package com.daon.sdk.device;

import android.app.KeyguardManager;
import android.content.Context;
import android.os.Bundle;
import android.os.Debug;
import android.security.keystore.KeyInfo;
import android.util.Log;
import com.daon.sdk.crypto.SecureKeyStore;
import com.daon.sdk.crypto.SecureStorageFactory;
import com.daon.sdk.crypto.f;
import com.daon.sdk.crypto.g;
import com.daon.sdk.device.authenticator.Authenticator;
import com.daon.sdk.device.util.DeviceInfo;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.UnrecoverableKeyException;
import java.security.spec.InvalidKeySpecException;
import java.util.Date;
import java.util.Enumeration;
import java.util.UUID;

/* loaded from: classes.dex */
public class IXAFactor implements IXAErrorCodes {
    public static final int OPTION_ALGORITHM_ECDSA = 16;
    public static final int OPTION_DEFAULT = 0;
    public static final int OPTION_ENABLE_ALT_AUTH = 128;
    public static final int OPTION_ENABLE_BIOMETRICS_API = 256;
    public static final int OPTION_INVALIDATE_BY_ENROLLMENT = 64;
    public static final int OPTION_ONLY_USE_EXISTING_KEYS = 2;
    public static final int OPTION_PLATFORM_API_ONLY = 32;
    public static final int OPTION_USER_AUTHENTICATION_REQUIRED = 4;
    public static final int OPTION_USE_CRYPTO_OBJECT = 8;
    public static final int OPTION_VENDOR_UI = 1;

    /* renamed from: a, reason: collision with root package name */
    Context f10360a;

    /* renamed from: b, reason: collision with root package name */
    private byte[] f10361b;

    /* renamed from: c, reason: collision with root package name */
    private int f10362c;

    /* renamed from: d, reason: collision with root package name */
    private String f10363d;

    /* renamed from: e, reason: collision with root package name */
    private boolean f10364e;
    protected SecureKeyStore keystore;
    protected Signature signature;

    IXAFactor(Context context, String str) throws Exception {
        this(context, null, str, 2);
    }

    public IXAFactor(Context context, String str, String str2) throws Exception {
        this(context, str, str2, 0);
    }

    public IXAFactor(Context context, String str, String str2, int i10) throws Exception {
        this(context, str, str2, i10, null);
    }

    public IXAFactor(Context context, String str, String str2, int i10, Bundle bundle) throws Exception {
        this.f10364e = false;
        this.f10360a = context;
        this.f10363d = str;
        this.f10362c = i10;
        String str3 = (i10 & 16) != 0 ? "EC" : "RSA";
        boolean z10 = (i10 & 4) != 0;
        boolean z11 = (i10 & 64) != 0;
        boolean z12 = (i10 & 8) != 0;
        Bundle bundle2 = new Bundle();
        bundle2.putBoolean("key.property.authentication.required", z10);
        bundle2.putBoolean("key.property.biometric.enroll.invalidate", z11);
        bundle2.putBoolean("key.property.use.crypto.object", z12);
        bundle2.putString("key.property.algorithm", str3);
        if (bundle != null) {
            bundle2.putAll(bundle);
        }
        this.keystore = SecureStorageFactory.getKeyStoreInstance(context, str2, bundle2);
        if ((i10 & 2) == 0) {
            checkAndPrintKeys();
            boolean hasKey = this.keystore.hasKey(str);
            this.f10364e = !hasKey;
            if (hasKey) {
                return;
            }
            if (DeviceInfo.getManufacturer().toLowerCase().contains("huawei") && z10 && z11) {
                a(str, bundle2);
            } else {
                this.keystore.createKeyPair(str, bundle2);
            }
        }
    }

    private KeyInfo a(KeyStore keyStore, String str) throws UnrecoverableKeyException, NoSuchAlgorithmException, KeyStoreException, NoSuchProviderException, InvalidKeySpecException {
        Key key = keyStore.getKey(str, null);
        if (key instanceof PrivateKey) {
            return a((PrivateKey) key);
        }
        return null;
    }

    private KeyInfo a(PrivateKey privateKey) throws NoSuchProviderException, NoSuchAlgorithmException, InvalidKeySpecException {
        return g.a(KeyFactory.getInstance(privateKey.getAlgorithm(), "AndroidKeyStore").getKeySpec(privateKey, f.a()));
    }

    private void a(String str, Bundle bundle) throws Exception {
        Log.i("DAON", "HUAWEI Patch.");
        String uuid = UUID.randomUUID().toString();
        this.keystore.createKeyPair(uuid, bundle);
        try {
            Signature signature = (!DeviceInfo.isAPIVersionM() || (getOptions() & 8) == 0) ? null : this.keystore.getSignature(uuid);
            Authenticator a10 = com.daon.sdk.device.authenticator.a.a(this.f10360a, getOptions());
            if (a10 != null) {
                a10.a(signature);
            }
        } catch (Exception e10) {
            DeviceInfo.log("Patch Exception: " + e10.getMessage());
        }
        this.keystore.removeKey(uuid);
        this.keystore.createKeyPair(str, bundle);
    }

    private boolean a() {
        try {
            return this.keystore.getPublicKey(this.f10363d) != null;
        } catch (Exception e10) {
            DeviceInfo.log("PublicKey Exception: " + e10.getMessage());
            return false;
        }
    }

    private boolean b() {
        try {
            return this.keystore.hasKey(this.f10363d);
        } catch (Exception e10) {
            DeviceInfo.log("PrivateKey Exception: " + e10.getMessage());
            return false;
        }
    }

    private void c() {
        boolean isUserAuthenticationRequired;
        boolean isInvalidatedByBiometricEnrollment;
        boolean isInsideSecureHardware;
        if (DeviceInfo.isAPIVersionN()) {
            try {
                KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
                keyStore.load(null);
                Enumeration<String> aliases = keyStore.aliases();
                while (aliases.hasMoreElements()) {
                    String nextElement = aliases.nextElement();
                    try {
                        KeyInfo a10 = a(keyStore, nextElement);
                        if (a10 != null) {
                            isUserAuthenticationRequired = a10.isUserAuthenticationRequired();
                            if (isUserAuthenticationRequired) {
                                DeviceInfo.log("Key pair: " + nextElement + ": User authentication required");
                            }
                            isInvalidatedByBiometricEnrollment = a10.isInvalidatedByBiometricEnrollment();
                            if (isInvalidatedByBiometricEnrollment) {
                                DeviceInfo.log("Key pair: " + nextElement + ": Biometrics");
                            }
                            isInsideSecureHardware = a10.isInsideSecureHardware();
                            if (isInsideSecureHardware) {
                                DeviceInfo.log("Key pair: " + nextElement + ": Hardware");
                            } else {
                                DeviceInfo.log("Key pair: " + nextElement + ": Software");
                            }
                        }
                    } catch (Exception e10) {
                        DeviceInfo.log("Key pair: " + nextElement + ": Exception: " + e10.getMessage());
                    }
                }
            } catch (Exception e11) {
                DeviceInfo.log("Key pair validation failed: " + e11.getMessage());
            }
        }
    }

    public static void deleteKeys(Context context, String str) throws Exception {
        new IXAFactor(context, "").deleteKeys(str);
    }

    public static boolean hasKey(Context context, String str, String str2) throws Exception {
        return new IXAFactor(context, str2).hasKey(str);
    }

    public static boolean isLockScreenEnabled(Context context) {
        KeyguardManager keyguardManager = (KeyguardManager) context.getSystemService("keyguard");
        return keyguardManager != null && keyguardManager.isKeyguardSecure();
    }

    /* JADX WARN: Removed duplicated region for block: B:19:0x0070  */
    /* JADX WARN: Removed duplicated region for block: B:21:? A[RETURN, SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public void authenticate(com.daon.sdk.device.IXAAuthenticationHandler r5) {
        /*
            r4 = this;
            byte[] r0 = r4.f10361b
            if (r0 == 0) goto L74
            int r0 = r0.length
            if (r0 != 0) goto L9
            goto L74
        L9:
            boolean r0 = r4.a()
            if (r0 != 0) goto L15
            r0 = 1005(0x3ed, float:1.408E-42)
            r5.onAuthenticationFailed(r0)
            goto L79
        L15:
            boolean r0 = r4.b()
            if (r0 != 0) goto L21
            r0 = 1003(0x3eb, float:1.406E-42)
            r5.onAuthenticationFailed(r0)
            goto L79
        L21:
            boolean r0 = com.daon.sdk.device.util.DeviceInfo.isAPIVersionM()
            r1 = 1006(0x3ee, float:1.41E-42)
            if (r0 == 0) goto L5f
            java.security.Signature r0 = r4.signature     // Catch: java.lang.Exception -> L32
            byte[] r2 = r4.f10361b     // Catch: java.lang.Exception -> L32
            byte[] r0 = r4.sign(r0, r2)     // Catch: java.lang.Exception -> L32
            goto L6e
        L32:
            r0 = move-exception
            boolean r2 = w3.i.a(r0)
            r3 = 1007(0x3ef, float:1.411E-42)
            if (r2 == 0) goto L3f
            r5.onAuthenticationFailed(r3)
            goto L6d
        L3f:
            boolean r2 = com.daon.sdk.device.a.a(r0)
            if (r2 == 0) goto L4b
            r0 = 1008(0x3f0, float:1.413E-42)
            r5.onAuthenticationFailed(r0)
            goto L6d
        L4b:
            java.lang.String r0 = r0.getMessage()
            java.lang.String r2 = "user not authenticated"
            boolean r0 = r0.contains(r2)
            if (r0 == 0) goto L5b
            r5.onAuthenticationFailed(r3)
            goto L6d
        L5b:
            r5.onAuthenticationFailed(r1)
            goto L6d
        L5f:
            com.daon.sdk.crypto.SecureKeyStore r0 = r4.keystore     // Catch: java.lang.Exception -> L6a
            java.lang.String r2 = r4.f10363d     // Catch: java.lang.Exception -> L6a
            byte[] r3 = r4.f10361b     // Catch: java.lang.Exception -> L6a
            byte[] r0 = r0.sign(r2, r3)     // Catch: java.lang.Exception -> L6a
            goto L6e
        L6a:
            r5.onAuthenticationFailed(r1)
        L6d:
            r0 = 0
        L6e:
            if (r0 == 0) goto L79
            r5.onAuthenticationComplete(r0)
            goto L79
        L74:
            r0 = 1004(0x3ec, float:1.407E-42)
            r5.onAuthenticationFailed(r0)
        L79:
            return
        */
        throw new UnsupportedOperationException("Method not decompiled: com.daon.sdk.device.IXAFactor.authenticate(com.daon.sdk.device.IXAAuthenticationHandler):void");
    }

    /* JADX WARN: Removed duplicated region for block: B:27:0x01d4 A[SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:31:0x001a A[SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:32:0x00e8 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public void checkAndPrintKeys() {
        /*
            Method dump skipped, instructions count: 544
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.daon.sdk.device.IXAFactor.checkAndPrintKeys():void");
    }

    public byte[] decrypt(byte[] bArr) throws Exception {
        return SecureStorageFactory.getStorageInstance(this.f10360a).decrypt(bArr);
    }

    public void deleteKeys(String str) {
        if (str == null || str.length() <= 0) {
            return;
        }
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                try {
                    if (nextElement.startsWith(str)) {
                        DeviceInfo.log("Key: " + nextElement + ": Removing...");
                        keyStore.deleteEntry(nextElement);
                        if (this.keystore.hasKey(nextElement)) {
                            DeviceInfo.log("Key: " + nextElement + ": Remove failed");
                        } else {
                            DeviceInfo.log("Key: " + nextElement + ": Removed");
                        }
                    }
                } catch (Exception e10) {
                    DeviceInfo.log("Key: " + nextElement + ": Exception: " + e10.getMessage());
                }
            }
        } catch (Exception e11) {
            DeviceInfo.log("Key remove failed: " + e11.getMessage());
        }
    }

    public byte[] encrypt(byte[] bArr) throws Exception {
        return SecureStorageFactory.getStorageInstance(this.f10360a).encrypt(bArr);
    }

    public byte[] getChallenge() {
        return this.f10361b;
    }

    public Context getContext() {
        return this.f10360a;
    }

    public String getDataStorageType() {
        return "OS";
    }

    public byte[] getEncodedPublicKey() throws Exception {
        PublicKey publicKey = this.keystore.getPublicKey(this.f10363d);
        if (publicKey != null) {
            return publicKey.getEncoded();
        }
        return null;
    }

    public String getKeyAttestationData() throws Exception {
        return getKeyAttestationData(this.f10363d);
    }

    public String getKeyAttestationData(String str) throws Exception {
        return this.keystore.getKeyAttestationData(str);
    }

    public Date getKeyDate() throws Exception {
        return this.keystore.getDate(this.f10363d);
    }

    public String getKeyName() {
        return this.f10363d;
    }

    public String getKeyStoreType() {
        return this.keystore.getType();
    }

    public int getOptions() {
        return this.f10362c;
    }

    public boolean hasKey(String str) throws Exception {
        return this.keystore.hasKey(str);
    }

    public boolean hasKeys() {
        try {
            return this.keystore.hasKey(this.f10363d);
        } catch (Exception e10) {
            DeviceInfo.log("HasKeys Exception: " + e10.getMessage());
            return false;
        }
    }

    public boolean isDebugging() {
        return com.daon.sdk.device.a.a.b(this.f10360a) || com.daon.sdk.device.a.a.a(this.f10360a) || Debug.isDebuggerConnected();
    }

    public boolean isNewKeys() {
        return this.f10364e;
    }

    public boolean isRooted() {
        return com.daon.sdk.device.a.a.a();
    }

    public boolean isSupported() {
        return true;
    }

    public boolean removeKeys() throws Exception {
        return this.keystore.removeKey(this.f10363d);
    }

    public void setChallenge(byte[] bArr) {
        this.f10361b = bArr;
    }

    public byte[] sign(Signature signature, String str, byte[] bArr) throws Exception {
        if (signature == null) {
            return this.keystore.sign(str, bArr);
        }
        signature.update(bArr);
        return signature.sign();
    }

    public byte[] sign(Signature signature, byte[] bArr) throws Exception {
        if (signature == null) {
            return this.keystore.sign(this.f10363d, bArr);
        }
        signature.update(bArr);
        return signature.sign();
    }
}
