package com.daon.sdk.device;

import android.app.KeyguardManager;
import android.content.Context;
import android.os.Build;
import android.os.Bundle;
import android.os.Debug;
import android.security.keystore.KeyInfo;
import android.security.keystore.KeyPermanentlyInvalidatedException;
import android.security.keystore.UserNotAuthenticatedException;
import android.util.Log;
import com.daon.sdk.crypto.SecureKeyStore;
import com.daon.sdk.crypto.SecureStorageFactory;
import com.daon.sdk.device.authenticator.Authenticator;
import com.daon.sdk.device.authenticator.a;
import com.daon.sdk.device.util.DeviceInfo;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.UnrecoverableKeyException;
import java.security.spec.InvalidKeySpecException;
import java.util.Date;
import java.util.Enumeration;
import java.util.UUID;

/* loaded from: classes.dex */
public class IXAFactor implements IXAErrorCodes {
    public static final int OPTION_ALGORITHM_ECDSA = 16;
    public static final int OPTION_DEFAULT = 0;
    public static final int OPTION_ENABLE_ALT_AUTH = 128;
    public static final int OPTION_ENABLE_BIOMETRICS_API = 256;
    public static final int OPTION_INVALIDATE_BY_ENROLLMENT = 64;
    public static final int OPTION_NO_UI = 512;
    public static final int OPTION_ONLY_USE_EXISTING_KEYS = 2;
    public static final int OPTION_PLATFORM_API_ONLY = 32;
    public static final int OPTION_USER_AUTHENTICATION_REQUIRED = 4;
    public static final int OPTION_USE_CRYPTO_OBJECT = 8;
    public static final int OPTION_VENDOR_UI = 1;

    /* renamed from: a, reason: collision with root package name */
    Context f430a;
    private byte[] b;
    private int c;
    private String d;
    private boolean e;
    protected SecureKeyStore keystore;
    protected Signature signature;

    IXAFactor(Context context, String str) throws Exception {
        this(context, null, str, 2);
    }

    public IXAFactor(Context context, String str, String str2) throws Exception {
        this(context, str, str2, 0);
    }

    public IXAFactor(Context context, String str, String str2, int i) throws Exception {
        this(context, str, str2, i, null);
    }

    public IXAFactor(Context context, String str, String str2, int i, Bundle bundle) throws Exception {
        this.e = false;
        this.f430a = context;
        this.d = str;
        this.c = i;
        String str3 = (i & 16) != 0 ? "EC" : "RSA";
        boolean z = (i & 4) != 0;
        boolean z2 = (i & 64) != 0;
        boolean z3 = (i & 8) != 0;
        Bundle bundle2 = new Bundle();
        bundle2.putBoolean("key.property.authentication.required", z);
        bundle2.putBoolean("key.property.biometric.enroll.invalidate", z2);
        bundle2.putBoolean("key.property.use.crypto.object", z3);
        bundle2.putString("key.property.algorithm", str3);
        if (bundle != null) {
            bundle2.putAll(bundle);
        }
        this.keystore = SecureStorageFactory.getKeyStoreInstance(context, str2, bundle2);
        if ((i & 2) == 0) {
            checkAndPrintKeys();
            boolean z4 = !this.keystore.hasKey(str);
            this.e = z4;
            if (z4) {
                if (Build.MANUFACTURER.toLowerCase().contains("huawei") && z && z2) {
                    a(str, bundle2);
                } else {
                    this.keystore.createKeyPair(str, bundle2);
                }
            }
        }
    }

    private KeyInfo a(KeyStore keyStore, String str) throws UnrecoverableKeyException, NoSuchAlgorithmException, KeyStoreException, NoSuchProviderException, InvalidKeySpecException {
        Key key = keyStore.getKey(str, null);
        if (key instanceof PrivateKey) {
            return a((PrivateKey) key);
        }
        return null;
    }

    private KeyInfo a(PrivateKey privateKey) throws NoSuchProviderException, NoSuchAlgorithmException, InvalidKeySpecException {
        if (Build.VERSION.SDK_INT >= 23) {
            return (KeyInfo) KeyFactory.getInstance(privateKey.getAlgorithm(), "AndroidKeyStore").getKeySpec(privateKey, KeyInfo.class);
        }
        return null;
    }

    private void a() {
        if (Build.VERSION.SDK_INT >= 24) {
            try {
                KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
                keyStore.load(null);
                Enumeration<String> aliases = keyStore.aliases();
                while (aliases.hasMoreElements()) {
                    String nextElement = aliases.nextElement();
                    try {
                        KeyInfo a2 = a(keyStore, nextElement);
                        if (a2 != null) {
                            if (a2.isUserAuthenticationRequired()) {
                                DeviceInfo.log("Key pair: " + nextElement + ": User authentication required");
                            }
                            if (a2.isInvalidatedByBiometricEnrollment()) {
                                DeviceInfo.log("Key pair: " + nextElement + ": Biometrics");
                            }
                            if (a2.isInsideSecureHardware()) {
                                DeviceInfo.log("Key pair: " + nextElement + ": Hardware");
                            } else {
                                DeviceInfo.log("Key pair: " + nextElement + ": Software");
                            }
                        }
                    } catch (Exception e) {
                        DeviceInfo.log("Key pair: " + nextElement + ": Exception: " + e.getMessage());
                    }
                }
            } catch (Exception e2) {
                DeviceInfo.log("Key pair validation failed: " + e2.getMessage());
            }
        }
    }

    private void a(String str, Bundle bundle) throws Exception {
        Log.i("DAON", "HUAWEI Patch.");
        String uuid = UUID.randomUUID().toString();
        this.keystore.createKeyPair(uuid, bundle);
        try {
            Signature signature = (Build.VERSION.SDK_INT < 23 || (getOptions() & 8) == 0) ? null : this.keystore.getSignature(uuid);
            Authenticator a2 = a.a(this.f430a, getOptions());
            if (a2 != null) {
                a2.a(signature);
            }
        } catch (Exception e) {
            DeviceInfo.log("Patch Exception: " + e.getMessage());
        }
        this.keystore.removeKey(uuid);
        this.keystore.createKeyPair(str, bundle);
    }

    private boolean b() {
        try {
            return this.keystore.hasKey(this.d);
        } catch (Exception e) {
            DeviceInfo.log("PrivateKey Exception: " + e.getMessage());
            return false;
        }
    }

    private boolean c() {
        try {
            return this.keystore.getPublicKey(this.d) != null;
        } catch (Exception e) {
            DeviceInfo.log("PublicKey Exception: " + e.getMessage());
            return false;
        }
    }

    public static void deleteKeys(Context context, String str) throws Exception {
        new IXAFactor(context, "").deleteKeys(str);
    }

    public static boolean hasKey(Context context, String str, String str2) throws Exception {
        return new IXAFactor(context, str2).hasKey(str);
    }

    public static boolean isLockScreenEnabled(Context context) {
        KeyguardManager keyguardManager = (KeyguardManager) context.getSystemService("keyguard");
        return keyguardManager != null && keyguardManager.isKeyguardSecure();
    }

    public void authenticate(IXAAuthenticationHandler iXAAuthenticationHandler) {
        byte[] bArr = this.b;
        if (bArr == null || bArr.length == 0) {
            iXAAuthenticationHandler.onAuthenticationFailed(1004);
            return;
        }
        if (!c()) {
            iXAAuthenticationHandler.onAuthenticationFailed(IXAErrorCodes.ERROR_NO_KEYS);
            return;
        }
        if (!b()) {
            iXAAuthenticationHandler.onAuthenticationFailed(1003);
            return;
        }
        byte[] bArr2 = null;
        if (Build.VERSION.SDK_INT >= 23) {
            try {
                bArr2 = sign(this.signature, this.b);
            } catch (Exception e) {
                if (e instanceof KeyPermanentlyInvalidatedException) {
                    iXAAuthenticationHandler.onAuthenticationFailed(1007);
                } else if (e instanceof UserNotAuthenticatedException) {
                    iXAAuthenticationHandler.onAuthenticationFailed(1008);
                } else if (e.getMessage().contains("user not authenticated")) {
                    iXAAuthenticationHandler.onAuthenticationFailed(1007);
                } else {
                    iXAAuthenticationHandler.onAuthenticationFailed(1006);
                }
            }
        } else {
            try {
                bArr2 = this.keystore.sign(this.d, this.b);
            } catch (Exception unused) {
                iXAAuthenticationHandler.onAuthenticationFailed(1006);
            }
        }
        if (bArr2 != null) {
            iXAAuthenticationHandler.onAuthenticationComplete(bArr2);
        }
    }

    /* JADX WARN: Removed duplicated region for block: B:27:0x01ce A[SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:32:0x001a A[SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:33:0x00e1 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public void checkAndPrintKeys() {
        /*
            Method dump skipped, instructions count: 539
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.daon.sdk.device.IXAFactor.checkAndPrintKeys():void");
    }

    public byte[] decrypt(byte[] bArr) throws Exception {
        return SecureStorageFactory.getStorageInstance(this.f430a).decrypt(bArr);
    }

    public void deleteKeys(String str) {
        if (str == null || str.length() <= 0) {
            return;
        }
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                try {
                    if (nextElement.startsWith(str)) {
                        DeviceInfo.log("Key: " + nextElement + ": Removing...");
                        keyStore.deleteEntry(nextElement);
                        if (this.keystore.hasKey(nextElement)) {
                            DeviceInfo.log("Key: " + nextElement + ": Remove failed");
                        } else {
                            DeviceInfo.log("Key: " + nextElement + ": Removed");
                        }
                    }
                } catch (Exception e) {
                    DeviceInfo.log("Key: " + nextElement + ": Exception: " + e.getMessage());
                }
            }
        } catch (Exception e2) {
            DeviceInfo.log("Key remove failed: " + e2.getMessage());
        }
    }

    public byte[] encrypt(byte[] bArr) throws Exception {
        return SecureStorageFactory.getStorageInstance(this.f430a).encrypt(bArr);
    }

    public byte[] getChallenge() {
        return this.b;
    }

    public Context getContext() {
        return this.f430a;
    }

    public String getDataStorageType() {
        return "OS";
    }

    public byte[] getEncodedPublicKey() throws Exception {
        PublicKey publicKey = this.keystore.getPublicKey(this.d);
        if (publicKey != null) {
            return publicKey.getEncoded();
        }
        return null;
    }

    public String getKeyAttestationData() throws Exception {
        return getKeyAttestationData(this.d);
    }

    public String getKeyAttestationData(String str) throws Exception {
        return this.keystore.getKeyAttestationData(str);
    }

    public Date getKeyDate() throws Exception {
        return this.keystore.getDate(this.d);
    }

    public String getKeyName() {
        return this.d;
    }

    public String getKeyStoreType() {
        return this.keystore.getType();
    }

    public int getOptions() {
        return this.c;
    }

    public boolean hasKey(String str) throws Exception {
        return this.keystore.hasKey(str);
    }

    public boolean hasKeys() {
        try {
            return this.keystore.hasKey(this.d);
        } catch (Exception e) {
            DeviceInfo.log("HasKeys Exception: " + e.getMessage());
            return false;
        }
    }

    public boolean isDebugging() {
        return com.daon.sdk.device.a.a.a(this.f430a) || com.daon.sdk.device.a.a.b(this.f430a) || Debug.isDebuggerConnected();
    }

    public boolean isNewKeys() {
        return this.e;
    }

    public boolean isRooted() {
        return com.daon.sdk.device.a.a.a();
    }

    public boolean isSupported() {
        return true;
    }

    public boolean removeKeys() throws Exception {
        return this.keystore.removeKey(this.d);
    }

    public void setChallenge(byte[] bArr) {
        this.b = bArr;
    }

    public byte[] sign(Signature signature, String str, byte[] bArr) throws Exception {
        if (signature == null) {
            return this.keystore.sign(str, bArr);
        }
        signature.update(bArr);
        return signature.sign();
    }

    public byte[] sign(Signature signature, byte[] bArr) throws Exception {
        if (signature == null) {
            return this.keystore.sign(this.d, bArr);
        }
        signature.update(bArr);
        return signature.sign();
    }
}
