package fr.bred.fr.services;

import android.content.Context;
import android.content.SharedPreferences;
import android.os.Build;
import android.provider.Settings;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Log;
import androidx.appcompat.R$styleable;
import com.google.gson.Gson;
import com.google.gson.reflect.TypeToken;
import fr.bred.fr.core.network.App2appApiClient;
import fr.bred.fr.core.network.BREDError;
import fr.bred.fr.core.network.BREDVolleyApiClient;
import fr.bred.fr.core.network.Callback;
import fr.bred.fr.core.network.CertifUtils;
import fr.bred.fr.data.managers.SessionManager;
import fr.bred.fr.data.managers.UserManager;
import fr.bred.fr.data.models.BredSecure;
import fr.bred.fr.data.models.User;
import fr.bred.fr.utils.AlertDialogBuilder;
import fr.bred.fr.utils.App;
import fr.bred.fr.utils.Base64;
import fr.bred.fr.utils.Config;
import fr.bred.fr.utils.Splunk;
import fr.bred.fr.utils.biometric.BiometricUtils;
import java.io.ByteArrayInputStream;
import java.io.DataInputStream;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.security.Key;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Calendar;
import java.util.Date;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Locale;
import java.util.Map;
import javax.crypto.Cipher;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import javax.crypto.spec.SecretKeySpec;
import javax.net.ssl.SSLHandshakeException;
import org.json.JSONObject;
import org.json.JSONTokener;

/* loaded from: classes.dex */
public class CertificatManager {
    public static final String ENVIRONEMENT_VIALINK = Config.getBaseURL() + "/rest/Authentication/auth";
    public static String URL_CERTIFICAT_AUTH;
    public static String URL_CLIENT_CERTIFICAT;
    private static String URL_SDC_CERTIFICAT;
    public static String URL_TEST_CERTIFICAT;
    private static String cleTechnique;
    private static String contractNum;
    private static String filenameKeyStore;
    private static String filenameKeyStoreKey;
    private static String idTiers;
    public static String imei;
    public static KeyStore keyStore;
    public static KeyStore keystorePk12;
    private static String mdp;
    private static String nom;
    private static String nomNaissance;
    private static String otpSMS;
    private static int retryCount;
    public static String tokenSaved;
    public static User userSelected;
    private Context mContext;

    static {
        String str = Config.getBaseURL() + "/rest/Authentication/auth";
        URL_TEST_CERTIFICAT = "/certificatmobile/checkconfig";
        URL_CERTIFICAT_AUTH = "/certificatmobile/auth";
        URL_CLIENT_CERTIFICAT = "/certificatmobile/prepare";
        filenameKeyStore = "KeyStore.kstore";
        filenameKeyStoreKey = "KeyStore.kstorekey";
        imei = null;
        contractNum = "";
        idTiers = "";
        cleTechnique = "";
        mdp = null;
        otpSMS = "";
        nom = "";
        nomNaissance = "";
        userSelected = null;
        retryCount = 2;
    }

    public CertificatManager(Context context) {
        this.mContext = context;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void decodeAndSaveClientCertificate(String str, SecretKeySpec secretKeySpec, final Callback<Boolean> callback) {
        Log.v("XCERT", "[METHOD] =====  decodeAndSaveClientCertificate =====");
        try {
            byte[] decode = Base64.decode(str);
            Cipher cipher = Cipher.getInstance("AES");
            cipher.init(2, secretKeySpec);
            byte[] doFinal = cipher.doFinal(decode);
            X509Certificate x509Certificate = null;
            DataInputStream dataInputStream = new DataInputStream(new ByteArrayInputStream(doFinal, 4, doFinal.length - 4));
            KeyStore keyStore2 = KeyStore.getInstance("PKCS12");
            keystorePk12 = keyStore2;
            String str2 = mdp;
            if (str2 != null) {
                keyStore2.load(dataInputStream, str2.toCharArray());
            } else {
                keyStore2.load(dataInputStream, otpSMS.toUpperCase(Locale.FRENCH).toCharArray());
            }
            Enumeration<String> aliases = keystorePk12.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                Log.w("CertificatManager", "keystorePk12.aliases : " + nextElement);
                if (nextElement.compareTo("key") != 0) {
                    x509Certificate = (X509Certificate) keystorePk12.getCertificate(nextElement);
                }
            }
            FileOutputStream openFileOutput = this.mContext.openFileOutput(filenameKeyStoreKey + cleTechnique, 0);
            keystorePk12.store(openFileOutput, "password".toCharArray());
            openFileOutput.close();
            keyStore.setCertificateEntry("CLIENT" + cleTechnique, x509Certificate);
            dataInputStream.close();
            saveKeyStore();
            saveCertifiedUserId(this.mContext, cleTechnique);
            final String password = SessionManager.newInstance().getPassword();
            try {
                getCertifAuthToken(password, cleTechnique, contractNum, nom, UserManager.getUser() != null ? UserManager.getUser().oldUser : false, App.getCurrentActivity(), new Callback<String>() { // from class: fr.bred.fr.services.CertificatManager.7
                    @Override // fr.bred.fr.core.network.Callback
                    public void failure(BREDError bREDError) {
                        AlertDialogBuilder.errorDialog(bREDError, App.getCurrentActivity());
                    }

                    @Override // fr.bred.fr.core.network.Callback
                    public void success(String str3) {
                        UserManager.authenticate(UserManager.getUser(), CertificatManager.idTiers, password, str3, App.getCurrentActivity(), false, new Callback<User>() { // from class: fr.bred.fr.services.CertificatManager.7.1
                            @Override // fr.bred.fr.core.network.Callback
                            public void failure(BREDError bREDError) {
                                Callback callback2 = callback;
                                if (callback2 != null) {
                                    callback2.failure(bREDError);
                                }
                            }

                            @Override // fr.bred.fr.core.network.Callback
                            public void success(User user) {
                                Callback callback2 = callback;
                                if (callback2 != null) {
                                    callback2.success(Boolean.TRUE);
                                }
                            }
                        });
                    }
                });
            } catch (Exception unused) {
                if (callback != null) {
                    callback.failure(new BREDError("Échec de la demande", "Une erreur s’est produite pendant votre demande.\n\nMerci de réessayer ultérieurement.\n\nSi le problème persiste, vous pouvez contacter un conseiller BRED Direct.\n", 801));
                }
            }
        } catch (SSLHandshakeException unused2) {
            if (callback != null) {
                callback.failure(new BREDError("Échec de la demande", "Une erreur s’est produite pendant votre demande.\n\nMerci de réessayer ultérieurement.\n\nSi le problème persiste, vous pouvez contacter un conseiller BRED Direct.\n", 802));
            }
        } catch (Exception unused3) {
            if (callback != null) {
                callback.failure(new BREDError("Échec de la demande", "Une erreur s’est produite pendant votre demande.\n\nMerci de réessayer ultérieurement.\n\nSi le problème persiste, vous pouvez contacter un conseiller BRED Direct.\n", 803));
            }
        }
    }

    public static void deleteCertificats(Context context, String str) throws Exception {
        Log.v("XCERT", "[METHOD] =====  deleteCertificats =====");
        loadKeyStore(context);
        Log.v("XCERT", "deleteCertificats cleTechnique :   " + str);
        keyStore.deleteEntry("CLIENT" + str);
        saveKeyStore(context);
        removeCertifiedUserId(context, str);
    }

    public static String generateCrypt(Context context, String str, long j, String str2) throws Exception {
        loadKeyStore(context);
        if (imei == null) {
            generateIMEI(context);
        }
        X509Certificate x509Certificate = (X509Certificate) keyStore.getCertificate("CLIENT" + str2);
        if (x509Certificate == null) {
            x509Certificate = (X509Certificate) keyStore.getCertificate("CLIENT");
        }
        String str3 = j + "0000" + str + "" + x509Certificate.getSerialNumber() + "" + imei;
        MessageDigest messageDigest = MessageDigest.getInstance("MD5");
        messageDigest.update(str3.getBytes());
        byte[] bArr = new byte[16];
        messageDigest.digest(bArr, 0, 16);
        StringBuilder sb = new StringBuilder();
        for (int i = 0; i < 16; i++) {
            String hexString = Integer.toHexString(bArr[i] & 255);
            if (hexString.length() == 1) {
                sb.append('0');
            }
            sb.append(hexString);
        }
        return Config.APP_CODE + sb.substring(0, 6);
    }

    public static void generateIMEI(Context context) {
        if (context != null) {
            imei = Settings.Secure.getString(context.getContentResolver(), "android_id");
        }
    }

    public static String getBase64CryptCertificate(Context context, String str) {
        Log.v("XCERT", "[METHOD] =====  getBase64CryptCertificate =====");
        loadKeyStore(context);
        try {
            Certificate certificate = keyStore.getCertificate("CLIENT" + str);
            if (certificate == null) {
                Splunk.log("certificatmanager-getBase64CryptCertificate", "certificatName==CLIENT" + str, "message==Nouveau certificat non trouvé");
                certificate = keyStore.getCertificate("CLIENT");
                if (certificate == null) {
                    Splunk.log("certificatmanager-getBase64CryptCertificate", "certificatName2==CLIENT", "message==Ancien certificat non trouvé", "Result==getBase64CryptCertificate return null");
                    return null;
                }
            }
            return Base64.encodeBytes(certificate.getEncoded());
        } catch (Exception e) {
            Splunk.log("certificatmanager-getBase64CryptCertificate", e, "certificatName==CLIENT");
            try {
                return Base64.encodeBytes(keyStore.getCertificate("CLIENT").getEncoded());
            } catch (Exception e2) {
                Splunk.log("certificatmanager-getBase64CryptCertificate", e2, "certificatName2==CLIENT");
                return null;
            }
        }
    }

    public static String getBase64PrivateKeyCrypt(Context context, String str, String str2) {
        Log.v("XCERT", "[METHOD] =====  getBase64PrivateKeyCrypt =====");
        try {
            byte[] decode = Base64.decode(str);
            loadKeyStorePK12(context, str2);
            PrivateKey privateKey = (PrivateKey) keystorePk12.getKey("key", "password".toCharArray());
            Cipher cipher = Cipher.getInstance("RSA/None/PKCS1Padding");
            cipher.init(1, privateKey);
            return Base64.encodeBytes(cipher.doFinal(decode));
        } catch (Exception e) {
            Object[] objArr = new Object[4];
            objArr[0] = e;
            StringBuilder sb = new StringBuilder();
            sb.append("keystorePk12==");
            sb.append(keystorePk12);
            objArr[1] = sb.toString() != null ? "OK" : "KO";
            objArr[2] = "cleTechnique==" + str2;
            StringBuilder sb2 = new StringBuilder();
            sb2.append("value==");
            sb2.append(str);
            objArr[3] = sb2.toString() == null ? "KO" : "OK";
            Splunk.log("certificatmanager-getBase64PrivateKeyCrypt", objArr);
            return null;
        }
    }

    public static void getCertifAuthToken(String str, String str2, String str3, String str4, boolean z, Context context, final Callback<String> callback) throws Exception {
        String str5;
        Log.v("XCERT", "[METHOD] =====  getCertifAuthToken =====");
        contractNum = str3;
        nom = str4;
        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
        keyGenerator.init(256);
        SecretKey generateKey = keyGenerator.generateKey();
        final SecretKeySpec secretKeySpec = new SecretKeySpec(generateKey.getEncoded(), "AES");
        byte[] encoded = generateKey.getEncoded();
        loadKeyStorePK12(context, str2);
        loadKeyStore(context);
        String str6 = "";
        try {
            PrivateKey privateKey = (PrivateKey) keystorePk12.getKey("key", "password".toCharArray());
            Cipher cipher = Cipher.getInstance("RSA/None/NoPadding");
            cipher.init(1, privateKey);
            byte[] doFinal = cipher.doFinal(encoded);
            PublicKey publicKey = keyStore.getCertificate("SDC").getPublicKey();
            Cipher cipher2 = Cipher.getInstance("RSA/None/NoPadding");
            cipher2.init(1, publicKey);
            String encodeBytes = Base64.encodeBytes(cipher2.doFinal(doFinal));
            str6 = (((((((("\nkeystorePK12 getkey init") + "\nkeystorePK12 getkey finish") + "\nEncode privateKeyReference init") + "\nEncode privateKeyReference finish") + "\nkeyStore getCertificate init") + "\nkeyStore getCertificate init") + "\nEncode publicSDCKeyReference init") + "\nEncode publicSDCKeyReference init") + "\ncryptCleSymBase64 encoded";
            if (imei == null) {
                generateIMEI(context);
            }
            if (z) {
                str5 = "pin=" + str + "&numContrat=" + contractNum + "&uid=" + imei + "&nom=" + nom;
            } else {
                str5 = "mdp=" + str + "&idTiers=" + str2 + "&numContrat=" + contractNum + "&uid=" + imei + "&nom=" + nom;
            }
            String str7 = (str6 + "\ncryptInfo contractNum : " + contractNum) + "\ncryptInfo nom : " + nom;
            byte[] bytes = str5.getBytes();
            Cipher cipher3 = Cipher.getInstance("AES");
            cipher3.init(1, secretKeySpec);
            String encodeBytes2 = Base64.encodeBytes(cipher3.doFinal(bytes));
            String str8 = (str7 + "\ncryptInfo encoded") + "\nkeyStore getCertificate : CLIENT" + str2;
            Certificate certificate = keyStore.getCertificate("CLIENT" + str2);
            if (certificate == null) {
                certificate = keyStore.getCertificate("CLIENT");
                str8 = (str8 + "\nkeyStore getCertificate CLIENT" + str2 + " is null") + "\nkeyStore getCertificate : CLIENT setted";
            }
            String encodeBytes3 = Base64.encodeBytes(certificate.getEncoded());
            try {
                String str9 = getCertificatVialinkBaseURL() + URL_CERTIFICAT_AUTH;
                HashMap hashMap = new HashMap();
                if (encodeBytes3 != null) {
                    hashMap.put("cert", encodeBytes3);
                }
                if (encodeBytes != null) {
                    hashMap.put("crypt_cle_sym", encodeBytes);
                }
                if (encodeBytes2 != null) {
                    hashMap.put("crypt_infos", encodeBytes2);
                }
                String str10 = Config.APP_CODE;
                if (str10 != null) {
                    hashMap.put("code_appli", str10);
                }
                hashMap.put("code_canal", "1");
                if (str2 != null) {
                    hashMap.put("cleTechnique", str2);
                }
                if (str3 != null) {
                    hashMap.put("numContrat", str3);
                }
                generateIMEI(App.context());
                String str11 = imei;
                if (str11 != null) {
                    hashMap.put("deviceId", str11);
                    hashMap.put("deviceUuid", str11);
                    hashMap.put("x-trusted-device-id", str11);
                }
                hashMap.put("deviceName", Build.MODEL);
                BREDVolleyApiClient.getInstance().postStringRequest(str9, hashMap, new Callback<String>() { // from class: fr.bred.fr.services.CertificatManager.3
                    @Override // fr.bred.fr.core.network.Callback
                    public void failure(BREDError bREDError) {
                        callback.failure(bREDError);
                    }

                    @Override // fr.bred.fr.core.network.Callback
                    public void success(String str12) {
                        if (str12 == null || str12.isEmpty()) {
                            callback.failure(new BREDError("Échec de la demande", "Une erreur s’est produite pendant votre demande.\n\nMerci de réessayer ultérieurement.\n\nSi le problème persiste, vous pouvez contacter un conseiller BRED Direct.", -15));
                            return;
                        }
                        try {
                            JSONObject jSONObject = (JSONObject) new JSONTokener(str12.trim().replaceAll("\n", "")).nextValue();
                            int parseInt = Integer.parseInt(jSONObject.getString("codeRetour"));
                            if (parseInt == -4) {
                                callback.failure(new BREDError("Authentification", "Votre accès sécurisé doit être renouvellé.\n\n Connectez-vous de nouveau  afin de le mettre à jour", parseInt));
                                return;
                            }
                            if (parseInt == -3) {
                                BREDError bREDError = new BREDError("Authentification", "Un problème est survenu lors de votre demande connexion.\n\nMerci de contacter un conseiller BRED Direct.", parseInt);
                                Splunk.log("AuthentVialink", "service==certificatmobile/auth", "numeroContratIpab== " + CertificatManager.userSelected.numeroContratIpab, "nom==" + CertificatManager.nom, "erreur==-3", "erreurVialink==Désynchro");
                                callback.failure(bREDError);
                                return;
                            }
                            if (parseInt == -2) {
                                callback.failure(new BREDError("Authentification", "Trop de tentative de saisie du mot de passe invalide.\n\nMerci de vérifier vos informations et de bien vouloir réessayer ultérieurement", parseInt));
                                return;
                            }
                            if (parseInt == -1) {
                                callback.failure(new BREDError("Authentification", "Saisie du mot de passe invalide.\n\nMerci de vérifier vos informations et de bien vouloir réessayer ultérieurement", parseInt));
                                return;
                            }
                            if (parseInt == 0) {
                                byte[] decode = Base64.decode(jSONObject.optString("result", "").replaceAll("\n", ""));
                                Cipher cipher4 = Cipher.getInstance("AES");
                                cipher4.init(2, secretKeySpec);
                                String[] split = new String(cipher4.doFinal(decode)).split("=");
                                String str13 = split.length == 2 ? split[1] : null;
                                CertificatManager.tokenSaved = str13;
                                Log.v("CertificatManager", "----- -----  ----- tokenSaved : " + CertificatManager.tokenSaved);
                                callback.success(str13);
                                return;
                            }
                            BREDError bREDError2 = new BREDError("Authentification", "Un problème est survenu lors de votre demande connexion.\n\nMerci de vérifier vos informations et de bien vouloir réessayer ultérieurement.", parseInt);
                            Splunk.log("AuthentVialink", "service==certificatmobile/auth", "numeroContratIpab== " + CertificatManager.userSelected.numeroContratIpab, "nom==" + CertificatManager.nom, "erreur==" + parseInt, "erreurVialink==Erreur non traité");
                            callback.failure(bREDError2);
                        } catch (Exception e) {
                            Splunk.log("certificatmanager-getCertifAuthToken", e);
                            callback.failure(new BREDError("Échec de la demande", "Une erreur s’est produite pendant votre demande.\n\nMerci de réessayer ultérieurement.\n\nSi le problème persiste, vous pouvez contacter un conseiller BRED Direct.", -14));
                        }
                    }
                });
            } catch (Exception e) {
                Splunk.log("certificatmanager-getCertifAuthToken", e, "Erreur==" + str8);
                callback.failure(new BREDError("Authentification", "Un problème est survenu lors de votre demande connexion.\n\nMerci de vérifier vos informations et de bien vouloir réessayer ultérieurement.", -16));
            }
        } catch (Exception e2) {
            int i = retryCount;
            if (i > 0) {
                retryCount = i - 1;
                Log.e("CertificatManager", "getCertifAuthToken EXCEPTION : " + e2);
                Log.e("CertificatManager", "getCertifAuthToken retryCount : " + retryCount);
                getCertifAuthToken(str, str2, str3, str4, z, context, callback);
                return;
            }
            Log.e("CertificatManager", "getCertifAuthToken retryCount : " + retryCount);
            Log.e("CertificatManager", "getCertifAuthToken retryCount --> TOO MUCH RETRY");
            Splunk.log("CertificatManager-getCertifAuthToken", e2, "erreur==" + str6);
            Log.v("CertificatManager", "getCertifAuthToken ERROR ENCRYPTAGE");
            callback.failure(new BREDError("Authentification", "Un problème est survenu lors de votre demande connexion.\n\nMerci de vérifier vos informations et de bien vouloir réessayer ultérieurement.", -29));
        }
    }

    public static void getCertifAuthTokenApp2App(String str, String str2, String str3, String str4, boolean z, Context context, final Callback<String> callback) throws Exception {
        String str5;
        Log.v("XCERT", "[METHOD] =====  getCertifAuthToken =====");
        contractNum = str3;
        nom = str4;
        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
        keyGenerator.init(256);
        SecretKey generateKey = keyGenerator.generateKey();
        final SecretKeySpec secretKeySpec = new SecretKeySpec(generateKey.getEncoded(), "AES");
        byte[] encoded = generateKey.getEncoded();
        loadKeyStorePK12(context, str2);
        loadKeyStore(context);
        String str6 = "";
        try {
            PrivateKey privateKey = (PrivateKey) keystorePk12.getKey("key", "password".toCharArray());
            Cipher cipher = Cipher.getInstance("RSA/None/NoPadding");
            cipher.init(1, privateKey);
            byte[] doFinal = cipher.doFinal(encoded);
            PublicKey publicKey = keyStore.getCertificate("SDC").getPublicKey();
            Cipher cipher2 = Cipher.getInstance("RSA/None/NoPadding");
            cipher2.init(1, publicKey);
            String encodeBytes = Base64.encodeBytes(cipher2.doFinal(doFinal));
            str6 = (((((((("\nkeystorePK12 getkey init") + "\nkeystorePK12 getkey finish") + "\nEncode privateKeyReference init") + "\nEncode privateKeyReference finish") + "\nkeyStore getCertificate init") + "\nkeyStore getCertificate init") + "\nEncode publicSDCKeyReference init") + "\nEncode publicSDCKeyReference init") + "\ncryptCleSymBase64 encoded";
            if (imei == null) {
                generateIMEI(context);
            }
            if (z) {
                str5 = "pin=" + str + "&numContrat=" + contractNum + "&uid=" + imei + "&nom=" + nom;
            } else {
                str5 = "mdp=" + str + "&idTiers=" + str2 + "&numContrat=" + contractNum + "&uid=" + imei + "&nom=" + nom;
            }
            String str7 = (str6 + "\ncryptInfo contractNum : " + contractNum) + "\ncryptInfo nom : " + nom;
            byte[] bytes = str5.getBytes();
            Cipher cipher3 = Cipher.getInstance("AES");
            cipher3.init(1, secretKeySpec);
            String encodeBytes2 = Base64.encodeBytes(cipher3.doFinal(bytes));
            String str8 = (str7 + "\ncryptInfo encoded") + "\nkeyStore getCertificate : CLIENT" + str2;
            Certificate certificate = keyStore.getCertificate("CLIENT" + str2);
            if (certificate == null) {
                certificate = keyStore.getCertificate("CLIENT");
                str8 = (str8 + "\nkeyStore getCertificate CLIENT" + str2 + " is null") + "\nkeyStore getCertificate : CLIENT setted";
            }
            String encodeBytes3 = Base64.encodeBytes(certificate.getEncoded());
            try {
                String str9 = getCertificatVialinkBaseURL() + URL_CERTIFICAT_AUTH;
                HashMap hashMap = new HashMap();
                if (encodeBytes3 != null) {
                    hashMap.put("cert", encodeBytes3);
                }
                if (encodeBytes != null) {
                    hashMap.put("crypt_cle_sym", encodeBytes);
                }
                if (encodeBytes2 != null) {
                    hashMap.put("crypt_infos", encodeBytes2);
                }
                String str10 = Config.APP_CODE;
                if (str10 != null) {
                    hashMap.put("code_appli", str10);
                }
                hashMap.put("code_canal", "1");
                if (str2 != null) {
                    hashMap.put("cleTechnique", str2);
                }
                if (str3 != null) {
                    hashMap.put("numContrat", str3);
                }
                generateIMEI(App.context());
                String str11 = imei;
                if (str11 != null) {
                    hashMap.put("deviceId", str11);
                    hashMap.put("deviceUuid", str11);
                    hashMap.put("x-trusted-device-id", str11);
                }
                hashMap.put("deviceName", Build.MODEL);
                App2appApiClient.getInstance().postStringRequest(str9, hashMap, new Callback<String>() { // from class: fr.bred.fr.services.CertificatManager.4
                    @Override // fr.bred.fr.core.network.Callback
                    public void failure(BREDError bREDError) {
                        callback.failure(bREDError);
                    }

                    @Override // fr.bred.fr.core.network.Callback
                    public void success(String str12) {
                        if (str12 == null || str12.isEmpty()) {
                            callback.failure(new BREDError("Échec de la demande", "Une erreur s’est produite pendant votre demande.\n\nMerci de réessayer ultérieurement.\n\nSi le problème persiste, vous pouvez contacter un conseiller BRED Direct.", -15));
                            return;
                        }
                        try {
                            JSONObject jSONObject = (JSONObject) new JSONTokener(str12.trim().replaceAll("\n", "")).nextValue();
                            int parseInt = Integer.parseInt(jSONObject.getString("codeRetour"));
                            if (parseInt == -4) {
                                callback.failure(new BREDError("Authentification", "Votre accès sécurisé doit être renouvellé.\n\n Connectez-vous de nouveau  afin de le mettre à jour", parseInt));
                                return;
                            }
                            if (parseInt == -3) {
                                BREDError bREDError = new BREDError("Authentification", "Un problème est survenu lors de votre demande connexion.\n\nMerci de contacter un conseiller BRED Direct.", parseInt);
                                Splunk.log("AuthentVialink", "service==certificatmobile/auth", "numeroContratIpab== " + CertificatManager.userSelected.numeroContratIpab, "nom==" + CertificatManager.nom, "erreur==-3", "erreurVialink==Désynchro");
                                callback.failure(bREDError);
                                return;
                            }
                            if (parseInt == -2) {
                                callback.failure(new BREDError("Authentification", "Trop de tentative de saisie du mot de passe invalide.\n\nMerci de vérifier vos informations et de bien vouloir réessayer ultérieurement", parseInt));
                                return;
                            }
                            if (parseInt == -1) {
                                callback.failure(new BREDError("Authentification", "Saisie du mot de passe invalide.\n\nMerci de vérifier vos informations et de bien vouloir réessayer ultérieurement", parseInt));
                                return;
                            }
                            if (parseInt == 0) {
                                byte[] decode = Base64.decode(jSONObject.optString("result", "").replaceAll("\n", ""));
                                Cipher cipher4 = Cipher.getInstance("AES");
                                cipher4.init(2, secretKeySpec);
                                String[] split = new String(cipher4.doFinal(decode)).split("=");
                                String str13 = split.length == 2 ? split[1] : null;
                                CertificatManager.tokenSaved = str13;
                                Log.v("CertificatManager", "----- -----  ----- tokenSaved : " + CertificatManager.tokenSaved);
                                callback.success(str13);
                                return;
                            }
                            BREDError bREDError2 = new BREDError("Authentification", "Un problème est survenu lors de votre demande connexion.\n\nMerci de vérifier vos informations et de bien vouloir réessayer ultérieurement.", parseInt);
                            Splunk.log("AuthentVialink", "service==certificatmobile/auth", "numeroContratIpab== " + CertificatManager.userSelected.numeroContratIpab, "nom==" + CertificatManager.nom, "erreur==" + parseInt, "erreurVialink==Erreur non traité");
                            callback.failure(bREDError2);
                        } catch (Exception e) {
                            Splunk.log("certificatmanager-getCertifAuthToken", e);
                            callback.failure(new BREDError("Échec de la demande", "Une erreur s’est produite pendant votre demande.\n\nMerci de réessayer ultérieurement.\n\nSi le problème persiste, vous pouvez contacter un conseiller BRED Direct.", -14));
                        }
                    }
                });
            } catch (Exception e) {
                Splunk.log("certificatmanager-getCertifAuthToken", e, "Erreur==" + str8);
                callback.failure(new BREDError("Authentification", "Un problème est survenu lors de votre demande connexion.\n\nMerci de vérifier vos informations et de bien vouloir réessayer ultérieurement.", -16));
            }
        } catch (Exception e2) {
            int i = retryCount;
            if (i > 0) {
                retryCount = i - 1;
                Log.e("CertificatManager", "getCertifAuthToken EXCEPTION : " + e2);
                Log.e("CertificatManager", "getCertifAuthToken retryCount : " + retryCount);
                getCertifAuthToken(str, str2, str3, str4, z, context, callback);
                return;
            }
            Log.e("CertificatManager", "getCertifAuthToken retryCount : " + retryCount);
            Log.e("CertificatManager", "getCertifAuthToken retryCount --> TOO MUCH RETRY");
            Splunk.log("CertificatManager-getCertifAuthToken", e2, "erreur==" + str6);
            Log.v("CertificatManager", "getCertifAuthToken ERROR ENCRYPTAGE");
            callback.failure(new BREDError("Authentification", "Un problème est survenu lors de votre demande connexion.\n\nMerci de vérifier vos informations et de bien vouloir réessayer ultérieurement.", -29));
        }
    }

    public static String getCertificatVialinkBaseURL() {
        return ENVIRONEMENT_VIALINK;
    }

    /* JADX WARN: Code restructure failed: missing block: B:23:0x0029, code lost:
    
        if (r1.equalsIgnoreCase(r4.cleTechnique) != false) goto L26;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static java.util.Date getCertificateDate(android.content.Context r3, fr.bred.fr.data.models.User r4) {
        /*
            r0 = 0
            if (r3 == 0) goto L51
            if (r4 != 0) goto L6
            goto L51
        L6:
            java.lang.String r1 = r4.cleTechnique
            java.lang.String r1 = getCertifiedUserId(r3, r1)
            if (r1 == 0) goto L19
            boolean r2 = r1.isEmpty()
            if (r2 != 0) goto L19
            java.lang.String r1 = r1.trim()
            goto L1a
        L19:
            r1 = r0
        L1a:
            boolean r2 = r4.oldUser
            if (r2 == 0) goto L21
            if (r1 == 0) goto L2c
            return r0
        L21:
            if (r1 == 0) goto L51
            java.lang.String r2 = r4.cleTechnique
            boolean r1 = r1.equalsIgnoreCase(r2)
            if (r1 != 0) goto L2c
            goto L51
        L2c:
            loadKeyStore(r3)     // Catch: java.security.KeyStoreException -> L51
            java.security.KeyStore r3 = fr.bred.fr.services.CertificatManager.keyStore     // Catch: java.security.KeyStoreException -> L51
            java.lang.StringBuilder r1 = new java.lang.StringBuilder     // Catch: java.security.KeyStoreException -> L51
            r1.<init>()     // Catch: java.security.KeyStoreException -> L51
            java.lang.String r2 = "CLIENT"
            r1.append(r2)     // Catch: java.security.KeyStoreException -> L51
            java.lang.String r4 = r4.cleTechnique     // Catch: java.security.KeyStoreException -> L51
            r1.append(r4)     // Catch: java.security.KeyStoreException -> L51
            java.lang.String r4 = r1.toString()     // Catch: java.security.KeyStoreException -> L51
            java.security.cert.Certificate r3 = r3.getCertificate(r4)     // Catch: java.security.KeyStoreException -> L51
            java.security.cert.X509Certificate r3 = (java.security.cert.X509Certificate) r3     // Catch: java.security.KeyStoreException -> L51
            if (r3 == 0) goto L51
            java.util.Date r3 = r3.getNotBefore()     // Catch: java.security.KeyStoreException -> L51
            return r3
        L51:
            return r0
        */
        throw new UnsupportedOperationException("Method not decompiled: fr.bred.fr.services.CertificatManager.getCertificateDate(android.content.Context, fr.bred.fr.data.models.User):java.util.Date");
    }

    private static String getCertifiedUserId(Context context, String str) {
        Log.v("XCERT", "[METHOD] =====  getCertifiedUserId =====");
        if (context == null) {
            return null;
        }
        SharedPreferences sharedPreferences = context.getSharedPreferences("cert", 0);
        Log.w("CertificatManager", "getCertifiedUserId id : " + str);
        return sharedPreferences.getString("certified_id" + str, null);
    }

    private void getClientCertificate(Map<String, String> map, final Callback<String> callback) {
        Log.v("XCERT", "[METHOD] =====  getClientCertificate =====");
        BREDVolleyApiClient.getInstance().postStringRequest(getCertificatVialinkBaseURL() + URL_CLIENT_CERTIFICAT, map, new Callback<String>() { // from class: fr.bred.fr.services.CertificatManager.8
            @Override // fr.bred.fr.core.network.Callback
            public void failure(BREDError bREDError) {
                callback.failure(bREDError);
            }

            @Override // fr.bred.fr.core.network.Callback
            public void success(String str) {
                if (str == null || str.isEmpty()) {
                    callback.failure(new BREDError("Échec de la demande", "Problème durant l'installation du certificat. Veuillez réessayer ultérieurement.", R$styleable.AppCompatTheme_windowActionBar));
                    return;
                }
                try {
                    JSONObject jSONObject = (JSONObject) new JSONTokener(str.trim().replaceAll("\n", "")).nextValue();
                    String replaceAll = jSONObject.getString("codeRetour").replaceAll("\n", "");
                    String replaceAll2 = jSONObject.has("messageErreur") ? jSONObject.getString("messageErreur").replaceAll("\n", "") : null;
                    int parseInt = Integer.parseInt(replaceAll);
                    if (parseInt == -3) {
                        callback.failure(new BREDError("Authentification", "Les informations d’activation semblent  incorrect.\n\nSi le problème persiste, vous pouvez contacter un conseiller BRED Direct.", parseInt));
                        return;
                    }
                    if (parseInt == -2) {
                        callback.failure(new BREDError("Authentification", "Le nombre de tentative d’activation est dépassé.\n\nMerci de réessayer ultérieurement.\n\nSi le problème persiste, vous pouvez contacter un conseiller BRED Direct.", parseInt));
                        return;
                    }
                    if (parseInt == -1) {
                        callback.failure(new BREDError("Authentification", "Une erreur est survenu pendant la validation de votre code.\n\nVérifiez s’il ne comporte pas d’erreur.\n\nSi le problème persiste, vous pouvez contacter un conseiller BRED Direct.", parseInt));
                        return;
                    }
                    if (parseInt == 0) {
                        callback.success(jSONObject.getString("result").replaceAll("\n", ""));
                        return;
                    }
                    if (replaceAll2 == null) {
                        callback.failure(new BREDError("Échec de la demande", "Une erreur s’est produite pendant votre demande.\n\nMerci de réessayer ultérieurement.\n\nSi le problème persiste, vous pouvez contacter un conseiller BRED Direct.", parseInt));
                        return;
                    }
                    callback.failure(new BREDError("Échec de la demande", "Une erreur s’est produite pendant votre demande.\n\n" + replaceAll2, parseInt));
                } catch (Exception e) {
                    Splunk.log("certificatmanager-getClientCertificate", e);
                    callback.failure(new BREDError("Échec de la demande", "Erreur dans la lecture des données.", -18));
                }
            }
        });
    }

    public static void getTokenAccess(final String str, final String str2, final Context context, final Callback<BredSecure> callback) {
        BREDVolleyApiClient.getInstance().getRawData(Config.getBaseURL() + "/rest/Authentication/auth/secure/public", new Callback<Object[]>() { // from class: fr.bred.fr.services.CertificatManager.9
            @Override // fr.bred.fr.core.network.Callback
            public void failure(BREDError bREDError) {
                callback.failure(bREDError);
            }

            @Override // fr.bred.fr.core.network.Callback
            public void success(Object[] objArr) {
                if (objArr != null) {
                    try {
                        CertificatManager.getTokenAccessSecure(str, str2, context, (byte[]) objArr[0], new Callback<BredSecure>() { // from class: fr.bred.fr.services.CertificatManager.9.1
                            @Override // fr.bred.fr.core.network.Callback
                            public void failure(BREDError bREDError) {
                                callback.failure(bREDError);
                            }

                            @Override // fr.bred.fr.core.network.Callback
                            public void success(BredSecure bredSecure) {
                                callback.success(bredSecure);
                            }
                        });
                    } catch (Exception unused) {
                    }
                }
            }
        });
    }

    public static void getTokenAccessSecure(final String str, String str2, final Context context, byte[] bArr, final Callback<BredSecure> callback) {
        generateIMEI(App.getCurrentActivity());
        String str3 = imei;
        HashMap hashMap = new HashMap();
        hashMap.put("deviceUuid", str3);
        hashMap.put("deviceName", Build.MODEL);
        try {
            loadKeyStore(context);
            loadKeyStorePK12(context, str);
            Certificate certificate = keyStore.getCertificate("CLIENT" + str);
            if (certificate == null) {
                callback.failure(new BREDError("Échec de la demande", "BREDSecure non installé.", -20));
                return;
            }
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
            keyGenerator.init(256);
            SecretKey generateKey = keyGenerator.generateKey();
            SecretKeySpec secretKeySpec = new SecretKeySpec(generateKey.getEncoded(), "AES");
            DataInputStream dataInputStream = new DataInputStream(new ByteArrayInputStream(bArr));
            X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(dataInputStream);
            dataInputStream.close();
            Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
            cipher.init(1, x509Certificate.getPublicKey());
            hashMap.put("sharedSecret", Base64.encodeBytes(cipher.doFinal(generateKey.getEncoded())));
            Cipher cipher2 = Cipher.getInstance("AES");
            cipher2.init(1, secretKeySpec);
            hashMap.put("devicePublicKey", Base64.encodeBytes(cipher2.doFinal(certificate.getEncoded())));
            Cipher cipher3 = Cipher.getInstance("AES");
            cipher3.init(1, secretKeySpec);
            hashMap.put("password", Base64.encodeBytes(cipher3.doFinal(str2.getBytes())));
            Key key = keystorePk12.getKey("key", "password".toCharArray());
            Signature signature = Signature.getInstance("SHA1withRSA");
            signature.initSign((PrivateKey) key);
            signature.update(generateKey.getEncoded());
            hashMap.put("signature", Base64.encodeBytes(signature.sign()));
            String str4 = tokenSaved;
            if (str4 != null) {
                hashMap.put("token", str4);
            }
            String str5 = "SymKey_" + str;
            if (Build.VERSION.SDK_INT < 23) {
                callback.failure(new BREDError("Échec de la demande", "Erreur dans la récupération du certificat.", -19));
                return;
            }
            try {
                try {
                    try {
                        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
                        keyPairGenerator.initialize(new KeyGenParameterSpec.Builder(str5, 3).setDigests("SHA-256").setEncryptionPaddings("PKCS1Padding").build());
                        hashMap.put("securePublicKey", Base64.encodeBytes(cipher2.doFinal(keyPairGenerator.generateKeyPair().getPublic().getEncoded())));
                        BREDVolleyApiClient.getInstance().post(Config.getBaseURL() + "/applications/SSO/generateTokenAccess", "generateTokenAccess", hashMap, new Callback() { // from class: fr.bred.fr.services.CertificatManager.10
                            @Override // fr.bred.fr.core.network.Callback
                            public void failure(BREDError bREDError) {
                                callback.failure(bREDError);
                            }

                            @Override // fr.bred.fr.core.network.Callback
                            public void success(Object obj) {
                                BredSecure bredSecure = (BredSecure) new Gson().fromJson(obj.toString(), new TypeToken<BredSecure>(this) { // from class: fr.bred.fr.services.CertificatManager.10.1
                                }.getType());
                                CertifUtils.saveSecureCertif(bredSecure.challenge, str, "challenge", context);
                                BiometricUtils.saveToken(str, bredSecure.token, context);
                                User user = UserManager.getUser();
                                if (user != null) {
                                    user.lightToken = bredSecure.token;
                                    user.isAuthentLight = true;
                                    user.displayFingerPrint = true;
                                    UserManager.saveCurrentUser(context, user);
                                }
                                callback.success(bredSecure);
                            }
                        });
                    } catch (NoSuchAlgorithmException e) {
                        Splunk.log("certificamanger-getTokenAccessSecure", e);
                    }
                } catch (Exception e2) {
                    Splunk.log("certificamanger-getTokenAccessSecure", e2);
                }
            } catch (NoSuchProviderException e3) {
                Splunk.log("certificamanger-getTokenAccessSecure", e3);
            }
        } catch (Exception e4) {
            Splunk.log("certificamanger-getTokenAccessSecure", e4);
        }
    }

    public static X509Certificate isCertifReplaced(Context context, User user) throws Exception {
        X509Certificate x509Certificate;
        Log.v("XCERT", "[METHOD] =====  isCertifReplaced =====");
        Log.v("XCERT", "[isCertifReplaced] loadKeyStore INIT");
        loadKeyStore(context);
        Log.v("XCERT", "[isCertifReplaced] loadKeyStore FINISH");
        Log.v("XCERT", "[isCertifReplaced]  cleTechnique : " + user.cleTechnique);
        Log.v("XCERT", "[isCertifReplaced] oldCertif = CLIENT");
        Log.v("XCERT", "[isCertifReplaced] newCertif = CLIENT" + user.cleTechnique);
        X509Certificate x509Certificate2 = (X509Certificate) keyStore.getCertificate("CLIENT");
        X509Certificate x509Certificate3 = (X509Certificate) keyStore.getCertificate("CLIENT" + user.cleTechnique);
        Log.v("XCERT", "[isCertifReplaced] éléments dans le keystore : ");
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            Log.v("XCERT", "[isCertifReplaced] -> " + aliases.nextElement());
        }
        if (x509Certificate2 != null) {
            Log.v("XCERT", "[isCertifReplaced] oldCertif TROUVE");
            Log.v("XCERT", "[isCertifReplaced] Nom client dans le certificat : " + x509Certificate2.getSubjectDN().getName());
            String[] split = x509Certificate2.getSubjectDN().getName().split(",");
            String str = null;
            String str2 = null;
            String str3 = null;
            for (int i = 0; i < split.length; i++) {
                String str4 = split[i];
                Log.w("XCERT", "[isCertifReplaced] DN [" + i + "][" + str4 + "]");
                if (str4.contains("CN=")) {
                    str3 = str4.toLowerCase();
                }
                if (str4.contains("SURNAME=")) {
                    str2 = str4.replace("SURNAME=", "").toLowerCase();
                }
                if (str4.contains("GIVENNAME=")) {
                    str = str4.replace("GIVENNAME=", "").toLowerCase();
                }
            }
            Log.v("XCERT", "[isCertifReplaced] prenom : " + str);
            Log.v("XCERT", "[isCertifReplaced] nom : " + str2);
            Log.v("XCERT", "[isCertifReplaced] name : " + str3);
            String replace = str3.replace("CN=", "");
            Log.v("XCERT", "[isCertifReplaced] name cn replaced : " + replace);
            String lowerCase = (user.prenom + " " + user.nom).toLowerCase();
            x509Certificate = x509Certificate3;
            if (str == null || str2 == null) {
                if (lowerCase != null && lowerCase.equalsIgnoreCase(replace)) {
                    Log.v("XCERT", "[isCertifReplaced] >>>MATCH<<<< des fullNames");
                    String str5 = "Match des fullnames";
                    try {
                        String str6 = "Match des fullnames\nsetCertificateEntry : CLIENT" + user.cleTechnique;
                        Log.v("XCERT", "[isCertifReplaced] setCertificateEntry : CLIENT" + user.cleTechnique);
                        keyStore.setCertificateEntry("CLIENT" + user.cleTechnique, x509Certificate2);
                        Log.v("XCERT", "[isCertifReplaced] deleteEntry : CLIENT");
                        keyStore.deleteEntry("CLIENT");
                        Log.v("XCERT", "[isCertifReplaced] saveKeyStore INIT");
                        saveKeyStore(App.context());
                        Log.v("XCERT", "[isCertifReplaced] saveKeyStore FINISH");
                        Log.v("XCERT", "[isCertifReplaced] RETURN certificate du keystore avec la clé : CLIENT" + user.cleTechnique);
                        str5 = (((str6 + "\ndeleteEntry : CLIENT") + "\nsaveKeyStore INIT") + "\nsaveKeyStore FINISH") + "\ncertificate du keystore avec la clé : CLIENT" + user.cleTechnique;
                        return (X509Certificate) keyStore.getCertificate("CLIENT" + user.cleTechnique);
                    } catch (Exception e) {
                        Splunk.log("certifictmanager-isCertifReplaced", e, "erreur2== " + str5);
                        Log.w("XCERT", "[isCertifReplaced] Exception");
                    }
                }
            } else if (user.prenom.contains(str) && user.nom.contains(str2)) {
                Log.v("XCERT", "[isCertifReplaced] >>>MATCH<<<< des noms" + str2 + " / " + str + " <--> " + user.nom + " " + user.prenom);
                String str7 = "MATCH des noms";
                try {
                    String str8 = "MATCH des noms\nsetCertificateEntry : CLIENT" + user.cleTechnique;
                    Log.v("XCERT", "[isCertifReplaced] setCertificateEntry : CLIENT" + user.cleTechnique);
                    keyStore.setCertificateEntry("CLIENT" + user.cleTechnique, x509Certificate2);
                    Log.v("XCERT", "[isCertifReplaced] deleteEntry : CLIENT");
                    keyStore.deleteEntry("CLIENT");
                    Log.v("XCERT", "[isCertifReplaced] saveKeyStore INIT");
                    saveKeyStore(App.context());
                    Log.v("XCERT", "[isCertifReplaced] saveKeyStore FINISH");
                    Log.v("XCERT", "[isCertifReplaced] RETURN certificate du keystore avec la clé : CLIENT" + user.cleTechnique);
                    str7 = (((str8 + "\ndeleteEntry : CLIENT") + "\nsaveKeyStore INIT") + "\nsaveKeyStore FINISH") + "\ncertificate du keystore avec la clé : CLIENT" + user.cleTechnique;
                    return (X509Certificate) keyStore.getCertificate("CLIENT" + user.cleTechnique);
                } catch (Exception e2) {
                    Splunk.log("certifictmanager-isCertifReplaced", e2, "erreur== " + str7);
                    Log.w("XCERT", "[isCertifReplaced] Exception");
                }
            }
        } else {
            x509Certificate = x509Certificate3;
        }
        Log.v("XCERT", "[isCertifReplaced] oldCertif NULL");
        Log.v("XCERT", "[isCertifReplaced] RETURN NEW CERTIFICAT");
        return x509Certificate;
    }

    public static boolean isCertificateExpired(Context context, User user) {
        int i;
        Date certificateDate = getCertificateDate(context, user);
        if (certificateDate != null) {
            Calendar calendar = Calendar.getInstance();
            calendar.setTime(certificateDate);
            Calendar calendar2 = Calendar.getInstance();
            if (calendar2.get(5) - calendar.get(5) < 0) {
                i = -1;
                if ((calendar2.get(5) + calendar2.getActualMaximum(5)) - calendar.get(5) > 0) {
                    i = 0;
                }
            } else {
                i = 1;
            }
            if (i + (calendar2.get(2) - calendar.get(2)) + ((calendar2.get(1) - calendar.get(1)) * 12) >= 23) {
                try {
                    Log.v("XCERT", "DELETE CERTIFICAT isCertificateExpired ");
                    deleteCertificats(context, user.cleTechnique);
                } catch (Exception unused) {
                }
                return true;
            }
        }
        return false;
    }

    public static boolean isUserCertificateInstalled(Context context, User user) {
        X509Certificate isCertifReplaced;
        String str;
        Log.v("XCERT", "[METHOD] =====  isUserCertificateInstalled =====");
        if (context == null || user == null) {
            Log.v("XCERT", "[isUserCertificateInstalled] context ou user NULL");
            Log.v("XCERT", "[isUserCertificateInstalled] return FALSE");
            return false;
        }
        Log.v("XCERT", "[isUserCertificateInstalled] user.cleTechnique " + user.cleTechnique);
        String certifiedUserId = getCertifiedUserId(context, user.cleTechnique);
        String certifiedUserId2 = getCertifiedUserId(context, "");
        String str2 = null;
        String trim = (certifiedUserId == null || certifiedUserId.isEmpty()) ? null : certifiedUserId.trim();
        Log.v("XCERT", "[isUserCertificateInstalled]  certified " + certifiedUserId);
        if (user.oldUser) {
            if (trim != null) {
                Log.v("XCERT", "[isUserCertificateInstalled] 1 il y a un id : " + trim);
                Log.v("XCERT", "[isUserCertificateInstalled] return FALSE");
                return false;
            }
            Log.v("XCERT", "[isUserCertificateInstalled] 1 id est null");
        } else if (trim == null || !trim.equalsIgnoreCase(user.cleTechnique)) {
            Log.v("XCERT", "[isUserCertificateInstalled] 2 id == null ou id different de clétechnique");
            if (certifiedUserId2 != null && !certifiedUserId2.isEmpty()) {
                str2 = certifiedUserId2.trim();
            }
            Log.v("XCERT", "[isUserCertificateInstalled]  OldId : " + str2);
            if (str2 == null || !str2.equalsIgnoreCase(user.cleTechnique)) {
                Log.v("XCERT", "[isUserCertificateInstalled]  PAS d'ancien certif");
                Log.v("XCERT", "[isUserCertificateInstalled] return FALSE");
                return false;
            }
        }
        try {
            Log.v("XCERT", "[isUserCertificateInstalled] isCertifReplaced INIT");
            isCertifReplaced = isCertifReplaced(context, user);
            Log.v("XCERT", "[isUserCertificateInstalled] isCertifReplaced FINISH");
            if (isCertifReplaced != null) {
                Log.v("XCERT", "[isUserCertificateInstalled] CERTIFICAT RECUPERER : ");
                str = isCertifReplaced.getIssuerDN().toString();
            } else {
                Log.v("XCERT", "[isUserCertificateInstalled] PAS DE CERTIFICAT RECUPERER ");
                str = "";
            }
        } catch (KeyStoreException unused) {
            Log.w("XCERT", "[isUserCertificateInstalled] KeyStoreException");
        } catch (Exception unused2) {
            Log.w("XCERT", "[isUserCertificateInstalled] Exception");
        }
        if ("".equalsIgnoreCase(str)) {
            Log.v("XCERT", "[isUserCertificateInstalled] pas de user récupérer");
            Log.v("XCERT", "[isUserCertificateInstalled] return FALSE");
            Log.v("XCERT", "[isUserCertificateInstalled] return FALSE");
            return false;
        }
        Log.v("XCERT", "[isUserCertificateInstalled] USER du certif récupérer : " + isCertifReplaced.getIssuerDN());
        Log.v("XCERT", "[isUserCertificateInstalled] return TRUE");
        return true;
    }

    public static void loadKeyStore(Context context) {
        Log.v("XCERT", "[METHOD] =====  loadKeyStore =====");
        try {
            Log.v("XCERT", "[loadKeyStore] KeyStore.getInstance(\"BKS\")");
            KeyStore keyStore2 = KeyStore.getInstance("BKS");
            keyStore = keyStore2;
            if (keyStore2 == null) {
                Splunk.log("certificatManager-loadKeyStore", "keyStore==null");
            }
            try {
                Log.v("XCERT", "[loadKeyStore] openFileInput  : " + filenameKeyStore);
                FileInputStream openFileInput = context.openFileInput(filenameKeyStore);
                Log.v("XCERT", "[loadKeyStore] loadkeystore 'input' init");
                keyStore.load(openFileInput, "password".toCharArray());
                Log.v("XCERT", "[loadKeyStore] loadkeystore finish");
                if (openFileInput != null) {
                    openFileInput.close();
                }
            } catch (Exception unused) {
                Log.w("XCERT", "[loadKeyStore] Exception 1");
                Log.v("XCERT", "[loadKeyStore] loadkeystore 'null' init");
                keyStore.load(null, "password".toCharArray());
            }
        } catch (Exception e) {
            Log.w("XCERT", "[loadKeyStore] Exception 2 ");
            Object[] objArr = new Object[2];
            StringBuilder sb = new StringBuilder();
            sb.append("keystoreStatus==");
            sb.append(keyStore);
            objArr[0] = sb.toString() != null ? "Ok" : "KO";
            objArr[1] = e;
            Splunk.log("certificatManager-loadKeyStore", objArr);
        }
    }

    /* JADX WARN: Code restructure failed: missing block: B:323:0x0247, code lost:
    
        r3 = (java.security.cert.X509Certificate) r4.getCertificate(r14);
     */
    /* JADX WARN: Code restructure failed: missing block: B:96:0x085a, code lost:
    
        r10 = (java.security.cert.X509Certificate) r3.getCertificate(r14);
     */
    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Removed duplicated region for block: B:139:0x0ce0 A[Catch: Exception -> 0x0cec, TryCatch #3 {Exception -> 0x0cec, blocks: (B:137:0x0cb7, B:139:0x0ce0, B:140:0x0ce3), top: B:136:0x0cb7 }] */
    /* JADX WARN: Removed duplicated region for block: B:362:0x069c A[Catch: Exception -> 0x06a6, TryCatch #46 {Exception -> 0x06a6, blocks: (B:360:0x064e, B:362:0x069c, B:363:0x069f), top: B:359:0x064e, outer: #51 }] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static void loadKeyStorePK12(android.content.Context r29, java.lang.String r30) {
        /*
            Method dump skipped, instructions count: 3579
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: fr.bred.fr.services.CertificatManager.loadKeyStorePK12(android.content.Context, java.lang.String):void");
    }

    public static void moveCertificate(Context context, User user) throws Exception {
        saveCertifiedUserId(context, user.cleTechnique.trim());
    }

    public static void removeCertifiedUserId(Context context, String str) {
        Log.v("XCERT", "[METHOD] =====  removeCertifiedUserId =====");
        Log.w("XCERT", "removeCertifiedUserId id : " + str);
        SharedPreferences.Editor edit = context.getSharedPreferences("cert", 0).edit();
        edit.putString("certified_id" + str, "");
        edit.apply();
    }

    private static void saveCertifiedUserId(Context context, String str) {
        Log.v("XCERT", "[METHOD] =====  saveCertifiedUserId =====");
        Log.w("XCERT", "saveCertifiedUserId id : " + str);
        SharedPreferences.Editor edit = context.getSharedPreferences("cert", 0).edit();
        edit.putString("certified_id" + str, str);
        edit.apply();
    }

    public static void saveKeyStore(Context context) throws Exception {
        Log.v("XCERT", "[METHOD] =====  saveKeyStore 2 =====");
        FileOutputStream openFileOutput = context.openFileOutput(filenameKeyStore, 0);
        keyStore.store(openFileOutput, "password".toCharArray());
        openFileOutput.close();
    }

    public void checkConfig(final Callback<Boolean> callback) {
        try {
            final String str = getCertificatVialinkBaseURL() + URL_TEST_CERTIFICAT;
            String str2 = Config.APP_VERSION;
            String str3 = Config.APP_CODE;
            String str4 = Config.CODE_CANAL;
            String str5 = "0.0";
            String vRSParameter = getVRSParameter();
            if (keyStore.getCertificate("SDC") != null && vRSParameter != null) {
                str5 = vRSParameter;
            }
            HashMap hashMap = new HashMap();
            hashMap.put("code_version", str2);
            hashMap.put("code_appli", str3);
            hashMap.put("code_canal", str4);
            hashMap.put("vrs_parametre", str5);
            BREDVolleyApiClient.getInstance().postStringRequest(str, hashMap, new Callback<String>() { // from class: fr.bred.fr.services.CertificatManager.2
                @Override // fr.bred.fr.core.network.Callback
                public void failure(BREDError bREDError) {
                    Callback callback2 = callback;
                    if (callback2 != null) {
                        callback2.failure(bREDError);
                    }
                }

                @Override // fr.bred.fr.core.network.Callback
                public void success(String str6) {
                    try {
                        JSONObject jSONObject = (JSONObject) new JSONTokener(str6).nextValue();
                        String string = jSONObject.getString("RESULT");
                        if (string.compareTo("0") == 0) {
                            String unused = CertificatManager.URL_SDC_CERTIFICAT = jSONObject.getString("URL_CERT_SDC");
                            Log.v("DEBUG_URL", CertificatManager.URL_SDC_CERTIFICAT);
                            final String optString = jSONObject.optString("VRS_PARAMETRE");
                            CertificatManager.this.installSDCCertificate(new Callback<Boolean>() { // from class: fr.bred.fr.services.CertificatManager.2.1
                                @Override // fr.bred.fr.core.network.Callback
                                public void failure(BREDError bREDError) {
                                    Callback callback2 = callback;
                                    if (callback2 != null) {
                                        callback2.failure(bREDError);
                                    }
                                }

                                @Override // fr.bred.fr.core.network.Callback
                                public void success(Boolean bool) {
                                    if (bool == null || !bool.booleanValue()) {
                                        Callback callback2 = callback;
                                        if (callback2 != null) {
                                            callback2.failure(new BREDError("Échec de la demande", "Problème lors de l'installation du certificat", 13));
                                            return;
                                        }
                                        return;
                                    }
                                    String str7 = optString;
                                    if (str7 != null) {
                                        CertificatManager.this.saveVRSParameter(str7);
                                    }
                                    Log.v("CertificatManager", "Installation certif CLIENT");
                                    CertificatManager.this.installationCertificats(CertificatManager.mdp, CertificatManager.otpSMS, CertificatManager.idTiers, callback);
                                }
                            });
                        } else if (string.compareTo("1") == 0) {
                            Log.v("CertificatManager", "Certificat SDC déjà récupéré et valide");
                            if (CertificatManager.mdp != null || CertificatManager.otpSMS != null) {
                                Log.v("CertificatManager", "Lancement installation certificat client");
                                CertificatManager.this.installationCertificats(CertificatManager.mdp, CertificatManager.otpSMS, CertificatManager.cleTechnique, callback);
                            }
                        } else {
                            Callback callback2 = callback;
                            if (callback2 != null) {
                                callback2.failure(new BREDError("Échec de la demande", "Erreur dans l'installation du certificat.", 14));
                            }
                        }
                    } catch (Exception e) {
                        Callback callback3 = callback;
                        if (callback3 != null) {
                            callback3.failure(BREDError.exceptionError(e, 11));
                        }
                    }
                }
            });
        } catch (Exception e) {
            if (callback != null) {
                callback.failure(BREDError.exceptionError(e, 12));
            }
        }
    }

    public void checkConfigInstallationMdp(String str, String str2, String str3, String str4, String str5, Callback<Boolean> callback) {
        contractNum = str;
        idTiers = str3;
        cleTechnique = str2;
        mdp = str5;
        nom = str4;
        loadKeyStore(this.mContext);
        checkConfig(callback);
    }

    public void checkConfigInstallationOtpSms(String str, String str2, String str3, String str4, String str5, Callback<Boolean> callback) {
        contractNum = str;
        idTiers = str3;
        cleTechnique = str2;
        otpSMS = str5;
        nom = str4;
        loadKeyStore(this.mContext);
        checkConfig(callback);
    }

    public void checkSDCCertificate(final Callback<Boolean> callback) {
        try {
            final String str = getCertificatVialinkBaseURL() + URL_TEST_CERTIFICAT;
            final String str2 = Config.APP_VERSION;
            final String str3 = Config.APP_CODE;
            final String str4 = Config.CODE_CANAL;
            if (keyStore == null) {
                loadKeyStore(this.mContext);
            }
            String vRSParameter = getVRSParameter();
            final String str5 = (keyStore.getCertificate("SDC") == null || vRSParameter == null) ? "0.0" : vRSParameter;
            HashMap hashMap = new HashMap();
            hashMap.put("code_version", str2);
            hashMap.put("code_appli", str3);
            hashMap.put("code_canal", str4);
            hashMap.put("vrs_parametre", str5);
            BREDVolleyApiClient.getInstance().postStringRequest(str, hashMap, new Callback<String>() { // from class: fr.bred.fr.services.CertificatManager.1
                @Override // fr.bred.fr.core.network.Callback
                public void failure(BREDError bREDError) {
                    Callback callback2 = callback;
                    if (callback2 != null) {
                        callback2.failure(bREDError);
                    }
                }

                @Override // fr.bred.fr.core.network.Callback
                public void success(String str6) {
                    try {
                        JSONObject jSONObject = (JSONObject) new JSONTokener(str6).nextValue();
                        String string = jSONObject.getString("RESULT");
                        if (string.compareTo("0") == 0) {
                            String unused = CertificatManager.URL_SDC_CERTIFICAT = jSONObject.getString("URL_CERT_SDC");
                            final String optString = jSONObject.optString("VRS_PARAMETRE");
                            CertificatManager.this.installSDCCertificate(new Callback<Boolean>() { // from class: fr.bred.fr.services.CertificatManager.1.1
                                @Override // fr.bred.fr.core.network.Callback
                                public void failure(BREDError bREDError) {
                                    Callback callback2 = callback;
                                    if (callback2 != null) {
                                        callback2.failure(bREDError);
                                    }
                                }

                                @Override // fr.bred.fr.core.network.Callback
                                public void success(Boolean bool) {
                                    if (bool == null || !bool.booleanValue()) {
                                        Callback callback2 = callback;
                                        if (callback2 != null) {
                                            callback2.failure(new BREDError("Échec de la demande", "L'installation du certificat SDC n'a pu aboutir.", -10));
                                            return;
                                        }
                                        return;
                                    }
                                    String str7 = optString;
                                    if (str7 != null) {
                                        CertificatManager.this.saveVRSParameter(str7);
                                    }
                                    Callback callback3 = callback;
                                    if (callback3 != null) {
                                        callback3.success(bool);
                                    }
                                }
                            });
                        } else if (string.compareTo("1") == 0) {
                            Log.v("CertificatManager", "Certificat SDC déjà récupéré et valide");
                            Callback callback2 = callback;
                            if (callback2 != null) {
                                callback2.success(Boolean.TRUE);
                            }
                        } else {
                            Splunk.log("checkConfig", "code_version==" + str2, "code_appli==" + str3, "code_canal==" + str4, "vrs_parametre==" + str5, "erreur_result==" + string);
                            Callback callback3 = callback;
                            if (callback3 != null) {
                                callback3.failure(new BREDError("Échec de la demande", "L'installation du certificat SDC n'a pu aboutir.", -11));
                            }
                        }
                    } catch (Exception e) {
                        Splunk.log("checkConfig", e, "code_version==" + str2, "code_appli==" + str3, "code_canal==" + str4, "vrs_parametre==" + str5);
                        Callback callback4 = callback;
                        if (callback4 != null) {
                            callback4.failure(new BREDError("Échec de la demande", "L'installation du certificat SDC n'a pu aboutir.", -12));
                        }
                    }
                }
            });
        } catch (Exception e) {
            if (callback != null) {
                callback.failure(new BREDError("Échec de la demande", "L'installation du certificat SDC n'a pu aboutir.", -13));
            }
            Splunk.log("checkConfig", e, "erreur==5");
        }
    }

    public String getVRSParameter() {
        return this.mContext.getSharedPreferences("cert", 0).getString("vrs_parameter", null);
    }

    public void installSDCCertificate(final Callback<Boolean> callback) {
        Log.v("XCERT", "[METHOD] =====  installSDCCertificate =====");
        BREDVolleyApiClient.getInstance().getRawData(URL_SDC_CERTIFICAT, new Callback<Object[]>() { // from class: fr.bred.fr.services.CertificatManager.6
            @Override // fr.bred.fr.core.network.Callback
            public void failure(BREDError bREDError) {
                callback.failure(bREDError);
            }

            @Override // fr.bred.fr.core.network.Callback
            public void success(Object[] objArr) {
                try {
                    DataInputStream dataInputStream = new DataInputStream(new ByteArrayInputStream((byte[]) objArr[0]));
                    X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(dataInputStream);
                    dataInputStream.close();
                    if (x509Certificate != null) {
                        CertificatManager.keyStore.setCertificateEntry("SDC", x509Certificate);
                        CertificatManager.this.saveKeyStore();
                    }
                    callback.success(Boolean.TRUE);
                } catch (Exception unused) {
                    callback.failure(new BREDError("Échec de la demande", "Installation du certificat SDC n'a pu aboutir.", 11));
                }
            }
        });
    }

    public void installationCertificats(String str, String str2, String str3, final Callback<Boolean> callback) {
        String str4;
        Log.v("XCERT", "[METHOD] =====  installationCertificats =====");
        String str5 = "";
        try {
            PublicKey publicKey = keyStore.getCertificate("SDC").getPublicKey();
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
            keyGenerator.init(256);
            SecretKey generateKey = keyGenerator.generateKey();
            final SecretKeySpec secretKeySpec = new SecretKeySpec(generateKey.getEncoded(), "AES");
            byte[] encoded = generateKey.getEncoded();
            Cipher cipher = Cipher.getInstance("RSA/None/NoPadding");
            cipher.init(1, publicKey);
            String encodeBytes = Base64.encodeBytes(cipher.doFinal(encoded));
            String str6 = (((("\nkeystore getCertificate init") + "\nkeystore getCertificate finish") + "\nKeyGenerator finish") + "\nSecretKeySpec finish") + "\ncryptCleSymBase64 finish";
            if (imei == null) {
                generateIMEI(this.mContext);
            }
            if (str != null) {
                str4 = "mdpTemp=" + str + "&idTiers=" + str3 + "&application=ipab&numContrat=" + contractNum + "&uid=" + imei + "&nom=" + nom;
            } else {
                str4 = "otpSms=" + str2.toUpperCase(Locale.FRENCH) + "&idTiers=" + str3 + "&application=ipab&numContrat=" + contractNum + "&uid=" + imei + "&nom=" + nom;
            }
            String str7 = str6 + "\ncryptInfo finish";
            if (nomNaissance != null) {
                str4 = str4 + "&nom2=" + nomNaissance;
            }
            byte[] bytes = str4.getBytes();
            Cipher cipher2 = Cipher.getInstance("AES");
            cipher2.init(1, secretKeySpec);
            String encodeBytes2 = Base64.encodeBytes(cipher2.doFinal(bytes));
            str5 = str7 + "\ncryptInfoStringBase64 finish";
            HashMap hashMap = new HashMap();
            if (encodeBytes != null) {
                hashMap.put("crypt_cle_sym", encodeBytes);
            }
            if (encodeBytes2 != null) {
                hashMap.put("crypt_infos", encodeBytes2);
            }
            String str8 = Config.APP_CODE;
            if (str8 != null) {
                hashMap.put("code_appli", str8);
            }
            String str9 = Config.CODE_CANAL;
            if (str9 != null) {
                hashMap.put("code_canal", str9);
            }
            String str10 = Config.APP_VERSION;
            if (str10 != null) {
                hashMap.put("code_version", str10);
            }
            getClientCertificate(hashMap, new Callback<String>() { // from class: fr.bred.fr.services.CertificatManager.5
                @Override // fr.bred.fr.core.network.Callback
                public void failure(BREDError bREDError) {
                    Callback callback2 = callback;
                    if (callback2 != null) {
                        callback2.failure(bREDError);
                    }
                }

                @Override // fr.bred.fr.core.network.Callback
                public void success(String str11) {
                    CertificatManager.this.decodeAndSaveClientCertificate(str11, secretKeySpec, callback);
                }
            });
        } catch (Exception e) {
            Splunk.log("Certificat-installationCertificats", e, "erreurAppel==" + str5);
            if (callback != null) {
                callback.failure(new BREDError("Échec de la demande", "Une erreur s’est produite pendant votre demande.", -17));
            }
        }
    }

    public void saveKeyStore() throws Exception {
        Log.v("XCERT", "[METHOD] =====  saveKeyStore =====");
        FileOutputStream openFileOutput = this.mContext.openFileOutput(filenameKeyStore, 0);
        keyStore.store(openFileOutput, "password".toCharArray());
        openFileOutput.close();
    }

    public void saveVRSParameter(String str) {
        SharedPreferences.Editor edit = this.mContext.getSharedPreferences("cert", 0).edit();
        edit.putString("vrs_parameter", str);
        edit.apply();
    }
}
