package de.tutao.tutanota.credentials;

import android.security.keystore.KeyPermanentlyInvalidatedException;
import android.security.keystore.UserNotAuthenticatedException;
import androidx.biometric.BiometricManager;
import androidx.biometric.BiometricPrompt;
import androidx.fragment.app.FragmentActivity;
import de.tutao.tutanota.AndroidKeyStoreFacade;
import de.tutao.tutanota.CredentialAuthenticationException;
import de.tutao.tutanota.CryptoError;
import de.tutao.tutanota.R;
import de.tutao.tutanota.ipc.DataWrapper;
import de.tutao.tutanota.ipc.DataWrapperKt;
import de.tutao.tutanota.ipc.NativeCredentialsFacade;
import java.security.KeyStoreException;
import java.util.List;
import javax.crypto.Cipher;
import kotlin.collections.CollectionsKt__CollectionsJVMKt;
import kotlin.coroutines.Continuation;
import kotlin.jvm.internal.Intrinsics;
import org.conscrypt.BuildConfig;

/* compiled from: CredentialsEncryptionBeforeAPI30.kt */
/* loaded from: classes.dex */
public final class CredentialsEncryptionBeforeAPI30 implements NativeCredentialsFacade {
    private final FragmentActivity activity;
    private final AuthenticationPrompt authenticationPrompt;
    private final AndroidKeyStoreFacade keyStoreFacade;

    /* compiled from: CredentialsEncryptionBeforeAPI30.kt */
    /* loaded from: classes.dex */
    public /* synthetic */ class WhenMappings {
        public static final /* synthetic */ int[] $EnumSwitchMapping$0;

        static {
            int[] iArr = new int[CredentialEncryptionMode.values().length];
            try {
                iArr[CredentialEncryptionMode.BIOMETRICS.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                iArr[CredentialEncryptionMode.SYSTEM_PASSWORD.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
            $EnumSwitchMapping$0 = iArr;
        }
    }

    public CredentialsEncryptionBeforeAPI30(AndroidKeyStoreFacade keyStoreFacade, FragmentActivity activity, AuthenticationPrompt authenticationPrompt) {
        Intrinsics.checkNotNullParameter(keyStoreFacade, "keyStoreFacade");
        Intrinsics.checkNotNullParameter(activity, "activity");
        Intrinsics.checkNotNullParameter(authenticationPrompt, "authenticationPrompt");
        this.keyStoreFacade = keyStoreFacade;
        this.activity = activity;
        this.authenticationPrompt = authenticationPrompt;
    }

    private final BiometricPrompt.PromptInfo createPromptInfo(CredentialEncryptionMode credentialEncryptionMode) {
        int i = WhenMappings.$EnumSwitchMapping$0[credentialEncryptionMode.ordinal()];
        if (i == 1) {
            BiometricPrompt.PromptInfo.Builder negativeButtonText = new BiometricPrompt.PromptInfo.Builder().setTitle(this.activity.getString(R.string.unlockCredentials_action)).setAllowedAuthenticators(15).setNegativeButtonText(this.activity.getString(android.R.string.cancel));
            Intrinsics.checkNotNullExpressionValue(negativeButtonText, "Builder()\n\t\t\t\t\t\t.setTitl…android.R.string.cancel))");
            BiometricPrompt.PromptInfo build = negativeButtonText.build();
            Intrinsics.checkNotNullExpressionValue(build, "{\n\t\t\t\tval promptInfoBuil…tInfoBuilder.build()\n\t\t\t}");
            return build;
        }
        if (i != 2) {
            throw new AssertionError(BuildConfig.FLAVOR);
        }
        BiometricPrompt.PromptInfo.Builder allowedAuthenticators = new BiometricPrompt.PromptInfo.Builder().setTitle(this.activity.getString(R.string.unlockCredentials_action)).setAllowedAuthenticators(33023);
        Intrinsics.checkNotNullExpressionValue(allowedAuthenticators, "Builder()\n\t\t\t\t\t\t.setTitl…nticators.BIOMETRIC_WEAK)");
        BiometricPrompt.PromptInfo build2 = allowedAuthenticators.build();
        Intrinsics.checkNotNullExpressionValue(build2, "{\n\t\t\t\tval promptInfoBuil…tInfoBuilder.build()\n\t\t\t}");
        return build2;
    }

    @Override // de.tutao.tutanota.ipc.NativeCredentialsFacade
    public Object decryptUsingKeychain(DataWrapper dataWrapper, CredentialEncryptionMode credentialEncryptionMode, Continuation<? super DataWrapper> continuation) throws KeyStoreException, CryptoError, CredentialAuthenticationException, KeyPermanentlyInvalidatedException {
        Cipher cipherForDecryptionMode;
        byte[] data = dataWrapper.getData();
        try {
            cipherForDecryptionMode = this.keyStoreFacade.getCipherForDecryptionMode(credentialEncryptionMode, data);
            if (credentialEncryptionMode == CredentialEncryptionMode.BIOMETRICS) {
                this.authenticationPrompt.authenticateCryptoObject(this.activity, createPromptInfo(credentialEncryptionMode), new BiometricPrompt.CryptoObject(cipherForDecryptionMode));
            }
        } catch (KeyStoreException e) {
            if (!(e.getCause() instanceof UserNotAuthenticatedException)) {
                throw e;
            }
            this.authenticationPrompt.authenticate(this.activity, createPromptInfo(credentialEncryptionMode));
            cipherForDecryptionMode = this.keyStoreFacade.getCipherForDecryptionMode(credentialEncryptionMode, data);
        }
        return DataWrapperKt.wrap(this.keyStoreFacade.decryptData(data, cipherForDecryptionMode));
    }

    @Override // de.tutao.tutanota.ipc.NativeCredentialsFacade
    public Object encryptUsingKeychain(DataWrapper dataWrapper, CredentialEncryptionMode credentialEncryptionMode, Continuation<? super DataWrapper> continuation) throws KeyStoreException, CryptoError, CredentialAuthenticationException, KeyPermanentlyInvalidatedException {
        Cipher cipherForEncryptionMode;
        try {
            cipherForEncryptionMode = this.keyStoreFacade.getCipherForEncryptionMode(credentialEncryptionMode);
            if (credentialEncryptionMode == CredentialEncryptionMode.BIOMETRICS) {
                this.authenticationPrompt.authenticateCryptoObject(this.activity, createPromptInfo(credentialEncryptionMode), new BiometricPrompt.CryptoObject(cipherForEncryptionMode));
            }
        } catch (KeyStoreException e) {
            if (!(e.getCause() instanceof UserNotAuthenticatedException)) {
                throw e;
            }
            this.authenticationPrompt.authenticate(this.activity, createPromptInfo(credentialEncryptionMode));
            cipherForEncryptionMode = this.keyStoreFacade.getCipherForEncryptionMode(credentialEncryptionMode);
        }
        return DataWrapperKt.wrap(this.keyStoreFacade.encryptData(dataWrapper.getData(), cipherForEncryptionMode));
    }

    @Override // de.tutao.tutanota.ipc.NativeCredentialsFacade
    public Object getSupportedEncryptionModes(Continuation<? super List<? extends CredentialEncryptionMode>> continuation) {
        List createListBuilder;
        List build;
        createListBuilder = CollectionsKt__CollectionsJVMKt.createListBuilder();
        createListBuilder.add(CredentialEncryptionMode.DEVICE_LOCK);
        BiometricManager from = BiometricManager.from(this.activity);
        Intrinsics.checkNotNullExpressionValue(from, "from(activity)");
        if (from.canAuthenticate(15) == 0) {
            createListBuilder.add(CredentialEncryptionMode.BIOMETRICS);
        }
        if (from.canAuthenticate(33023) == 0) {
            createListBuilder.add(CredentialEncryptionMode.SYSTEM_PASSWORD);
        }
        build = CollectionsKt__CollectionsJVMKt.build(createListBuilder);
        return build;
    }
}
