package com.oblador.keychain;

import android.os.Build;
import android.text.TextUtils;
import androidx.biometric.BiometricPrompt;
import com.facebook.react.bridge.Arguments;
import com.facebook.react.bridge.Promise;
import com.facebook.react.bridge.ReactApplicationContext;
import com.facebook.react.bridge.ReactContextBaseJavaModule;
import com.facebook.react.bridge.ReactMethod;
import com.facebook.react.bridge.ReadableMap;
import com.facebook.react.bridge.WritableMap;
import com.oblador.keychain.KeychainModule;
import com.oblador.keychain.a;
import com.oblador.keychain.exceptions.CryptoFailedException;
import com.oblador.keychain.exceptions.EmptyParameterException;
import com.oblador.keychain.exceptions.KeyStoreAccessException;
import defpackage.el;
import defpackage.fl;
import defpackage.hl;
import defpackage.ix;
import defpackage.m10;
import defpackage.mo3;
import defpackage.px;
import defpackage.xk;
import defpackage.zk;
import java.util.ArrayList;
import java.util.Collection;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;
import java.util.concurrent.TimeUnit;

/* loaded from: classes2.dex */
public class KeychainModule extends ReactContextBaseJavaModule {
    public static final String EMPTY_STRING = "";
    public static final String FACE_SUPPORTED_NAME = "Face";
    public static final String FINGERPRINT_SUPPORTED_NAME = "Fingerprint";
    public static final String IRIS_SUPPORTED_NAME = "Iris";
    public static final String KEYCHAIN_MODULE = "RNKeychainManager";
    private static final String LOG_TAG = "KeychainModule";
    public static final String WARMING_UP_ALIAS = "warmingUp";
    private final Map<String, xk> cipherStorageMap;
    private final a prefsStorage;

    public KeychainModule(ReactApplicationContext reactApplicationContext) {
        super(reactApplicationContext);
        this.cipherStorageMap = new HashMap();
        this.prefsStorage = new a(reactApplicationContext);
        addCipherStorageToMap(new el(reactApplicationContext));
        addCipherStorageToMap(new fl());
        addCipherStorageToMap(new hl());
    }

    private void addCipherStorageToMap(xk xkVar) {
        this.cipherStorageMap.put(xkVar.g(), xkVar);
    }

    private xk.c decryptCredentials(String str, xk xkVar, a.C0159a c0159a, String str2, BiometricPrompt.d dVar) throws CryptoFailedException, KeyStoreAccessException {
        String str3 = c0159a.c;
        if (str3.equals(xkVar.g())) {
            return decryptToResult(str, xkVar, c0159a, dVar);
        }
        xk cipherStorageByName = getCipherStorageByName(str3);
        if (cipherStorageByName != null) {
            xk.c decryptToResult = decryptToResult(str, cipherStorageByName, c0159a, dVar);
            if ("automaticUpgradeToMoreSecuredStorage".equals(str2)) {
                try {
                    migrateCipherStorage(str, xkVar, cipherStorageByName, decryptToResult);
                } catch (CryptoFailedException unused) {
                }
            }
            return decryptToResult;
        }
        throw new KeyStoreAccessException("Wrong cipher storage name '" + str3 + "' or cipher not available");
    }

    /* JADX WARN: Multi-variable type inference failed */
    private xk.c decryptToResult(String str, xk xkVar, a.C0159a c0159a, BiometricPrompt.d dVar) throws CryptoFailedException {
        ix interactiveHandler = getInteractiveHandler(xkVar, dVar);
        xkVar.c(interactiveHandler, str, (byte[]) c0159a.a, (byte[]) c0159a.b, mo3.ANY);
        CryptoFailedException.a(interactiveHandler.o());
        if (interactiveHandler.a() != null) {
            return interactiveHandler.a();
        }
        throw new CryptoFailedException("No decryption results and no error. Something deeply wrong!");
    }

    private Collection<String> doGetAllGenericPasswordServices() throws KeyStoreAccessException {
        Set<String> i = this.prefsStorage.i();
        ArrayList arrayList = new ArrayList(i.size());
        Iterator<String> it = i.iterator();
        while (it.hasNext()) {
            arrayList.add(getCipherStorageByName(it.next()));
        }
        HashSet hashSet = new HashSet();
        Iterator it2 = arrayList.iterator();
        while (it2.hasNext()) {
            for (String str : ((xk) it2.next()).i()) {
                if (!str.equals(WARMING_UP_ALIAS)) {
                    hashSet.add(str);
                }
            }
        }
        return hashSet;
    }

    private static String getAccessControlOrDefault(ReadableMap readableMap) {
        return getAccessControlOrDefault(readableMap, "None");
    }

    private static String getAccessControlOrDefault(ReadableMap readableMap, String str) {
        String string = (readableMap == null || !readableMap.hasKey("accessControl")) ? null : readableMap.getString("accessControl");
        return string == null ? str : string;
    }

    private static String getAliasOrDefault(String str) {
        return str == null ? "" : str;
    }

    private static BiometricPrompt.d getPromptInfo(ReadableMap readableMap) {
        ReadableMap map = (readableMap == null || !readableMap.hasKey("authenticationPrompt")) ? null : readableMap.getMap("authenticationPrompt");
        BiometricPrompt.d.a aVar = new BiometricPrompt.d.a();
        if (map != null && map.hasKey("title")) {
            aVar.g(map.getString("title"));
        }
        if (map != null && map.hasKey("subtitle")) {
            aVar.f(map.getString("subtitle"));
        }
        if (map != null && map.hasKey("description")) {
            aVar.d(map.getString("description"));
        }
        if (map != null && map.hasKey("cancel")) {
            aVar.e(map.getString("cancel"));
        }
        aVar.b(15);
        aVar.c(false);
        return aVar.a();
    }

    private mo3 getSecurityLevel(boolean z) {
        try {
            xk cipherStorageForCurrentAPILevel = getCipherStorageForCurrentAPILevel(z);
            mo3 f = cipherStorageForCurrentAPILevel.f();
            mo3 mo3Var = mo3.SECURE_SOFTWARE;
            return !f.c(mo3Var) ? mo3.ANY : cipherStorageForCurrentAPILevel.j() ? mo3.SECURE_HARDWARE : mo3Var;
        } catch (CryptoFailedException e) {
            StringBuilder sb = new StringBuilder();
            sb.append("Security Level Exception: ");
            sb.append(e.getMessage());
            return mo3.ANY;
        }
    }

    private static mo3 getSecurityLevelOrDefault(ReadableMap readableMap) {
        return getSecurityLevelOrDefault(readableMap, mo3.ANY.name());
    }

    private static mo3 getSecurityLevelOrDefault(ReadableMap readableMap, String str) {
        String string = (readableMap == null || !readableMap.hasKey("securityLevel")) ? null : readableMap.getString("securityLevel");
        if (string != null) {
            str = string;
        }
        return mo3.valueOf(str);
    }

    private static String getSecurityRulesOrDefault(ReadableMap readableMap) {
        return getSecurityRulesOrDefault(readableMap, "none");
    }

    private static String getSecurityRulesOrDefault(ReadableMap readableMap, String str) {
        String string = (readableMap == null || !readableMap.hasKey("rules")) ? null : readableMap.getString("rules");
        return string == null ? str : string;
    }

    private xk getSelectedStorage(ReadableMap readableMap) throws CryptoFailedException {
        boolean useBiometry = getUseBiometry(getAccessControlOrDefault(readableMap));
        String specificStorageOrDefault = getSpecificStorageOrDefault(readableMap);
        xk cipherStorageByName = specificStorageOrDefault != null ? getCipherStorageByName(specificStorageOrDefault) : null;
        return cipherStorageByName == null ? getCipherStorageForCurrentAPILevel(useBiometry) : cipherStorageByName;
    }

    private static String getServiceOrDefault(ReadableMap readableMap) {
        return getAliasOrDefault((readableMap == null || !readableMap.hasKey("service")) ? null : readableMap.getString("service"));
    }

    private static String getSpecificStorageOrDefault(ReadableMap readableMap) {
        if (readableMap == null || !readableMap.hasKey("storage")) {
            return null;
        }
        return readableMap.getString("storage");
    }

    public static boolean getUseBiometry(String str) {
        return "BiometryAny".equals(str) || "BiometryCurrentSet".equals(str) || "BiometryAnyOrDevicePasscode".equals(str) || "BiometryCurrentSetOrDevicePasscode".equals(str);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void internalWarmingBestCipher() {
        try {
            long nanoTime = System.nanoTime();
            StringBuilder sb = new StringBuilder();
            sb.append("warming up started at ");
            sb.append(nanoTime);
            zk zkVar = (zk) getCipherStorageForCurrentAPILevel();
            zkVar.t();
            zkVar.s(WARMING_UP_ALIAS, zkVar.j() ? mo3.SECURE_HARDWARE : mo3.SECURE_SOFTWARE);
            zkVar.z();
            StringBuilder sb2 = new StringBuilder();
            sb2.append("warming up takes: ");
            sb2.append(TimeUnit.NANOSECONDS.toMillis(System.nanoTime() - nanoTime));
            sb2.append(" ms");
        } catch (Throwable unused) {
        }
    }

    public static void throwIfEmptyLoginPassword(String str, String str2) throws EmptyParameterException {
        if (TextUtils.isEmpty(str) || TextUtils.isEmpty(str2)) {
            throw new EmptyParameterException("you passed empty or null username/password");
        }
    }

    public static void throwIfInsufficientLevel(xk xkVar, mo3 mo3Var) throws CryptoFailedException {
        if (!xkVar.f().c(mo3Var)) {
            throw new CryptoFailedException(String.format("Cipher Storage is too weak. Required security level is: %s, but only %s is provided", mo3Var.name(), xkVar.f().name()));
        }
    }

    public static KeychainModule withWarming(ReactApplicationContext reactApplicationContext) {
        final KeychainModule keychainModule = new KeychainModule(reactApplicationContext);
        Thread thread = new Thread(new Runnable() { // from class: re2
            @Override // java.lang.Runnable
            public final void run() {
                KeychainModule.this.internalWarmingBestCipher();
            }
        }, "keychain-warming-up");
        thread.setDaemon(true);
        thread.start();
        return keychainModule;
    }

    @ReactMethod
    public void getAllGenericPasswordServices(Promise promise) {
        try {
            promise.resolve(Arguments.makeNativeArray(doGetAllGenericPasswordServices().toArray()));
        } catch (KeyStoreAccessException e) {
            promise.reject("E_KEYSTORE_ACCESS_ERROR", e);
        }
    }

    xk getCipherStorageByName(String str) {
        return this.cipherStorageMap.get(str);
    }

    xk getCipherStorageForCurrentAPILevel() throws CryptoFailedException {
        return getCipherStorageForCurrentAPILevel(true);
    }

    xk getCipherStorageForCurrentAPILevel(boolean z) throws CryptoFailedException {
        int i = Build.VERSION.SDK_INT;
        boolean z2 = z && (isFingerprintAuthAvailable() || isFaceAuthAvailable() || isIrisAuthAvailable());
        xk xkVar = null;
        for (xk xkVar2 : this.cipherStorageMap.values()) {
            StringBuilder sb = new StringBuilder();
            sb.append("Probe cipher storage: ");
            sb.append(xkVar2.getClass().getSimpleName());
            int b = xkVar2.b();
            int a = xkVar2.a();
            if ((b <= i) && (xkVar == null || a >= xkVar.a())) {
                if (!xkVar2.d() || z2) {
                    xkVar = xkVar2;
                }
            }
        }
        if (xkVar != null) {
            StringBuilder sb2 = new StringBuilder();
            sb2.append("Selected storage: ");
            sb2.append(xkVar.getClass().getSimpleName());
            return xkVar;
        }
        throw new CryptoFailedException("Unsupported Android SDK " + Build.VERSION.SDK_INT);
    }

    @Override // com.facebook.react.bridge.BaseJavaModule
    public Map<String, Object> getConstants() {
        HashMap hashMap = new HashMap();
        mo3 mo3Var = mo3.ANY;
        hashMap.put(mo3Var.b(), mo3Var.name());
        mo3 mo3Var2 = mo3.SECURE_SOFTWARE;
        hashMap.put(mo3Var2.b(), mo3Var2.name());
        mo3 mo3Var3 = mo3.SECURE_HARDWARE;
        hashMap.put(mo3Var3.b(), mo3Var3.name());
        return hashMap;
    }

    /* JADX WARN: Multi-variable type inference failed */
    protected void getGenericPassword(String str, ReadableMap readableMap, Promise promise) {
        try {
            a.C0159a e = this.prefsStorage.e(str);
            if (e == null) {
                StringBuilder sb = new StringBuilder();
                sb.append("No entry found for service: ");
                sb.append(str);
                promise.resolve(Boolean.FALSE);
                return;
            }
            String str2 = e.c;
            String securityRulesOrDefault = getSecurityRulesOrDefault(readableMap);
            BiometricPrompt.d promptInfo = getPromptInfo(readableMap);
            xk cipherStorageForCurrentAPILevel = (securityRulesOrDefault.equals("automaticUpgradeToMoreSecuredStorage") && str2.equals("FacebookConceal")) ? getCipherStorageForCurrentAPILevel(getUseBiometry(getAccessControlOrDefault(readableMap))) : getCipherStorageByName(str2);
            xk.c decryptCredentials = decryptCredentials(str, cipherStorageForCurrentAPILevel, e, securityRulesOrDefault, promptInfo);
            WritableMap createMap = Arguments.createMap();
            createMap.putString("service", str);
            createMap.putString("username", (String) decryptCredentials.a);
            createMap.putString("password", (String) decryptCredentials.b);
            createMap.putString("storage", cipherStorageForCurrentAPILevel.g());
            promise.resolve(createMap);
        } catch (CryptoFailedException e2) {
            e2.getMessage();
            promise.reject("E_CRYPTO_FAILED", e2);
        } catch (KeyStoreAccessException e3) {
            e3.getMessage();
            promise.reject("E_KEYSTORE_ACCESS_ERROR", e3);
        } catch (Throwable th) {
            th.getMessage();
            promise.reject("E_UNKNOWN_ERROR", th);
        }
    }

    @ReactMethod
    public void getGenericPasswordForOptions(ReadableMap readableMap, Promise promise) {
        getGenericPassword(getServiceOrDefault(readableMap), readableMap, promise);
    }

    protected ix getInteractiveHandler(xk xkVar, BiometricPrompt.d dVar) {
        return px.a(getReactApplicationContext(), xkVar, dVar);
    }

    @ReactMethod
    public void getInternetCredentialsForServer(String str, ReadableMap readableMap, Promise promise) {
        getGenericPassword(str, readableMap, promise);
    }

    @Override // com.facebook.react.bridge.NativeModule
    public String getName() {
        return KEYCHAIN_MODULE;
    }

    @ReactMethod
    public void getSecurityLevel(ReadableMap readableMap, Promise promise) {
        promise.resolve(getSecurityLevel(getUseBiometry(getAccessControlOrDefault(readableMap))).name());
    }

    @ReactMethod
    public void getSupportedBiometryType(Promise promise) {
        try {
            String str = null;
            if (m10.e(getReactApplicationContext())) {
                if (isFingerprintAuthAvailable()) {
                    str = FINGERPRINT_SUPPORTED_NAME;
                } else if (isFaceAuthAvailable()) {
                    str = FACE_SUPPORTED_NAME;
                } else if (isIrisAuthAvailable()) {
                    str = IRIS_SUPPORTED_NAME;
                }
            }
            promise.resolve(str);
        } catch (Exception e) {
            e.getMessage();
            promise.reject("E_SUPPORTED_BIOMETRY_ERROR", e);
        } catch (Throwable th) {
            th.getMessage();
            promise.reject("E_UNKNOWN_ERROR", th);
        }
    }

    @ReactMethod
    public void hasInternetCredentialsForServer(String str, Promise promise) {
        String aliasOrDefault = getAliasOrDefault(str);
        a.C0159a e = this.prefsStorage.e(aliasOrDefault);
        if (e == null) {
            StringBuilder sb = new StringBuilder();
            sb.append("No entry found for service: ");
            sb.append(aliasOrDefault);
            promise.resolve(Boolean.FALSE);
            return;
        }
        WritableMap createMap = Arguments.createMap();
        createMap.putString("service", aliasOrDefault);
        createMap.putString("storage", e.c);
        promise.resolve(createMap);
    }

    boolean isFaceAuthAvailable() {
        return m10.e(getReactApplicationContext()) && m10.a(getReactApplicationContext());
    }

    boolean isFingerprintAuthAvailable() {
        return m10.e(getReactApplicationContext()) && m10.b(getReactApplicationContext());
    }

    boolean isIrisAuthAvailable() {
        return m10.e(getReactApplicationContext()) && m10.c(getReactApplicationContext());
    }

    boolean isSecureHardwareAvailable() {
        try {
            return getCipherStorageForCurrentAPILevel().j();
        } catch (CryptoFailedException unused) {
            return false;
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    void migrateCipherStorage(String str, xk xkVar, xk xkVar2, xk.c cVar) throws KeyStoreAccessException, CryptoFailedException {
        this.prefsStorage.l(str, xkVar.h(str, (String) cVar.a, (String) cVar.b, cVar.a()));
        xkVar2.e(str);
    }

    protected void resetGenericPassword(String str, Promise promise) {
        xk cipherStorageByName;
        try {
            a.C0159a e = this.prefsStorage.e(str);
            if (e != null && (cipherStorageByName = getCipherStorageByName(e.c)) != null) {
                cipherStorageByName.e(str);
            }
            this.prefsStorage.k(str);
            promise.resolve(Boolean.TRUE);
        } catch (KeyStoreAccessException e2) {
            e2.getMessage();
            promise.reject("E_KEYSTORE_ACCESS_ERROR", e2);
        } catch (Throwable th) {
            th.getMessage();
            promise.reject("E_UNKNOWN_ERROR", th);
        }
    }

    @ReactMethod
    public void resetGenericPasswordForOptions(ReadableMap readableMap, Promise promise) {
        resetGenericPassword(getServiceOrDefault(readableMap), promise);
    }

    @ReactMethod
    public void resetInternetCredentialsForServer(String str, Promise promise) {
        resetGenericPassword(str, promise);
    }

    protected void setGenericPassword(String str, String str2, String str3, ReadableMap readableMap, Promise promise) {
        try {
            throwIfEmptyLoginPassword(str2, str3);
            mo3 securityLevelOrDefault = getSecurityLevelOrDefault(readableMap);
            xk selectedStorage = getSelectedStorage(readableMap);
            throwIfInsufficientLevel(selectedStorage, securityLevelOrDefault);
            this.prefsStorage.l(str, selectedStorage.h(str, str2, str3, securityLevelOrDefault));
            WritableMap createMap = Arguments.createMap();
            createMap.putString("service", str);
            createMap.putString("storage", selectedStorage.g());
            promise.resolve(createMap);
        } catch (CryptoFailedException e) {
            e.getMessage();
            promise.reject("E_CRYPTO_FAILED", e);
        } catch (EmptyParameterException e2) {
            e2.getMessage();
            promise.reject("E_EMPTY_PARAMETERS", e2);
        } catch (Throwable th) {
            th.getMessage();
            promise.reject("E_UNKNOWN_ERROR", th);
        }
    }

    @ReactMethod
    public void setGenericPasswordForOptions(ReadableMap readableMap, String str, String str2, Promise promise) {
        setGenericPassword(getServiceOrDefault(readableMap), str, str2, readableMap, promise);
    }

    @ReactMethod
    public void setInternetCredentialsForServer(String str, String str2, String str3, ReadableMap readableMap, Promise promise) {
        setGenericPassword(str, str2, str3, readableMap, promise);
    }
}
