package oracle.idm.mobile.auth.local;

import android.content.Context;
import android.content.SharedPreferences;
import android.text.TextUtils;
import java.security.Key;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.spec.InvalidKeySpecException;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import oracle.idm.mobile.OMErrorCode;
import oracle.idm.mobile.OMSecurityConstants;
import oracle.idm.mobile.crypto.OMInvalidKeyException;
import oracle.idm.mobile.crypto.OMKeyManagerException;
import oracle.idm.mobile.crypto.OMKeyStore;

/* loaded from: classes.dex */
public class OMPinAuthenticator implements f {
    private static final String h = "OMPinAuthenticator";

    /* renamed from: a, reason: collision with root package name */
    protected String f3123a;

    /* renamed from: b, reason: collision with root package name */
    protected Context f3124b;

    /* renamed from: c, reason: collision with root package name */
    protected OMKeyStore f3125c;

    /* renamed from: d, reason: collision with root package name */
    protected boolean f3126d = false;

    /* renamed from: e, reason: collision with root package name */
    protected boolean f3127e = false;

    /* renamed from: f, reason: collision with root package name */
    private Key f3128f;
    protected OMKeyStore g;

    private void i(String str, byte[] bArr) {
        try {
            this.f3128f = j(str, bArr);
            if (OMSecurityConstants.f2930a) {
                oracle.idm.mobile.logging.a.f(h, "**** Inside doSetAuthData: kek = " + oracle.idm.mobile.crypto.a.d(this.f3128f.getEncoded()));
            }
            oracle.idm.mobile.crypto.e eVar = new oracle.idm.mobile.crypto.e(this.f3124b);
            try {
                this.f3125c = eVar.c(this.f3123a, this.f3128f.getEncoded());
            } catch (OMInvalidKeyException e2) {
                throw new OMAuthenticationManagerException(OMErrorCode.INTERNAL_ERROR, "Invalid key. The given key is not valid to decrypt the encrypted data.", e2);
            } catch (OMKeyManagerException unused) {
            }
            if (this.f3125c == null) {
                OMKeyStore a2 = eVar.a(this.f3123a, this.f3128f.getEncoded());
                this.f3125c = a2;
                a2.d(this.f3123a, true);
            }
            if (this.g != null) {
                this.f3125c.a(this.g);
            }
            oracle.idm.mobile.crypto.f fVar = new oracle.idm.mobile.crypto.f(this.f3124b, this.f3125c, this.f3123a);
            String n = n();
            String k = k();
            fVar.d(n, k);
            m().edit().putString(n, k).putString(o(), oracle.idm.mobile.crypto.a.d(bArr)).commit();
        } catch (Exception e3) {
            throw new OMAuthenticationManagerException(OMErrorCode.INTERNAL_ERROR, e3.getMessage(), e3);
        }
    }

    private String k() {
        byte[] bArr = new byte[64];
        new SecureRandom().nextBytes(bArr);
        return oracle.idm.mobile.crypto.a.d(bArr);
    }

    private byte[] l() {
        byte[] bArr = new byte[16];
        new SecureRandom().nextBytes(bArr);
        return bArr;
    }

    @Override // oracle.idm.mobile.auth.local.f
    public void a(OMKeyStore oMKeyStore) {
        this.g = oMKeyStore;
    }

    @Override // oracle.idm.mobile.auth.local.f
    public void b() {
        if (!this.f3126d) {
            throw new OMAuthenticationManagerException(OMErrorCode.INVALID_STATE, "Not authenticated");
        }
        new oracle.idm.mobile.crypto.e(this.f3124b).b(this.f3123a, this.f3128f.getEncoded());
        m().edit().remove(n()).remove(o()).commit();
        p();
    }

    @Override // oracle.idm.mobile.auth.local.f
    public boolean c() {
        return this.f3126d;
    }

    @Override // oracle.idm.mobile.auth.local.f
    public boolean d(d dVar) {
        if (!this.f3127e) {
            throw new OMAuthenticationManagerException(OMErrorCode.INVALID_STATE, "Authenticator not yet initialized.");
        }
        if (dVar == null) {
            throw new OMAuthenticationManagerException(OMErrorCode.INVALID_STATE, "authData not set");
        }
        if (!(dVar.a() instanceof String)) {
            String name = dVar.a().getClass().getName();
            throw new OMAuthenticationManagerException(OMErrorCode.INVALID_INPUT, "OMAuthData.getData() must return a String object not [" + name + "]");
        }
        String str = (String) dVar.a();
        byte[] c2 = oracle.idm.mobile.crypto.a.c(m().getString(o(), null));
        if (c2 == null) {
            throw new OMAuthenticationManagerException(OMErrorCode.INVALID_STATE, "No salt.");
        }
        try {
            Key j = j(str, c2);
            if (OMSecurityConstants.f2930a) {
                oracle.idm.mobile.logging.a.f(h, "**** Inside authenticate: KEK = " + oracle.idm.mobile.crypto.a.d(j.getEncoded()));
            }
            OMKeyStore c3 = new oracle.idm.mobile.crypto.e(this.f3124b).c(this.f3123a, j.getEncoded());
            oracle.idm.mobile.crypto.f fVar = new oracle.idm.mobile.crypto.f(this.f3124b, c3, this.f3123a);
            String n = n();
            String string = m().getString(n, null);
            String str2 = (String) fVar.b(n);
            if (string == null || !string.equals(str2)) {
                return false;
            }
            this.f3126d = true;
            this.f3128f = j;
            this.f3125c = c3;
            return true;
        } catch (Exception e2) {
            throw new OMAuthenticationManagerException(OMErrorCode.INTERNAL_ERROR, e2.getMessage(), e2);
        }
    }

    @Override // oracle.idm.mobile.auth.local.f
    public OMKeyStore e() {
        return this.f3125c;
    }

    @Override // oracle.idm.mobile.auth.local.f
    public void f(Context context, String str, e eVar) {
        if (this.f3127e) {
            return;
        }
        if (TextUtils.isEmpty(str)) {
            throw new NullPointerException("authenticatorId");
        }
        this.f3123a = str;
        this.f3124b = context;
        this.f3127e = true;
    }

    @Override // oracle.idm.mobile.auth.local.f
    public void g(d dVar) {
        if (dVar == null) {
            throw new NullPointerException("authData");
        }
        if (dVar.a() == null) {
            throw new NullPointerException("authData.getData()");
        }
        if (dVar.a() instanceof String) {
            String str = (String) dVar.a();
            String string = m().getString(o(), null);
            i(str, string == null ? l() : oracle.idm.mobile.crypto.a.c(string));
        } else {
            String name = dVar.a().getClass().getName();
            throw new OMAuthenticationManagerException(OMErrorCode.INVALID_INPUT, "OMAuthData.getData() must return a String object not [" + name + "]");
        }
    }

    @Override // oracle.idm.mobile.auth.local.f
    public void h(d dVar, d dVar2) {
        try {
            if (!d(dVar)) {
                throw new OMAuthenticationManagerException(OMErrorCode.INCORRECT_CURRENT_AUTHDATA, "Cannot authenticate using currentAuthData");
            }
            if (dVar2 == null) {
                throw new NullPointerException("newAuthData");
            }
            if (dVar2.a() == null) {
                throw new NullPointerException("newAuthData.getData()");
            }
            if (dVar2.a() instanceof String) {
                String str = (String) dVar2.a();
                byte[] l = l();
                new oracle.idm.mobile.crypto.e(this.f3124b).d(this.f3123a, this.f3128f.getEncoded(), j(str, l).getEncoded());
                i(str, l);
                return;
            }
            String name = dVar2.a().getClass().getName();
            throw new OMAuthenticationManagerException(OMErrorCode.INVALID_INPUT, "OMAuthData.getData() must return a String object not [" + name + "]");
        } catch (OMAuthenticationManagerException e2) {
            throw new OMAuthenticationManagerException(OMErrorCode.INCORRECT_CURRENT_AUTHDATA, "Cannot authenticate using currentAuthData", e2);
        }
    }

    @Override // oracle.idm.mobile.auth.local.f
    public boolean isInitialized() {
        return this.f3127e;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Key j(String str, byte[] bArr) {
        long currentTimeMillis = System.currentTimeMillis();
        try {
            SecretKey generateSecret = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1").generateSecret(new PBEKeySpec(str.toCharArray(), bArr, 2000, 256));
            oracle.idm.mobile.logging.a.a("getKeyFromPin", "getKeyFromPin took:  " + (System.currentTimeMillis() - currentTimeMillis) + " ms");
            return generateSecret;
        } catch (NoSuchAlgorithmException | InvalidKeySpecException e2) {
            throw new OMAuthenticationManagerException(OMErrorCode.INTERNAL_ERROR, e2.getMessage(), e2);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public SharedPreferences m() {
        return this.f3124b.getSharedPreferences(OMPinAuthenticator.class.getSimpleName(), 0);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String n() {
        return this.f3123a + "_validation_data";
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public String o() {
        return this.f3123a + "_salt";
    }

    public void p() {
        this.f3127e = false;
        this.f3126d = false;
        this.f3125c = null;
        this.g = null;
        this.f3128f = null;
    }

    public boolean q() {
        if (this.f3124b == null) {
            return false;
        }
        return m().getString(n(), null) != null;
    }
}
