package com.intuit.spc.authorization.handshake;

import android.content.Context;
import com.intuit.spc.authorization.handshake.internal.DeviceUtility;
import com.intuit.spc.authorization.handshake.internal.Logger;
import com.intuit.spc.authorization.handshake.internal.ParamValidator;
import com.intuit.spc.authorization.handshake.internal.SerializationUtility;
import com.intuit.spc.authorization.handshake.internal.security.CryptoUtility;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.io.Serializable;
import java.util.Arrays;
import javax.crypto.SecretKey;

/* loaded from: classes.dex */
public class SimpleSecureStore {
    private static final String DATASTORE_DIRECTORY = "authorization";
    private static final String DATASTORE_FILE_NAME = "SecureStore.dat";
    private Context mAndroidContext;
    private SecretKey mDeviceKey;
    private SecretKey mPasscodeKey;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public static class Datastore implements Serializable {
        private static final long serialVersionUID = 1;
        public byte[] encryptedData;
        public byte[] hmac;
        public int iterationCount;
        public byte[] iv;
        public PasscodeInputType passcodeInputType;
        public ProtectionType protectionType;
        public byte[] salt;

        private Datastore() {
        }

        protected Object decryptAndDeserialize(SecretKey secretKey) throws Exception {
            if (secretKey == null) {
                throw new UnsupportedOperationException("No key provided");
            }
            return SerializationUtility.deserialize(CryptoUtility.decryptData(this.encryptedData, secretKey, this.iv));
        }
    }

    /* loaded from: classes.dex */
    public enum PasscodeInputType {
        NOT_APPLICABLE,
        FOUR_DIGIT_INPUT,
        FIVE_DIGIT_INPUT,
        SIX_DIGIT_INPUT,
        DIGIT_ONLY_INPUT,
        ALPHA_NUMERIC_INPUT
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public enum ProtectionType {
        DEVICE,
        PASSCODE
    }

    public SimpleSecureStore(Context context) {
        Logger.getInstance().logMethod("androidContext", context);
        ParamValidator.checkIsNotNull(context, "androidContext");
        this.mAndroidContext = context;
    }

    private static PasscodeInputType determinePasscodeInputType(String str) {
        boolean z = true;
        char[] charArray = str.toCharArray();
        int length = charArray.length;
        int i = 0;
        while (true) {
            if (i >= length) {
                break;
            }
            if (!Character.isDigit(charArray[i])) {
                z = false;
                break;
            }
            i++;
        }
        return z ? str.length() == 4 ? PasscodeInputType.FOUR_DIGIT_INPUT : str.length() == 5 ? PasscodeInputType.FIVE_DIGIT_INPUT : str.length() == 6 ? PasscodeInputType.SIX_DIGIT_INPUT : PasscodeInputType.DIGIT_ONLY_INPUT : PasscodeInputType.ALPHA_NUMERIC_INPUT;
    }

    private File getDatastoreFile() {
        return new File(this.mAndroidContext.getDir(DATASTORE_DIRECTORY, 0), DATASTORE_FILE_NAME);
    }

    private Datastore loadDatastore() throws Exception {
        File file = null;
        try {
            file = getDatastoreFile();
            if (!file.exists()) {
                return null;
            }
            ObjectInputStream objectInputStream = new ObjectInputStream(new FileInputStream(file));
            Object readObject = objectInputStream.readObject();
            objectInputStream.close();
            return (Datastore) readObject;
        } catch (Exception e) {
            Logger.getInstance().log(e);
            if (file != null) {
                Logger.getInstance().logError("Deleting " + file.getPath());
                file.delete();
            }
            return null;
        }
    }

    private void saveDatastore(Datastore datastore) throws Exception {
        ObjectOutputStream objectOutputStream = new ObjectOutputStream(new FileOutputStream(getDatastoreFile()));
        objectOutputStream.writeObject(datastore);
        objectOutputStream.close();
    }

    public synchronized void changePasscode(String str) throws Exception {
        SecretKey generateAesKeyForPassword;
        if (Logger.getInstance().isLoggable(Logger.LogLevel.SENSITIVE)) {
            Logger.getInstance().logMethod("passcode", str);
        } else {
            Logger.getInstance().logMethod("passcode", "***");
        }
        if (isPasscodeProtectedInternal() && !isUnlockedInternal()) {
            throw new UnsupportedOperationException("Unable to change passcode. Unlock required.");
        }
        Datastore loadDatastore = loadDatastore();
        if (loadDatastore == null) {
            loadDatastore = new Datastore();
        }
        Object loadObject = loadObject();
        if (str != null) {
            loadDatastore.protectionType = ProtectionType.PASSCODE;
            loadDatastore.passcodeInputType = determinePasscodeInputType(str);
            loadDatastore.salt = CryptoUtility.getRandomSalt();
            loadDatastore.iterationCount = CryptoUtility.secureKeyIterationCount();
            generateAesKeyForPassword = CryptoUtility.generateAesKeyForPassword(str.toCharArray(), loadDatastore.salt, loadDatastore.iterationCount);
            this.mPasscodeKey = generateAesKeyForPassword;
            loadDatastore.hmac = CryptoUtility.calculateHmacWithKey(this.mPasscodeKey, str.getBytes("UTF8"));
        } else {
            loadDatastore.protectionType = ProtectionType.DEVICE;
            loadDatastore.passcodeInputType = PasscodeInputType.NOT_APPLICABLE;
            loadDatastore.salt = CryptoUtility.getRandomSalt();
            String deviceId = DeviceUtility.getDeviceId(this.mAndroidContext);
            generateAesKeyForPassword = CryptoUtility.generateAesKeyForPassword(deviceId.toCharArray(), loadDatastore.salt, loadDatastore.iterationCount);
            this.mDeviceKey = generateAesKeyForPassword;
            loadDatastore.hmac = CryptoUtility.calculateHmacWithKey(this.mDeviceKey, deviceId.getBytes("UTF8"));
        }
        if (loadObject != null) {
            CryptoUtility.EncryptionResult encryptData = CryptoUtility.encryptData(SerializationUtility.serialize(loadObject), generateAesKeyForPassword);
            loadDatastore.encryptedData = encryptData.encrypedData;
            loadDatastore.iv = encryptData.initializationVector;
        }
        saveDatastore(loadDatastore);
    }

    public synchronized boolean checkPasscode(String str) throws Exception {
        Datastore loadDatastore;
        if (Logger.getInstance().isLoggable(Logger.LogLevel.SENSITIVE)) {
            Logger.getInstance().logMethod("passcode", str);
        } else {
            Logger.getInstance().logMethod("passcode", "***");
        }
        ParamValidator.checkIsNotNull(str, "passcode");
        loadDatastore = loadDatastore();
        if (loadDatastore == null) {
            throw new UnsupportedOperationException("Store does not exist.");
        }
        if (loadDatastore.protectionType != ProtectionType.PASSCODE) {
            throw new UnsupportedOperationException("Not passcode protected.");
        }
        return Arrays.equals(CryptoUtility.calculateHmacWithKey(CryptoUtility.generateAesKeyForPassword(str.toCharArray(), loadDatastore.salt, loadDatastore.iterationCount), str.getBytes("UTF8")), loadDatastore.hmac);
    }

    public synchronized void deleteStore() {
        Logger.getInstance().logMethod(new Object[0]);
        getDatastoreFile().delete();
    }

    public synchronized PasscodeInputType getPasscodeInputType() throws Exception {
        Datastore loadDatastore;
        Logger.getInstance().logMethod(new Object[0]);
        loadDatastore = loadDatastore();
        return loadDatastore == null ? PasscodeInputType.NOT_APPLICABLE : loadDatastore.protectionType == ProtectionType.PASSCODE ? loadDatastore.passcodeInputType : PasscodeInputType.NOT_APPLICABLE;
    }

    public synchronized boolean isPasscodeProtected() throws Exception {
        Logger.getInstance().logMethod(new Object[0]);
        return isPasscodeProtectedInternal();
    }

    public synchronized boolean isPasscodeProtectedInternal() throws Exception {
        boolean z = false;
        synchronized (this) {
            Datastore loadDatastore = loadDatastore();
            if (loadDatastore != null) {
                if (loadDatastore.protectionType == ProtectionType.PASSCODE) {
                    z = true;
                }
            }
        }
        return z;
    }

    public synchronized boolean isUnlocked() throws Exception {
        Logger.getInstance().logMethod(new Object[0]);
        return isUnlockedInternal();
    }

    public synchronized boolean isUnlockedInternal() throws Exception {
        return this.mPasscodeKey != null;
    }

    public synchronized Object loadObject() throws Exception {
        Object obj = null;
        synchronized (this) {
            Logger.getInstance().logMethod(new Object[0]);
            if (!isPasscodeProtectedInternal()) {
                Datastore loadDatastore = loadDatastore();
                if (loadDatastore != null && loadDatastore.encryptedData != null) {
                    if (this.mDeviceKey == null) {
                        String deviceId = DeviceUtility.getDeviceId(this.mAndroidContext);
                        this.mDeviceKey = CryptoUtility.generateAesKeyForPassword(deviceId.toCharArray(), loadDatastore.salt, loadDatastore.iterationCount);
                        if (!Arrays.equals(CryptoUtility.calculateHmacWithKey(this.mDeviceKey, deviceId.getBytes("UTF8")), loadDatastore.hmac)) {
                            throw new UnsupportedOperationException("Unable to load object.");
                        }
                    }
                    obj = loadDatastore.decryptAndDeserialize(this.mDeviceKey);
                }
            } else {
                if (!isUnlockedInternal()) {
                    throw new UnsupportedOperationException("Unable to load object. Unlock required.");
                }
                Datastore loadDatastore2 = loadDatastore();
                if (loadDatastore2 != null && loadDatastore2.encryptedData != null) {
                    obj = loadDatastore2.decryptAndDeserialize(this.mPasscodeKey);
                }
            }
        }
        return obj;
    }

    public synchronized void lock() throws Exception {
        Logger.getInstance().logMethod(new Object[0]);
        this.mPasscodeKey = null;
    }

    public synchronized void saveObject(Serializable serializable) throws Exception {
        SecretKey secretKey;
        if (Logger.getInstance().isLoggable(Logger.LogLevel.SENSITIVE)) {
            Logger.getInstance().logMethod("object", serializable.toString());
        } else {
            Logger.getInstance().logMethod("object", "<redacted>");
        }
        ParamValidator.checkIsNotNull(serializable, "object");
        Datastore loadDatastore = loadDatastore();
        if (loadDatastore == null) {
            loadDatastore = new Datastore();
        }
        if (!isPasscodeProtectedInternal()) {
            loadDatastore.protectionType = ProtectionType.DEVICE;
            loadDatastore.passcodeInputType = PasscodeInputType.NOT_APPLICABLE;
            if (this.mDeviceKey == null) {
                loadDatastore.salt = CryptoUtility.getRandomSalt();
                loadDatastore.iterationCount = CryptoUtility.secureKeyIterationCount();
                String deviceId = DeviceUtility.getDeviceId(this.mAndroidContext);
                this.mDeviceKey = CryptoUtility.generateAesKeyForPassword(deviceId.toCharArray(), loadDatastore.salt, loadDatastore.iterationCount);
                loadDatastore.hmac = CryptoUtility.calculateHmacWithKey(this.mDeviceKey, deviceId.getBytes("UTF8"));
            }
            secretKey = this.mDeviceKey;
        } else {
            if (!isUnlockedInternal()) {
                throw new UnsupportedOperationException("Unable to save object. Unlock required.");
            }
            secretKey = this.mPasscodeKey;
        }
        CryptoUtility.EncryptionResult encryptData = CryptoUtility.encryptData(SerializationUtility.serialize(serializable), secretKey);
        loadDatastore.encryptedData = encryptData.encrypedData;
        loadDatastore.iv = encryptData.initializationVector;
        saveDatastore(loadDatastore);
    }

    public synchronized boolean storeExists() {
        Logger.getInstance().logMethod(new Object[0]);
        return getDatastoreFile().exists();
    }

    public synchronized boolean unlock(String str) throws Exception {
        boolean z = false;
        synchronized (this) {
            if (Logger.getInstance().isLoggable(Logger.LogLevel.SENSITIVE)) {
                Logger.getInstance().logMethod("passcode", str);
            } else {
                Logger.getInstance().logMethod("passcode", "***");
            }
            ParamValidator.checkIsNotNull(str, "passcode");
            Datastore loadDatastore = loadDatastore();
            if (loadDatastore == null) {
                throw new UnsupportedOperationException("Store not created");
            }
            if (loadDatastore.protectionType == ProtectionType.DEVICE) {
                throw new UnsupportedOperationException("Store not passcode-protected");
            }
            SecretKey generateAesKeyForPassword = CryptoUtility.generateAesKeyForPassword(str.toCharArray(), loadDatastore.salt, loadDatastore.iterationCount);
            if (Arrays.equals(CryptoUtility.calculateHmacWithKey(generateAesKeyForPassword, str.getBytes("UTF8")), loadDatastore.hmac)) {
                this.mPasscodeKey = generateAesKeyForPassword;
                z = true;
            }
        }
        return z;
    }
}
