package hk.com.sharppoint.spmobile.sptraderprohd.auth;

import android.annotation.TargetApi;
import android.app.KeyguardManager;
import android.content.Context;
import android.hardware.fingerprint.FingerprintManager;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.support.v7.widget.RecyclerView;
import android.util.Base64;
import android.util.Log;
import hk.com.sharppoint.dto.auth.KeyPair;
import hk.com.sharppoint.spapi.SPNativeApiProxyWrapper;
import hk.com.sharppoint.spapi.util.SPLog;
import hk.com.sharppoint.spmobile.sptraderprohd.ApiApplication;
import java.math.BigInteger;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.Signature;
import java.security.spec.RSAKeyGenParameterSpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Calendar;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;
import javax.security.auth.x500.X500Principal;
import org.apache.a.c.f;

/* loaded from: classes.dex */
public class c {

    /* renamed from: a, reason: collision with root package name */
    public final String f2292a = getClass().getName();

    /* renamed from: b, reason: collision with root package name */
    private Context f2293b;

    /* renamed from: c, reason: collision with root package name */
    private ApiApplication f2294c;
    private SPNativeApiProxyWrapper d;
    private FingerprintManager.CryptoObject e;
    private KeyguardManager f;
    private FingerprintManager g;
    private KeyStore h;
    private Cipher i;
    private boolean j;
    private a k;

    public c(Context context, ApiApplication apiApplication, SPNativeApiProxyWrapper sPNativeApiProxyWrapper) {
        this.f2293b = context;
        this.f2294c = apiApplication;
        this.d = sPNativeApiProxyWrapper;
        if (Build.VERSION.SDK_INT >= 18) {
            f();
        }
        if (Build.VERSION.SDK_INT >= 23) {
            this.f = (KeyguardManager) context.getSystemService("keyguard");
            g();
        }
    }

    private void f() {
        try {
            this.h = KeyStore.getInstance("AndroidKeyStore");
            this.h.load(null);
        } catch (Exception e) {
            Log.e(this.f2292a, "Error", e);
        }
    }

    @TargetApi(23)
    private void g() {
        this.g = (FingerprintManager) this.f2293b.getSystemService("fingerprint");
    }

    private String h() {
        return this.f2294c.v();
    }

    public String a(d dVar) {
        try {
            byte[] decode = Base64.decode(dVar.b(), 0);
            byte[] decode2 = Base64.decode(dVar.a(), 0);
            SecretKey secretKey = (SecretKey) this.h.getKey(h(), null);
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
            cipher.init(2, secretKey, new IvParameterSpec(decode));
            return new String(cipher.doFinal(decode2), "UTF-8");
        } catch (Exception e) {
            Log.e(this.f2292a, "Error", e);
            return "";
        }
    }

    public String a(String str) {
        try {
            String x = this.f2294c.x();
            if (Build.VERSION.SDK_INT >= 18) {
                KeyStore.Entry entry = this.h.getEntry(x, null);
                if (!(entry instanceof KeyStore.PrivateKeyEntry)) {
                    Log.d(this.f2292a, "Not an instance of a PrivateKeyEntry");
                    return null;
                }
                Signature signature = Signature.getInstance("SHA256withRSA");
                signature.initSign(((KeyStore.PrivateKeyEntry) entry).getPrivateKey());
                signature.update(str.getBytes());
                byte[] sign = signature.sign();
                SPLog.d(this.f2292a, "Signed by Android Crypto API");
                SPLog.d(this.f2292a, "Signature: " + Base64.encodeToString(sign, 2));
            } else {
                String str2 = this.f2294c.k().a().get(x);
                if (f.b((CharSequence) str2)) {
                    SPLog.d(this.f2292a, "Signed by SPCrypto");
                    String signMessage = this.d.signMessage(str2, str);
                    SPLog.d(this.f2292a, "Signature: " + signMessage);
                    return signMessage;
                }
                Log.d(this.f2292a, "Private Key not found");
            }
        } catch (Exception e) {
            Log.e(this.f2292a, Log.getStackTraceString(e));
        }
        return null;
    }

    @TargetApi(23)
    public void a(FingerprintManager.AuthenticationCallback authenticationCallback) {
        d();
        this.e = new FingerprintManager.CryptoObject(this.i);
        this.k = new a(this.f2294c, authenticationCallback);
        this.k.a(this.g, this.e);
    }

    public void a(boolean z) {
        this.j = z;
    }

    public boolean a() {
        return Build.VERSION.SDK_INT >= 23 && this.g.isHardwareDetected() && android.support.c.a.a.a(this.f2293b, "android.permission.USE_FINGERPRINT") == 0 && this.g.hasEnrolledFingerprints() && this.f.isKeyguardSecure();
    }

    public d b(String str) {
        try {
            SecretKey b2 = b();
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
            cipher.init(1, b2);
            return new d(Base64.encodeToString(cipher.doFinal(str.getBytes("UTF-8")), 0), Base64.encodeToString(cipher.getIV(), 0));
        } catch (Exception e) {
            Log.e(this.f2292a, "Error", e);
            return null;
        }
    }

    @TargetApi(23)
    public SecretKey b() {
        try {
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", "AndroidKeyStore");
            keyGenerator.init(new KeyGenParameterSpec.Builder(h(), 3).setBlockModes("CBC").setUserAuthenticationRequired(false).setEncryptionPaddings("PKCS7Padding").build());
            return keyGenerator.generateKey();
        } catch (Exception e) {
            Log.e(this.f2292a, "Error", e);
            throw new hk.com.sharppoint.spmobile.sptraderprohd.b.b(e);
        }
    }

    public String c() {
        try {
            String x = this.f2294c.x();
            if (Build.VERSION.SDK_INT < 18) {
                KeyPair generateKeyPair = this.d.generateKeyPair();
                this.f2294c.k().a(x, generateKeyPair.getPrivateKey());
                return generateKeyPair.getPublicKey();
            }
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
            if (Build.VERSION.SDK_INT >= 23) {
                keyPairGenerator.initialize(new KeyGenParameterSpec.Builder(x, 12).setAlgorithmParameterSpec(new RSAKeyGenParameterSpec(RecyclerView.ItemAnimator.FLAG_MOVED, RSAKeyGenParameterSpec.F4)).setBlockModes("CBC").setSignaturePaddings("PKCS1").setDigests("SHA-256").setUserAuthenticationRequired(false).build());
            } else if (Build.VERSION.SDK_INT >= 18) {
                Calendar calendar = Calendar.getInstance();
                Calendar calendar2 = Calendar.getInstance();
                calendar2.add(1, 30);
                keyPairGenerator.initialize(new KeyPairGeneratorSpec.Builder(this.f2293b).setAlias(x).setSubject(new X500Principal("CN=Sharp Point Limited , O=Sharp Point Limited C=HK")).setSerialNumber(BigInteger.ONE).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build());
            }
            String str = "-----BEGIN PUBLIC KEY-----\r\n" + Base64.encodeToString(new X509EncodedKeySpec(keyPairGenerator.generateKeyPair().getPublic().getEncoded()).getEncoded(), 4) + "-----END PUBLIC KEY-----";
            Log.d(this.f2292a, "Keystore Public Key: \n" + str);
            return str;
        } catch (Exception e) {
            Log.d(this.f2292a, Log.getStackTraceString(e));
            return null;
        }
    }

    @TargetApi(23)
    public boolean d() {
        try {
            this.i = Cipher.getInstance("AES/CBC/PKCS7Padding");
            try {
                this.i.init(1, (SecretKey) this.h.getKey(h(), null));
                return true;
            } catch (Exception e) {
                throw new RuntimeException("Failed to init Cipher", e);
            }
        } catch (NoSuchAlgorithmException | NoSuchPaddingException e2) {
            throw new RuntimeException("Failed to get Cipher", e2);
        }
    }

    public void e() {
        this.k.a();
    }
}
