package de.jepfa.yapm.service.secret;

import android.content.Context;
import android.util.Log;
import de.jepfa.yapm.R;
import de.jepfa.yapm.model.encrypted.CipherAlgorithmKt;
import de.jepfa.yapm.model.encrypted.Encrypted;
import de.jepfa.yapm.model.encrypted.EncryptedType;
import de.jepfa.yapm.model.secret.Key;
import de.jepfa.yapm.model.secret.Password;
import de.jepfa.yapm.model.secret.SecretKeyHolder;
import de.jepfa.yapm.model.session.Session;
import de.jepfa.yapm.service.PreferenceService;
import de.jepfa.yapm.service.biometrix.BiometricCallback;
import de.jepfa.yapm.service.biometrix.BiometricManagerVX;
import de.jepfa.yapm.service.biometrix.BiometricUtils;
import de.jepfa.yapm.util.UiUtilsKt;
import javax.crypto.Cipher;
import javax.crypto.spec.GCMParameterSpec;
import kotlin.Metadata;
import kotlin.Unit;
import kotlin.jvm.functions.Function0;
import kotlin.jvm.functions.Function1;
import kotlin.jvm.internal.Intrinsics;

/* compiled from: MasterPasswordService.kt */
@Metadata(d1 = {"\u0000`\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u000e\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0018\u0002\n\u0002\b\n\n\u0002\u0010\u000b\n\u0002\b\u0006\bÆ\u0002\u0018\u00002\u00020\u0001B\u0007\b\u0002¢\u0006\u0002\u0010\u0002J\u0018\u0010\b\u001a\u00020\t2\u0006\u0010\n\u001a\u00020\u000b2\u0006\u0010\f\u001a\u00020\rH\u0002J\u0010\u0010\u000e\u001a\u00020\t2\u0006\u0010\n\u001a\u00020\u000bH\u0002J\u001a\u0010\u000f\u001a\u0004\u0018\u00010\u00102\u0006\u0010\u0011\u001a\u00020\t2\u0006\u0010\f\u001a\u00020\rH\u0002JI\u0010\u0012\u001a\u00020\u00132\u0006\u0010\u0014\u001a\u00020\u00152\u0006\u0010\u0016\u001a\u00020\r2!\u0010\u0017\u001a\u001d\u0012\u0013\u0012\u00110\u0010¢\u0006\f\b\u0019\u0012\b\b\u001a\u0012\u0004\b\b(\u001b\u0012\u0004\u0012\u00020\u00130\u00182\f\u0010\u001c\u001a\b\u0012\u0004\u0012\u00020\u00130\u001dH\u0002J\u000e\u0010\u001e\u001a\u00020\u00132\u0006\u0010\u0014\u001a\u00020\u0015J\"\u0010\u001f\u001a\u0004\u0018\u00010\r2\u0006\u0010\u0011\u001a\u00020\t2\u0006\u0010\u001b\u001a\u00020\u00102\u0006\u0010 \u001a\u00020\u0006H\u0002J4\u0010!\u001a\u00020\u00132\u0006\u0010\u0014\u001a\u00020\u00152\u0006\u0010\u001b\u001a\u00020\u00102\f\u0010\"\u001a\b\u0012\u0004\u0012\u00020\u00130\u001d2\f\u0010#\u001a\b\u0012\u0004\u0012\u00020\u00130\u001dH\u0002J\u000e\u0010$\u001a\u00020\u000b2\u0006\u0010\u0014\u001a\u00020\u0015J\u0010\u0010%\u001a\u0004\u0018\u00010\u00102\u0006\u0010\u0014\u001a\u00020\u0015J?\u0010&\u001a\u00020\u00132\u0006\u0010\u0014\u001a\u00020\u00152!\u0010\u0017\u001a\u001d\u0012\u0013\u0012\u00110\u0010¢\u0006\f\b\u0019\u0012\b\b\u001a\u0012\u0004\b\b(\u001b\u0012\u0004\u0012\u00020\u00130\u00182\f\u0010\u001c\u001a\b\u0012\u0004\u0012\u00020\u00130\u001dJ\u0010\u0010'\u001a\u00020(2\b\u0010\u0016\u001a\u0004\u0018\u00010\rJ\u000e\u0010)\u001a\u00020(2\u0006\u0010\u0014\u001a\u00020\u0015J\u000e\u0010*\u001a\u00020(2\u0006\u0010\u0014\u001a\u00020\u0015J\u000e\u0010+\u001a\u00020(2\u0006\u0010,\u001a\u00020\rJ2\u0010-\u001a\u00020\u00132\u0006\u0010\u001b\u001a\u00020\u00102\u0006\u0010\u0014\u001a\u00020\u00152\f\u0010\"\u001a\b\u0012\u0004\u0012\u00020\u00130\u001d2\f\u0010#\u001a\b\u0012\u0004\u0012\u00020\u00130\u001dR\u000e\u0010\u0003\u001a\u00020\u0004X\u0082\u0004¢\u0006\u0002\n\u0000R\u000e\u0010\u0005\u001a\u00020\u0006X\u0086T¢\u0006\u0002\n\u0000R\u000e\u0010\u0007\u001a\u00020\u0006X\u0082T¢\u0006\u0002\n\u0000¨\u0006."}, d2 = {"Lde/jepfa/yapm/service/secret/MasterPasswordService;", "", "()V", "EMP_SALT", "Lde/jepfa/yapm/model/secret/Key;", "KEY_PROTECTED_MP", "", "MODE_WITH_AUTH", "createDecryptCipher", "Ljavax/crypto/Cipher;", "secretKeyHolder", "Lde/jepfa/yapm/model/secret/SecretKeyHolder;", "encrypted", "Lde/jepfa/yapm/model/encrypted/Encrypted;", "createEncryptCipher", "decryptMasterPassword", "Lde/jepfa/yapm/model/secret/Password;", "cipher", "decryptWithBiometrics", "", "context", "Landroid/content/Context;", "encStoredMasterPasswd", "handlePasswordReceived", "Lkotlin/Function1;", "Lkotlin/ParameterName;", "name", "masterPassword", "handleNothingReceived", "Lkotlin/Function0;", "deleteStoredMasterPassword", "encryptMasterPassword", "mode", "encryptWithBiometrics", "handlePasswordStored", "handleNothingStored", "generateEncMasterPasswdSKForExport", "getMasterPasswordFromSession", "getMasterPasswordFromStore", "isEncMasterPasswordRequiresBiometrics", "", "isMasterPasswordStored", "isMasterPasswordStoredWithAuth", "isProtectedEMP", "emp", "storeMasterPassword", "app_release"}, k = 1, mv = {1, 8, 0}, xi = 48)
/* loaded from: classes2.dex */
public final class MasterPasswordService {
    public static final String KEY_PROTECTED_MP = "protected";
    private static final String MODE_WITH_AUTH = "wa";
    public static final MasterPasswordService INSTANCE = new MasterPasswordService();
    private static final Key EMP_SALT = new Key(new byte[]{12, 57, 33, 75, 22, -33, 1, 123, -72, -82, 42, 100, -18, 54, 92, 23, -89, -21, -1, 95, -51, 11, 4, -99});

    private MasterPasswordService() {
    }

    private final Cipher createDecryptCipher(SecretKeyHolder secretKeyHolder, Encrypted encrypted) {
        Cipher cipher = Cipher.getInstance(secretKeyHolder.getCipherAlgorithm().getCipherName());
        cipher.init(2, secretKeyHolder.getSecretKey(), new GCMParameterSpec(128, encrypted.getIv()));
        Intrinsics.checkNotNullExpressionValue(cipher, "cipher");
        return cipher;
    }

    private final Cipher createEncryptCipher(SecretKeyHolder secretKeyHolder) {
        Cipher cipher = Cipher.getInstance(secretKeyHolder.getCipherAlgorithm().getCipherName());
        cipher.init(1, secretKeyHolder.getSecretKey());
        Intrinsics.checkNotNullExpressionValue(cipher, "cipher");
        return cipher;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public final Password decryptMasterPassword(Cipher cipher, Encrypted encrypted) {
        try {
            byte[] decrypted = cipher.doFinal(encrypted.getData());
            Intrinsics.checkNotNullExpressionValue(decrypted, "decrypted");
            return new Password(decrypted);
        } catch (Exception unused) {
            Log.e("EMPS", "unable to decrypt stored EMP");
            return null;
        }
    }

    private final void decryptWithBiometrics(final Context context, final Encrypted encStoredMasterPasswd, final Function1<? super Password, Unit> handlePasswordReceived, final Function0<Unit> handleNothingReceived) {
        try {
            BiometricManagerVX biometricManagerVX = new BiometricManagerVX(createDecryptCipher(SecretService.INSTANCE.getAndroidSecretKey(AndroidKey.ALIAS_KEY_MP_WITH_AUTH, context), encStoredMasterPasswd), context);
            String string = context.getString(R.string.auth_to_decrypt_emp);
            Intrinsics.checkNotNullExpressionValue(string, "context.getString(R.string.auth_to_decrypt_emp)");
            String string2 = context.getString(R.string.auth_to_decrypt_emp_omit);
            Intrinsics.checkNotNullExpressionValue(string2, "context.getString(R.stri…auth_to_decrypt_emp_omit)");
            biometricManagerVX.authenticate(string, string2, new BiometricCallback() { // from class: de.jepfa.yapm.service.secret.MasterPasswordService$decryptWithBiometrics$1
                @Override // de.jepfa.yapm.service.biometrix.BiometricCallback
                public void onAuthenticationCancelled() {
                    handleNothingReceived.invoke();
                }

                @Override // de.jepfa.yapm.service.biometrix.BiometricCallback
                public void onAuthenticationError(CharSequence errString) {
                    String string3;
                    Context context2 = context;
                    if (errString == null || (string3 = errString.toString()) == null) {
                        string3 = context.getString(R.string.biometric_not_supported);
                        Intrinsics.checkNotNullExpressionValue(string3, "context.getString(R.stri….biometric_not_supported)");
                    }
                    UiUtilsKt.toastText(context2, string3);
                }

                /* JADX WARN: Code restructure failed: missing block: B:2:0x0002, code lost:
                
                    r3 = de.jepfa.yapm.service.secret.MasterPasswordService.INSTANCE.decryptMasterPassword(r3, r2);
                 */
                @Override // de.jepfa.yapm.service.biometrix.BiometricCallback
                /*
                    Code decompiled incorrectly, please refer to instructions dump.
                    To view partially-correct add '--show-bad-code' argument
                */
                public void onAuthenticationSuccessful(javax.crypto.Cipher r3) {
                    /*
                        r2 = this;
                        if (r3 == 0) goto L12
                        de.jepfa.yapm.service.secret.MasterPasswordService r0 = de.jepfa.yapm.service.secret.MasterPasswordService.INSTANCE
                        de.jepfa.yapm.model.encrypted.Encrypted r1 = r2
                        de.jepfa.yapm.model.secret.Password r3 = de.jepfa.yapm.service.secret.MasterPasswordService.access$decryptMasterPassword(r0, r3, r1)
                        if (r3 == 0) goto L12
                        kotlin.jvm.functions.Function1<de.jepfa.yapm.model.secret.Password, kotlin.Unit> r0 = r3
                        r0.invoke(r3)
                        return
                    L12:
                        android.content.Context r3 = r4
                        r0 = 2132017245(0x7f14005d, float:1.9672763E38)
                        de.jepfa.yapm.util.UiUtilsKt.toastText(r3, r0)
                        kotlin.jvm.functions.Function0<kotlin.Unit> r3 = r1
                        r3.invoke()
                        return
                    */
                    throw new UnsupportedOperationException("Method not decompiled: de.jepfa.yapm.service.secret.MasterPasswordService$decryptWithBiometrics$1.onAuthenticationSuccessful(javax.crypto.Cipher):void");
                }
            });
        } catch (Exception e) {
            Log.e("MPS", "cannot decrypt with biometric", e);
            UiUtilsKt.toastText(context, R.string.biometric_failed);
            deleteStoredMasterPassword(context);
            handleNothingReceived.invoke();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public final Encrypted encryptMasterPassword(Cipher cipher, Password masterPassword, String mode) {
        try {
            byte[] encryptedData = cipher.doFinal(masterPassword.getData());
            EncryptedType encryptedType = new EncryptedType(EncryptedType.Types.ENC_MASTER_PASSWD, mode);
            byte[] iv = cipher.getIV();
            Intrinsics.checkNotNullExpressionValue(iv, "cipher.iv");
            Intrinsics.checkNotNullExpressionValue(encryptedData, "encryptedData");
            return new Encrypted(encryptedType, iv, encryptedData, CipherAlgorithmKt.getDEFAULT_CIPHER_ALGORITHM());
        } catch (Exception unused) {
            Log.e("EMPS", "unable to encrypt stored EMP");
            return null;
        }
    }

    private final void encryptWithBiometrics(final Context context, final Password masterPassword, final Function0<Unit> handlePasswordStored, final Function0<Unit> handleNothingStored) {
        try {
            BiometricManagerVX biometricManagerVX = new BiometricManagerVX(createEncryptCipher(SecretService.INSTANCE.getAndroidSecretKey(AndroidKey.ALIAS_KEY_MP_WITH_AUTH, context)), context);
            String string = context.getString(R.string.auth_to_encrypt_emp);
            Intrinsics.checkNotNullExpressionValue(string, "context.getString(R.string.auth_to_encrypt_emp)");
            String string2 = context.getString(android.R.string.cancel);
            Intrinsics.checkNotNullExpressionValue(string2, "context.getString(android.R.string.cancel)");
            biometricManagerVX.authenticate(string, string2, new BiometricCallback() { // from class: de.jepfa.yapm.service.secret.MasterPasswordService$encryptWithBiometrics$1
                @Override // de.jepfa.yapm.service.biometrix.BiometricCallback
                public void onAuthenticationCancelled() {
                    MasterPasswordService.INSTANCE.deleteStoredMasterPassword(context);
                    handleNothingStored.invoke();
                }

                @Override // de.jepfa.yapm.service.biometrix.BiometricCallback
                public void onAuthenticationError(CharSequence errString) {
                    String string3;
                    Context context2 = context;
                    if (errString == null || (string3 = errString.toString()) == null) {
                        string3 = context.getString(R.string.biometric_not_supported);
                        Intrinsics.checkNotNullExpressionValue(string3, "context.getString(R.stri….biometric_not_supported)");
                    }
                    UiUtilsKt.toastText(context2, string3);
                }

                /* JADX WARN: Code restructure failed: missing block: B:2:0x0002, code lost:
                
                    r4 = de.jepfa.yapm.service.secret.MasterPasswordService.INSTANCE.encryptMasterPassword(r4, r3, "wa");
                 */
                @Override // de.jepfa.yapm.service.biometrix.BiometricCallback
                /*
                    Code decompiled incorrectly, please refer to instructions dump.
                    To view partially-correct add '--show-bad-code' argument
                */
                public void onAuthenticationSuccessful(javax.crypto.Cipher r4) {
                    /*
                        r3 = this;
                        if (r4 == 0) goto L1d
                        de.jepfa.yapm.service.secret.MasterPasswordService r0 = de.jepfa.yapm.service.secret.MasterPasswordService.INSTANCE
                        de.jepfa.yapm.model.secret.Password r1 = r3
                        java.lang.String r2 = "wa"
                        de.jepfa.yapm.model.encrypted.Encrypted r4 = de.jepfa.yapm.service.secret.MasterPasswordService.access$encryptMasterPassword(r0, r4, r1, r2)
                        if (r4 == 0) goto L1d
                        de.jepfa.yapm.service.PreferenceService r0 = de.jepfa.yapm.service.PreferenceService.INSTANCE
                        java.lang.String r1 = "YAPM/data:mpwd"
                        android.content.Context r2 = r1
                        r0.putEncrypted(r1, r4, r2)
                        kotlin.jvm.functions.Function0<kotlin.Unit> r4 = r4
                        r4.invoke()
                        return
                    L1d:
                        android.content.Context r4 = r1
                        r0 = 2132017245(0x7f14005d, float:1.9672763E38)
                        de.jepfa.yapm.util.UiUtilsKt.toastText(r4, r0)
                        de.jepfa.yapm.service.secret.MasterPasswordService r4 = de.jepfa.yapm.service.secret.MasterPasswordService.INSTANCE
                        android.content.Context r0 = r1
                        r4.deleteStoredMasterPassword(r0)
                        kotlin.jvm.functions.Function0<kotlin.Unit> r4 = r2
                        r4.invoke()
                        return
                    */
                    throw new UnsupportedOperationException("Method not decompiled: de.jepfa.yapm.service.secret.MasterPasswordService$encryptWithBiometrics$1.onAuthenticationSuccessful(javax.crypto.Cipher):void");
                }
            });
        } catch (Exception e) {
            Log.e("MPS", "cannot encrypt with biometric", e);
            UiUtilsKt.toastText(context, R.string.biometric_failed);
            deleteStoredMasterPassword(context);
            handleNothingStored.invoke();
        }
    }

    public final void deleteStoredMasterPassword(Context context) {
        Intrinsics.checkNotNullParameter(context, "context");
        PreferenceService.INSTANCE.delete(PreferenceService.DATA_ENCRYPTED_MASTER_PASSWORD, context);
        SecretService.INSTANCE.removeAndroidSecretKey(AndroidKey.ALIAS_KEY_MP);
        SecretService.INSTANCE.removeAndroidSecretKey(AndroidKey.ALIAS_KEY_MP_WITH_AUTH);
    }

    public final SecretKeyHolder generateEncMasterPasswdSKForExport(Context context) {
        Intrinsics.checkNotNullParameter(context, "context");
        Password password = new Password(SaltService.INSTANCE.getSalt(context));
        SecretKeyHolder generateNormalSecretKey = SecretService.INSTANCE.generateNormalSecretKey(password, EMP_SALT, CipherAlgorithmKt.getDEFAULT_CIPHER_ALGORITHM());
        password.clear();
        return generateNormalSecretKey;
    }

    public final Password getMasterPasswordFromSession(Context context) {
        Intrinsics.checkNotNullParameter(context, "context");
        SecretKeyHolder androidSecretKey = SecretService.INSTANCE.getAndroidSecretKey(AndroidKey.ALIAS_KEY_TRANSPORT, context);
        Encrypted encMasterPasswd = Session.INSTANCE.getEncMasterPasswd();
        if (encMasterPasswd == null) {
            return null;
        }
        return SecretService.INSTANCE.decryptPassword(androidSecretKey, encMasterPasswd);
    }

    public final void getMasterPasswordFromStore(Context context, Function1<? super Password, Unit> handlePasswordReceived, Function0<Unit> handleNothingReceived) {
        Intrinsics.checkNotNullParameter(context, "context");
        Intrinsics.checkNotNullParameter(handlePasswordReceived, "handlePasswordReceived");
        Intrinsics.checkNotNullParameter(handleNothingReceived, "handleNothingReceived");
        Encrypted encrypted = PreferenceService.INSTANCE.getEncrypted(PreferenceService.DATA_ENCRYPTED_MASTER_PASSWORD, context);
        if (encrypted == null) {
            handleNothingReceived.invoke();
            return;
        }
        if (isEncMasterPasswordRequiresBiometrics(encrypted) && BiometricUtils.INSTANCE.isBiometricsAvailable(context)) {
            decryptWithBiometrics(context, encrypted, handlePasswordReceived, handleNothingReceived);
            return;
        }
        Password decryptPassword = SecretService.INSTANCE.decryptPassword(SecretService.INSTANCE.getAndroidSecretKey(AndroidKey.ALIAS_KEY_MP, context), encrypted);
        if (decryptPassword.isValid()) {
            handlePasswordReceived.invoke(decryptPassword);
            return;
        }
        Log.w("MPS", "stored master password not valid");
        deleteStoredMasterPassword(context);
        handleNothingReceived.invoke();
    }

    public final boolean isEncMasterPasswordRequiresBiometrics(Encrypted encStoredMasterPasswd) {
        EncryptedType type;
        return Intrinsics.areEqual((encStoredMasterPasswd == null || (type = encStoredMasterPasswd.getType()) == null) ? null : type.getPayload(), MODE_WITH_AUTH);
    }

    public final boolean isMasterPasswordStored(Context context) {
        Intrinsics.checkNotNullParameter(context, "context");
        return PreferenceService.INSTANCE.isPresent(PreferenceService.DATA_ENCRYPTED_MASTER_PASSWORD, context);
    }

    public final boolean isMasterPasswordStoredWithAuth(Context context) {
        Intrinsics.checkNotNullParameter(context, "context");
        return isEncMasterPasswordRequiresBiometrics(PreferenceService.INSTANCE.getEncrypted(PreferenceService.DATA_ENCRYPTED_MASTER_PASSWORD, context));
    }

    public final boolean isProtectedEMP(Encrypted emp) {
        Intrinsics.checkNotNullParameter(emp, "emp");
        if (emp.isType(EncryptedType.Types.ENC_MASTER_PASSWD)) {
            EncryptedType type = emp.getType();
            if (Intrinsics.areEqual(type != null ? type.getPayload() : null, KEY_PROTECTED_MP)) {
                return true;
            }
        }
        return false;
    }

    public final void storeMasterPassword(Password masterPassword, Context context, Function0<Unit> handlePasswordStored, Function0<Unit> handleNothingStored) {
        Intrinsics.checkNotNullParameter(masterPassword, "masterPassword");
        Intrinsics.checkNotNullParameter(context, "context");
        Intrinsics.checkNotNullParameter(handlePasswordStored, "handlePasswordStored");
        Intrinsics.checkNotNullParameter(handleNothingStored, "handleNothingStored");
        if (PreferenceService.INSTANCE.getAsBool(PreferenceService.PREF_AUTH_SMP_WITH_BIOMETRIC, context) && BiometricUtils.INSTANCE.isBiometricsAvailable(context)) {
            encryptWithBiometrics(context, masterPassword, handlePasswordStored, handleNothingStored);
            return;
        }
        PreferenceService.INSTANCE.putEncrypted(PreferenceService.DATA_ENCRYPTED_MASTER_PASSWORD, SecretService.INSTANCE.encryptPassword(SecretService.INSTANCE.getAndroidSecretKey(AndroidKey.ALIAS_KEY_MP, context), masterPassword), context);
        handlePasswordStored.invoke();
    }
}
