package com.synology.sylib.passcode.fingerprint;

import android.annotation.SuppressLint;
import android.annotation.TargetApi;
import android.app.KeyguardManager;
import android.content.Context;
import android.hardware.fingerprint.FingerprintManager;
import android.security.keystore.KeyGenParameterSpec;
import android.support.annotation.NonNull;
import android.support.annotation.Nullable;
import com.synology.sylib.security.internal.KsManager;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.cert.CertificateException;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;

/* loaded from: classes44.dex */
public class FingerprintModule {

    @SuppressLint({"StaticFieldLeak"})
    private static volatile FingerprintModule INSTANCE = null;
    private static final String KEY_NAME = "synology_passcode";
    private Cipher mCipher;
    private final Context mContext;
    private FingerprintManager mFingerprintManager;
    private KeyGenerator mKeyGenerator;
    private KeyStore mKeyStore;
    private KeyguardManager mKeyguardManager;

    private FingerprintModule(Context context) {
        this.mContext = context;
    }

    public static FingerprintModule get(Context context) {
        if (INSTANCE == null) {
            synchronized (FingerprintModule.class) {
                if (INSTANCE == null) {
                    INSTANCE = new FingerprintModule(context.getApplicationContext());
                }
            }
        }
        return INSTANCE;
    }

    @Nullable
    private SecretKey getKeyStoreKey(boolean z) {
        SecretKey secretKey = null;
        try {
            KeyStore keystore = get(this.mContext).getKeystore();
            if (keystore.containsAlias(KEY_NAME)) {
                secretKey = (SecretKey) keystore.getKey(KEY_NAME, null);
            }
        } catch (Exception e) {
        }
        if (!z || secretKey != null) {
            return secretKey;
        }
        try {
            createKey();
            return getKeyStoreKey(false);
        } catch (Exception e2) {
            return secretKey;
        }
    }

    @TargetApi(23)
    private boolean initCipher(@NonNull Cipher cipher) {
        return initCipher(cipher, true);
    }

    @TargetApi(23)
    private boolean initCipher(@NonNull Cipher cipher, boolean z) {
        try {
            get(this.mContext).getKeystore().load(null);
            SecretKey keyStoreKey = getKeyStoreKey(z);
            if (keyStoreKey != null) {
                cipher.init(1, keyStoreKey);
                return true;
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
        if (z) {
            try {
                createKey();
                return initCipher(cipher, false);
            } catch (Exception e2) {
            }
        }
        return false;
    }

    @TargetApi(23)
    public void createKey() {
        try {
            get(this.mContext).getKeystore().load(null);
            get(this.mContext).getKeyGenerator().init(new KeyGenParameterSpec.Builder(KEY_NAME, 3).setBlockModes("CBC").setUserAuthenticationRequired(true).setEncryptionPaddings("PKCS7Padding").build());
            get(this.mContext).getKeyGenerator().generateKey();
        } catch (IOException | InvalidAlgorithmParameterException | NoSuchAlgorithmException | CertificateException e) {
            throw new RuntimeException(e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @TargetApi(23)
    @Nullable
    public Cipher getCipher() {
        try {
            if (this.mCipher == null) {
                this.mCipher = Cipher.getInstance("AES/CBC/PKCS7Padding");
            }
            if (initCipher(this.mCipher)) {
                return this.mCipher;
            }
            return null;
        } catch (NoSuchAlgorithmException | NoSuchPaddingException e) {
            throw new RuntimeException("Failed to get an instance of Cipher", e);
        }
    }

    public Context getContext() {
        return this.mContext;
    }

    @TargetApi(23)
    public FingerprintManager getFingerprintManager() {
        if (this.mFingerprintManager == null) {
            this.mFingerprintManager = (FingerprintManager) this.mContext.getSystemService(FingerprintManager.class);
        }
        return this.mFingerprintManager;
    }

    @TargetApi(23)
    public KeyGenerator getKeyGenerator() {
        try {
            if (this.mKeyGenerator == null) {
                this.mKeyGenerator = KeyGenerator.getInstance("AES", KsManager.KEYSTORE_PROVIDER);
            }
            return this.mKeyGenerator;
        } catch (NoSuchAlgorithmException | NoSuchProviderException e) {
            throw new RuntimeException("Failed to get an instance of KeyGenerator", e);
        }
    }

    @TargetApi(23)
    public KeyguardManager getKeyguardManager() {
        if (this.mKeyguardManager == null) {
            this.mKeyguardManager = (KeyguardManager) this.mContext.getSystemService(KeyguardManager.class);
        }
        return this.mKeyguardManager;
    }

    public KeyStore getKeystore() {
        try {
            if (this.mKeyStore == null) {
                this.mKeyStore = KeyStore.getInstance(KsManager.KEYSTORE_PROVIDER);
            }
            return this.mKeyStore;
        } catch (KeyStoreException e) {
            throw new RuntimeException("Failed to get an instance of KeyStore", e);
        }
    }
}
