package net.pulsesecure.modules.system;

import android.annotation.TargetApi;
import android.content.Context;
import android.hardware.fingerprint.FingerprintManager;
import android.os.CancellationSignal;
import android.security.keystore.KeyGenParameterSpec;
import android.security.keystore.KeyPermanentlyInvalidatedException;
import androidx.core.content.ContextCompat;
import com.fasterxml.jackson.core.util.MinimalPrettyPrinter;
import com.rsa.crypto.AlgorithmStrings;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import net.juniper.junos.pulse.android.sql.VpnProfile;
import net.pulsesecure.infra.PSUtils;
import net.pulsesecure.pulsesecure.R;
import org.slf4j.Logger;

@TargetApi(23)
/* loaded from: classes2.dex */
public class FingerprintHandler extends FingerprintManager.AuthenticationCallback {
    public static final boolean FINGERPRINT_AUTH_ENABLED = false;
    private static final String KEY_NAME = "pulse_secure";
    Logger logger = PSUtils.getClassLogger();
    private FingerprintAuth mCallback;
    private CancellationSignal mCancellationSignal;
    private Cipher mCipher;
    private VpnProfile mConnection;
    private Context mContext;
    private FingerprintManager.CryptoObject mCryptoObject;
    private FingerprintManager mFingerprintManager;
    private KeyGenerator mKeyGenerator;
    private KeyStore mKeyStore;

    /* loaded from: classes2.dex */
    public interface FingerprintAuth {
        void onFingerprintAuthenticated(VpnProfile vpnProfile);

        void onFingerprintAuthenticationFailed(String str);
    }

    public FingerprintHandler(Context context, FingerprintAuth fingerprintAuth) {
        this.mContext = context;
        this.mCallback = fingerprintAuth;
        this.mFingerprintManager = (FingerprintManager) this.mContext.getSystemService("fingerprint");
    }

    private boolean startAuth(FingerprintManager fingerprintManager, FingerprintManager.CryptoObject cryptoObject) {
        this.mCancellationSignal = new CancellationSignal();
        if (ContextCompat.checkSelfPermission(this.mContext, "android.permission.USE_FINGERPRINT") != 0) {
            return false;
        }
        fingerprintManager.authenticate(cryptoObject, this.mCancellationSignal, 0, this, null);
        return true;
    }

    @TargetApi(23)
    public boolean cipherInit() {
        try {
            this.mCipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
            try {
                this.mKeyStore.load(null);
                this.mCipher.init(1, (SecretKey) this.mKeyStore.getKey(KEY_NAME, null));
                return true;
            } catch (KeyPermanentlyInvalidatedException e) {
                this.logger.debug("Failed to init Cipher " + e);
                return false;
            } catch (IOException e2) {
                e = e2;
                this.logger.debug("Failed to init Cipher " + e);
                return false;
            } catch (InvalidKeyException e3) {
                e = e3;
                this.logger.debug("Failed to init Cipher " + e);
                return false;
            } catch (KeyStoreException e4) {
                e = e4;
                this.logger.debug("Failed to init Cipher " + e);
                return false;
            } catch (NoSuchAlgorithmException e5) {
                e = e5;
                this.logger.debug("Failed to init Cipher " + e);
                return false;
            } catch (UnrecoverableKeyException e6) {
                e = e6;
                this.logger.debug("Failed to init Cipher " + e);
                return false;
            } catch (CertificateException e7) {
                e = e7;
                this.logger.debug("Failed to init Cipher " + e);
                return false;
            }
        } catch (NoSuchAlgorithmException | NoSuchPaddingException e8) {
            this.logger.debug("Failed to get Cipher " + e8);
            return false;
        }
    }

    @TargetApi(23)
    protected boolean generateKey() {
        try {
            this.mKeyStore = KeyStore.getInstance("AndroidKeyStore");
            try {
                this.mKeyGenerator = KeyGenerator.getInstance(AlgorithmStrings.AES, "AndroidKeyStore");
                try {
                    this.mKeyStore.load(null);
                    this.mKeyGenerator.init(new KeyGenParameterSpec.Builder(KEY_NAME, 3).setBlockModes(AlgorithmStrings.CBC).setUserAuthenticationRequired(true).setEncryptionPaddings("PKCS7Padding").build());
                    this.mKeyGenerator.generateKey();
                    return true;
                } catch (IOException | InvalidAlgorithmParameterException | NoSuchAlgorithmException | CertificateException e) {
                    this.logger.debug("Failed to generate key " + e);
                    return false;
                }
            } catch (NoSuchAlgorithmException | NoSuchProviderException e2) {
                this.logger.debug("Failed to get KeyGenerator instance " + e2);
                return false;
            }
        } catch (Exception e3) {
            this.logger.debug("Failed to get AndroidKeyStore instance " + e3);
            return false;
        }
    }

    public boolean hasEnrolledFingerprints() {
        return ContextCompat.checkSelfPermission(this.mContext, "android.permission.USE_FINGERPRINT") == 0 && this.mFingerprintManager.hasEnrolledFingerprints();
    }

    @Override // android.hardware.fingerprint.FingerprintManager.AuthenticationCallback
    public void onAuthenticationError(int i, CharSequence charSequence) {
        this.logger.debug("Fingerprint Authentication Failed. " + i + MinimalPrettyPrinter.DEFAULT_ROOT_VALUE_SEPARATOR + ((Object) charSequence));
        this.mCallback.onFingerprintAuthenticationFailed(charSequence.toString());
    }

    @Override // android.hardware.fingerprint.FingerprintManager.AuthenticationCallback
    public void onAuthenticationFailed() {
        this.logger.debug("Fingerprint Authentication Failed.");
        this.mCallback.onFingerprintAuthenticationFailed(this.mContext.getString(R.string.fingerprint_auth_failed_text));
    }

    @Override // android.hardware.fingerprint.FingerprintManager.AuthenticationCallback
    public void onAuthenticationHelp(int i, CharSequence charSequence) {
        this.logger.debug("Fingerprint Authentication Failed. " + i + MinimalPrettyPrinter.DEFAULT_ROOT_VALUE_SEPARATOR + ((Object) charSequence));
        this.mCallback.onFingerprintAuthenticationFailed(charSequence.toString());
    }

    @Override // android.hardware.fingerprint.FingerprintManager.AuthenticationCallback
    public void onAuthenticationSucceeded(FingerprintManager.AuthenticationResult authenticationResult) {
        this.logger.debug("Fingerprint Authentication Succeeded.");
        this.mCallback.onFingerprintAuthenticated(this.mConnection);
        setConnection(null);
    }

    public void setConnection(VpnProfile vpnProfile) {
        this.mConnection = vpnProfile;
    }

    public boolean startFingerprintSensor() {
        this.logger.debug("start fingerprint sensor");
        if (!generateKey() || !cipherInit()) {
            return false;
        }
        this.mCryptoObject = new FingerprintManager.CryptoObject(this.mCipher);
        return startAuth(this.mFingerprintManager, this.mCryptoObject);
    }
}
