package com.mytheresa.app.mytheresa.services.user.security;

import android.content.Context;
import android.hardware.fingerprint.FingerprintManager;
import android.os.Build;
import android.os.CancellationSignal;
import android.security.keystore.KeyGenParameterSpec;
import android.text.TextUtils;
import com.mytheresa.app.mytheresa.app.AppSettings;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;

/* loaded from: classes2.dex */
public class Crypto {
    static final String ANDROID_KEYSTORE_TYPE = "AndroidKeyStore";
    private static final String FINGERPRINT_KEY_NAME = "myth_key";
    private KeyStore androidKeyStore;
    private IEncryptionAlgorithm encryptionAlgorithm;

    /* loaded from: classes2.dex */
    public static class CryptoException extends KeyStoreException {
        public CryptoException() {
        }

        public CryptoException(String str) {
            super(str);
        }

        public CryptoException(String str, Throwable th) {
            super(str, th);
        }

        public CryptoException(Throwable th) {
            super(th);
        }
    }

    public Crypto(AppSettings appSettings) {
        if (Build.VERSION.SDK_INT >= 23) {
            this.encryptionAlgorithm = new AesEncryption(this);
        } else {
            this.encryptionAlgorithm = new RsaEncryption(this, appSettings);
        }
    }

    private SecretKey generateFingerprintKey() throws CryptoException {
        getAndroidKeyStore();
        KeyGenParameterSpec build = new KeyGenParameterSpec.Builder(FINGERPRINT_KEY_NAME, 3).setBlockModes("CBC").setUserAuthenticationRequired(true).setEncryptionPaddings("PKCS7Padding").build();
        try {
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", ANDROID_KEYSTORE_TYPE);
            keyGenerator.init(build);
            return keyGenerator.generateKey();
        } catch (InvalidAlgorithmParameterException | NoSuchAlgorithmException | NoSuchProviderException e) {
            throw new CryptoException(e);
        }
    }

    private Cipher initFingerprintCypher() throws CryptoException {
        try {
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
            cipher.init(1, getAndroidKeyStore().getKey(FINGERPRINT_KEY_NAME, null));
            return cipher;
        } catch (InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException | NoSuchPaddingException e) {
            throw new CryptoException(e);
        }
    }

    public String decrypt(String str, String str2) throws CryptoException {
        if (TextUtils.isEmpty(str2)) {
            throw new IllegalArgumentException("Alias may not be null!");
        }
        if (TextUtils.isEmpty(str)) {
            return "";
        }
        if (keyExists(str2)) {
            return this.encryptionAlgorithm.decrypt(str, str2);
        }
        throw new CryptoException("Key does exist in KeyStore. To avoid this you should check by calling Crypto.keyExists(String)");
    }

    public String encrypt(String str, String str2) throws CryptoException {
        if (TextUtils.isEmpty(str2)) {
            throw new IllegalArgumentException("Alias may not be null!");
        }
        if (TextUtils.isEmpty(str)) {
            return "";
        }
        if (keyExists(str2)) {
            return this.encryptionAlgorithm.encrypt(str, str2);
        }
        throw new CryptoException("Key does exist in KeyStore. To avoid this you should check by calling Crypto.keyExists(String)");
    }

    public void generateKey(Context context, String str) throws CryptoException {
        this.encryptionAlgorithm.generateKey(context, str);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public KeyStore getAndroidKeyStore() throws CryptoException {
        try {
            if (this.androidKeyStore == null) {
                KeyStore keyStore = KeyStore.getInstance(ANDROID_KEYSTORE_TYPE);
                this.androidKeyStore = keyStore;
                keyStore.load(null);
            }
            return this.androidKeyStore;
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            throw new CryptoException(e);
        }
    }

    public boolean keyExists(String str) throws CryptoException {
        try {
            if (!TextUtils.isEmpty(str)) {
                if (getAndroidKeyStore().containsAlias(str)) {
                    return true;
                }
            }
            return false;
        } catch (KeyStoreException e) {
            throw new CryptoException(e);
        }
    }

    public void removeKey(String str) throws CryptoException {
        this.encryptionAlgorithm.removeKey(str);
    }

    public void startFingerprintAuthentication(FingerprintManager fingerprintManager, FingerprintManager.AuthenticationCallback authenticationCallback) throws CryptoException {
        if (fingerprintManager == null) {
            throw new CryptoException("Unable to start authentication: FingerprintManager was null.");
        }
        if (authenticationCallback == null) {
            throw new CryptoException("Unable to start authentication: FingerprintManager.AuthenticationCallback was null.");
        }
        generateFingerprintKey();
        try {
            fingerprintManager.authenticate(new FingerprintManager.CryptoObject(initFingerprintCypher()), new CancellationSignal(), 0, authenticationCallback, null);
        } catch (SecurityException e) {
            throw new CryptoException(e);
        }
    }
}
