package cz.camelot.camelot.managers;

import android.content.Context;
import android.security.keystore.KeyGenParameterSpec;
import androidx.databinding.ObservableField;
import com.microsoft.appcenter.Constants;
import cz.camelot.camelot.CamelotApplication;
import cz.camelot.camelot.crypto.CryptoHelper;
import cz.camelot.camelot.persistence.BackupSecurityHeader;
import cz.camelot.camelot.persistence.BackupSecuritySealInfo;
import cz.camelot.camelot.persistence.MySeal;
import cz.camelot.camelot.persistence.NodeXPasscode;
import cz.camelot.camelot.persistence.Passcode;
import cz.camelot.camelot.persistence.ReceivedSeal;
import cz.camelot.camelot.persistence.Security;
import cz.camelot.camelot.userdata.AccessLogEntry;
import cz.camelot.camelot.userdata.AppDatabase;
import cz.camelot.camelot.utils.StringConvert;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.util.ArrayList;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
import java.util.function.Function;
import java.util.function.Predicate;
import java.util.stream.Collectors;
import java.util.zip.CRC32;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: classes2.dex */
public class PasscodeManager {
    public static final String[] SEAL_NAMES = {"Lancelot", "Gawain", "Geraint", "Percival", "Lamorak", "Kay", "Gareth", "Bedivere", "Gaheris", "Galahad", "Tristan", "Palamedes"};
    private static PasscodeManager instance;
    private Security security;
    private Logger log = LoggerFactory.getLogger(getClass());
    private CryptoHelper cryptoHelper = new CryptoHelper();
    public final ObservableField<Date> passcodeLock = new ObservableField<>();
    private final String BIOMETRIC_KEY_ENTRY_ALIAS = "CamelotPasscode";
    Context context = CamelotApplication.getContext();

    private PasscodeManager() {
        this.passcodeLock.set(AppDatabase.getInstance().dao().getUserData().passcodeNextAttempt);
        load();
    }

    private PasscodeContext checkPasscode(String str, boolean z) {
        for (Passcode passcode : this.security.getPasscodes()) {
            PasscodeContext checkPasscode = checkPasscode(passcode.getPasscodeId(), this.cryptoHelper.keyForPassword(str, StringConvert.fromBase64(passcode.getSaltB64())), z);
            if (checkPasscode != null) {
                return checkPasscode;
            }
        }
        return null;
    }

    public static PasscodeManager getInstance() {
        if (instance == null) {
            instance = new PasscodeManager();
        }
        return instance;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static /* synthetic */ boolean lambda$checkPasscodeUsingSeals$18(int i, MySeal mySeal) {
        return mySeal.getIndex() == i;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static /* synthetic */ boolean lambda$decryptMasterKeyBackupUsingSeals$19(int i, BackupSecuritySealInfo backupSecuritySealInfo) {
        return backupSecuritySealInfo.getIndex() == i;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static /* synthetic */ boolean lambda$isEncryptedUsingPasscode$16(String str, String str2, NodeXPasscode nodeXPasscode) {
        return nodeXPasscode.getNodeId().equals(str) && nodeXPasscode.getPasscodeId().equals(str2);
    }

    public void addReceivedSeal(ReceivedSeal receivedSeal) {
        this.security.getReceivedSeals().add(receivedSeal);
        storeSecurity();
    }

    public boolean checForAccessLogAlert(PasscodeContext passcodeContext) {
        if (!passcodeContext.isPuk) {
            return false;
        }
        List<AccessLogEntry> accessLog = UserDataManager.getInstance().getAccessLog();
        if (accessLog.size() > 0) {
            return accessLog.get(0).shouldShowToUser();
        }
        return false;
    }

    public PasscodeContext checkEPuk(PasscodeContext passcodeContext) {
        if (passcodeContext.passcodeId.equals(this.security.getEpukPasscodeId())) {
            this.log.info("PasscodeManager.checkEPuk EPUK entered");
            AnalyticsManager.getInstance().logEvent("epuk_entered");
            for (PasscodeContext passcodeContext2 : getPasscodes(passcodeContext)) {
                if (passcodeContext2.getEpukProtected().booleanValue()) {
                    deletePasscode(passcodeContext2);
                }
            }
            NodeManager.getInstance().deleteTreeEPuk(passcodeContext);
            PasscodeContext checkPasscodeUsingPrivateKey = checkPasscodeUsingPrivateKey(this.security.getPukPasscodeId(), passcodeContext.privateKey);
            if (checkPasscodeUsingPrivateKey != null) {
                deletePasscode(passcodeContext);
                this.security.setEpukPasscodeId(null);
                storeSecurity();
                updateKey(this.security.getPukPasscodeId(), checkPasscodeUsingPrivateKey.key, passcodeContext.key, passcodeContext.salt);
                return checkPasscode(this.security.getPukPasscodeId(), passcodeContext.key, true);
            }
        }
        return passcodeContext;
    }

    public PasscodeContext checkPasscode(String str) {
        this.log.info("PasscodeManager.checkPasscode for phrase");
        return checkPasscode(str, true);
    }

    public PasscodeContext checkPasscode(final String str, byte[] bArr, boolean z) {
        this.log.info("PasscodeManager.checkPasscode: %s", str);
        Passcode passcode = this.security.getPasscodes().stream().filter(new Predicate() { // from class: cz.camelot.camelot.managers.-$$Lambda$PasscodeManager$uVaQjHwc3_F1YGvt43v6CUCQVjg
            @Override // java.util.function.Predicate
            public final boolean test(Object obj) {
                boolean equals;
                equals = ((Passcode) obj).getPasscodeId().equals(str);
                return equals;
            }
        }).findFirst().get();
        byte[] fromBase64 = StringConvert.fromBase64(passcode.getSaltB64());
        CRC32 crc32 = new CRC32();
        crc32.update(this.cryptoHelper.encrypt(this.cryptoHelper.emptyIV(), bArr, fromBase64));
        this.log.info("PasscodeManager.checkPasscode: computedCRC32: %l, storedCRC32: %l", Long.valueOf(crc32.getValue()), Long.valueOf(passcode.getCheckCRC32()));
        if (passcode.getCheckCRC32() != crc32.getValue()) {
            return null;
        }
        PasscodeContext passcodeContext = new PasscodeContext(str, StringConvert.fromUtf8Data(this.cryptoHelper.decrypt(StringConvert.fromBase64(passcode.getNameB64()), bArr, fromBase64)), bArr, fromBase64, str.equals(this.security.getPukPasscodeId()), str.equals(this.security.getEpukPasscodeId()), null, null, passcode.getEpukProtected().booleanValue(), passcode.getFoolPin().booleanValue(), str.equals(this.security.getBiometricsPasscodeId()));
        if (passcode.getMasterKeyB64() != null) {
            passcodeContext.masterKey = this.cryptoHelper.decrypt(StringConvert.fromBase64(passcode.getMasterKeyB64()), bArr, this.cryptoHelper.emptyIV());
            passcodeContext.privateKey = this.cryptoHelper.decrypt(StringConvert.fromBase64(this.security.getPrivateKeyB64()), passcodeContext.masterKey, this.cryptoHelper.emptyIV());
        }
        resetPasscodeLock();
        return z ? checkEPuk(passcodeContext) : passcodeContext;
    }

    public PasscodeContext checkPasscode(byte[] bArr) {
        this.log.info("PasscodeManager.checkPasscode for key");
        for (Passcode passcode : this.security.getPasscodes()) {
            StringConvert.fromBase64(passcode.getSaltB64());
            PasscodeContext checkPasscode = checkPasscode(passcode.getPasscodeId(), bArr, true);
            if (checkPasscode != null) {
                return checkPasscode;
            }
        }
        return null;
    }

    public PasscodeContext checkPasscodeUsingMasterKey(final String str, byte[] bArr) {
        this.log.info("PasscodeManager.checkPasscode using master key: %s", str);
        if (this.security.getPasscodes().stream().filter(new Predicate() { // from class: cz.camelot.camelot.managers.-$$Lambda$PasscodeManager$t06O3pxQVZBO1oznon97EoT1w2E
            @Override // java.util.function.Predicate
            public final boolean test(Object obj) {
                boolean equals;
                equals = ((Passcode) obj).getPasscodeId().equals(str);
                return equals;
            }
        }).findFirst().get() != null) {
            return checkPasscodeUsingPrivateKey(str, this.cryptoHelper.decrypt(StringConvert.fromBase64(this.security.getPrivateKeyB64()), bArr, this.cryptoHelper.emptyIV()));
        }
        return null;
    }

    public PasscodeContext checkPasscodeUsingPrivateKey(final String str, byte[] bArr) {
        this.log.info("PasscodeManager.checkPasscode using private key: %s", str);
        Passcode passcode = this.security.getPasscodes().stream().filter(new Predicate() { // from class: cz.camelot.camelot.managers.-$$Lambda$PasscodeManager$GLuhBT3ULxKK61OnKuu8xPhBGEY
            @Override // java.util.function.Predicate
            public final boolean test(Object obj) {
                boolean equals;
                equals = ((Passcode) obj).getPasscodeId().equals(str);
                return equals;
            }
        }).findFirst().get();
        if (passcode != null) {
            return checkPasscode(str, this.cryptoHelper.decryptUsingPrivate(StringConvert.fromBase64(passcode.getPasscodeKeyB64()), bArr), true);
        }
        return null;
    }

    public PasscodeContext checkPasscodeUsingSeals(List<String> list) {
        byte[] shamirCombine;
        ArrayList arrayList = new ArrayList();
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            String[] split = it.next().split(Constants.COMMON_SCHEMA_PREFIX_SEPARATOR);
            if (split.length > 2) {
                try {
                    int parseInt = Integer.parseInt(split[0]);
                    final int parseInt2 = Integer.parseInt(split[1]);
                    String str = split[2];
                    MySeal mySeal = getMySeals().stream().filter(new Predicate() { // from class: cz.camelot.camelot.managers.-$$Lambda$PasscodeManager$MagCEB1INZywFJMb3IepT94Fzk4
                        @Override // java.util.function.Predicate
                        public final boolean test(Object obj) {
                            return PasscodeManager.lambda$checkPasscodeUsingSeals$18(parseInt2, (MySeal) obj);
                        }
                    }).findFirst().get();
                    if (mySeal != null && parseInt == 1 && mySeal.getSeedB64() != null) {
                        arrayList.add(this.cryptoHelper.xor(StringConvert.fromBase64(str), StringConvert.fromBase64(mySeal.getSeedB64())));
                    }
                } catch (NumberFormatException e) {
                    this.log.info(e.toString());
                }
            }
        }
        if (arrayList.size() == 0 || (shamirCombine = this.cryptoHelper.shamirCombine(arrayList)) == null) {
            return null;
        }
        return checkPasscodeUsingMasterKey(this.security.getPukPasscodeId(), shamirCombine);
    }

    public PasscodeContext checkPasscodeWithoutEpukCheck(String str) {
        this.log.info("PasscodeManager.checkPasscodeWithoutEpukCheck for phrase");
        return checkPasscode(str, false);
    }

    public void clean() {
        this.log.info("PasscodeManager.clean");
        this.security = new Security();
    }

    public void clearBiometrics() {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            if (keyStore.containsAlias("CamelotPasscode")) {
                keyStore.deleteEntry("CamelotPasscode");
            }
        } catch (IOException e) {
            e.printStackTrace();
        } catch (KeyStoreException e2) {
            e2.printStackTrace();
        } catch (NoSuchAlgorithmException e3) {
            e3.printStackTrace();
        } catch (CertificateException e4) {
            e4.printStackTrace();
        }
        this.security.setBiometricsPasscodeId(null);
        storeSecurity();
    }

    public BackupSecurityHeader createBackupSecurityHeader(byte[] bArr) {
        BackupSecurityHeader backupSecurityHeader = new BackupSecurityHeader();
        backupSecurityHeader.setPrivateKeyEncryptedB64(this.security.getPrivateKeyB64());
        backupSecurityHeader.setPhraseKeyEncryptedB64(StringConvert.toBase64(encryptUsingPublic(bArr)));
        for (MySeal mySeal : getMySeals()) {
            BackupSecuritySealInfo backupSecuritySealInfo = new BackupSecuritySealInfo();
            backupSecuritySealInfo.setIndex(mySeal.getIndex());
            backupSecuritySealInfo.setSeedB64(mySeal.getSeedB64());
            backupSecurityHeader.getSeals().add(backupSecuritySealInfo);
        }
        return backupSecurityHeader;
    }

    public Cipher createBiometricLoginCipher() {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            if (keyStore.containsAlias("CamelotPasscode")) {
                PrivateKey privateKey = (PrivateKey) keyStore.getKey("CamelotPasscode", null);
                Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
                cipher.init(2, privateKey);
                return cipher;
            }
        } catch (IOException e) {
            e.printStackTrace();
        } catch (InvalidKeyException e2) {
            e2.printStackTrace();
        } catch (KeyStoreException e3) {
            e3.printStackTrace();
        } catch (NoSuchAlgorithmException e4) {
            e4.printStackTrace();
        } catch (UnrecoverableKeyException e5) {
            e5.printStackTrace();
        } catch (CertificateException e6) {
            e6.printStackTrace();
        } catch (NoSuchPaddingException e7) {
            e7.printStackTrace();
        }
        return null;
    }

    public byte[] decryptMasterKeyBackupUsingSeals(List<String> list, BackupSecurityHeader backupSecurityHeader) {
        ArrayList arrayList = new ArrayList();
        Iterator<String> it = list.iterator();
        while (it.hasNext()) {
            String[] split = it.next().split(Constants.COMMON_SCHEMA_PREFIX_SEPARATOR);
            if (split.length > 2) {
                try {
                    int parseInt = Integer.parseInt(split[0]);
                    final int parseInt2 = Integer.parseInt(split[1]);
                    String str = split[2];
                    BackupSecuritySealInfo backupSecuritySealInfo = backupSecurityHeader.getSeals().stream().filter(new Predicate() { // from class: cz.camelot.camelot.managers.-$$Lambda$PasscodeManager$vHdHPFvm7VK5xSFx0dQ7Z3Cjn5A
                        @Override // java.util.function.Predicate
                        public final boolean test(Object obj) {
                            return PasscodeManager.lambda$decryptMasterKeyBackupUsingSeals$19(parseInt2, (BackupSecuritySealInfo) obj);
                        }
                    }).findFirst().get();
                    if (backupSecuritySealInfo != null && parseInt == 1) {
                        byte[] fromBase64 = StringConvert.fromBase64(backupSecuritySealInfo.getSeedB64());
                        byte[] fromBase642 = StringConvert.fromBase64(str);
                        if (fromBase64 != null && fromBase642 != null && fromBase64.length == fromBase642.length) {
                            arrayList.add(this.cryptoHelper.xor(fromBase642, fromBase64));
                        }
                    }
                } catch (NumberFormatException e) {
                    this.log.info(e.toString());
                }
            }
        }
        return this.cryptoHelper.shamirCombine(arrayList);
    }

    public byte[] decryptPhraseKeyUsingMasterKey(byte[] bArr, BackupSecurityHeader backupSecurityHeader) {
        return this.cryptoHelper.decryptUsingPrivate(StringConvert.fromBase64(backupSecurityHeader.getPhraseKeyEncryptedB64()), this.cryptoHelper.decrypt(StringConvert.fromBase64(backupSecurityHeader.getPrivateKeyEncryptedB64()), bArr, this.cryptoHelper.emptyIV()));
    }

    public void deletePasscode(final PasscodeContext passcodeContext) {
        this.log.info("PasscodeManager.deletePasscode: %s", passcodeContext.passcodeId);
        this.security.getPasscodes().removeIf(new Predicate() { // from class: cz.camelot.camelot.managers.-$$Lambda$PasscodeManager$n_FBwYBKf-Xb0nwNUXmXWRsXT0k
            @Override // java.util.function.Predicate
            public final boolean test(Object obj) {
                boolean equals;
                equals = ((Passcode) obj).getPasscodeId().equals(PasscodeContext.this.passcodeId);
                return equals;
            }
        });
        if (passcodeContext.passcodeId.equals(this.security.getBiometricsPasscodeId())) {
            clearBiometrics();
        }
        NodeManager.getInstance().deleteTreeForPasscode(passcodeContext);
        if (passcodeContext.passcodeId.equals(this.security.getEpukPasscodeId())) {
            this.security.setEpukPasscodeId(null);
        }
        storeSecurity();
    }

    public byte[] encryptUsingPublic(byte[] bArr) {
        if (this.security.getPublicKeyB64() == null) {
            return null;
        }
        return this.cryptoHelper.encryptUsingPublic(bArr, StringConvert.fromBase64(this.security.getPublicKeyB64()));
    }

    public void generateMySeals(PasscodeContext passcodeContext, int i) {
        byte[] bArr = passcodeContext.masterKey;
        this.security.getMySeals().clear();
        List<byte[]> shamirShare = this.cryptoHelper.shamirShare(bArr, SEAL_NAMES.length, i);
        for (int i2 = 0; i2 < SEAL_NAMES.length; i2++) {
            MySeal mySeal = new MySeal();
            mySeal.setIndex(i2);
            mySeal.setName(SEAL_NAMES[i2]);
            mySeal.setSealDataB64(StringConvert.toBase64(this.cryptoHelper.encrypt(shamirShare.get(i2), bArr, this.cryptoHelper.emptyIV())));
            this.security.getMySeals().add(mySeal);
        }
        this.security.setNumberOfSeals(i);
        storeSecurity();
    }

    public List<String> getEncryptedNodeIds() {
        return (List) this.security.getNodePasscodes().stream().map(new Function() { // from class: cz.camelot.camelot.managers.-$$Lambda$PasscodeManager$FrqfiE5IEimCEmpXFkbh-COJmsA
            @Override // java.util.function.Function
            public final Object apply(Object obj) {
                String nodeId;
                nodeId = ((NodeXPasscode) obj).getNodeId();
                return nodeId;
            }
        }).collect(Collectors.toList());
    }

    public byte[] getKey(String str, PasscodeContext passcodeContext) {
        if (passcodeContext == null) {
            return null;
        }
        for (NodeXPasscode nodeXPasscode : this.security.getNodePasscodes()) {
            if (nodeXPasscode.getNodeId().equals(str)) {
                if (nodeXPasscode.getPasscodeId().equals(passcodeContext.passcodeId)) {
                    return this.cryptoHelper.decrypt(StringConvert.fromBase64(nodeXPasscode.getNodeKeyB64()), passcodeContext.key, this.cryptoHelper.emptyIV());
                }
                if (passcodeContext.privateKey != null) {
                    return this.cryptoHelper.decryptUsingPrivate(StringConvert.fromBase64(nodeXPasscode.getNodeKeyRestoreB64()), passcodeContext.privateKey);
                }
            }
        }
        return null;
    }

    public List<MySeal> getMySeals() {
        return this.security.getMySeals();
    }

    public List<String> getNodeIdsForPasscode(final String str) {
        return (List) this.security.getNodePasscodes().stream().filter(new Predicate() { // from class: cz.camelot.camelot.managers.-$$Lambda$PasscodeManager$HdkAS8jC8P1hyZIc1kEB_MKzxpc
            @Override // java.util.function.Predicate
            public final boolean test(Object obj) {
                boolean equals;
                equals = str.equals(((NodeXPasscode) obj).getPasscodeId());
                return equals;
            }
        }).map(new Function() { // from class: cz.camelot.camelot.managers.-$$Lambda$PasscodeManager$EegMn25c1izZmWb8PpqrNA0yjhE
            @Override // java.util.function.Function
            public final Object apply(Object obj) {
                String nodeId;
                nodeId = ((NodeXPasscode) obj).getNodeId();
                return nodeId;
            }
        }).collect(Collectors.toList());
    }

    public int getNumberOfSealsNeeded() {
        return this.security.getNumberOfSeals();
    }

    public List<PasscodeContext> getPasscodes(PasscodeContext passcodeContext) {
        this.log.info("PasscodeManager.getPasscodes: %s", passcodeContext.passcodeId);
        ArrayList arrayList = new ArrayList();
        byte[] bArr = passcodeContext.privateKey;
        if (bArr != null) {
            for (Passcode passcode : this.security.getPasscodes()) {
                byte[] fromBase64 = StringConvert.fromBase64(passcode.getSaltB64());
                byte[] decryptUsingPrivate = this.cryptoHelper.decryptUsingPrivate(StringConvert.fromBase64(passcode.getPasscodeKeyB64()), bArr);
                arrayList.add(new PasscodeContext(passcode.getPasscodeId(), StringConvert.fromUtf8Data(this.cryptoHelper.decrypt(StringConvert.fromBase64(passcode.getNameB64()), decryptUsingPrivate, fromBase64)), decryptUsingPrivate, fromBase64, passcode.getPasscodeId().equals(this.security.getPukPasscodeId()), passcode.getPasscodeId().equals(this.security.getEpukPasscodeId()), null, null, passcode.getEpukProtected().booleanValue(), passcode.getFoolPin().booleanValue(), passcode.getPasscodeId().equals(this.security.getBiometricsPasscodeId())));
            }
        }
        return arrayList;
    }

    public List<ReceivedSeal> getReceivedSeals() {
        return this.security.getReceivedSeals();
    }

    public boolean hasBiometricPasscode() {
        return this.security.getBiometricsPasscodeId() != null;
    }

    public boolean hasFoolPin() {
        return this.security.getPasscodes().stream().anyMatch(new Predicate() { // from class: cz.camelot.camelot.managers.-$$Lambda$PasscodeManager$9TsHoO6j-g1W89Qu77zVbwhvt8o
            @Override // java.util.function.Predicate
            public final boolean test(Object obj) {
                boolean booleanValue;
                booleanValue = ((Passcode) obj).getFoolPin().booleanValue();
                return booleanValue;
            }
        });
    }

    public boolean hasPasscodes() {
        return this.security.getPasscodes().size() > 0;
    }

    public boolean isEncrypted(final String str) {
        return this.security.getNodePasscodes().stream().anyMatch(new Predicate() { // from class: cz.camelot.camelot.managers.-$$Lambda$PasscodeManager$9xnyhzY4Vmj5vkwePVHD5mOB-d4
            @Override // java.util.function.Predicate
            public final boolean test(Object obj) {
                boolean equals;
                equals = ((NodeXPasscode) obj).getNodeId().equals(str);
                return equals;
            }
        });
    }

    public boolean isEncryptedUsingPasscode(final String str, final String str2) {
        return this.security.getNodePasscodes().stream().anyMatch(new Predicate() { // from class: cz.camelot.camelot.managers.-$$Lambda$PasscodeManager$SaSLHiPWcavTt47OwP075wIBcnU
            @Override // java.util.function.Predicate
            public final boolean test(Object obj) {
                return PasscodeManager.lambda$isEncryptedUsingPasscode$16(str, str2, (NodeXPasscode) obj);
            }
        });
    }

    public void load() {
        this.security = PersistenceManager.getInstance().loadSecurity();
        if (this.security == null) {
            this.security = new Security();
        }
    }

    public boolean registerEPUKPasscode(final String str, final PasscodeContext passcodeContext) {
        if (this.security.getEpukPasscodeId() != null) {
            unregisterEPUKPasscode(this.security.getEpukPasscodeId(), passcodeContext);
        }
        this.log.info("PasscodeManager.registerEPUKPasscode: %s", str);
        Passcode passcode = this.security.getPasscodes().stream().filter(new Predicate() { // from class: cz.camelot.camelot.managers.-$$Lambda$PasscodeManager$LaxoLSww4eqiXrlzTj4a2W0CXns
            @Override // java.util.function.Predicate
            public final boolean test(Object obj) {
                boolean equals;
                equals = ((Passcode) obj).getPasscodeId().equals(PasscodeContext.this.passcodeId);
                return equals;
            }
        }).findFirst().get();
        Passcode passcode2 = this.security.getPasscodes().stream().filter(new Predicate() { // from class: cz.camelot.camelot.managers.-$$Lambda$PasscodeManager$kSoDnC5SNB8QTs6OQM6KO7glY7c
            @Override // java.util.function.Predicate
            public final boolean test(Object obj) {
                boolean equals;
                equals = ((Passcode) obj).getPasscodeId().equals(str);
                return equals;
            }
        }).findFirst().get();
        if (passcode == null || passcode2 == null) {
            return false;
        }
        byte[] decrypt = this.cryptoHelper.decrypt(StringConvert.fromBase64(passcode.getMasterKeyB64()), passcodeContext.key, this.cryptoHelper.emptyIV());
        passcode2.setMasterKeyB64(StringConvert.toBase64(this.cryptoHelper.encrypt(decrypt, this.cryptoHelper.decryptUsingPrivate(StringConvert.fromBase64(passcode2.getPasscodeKeyB64()), this.cryptoHelper.decrypt(StringConvert.fromBase64(this.security.getPrivateKeyB64()), decrypt, this.cryptoHelper.emptyIV())), this.cryptoHelper.emptyIV())));
        this.security.setEpukPasscodeId(str);
        storeSecurity();
        return true;
    }

    public void registerNodeXPasscode(String str, PasscodeContext passcodeContext) {
        this.log.info("PasscodeManager.registerNodeXPasscode: passcode:%s nodeId:%s", passcodeContext.passcodeId, str);
        NodeXPasscode nodeXPasscode = new NodeXPasscode();
        nodeXPasscode.setNodeId(str);
        nodeXPasscode.setPasscodeId(passcodeContext.passcodeId);
        byte[] randomKey = this.cryptoHelper.randomKey();
        nodeXPasscode.setNodeKeyB64(StringConvert.toBase64(this.cryptoHelper.encrypt(randomKey, passcodeContext.key, this.cryptoHelper.emptyIV())));
        nodeXPasscode.setNodeKeyRestoreB64(StringConvert.toBase64(this.cryptoHelper.encryptUsingPublic(randomKey, StringConvert.fromBase64(this.security.getPublicKeyB64()))));
        this.security.getNodePasscodes().add(nodeXPasscode);
        storeSecurity();
    }

    public String registerPasscode(String str, String str2, boolean z) {
        this.log.info("PasscodeManager.registerPasscode: %s", str2);
        Passcode passcode = new Passcode();
        byte[] randomIV = this.cryptoHelper.randomIV();
        byte[] keyForPassword = this.cryptoHelper.keyForPassword(str, randomIV);
        passcode.setSaltB64(StringConvert.toBase64(randomIV));
        passcode.setNameB64(StringConvert.toBase64(this.cryptoHelper.encrypt(StringConvert.toUtf8Data(str2), keyForPassword, randomIV)));
        CRC32 crc32 = new CRC32();
        crc32.update(this.cryptoHelper.encrypt(this.cryptoHelper.emptyIV(), keyForPassword, randomIV));
        passcode.setCheckCRC32(crc32.getValue());
        passcode.setFoolPin(Boolean.valueOf(z));
        if (!z && this.security.getPukPasscodeId() == null) {
            this.log.info("PasscodeManager.registerPasscode, PUK creation: %s", str2);
            this.security.setPukPasscodeId(passcode.getPasscodeId());
            CryptoHelper.KeyPairData generateKeyPair = this.cryptoHelper.generateKeyPair();
            this.security.setPublicKeyB64(StringConvert.toBase64(generateKeyPair.getPublicKey()));
            byte[] randomKey = this.cryptoHelper.randomKey();
            this.security.setPrivateKeyB64(StringConvert.toBase64(this.cryptoHelper.encrypt(generateKeyPair.getPrivateKey(), randomKey, this.cryptoHelper.emptyIV())));
            passcode.setMasterKeyB64(StringConvert.toBase64(this.cryptoHelper.encrypt(randomKey, keyForPassword, this.cryptoHelper.emptyIV())));
        }
        passcode.setPasscodeKeyB64(StringConvert.toBase64(this.cryptoHelper.encryptUsingPublic(keyForPassword, StringConvert.fromBase64(this.security.getPublicKeyB64()))));
        this.security.getPasscodes().add(passcode);
        storeSecurity();
        return passcode.getPasscodeId();
    }

    public void removeReceivedSeal(ReceivedSeal receivedSeal) {
        this.security.getReceivedSeals().remove(receivedSeal);
        storeSecurity();
    }

    public void resetPasscodeLock() {
        this.log.info("PasscodeManager.resetPasscodeLock");
        UserDataManager.getInstance().resetPassscodeLockData();
        this.passcodeLock.set(null);
    }

    public void storeAccessEntry(short s) {
        UserDataManager.getInstance().storeAccessLogEntry(new Date(), s);
    }

    public void storeSecurity() {
        this.log.info("PasscodeManager.storeSecurity");
        PersistenceManager.getInstance().storeSecurity(this.security);
    }

    public void storeWrongAttemt() {
        this.passcodeLock.set(UserDataManager.getInstance().storePasscodeLockData());
        this.log.info("PasscodeManager.storeWrongAttemt");
    }

    public PasscodeContext tryBiometricLogin(Cipher cipher) {
        try {
            return checkPasscode(cipher.doFinal(StringConvert.fromBase64(this.security.getBiometricsPasscodeB64())));
        } catch (BadPaddingException e) {
            e.printStackTrace();
            return null;
        } catch (IllegalBlockSizeException e2) {
            e2.printStackTrace();
            return null;
        }
    }

    public boolean unregisterEPUKPasscode(final String str, PasscodeContext passcodeContext) {
        Passcode passcode;
        this.log.info("PasscodeManager.unregisterEPUKPasscode: %s", str);
        if (str.equals(passcodeContext.passcodeId) || !str.equals(this.security.getEpukPasscodeId()) || (passcode = this.security.getPasscodes().stream().filter(new Predicate() { // from class: cz.camelot.camelot.managers.-$$Lambda$PasscodeManager$UDtsPSLwIQS7hnNnFhrf7s09AfU
            @Override // java.util.function.Predicate
            public final boolean test(Object obj) {
                boolean equals;
                equals = ((Passcode) obj).getPasscodeId().equals(str);
                return equals;
            }
        }).findFirst().get()) == null) {
            return false;
        }
        passcode.setMasterKeyB64(null);
        this.security.setEpukPasscodeId(null);
        storeSecurity();
        return true;
    }

    public void unregisterNodeXPasscode(final String str) {
        this.log.info("PasscodeManager.unregisterNodeXPasscode: nodeId:%s", str);
        this.security.getNodePasscodes().removeIf(new Predicate() { // from class: cz.camelot.camelot.managers.-$$Lambda$PasscodeManager$4OtHO32Ggae6lL8LGLJYgjIM5bU
            @Override // java.util.function.Predicate
            public final boolean test(Object obj) {
                boolean equals;
                equals = ((NodeXPasscode) obj).getNodeId().equals(str);
                return equals;
            }
        });
        storeSecurity();
    }

    public boolean updateEpukProtected(final PasscodeContext passcodeContext, boolean z) {
        this.log.info("PasscodeManager.updateEpukProtected: %s", passcodeContext.passcodeId);
        Passcode passcode = this.security.getPasscodes().stream().filter(new Predicate() { // from class: cz.camelot.camelot.managers.-$$Lambda$PasscodeManager$Kqq9QlrdKiBLgqlmIJZCvQ9fi78
            @Override // java.util.function.Predicate
            public final boolean test(Object obj) {
                boolean equals;
                equals = ((Passcode) obj).getPasscodeId().equals(PasscodeContext.this.passcodeId);
                return equals;
            }
        }).findFirst().get();
        if (passcode == null) {
            return false;
        }
        passcode.setEpukProtected(Boolean.valueOf(z));
        passcodeContext.setEpukProtected(z);
        storeSecurity();
        return true;
    }

    boolean updateKey(final String str, byte[] bArr, byte[] bArr2, byte[] bArr3) {
        this.log.info("PasscodeManager.updateKey: %s", str);
        Passcode passcode = this.security.getPasscodes().stream().filter(new Predicate() { // from class: cz.camelot.camelot.managers.-$$Lambda$PasscodeManager$HOONdbtBMA52mxRUOyFVc9KG8yI
            @Override // java.util.function.Predicate
            public final boolean test(Object obj) {
                boolean equals;
                equals = ((Passcode) obj).getPasscodeId().equals(str);
                return equals;
            }
        }).findFirst().get();
        if (passcode == null) {
            return false;
        }
        byte[] fromBase64 = StringConvert.fromBase64(passcode.getSaltB64());
        CRC32 crc32 = new CRC32();
        crc32.update(this.cryptoHelper.encrypt(this.cryptoHelper.emptyIV(), bArr2, bArr3));
        long value = crc32.getValue();
        Iterator<Passcode> it = this.security.getPasscodes().iterator();
        while (it.hasNext()) {
            if (it.next().getCheckCRC32() == value) {
                return false;
            }
        }
        passcode.setNameB64(StringConvert.toBase64(this.cryptoHelper.encrypt(StringConvert.toUtf8Data(StringConvert.fromUtf8Data(this.cryptoHelper.decrypt(StringConvert.fromBase64(passcode.getNameB64()), bArr, fromBase64))), bArr2, bArr3)));
        for (NodeXPasscode nodeXPasscode : this.security.getNodePasscodes()) {
            if (nodeXPasscode.getPasscodeId().equals(str)) {
                nodeXPasscode.setNodeKeyB64(StringConvert.toBase64(this.cryptoHelper.encrypt(this.cryptoHelper.decrypt(StringConvert.fromBase64(nodeXPasscode.getNodeKeyB64()), bArr, this.cryptoHelper.emptyIV()), bArr2, this.cryptoHelper.emptyIV())));
            }
        }
        if (passcode.getMasterKeyB64() != null) {
            passcode.setMasterKeyB64(StringConvert.toBase64(this.cryptoHelper.encrypt(this.cryptoHelper.decrypt(StringConvert.fromBase64(passcode.getMasterKeyB64()), bArr, this.cryptoHelper.emptyIV()), bArr2, this.cryptoHelper.emptyIV())));
        }
        passcode.setPasscodeKeyB64(StringConvert.toBase64(this.cryptoHelper.encryptUsingPublic(bArr2, StringConvert.fromBase64(this.security.getPublicKeyB64()))));
        passcode.setCheckCRC32(value);
        passcode.setSaltB64(StringConvert.toBase64(bArr3));
        if (str.equals(this.security.getBiometricsPasscodeId())) {
            clearBiometrics();
            useForBiometrics(str, bArr2);
        }
        storeSecurity();
        return true;
    }

    public boolean updateName(final PasscodeContext passcodeContext, String str) {
        this.log.info("PasscodeManager.updateName: %s newname: %s", passcodeContext.passcodeId, str);
        Passcode passcode = this.security.getPasscodes().stream().filter(new Predicate() { // from class: cz.camelot.camelot.managers.-$$Lambda$PasscodeManager$eMJ-zs0OdtWyl7Ts3FPxZBiErf0
            @Override // java.util.function.Predicate
            public final boolean test(Object obj) {
                boolean equals;
                equals = ((Passcode) obj).getPasscodeId().equals(PasscodeContext.this.passcodeId);
                return equals;
            }
        }).findFirst().get();
        if (passcode == null) {
            return false;
        }
        passcode.setNameB64(StringConvert.toBase64(this.cryptoHelper.encrypt(StringConvert.toUtf8Data(str), passcodeContext.key, passcodeContext.salt)));
        passcodeContext.name = str;
        storeSecurity();
        return true;
    }

    public boolean updatePhrase(final PasscodeContext passcodeContext, String str) {
        this.log.info("PasscodeManager.updatePhrase: %s", passcodeContext.passcodeId);
        Passcode passcode = this.security.getPasscodes().stream().filter(new Predicate() { // from class: cz.camelot.camelot.managers.-$$Lambda$PasscodeManager$nuUzaGWvWhSVqmov7TqqTlIZRQA
            @Override // java.util.function.Predicate
            public final boolean test(Object obj) {
                boolean equals;
                equals = ((Passcode) obj).getPasscodeId().equals(PasscodeContext.this.passcodeId);
                return equals;
            }
        }).findFirst().get();
        if (passcode == null) {
            return false;
        }
        byte[] randomIV = this.cryptoHelper.randomIV();
        byte[] keyForPassword = this.cryptoHelper.keyForPassword(str, randomIV);
        if (!updateKey(passcode.getPasscodeId(), passcodeContext.key, keyForPassword, randomIV)) {
            return false;
        }
        passcodeContext.key = keyForPassword;
        storeSecurity();
        return true;
    }

    public void useForBiometrics(String str, byte[] bArr) {
        clearBiometrics();
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
            keyPairGenerator.initialize(new KeyGenParameterSpec.Builder("CamelotPasscode", 3).setBlockModes("ECB").setEncryptionPaddings("PKCS1Padding").setUserAuthenticationRequired(true).build());
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            cipher.init(1, generateKeyPair.getPublic());
            byte[] doFinal = cipher.doFinal(bArr);
            this.security.setBiometricsPasscodeId(str);
            this.security.setBiometricsPasscodeB64(StringConvert.toBase64(doFinal));
            storeSecurity();
        } catch (InvalidAlgorithmParameterException e) {
            e.printStackTrace();
        } catch (InvalidKeyException e2) {
            e2.printStackTrace();
        } catch (NoSuchAlgorithmException e3) {
            e3.printStackTrace();
        } catch (NoSuchProviderException e4) {
            e4.printStackTrace();
        } catch (BadPaddingException e5) {
            e5.printStackTrace();
        } catch (IllegalBlockSizeException e6) {
            e6.printStackTrace();
        } catch (NoSuchPaddingException e7) {
            e7.printStackTrace();
        }
    }
}
