGERPRINT_FAILED.getCode(), str3, str4));
                    }
                });
                if (FingerprintHandler.isFingerprintAuthAvailable(BiometricManager.from(getContext()))) {
                    this.mFingerprintHandler.startAuth(getContext(), new BiometricPrompt.PromptInfo.Builder().setTitle(str).setSubtitle(str2).build(), null);
                } else {
                    cancelUnlockByBiometry(new ErrorResponse(ErrorCode.FINGERPRINT_NOT_SUPPORTED.getCode()));
                }
            }
        } catch (RNException e) {
            cancelUnlockByBiometry(new ErrorResponse(e.code.getCode()));
        } catch (Exception e2) {
            cancelUnlockByBiometry(getErrorWithException(ErrorCode.UNDEFINED.getCode(), e2));
        }
    }

    @ReactMethod
    public void UnlockByCode(String str, Callback callback, Callback callback2) {
        Gson gson = new Gson();
        try {
            Context context = getContext();
            DataHelper.addPinCodeAttempt(context);
            if (DataHelper.getPinCodeAttempt(context) >= 3) {
                DataHelper.clean(getContext());
                callback.invoke(gson.toJson(new AuthResponse(ErrorCode.PINCODE_TO_MUCH_ATTEMPTS.getCode())));
            } else {
                String[] decryptByPincode = PincodeModule.decryptByPincode(context, str);
                DataHelper.cleatPinCodeAttempts(context);
                DataHelper.cleatFingerPrintAttempts(context);
                callback2.invoke(gson.toJson(new AuthResponse(ErrorCode.NONE.getCode(), decryptByPincode[0], decryptByPincode[1])));
            }
        } catch (RNException e) {
            callback.invoke(gson.toJson(new ErrorResponse(e.code.getCode())));
        } catch (Exception e2) {
            callback.invoke(gson.toJson(getErrorWithException(ErrorCode.UNDEFINED.getCode(), e2)));
        }
    }

    public void createKey() throws NoSuchProviderException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, IOException {
        try {
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", "AndroidKeyStore");
            keyGenerator.init(new KeyGenParameterSpec.Builder(KEY_NAME, 3).setBlockModes("CBC").setUserAuthenticationRequired(true).setEncryptionPaddings("PKCS7Padding").build());
            keyGenerator.generateKey();
            KeyGenerator keyGenerator2 = KeyGenerator.getInstance("AES", "AndroidKeyStore");
            this.keyStore.load(null);
            keyGenerator2.init(new KeyGenParameterSpec.Builder(KEY_NAME, 3).setBlockModes("CBC").setUserAuthenticationRequired(true).setEncryptionPaddings("PKCS7Padding").build());
            keyGenerator2.generateKey();
        } catch (IOException e) {
        } catch (InvalidAlgorithmParameterException e2) {
        } catch (NoSuchAlgorithmException e3) {
        } catch (NoSuchProviderException e4) {
            throw e4;
        } catch (CertificateException e5) {
            e5.printStackTrace();
        }
    }

    @Override // com.facebook.react.bridge.NativeModule
    public String getName() {
        return "VBNativeAuth";
    }

    public boolean isPermitionsGranted(Context context) {
        return IntentUtils.isPermitionsGranted(context, IntentUtils.PERMISSIONS_TOUCH_ID, 1012);
    }
}
