package com.tosan.faceet.eid.utils;

import android.app.Activity;
import android.content.Context;
import android.os.Build;
import android.os.Handler;
import android.os.Looper;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import androidx.biometric.BiometricManager;
import androidx.biometric.BiometricPrompt;
import androidx.core.content.ContextCompat;
import androidx.fragment.app.FragmentActivity;
import com.reactlibrary.securekeystore.Constants;
import com.tosan.faceet.eid.R;
import com.tosan.faceet.eid.business.exceptions.BiometricException;
import com.tosan.faceet.eid.business.exceptions.KeyExpiredException;
import com.tosan.faceet.eid.business.exceptions.PKIException;
import com.tosan.faceet.eid.utils.i;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.StringWriter;
import java.math.BigInteger;
import java.nio.charset.StandardCharsets;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.UnrecoverableEntryException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.GregorianCalendar;
import java.util.Locale;
import javax.security.auth.x500.X500Principal;
import org.spongycastle.cert.X509CertificateHolder;
import org.spongycastle.cert.jcajce.JcaCertStore;
import org.spongycastle.cms.CMSException;
import org.spongycastle.cms.CMSProcessableByteArray;
import org.spongycastle.cms.CMSSignedDataGenerator;
import org.spongycastle.cms.jcajce.JcaSignerInfoGeneratorBuilder;
import org.spongycastle.operator.ContentSigner;
import org.spongycastle.operator.OperatorCreationException;
import org.spongycastle.operator.jcajce.JcaContentSignerBuilder;
import org.spongycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder;
import org.spongycastle.util.io.pem.PemObject;
import org.spongycastle.util.io.pem.PemWriter;

/* loaded from: classes3.dex */
public final class i {
    public static final String c = System.lineSeparator();
    public static i d;

    /* renamed from: a, reason: collision with root package name */
    public final KeyStore f252a;

    /* renamed from: b, reason: collision with root package name */
    public b f253b;

    /* loaded from: classes3.dex */
    public class a extends BiometricPrompt.AuthenticationCallback {

        /* renamed from: a, reason: collision with root package name */
        public final /* synthetic */ String f254a;

        public a(String str) {
            this.f254a = str;
        }

        /* JADX INFO: Access modifiers changed from: private */
        public /* synthetic */ void a(String str) {
            i iVar;
            KeyExpiredException keyExpiredException;
            i iVar2;
            PKIException pKIException;
            Locale locale = Locale.getDefault();
            try {
                Locale.setDefault(Locale.ENGLISH);
                Certificate[] certificateChain = i.this.f252a.getCertificateChain("TOSAN_FACEET_EID");
                ArrayList arrayList = new ArrayList(Arrays.asList(certificateChain));
                org.spongycastle.asn1.x509.Certificate certificate = org.spongycastle.asn1.x509.Certificate.getInstance(certificateChain[0].getEncoded());
                JcaSignerInfoGeneratorBuilder jcaSignerInfoGeneratorBuilder = new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().build());
                X509CertificateHolder x509CertificateHolder = new X509CertificateHolder(certificate);
                ContentSigner build = new JcaContentSignerBuilder("SHA256WithRSA").build((PrivateKey) i.this.f252a.getKey("TOSAN_FACEET_EID", null));
                JcaCertStore jcaCertStore = new JcaCertStore(arrayList);
                CMSSignedDataGenerator cMSSignedDataGenerator = new CMSSignedDataGenerator();
                cMSSignedDataGenerator.addSignerInfoGenerator(jcaSignerInfoGeneratorBuilder.build(build, x509CertificateHolder));
                cMSSignedDataGenerator.addCertificates(jcaCertStore);
                String encodeToString = Base64.encodeToString(cMSSignedDataGenerator.generate(new CMSProcessableByteArray(str.getBytes(StandardCharsets.UTF_8)), true).getEncoded(), 0);
                Locale.setDefault(locale);
                i.this.f(encodeToString);
            } catch (IOException e) {
                e = e;
                Locale.setDefault(locale);
                iVar2 = i.this;
                pKIException = new PKIException(e);
                iVar2.b(pKIException);
            } catch (KeyStoreException e2) {
                e = e2;
                Locale.setDefault(locale);
                iVar2 = i.this;
                pKIException = new PKIException(e);
                iVar2.b(pKIException);
            } catch (NoSuchAlgorithmException e3) {
                e = e3;
                Locale.setDefault(locale);
                iVar2 = i.this;
                pKIException = new PKIException(e);
                iVar2.b(pKIException);
            } catch (UnrecoverableKeyException e4) {
                e = e4;
                Locale.setDefault(locale);
                iVar2 = i.this;
                pKIException = new PKIException(e);
                iVar2.b(pKIException);
            } catch (CertificateEncodingException e5) {
                e = e5;
                Locale.setDefault(locale);
                iVar2 = i.this;
                pKIException = new PKIException(e);
                iVar2.b(pKIException);
            } catch (CMSException e6) {
                e = e6;
                Locale.setDefault(locale);
                iVar2 = i.this;
                pKIException = new PKIException(e);
                iVar2.b(pKIException);
            } catch (OperatorCreationException e7) {
                if (Build.VERSION.SDK_INT < 23) {
                    iVar = i.this;
                    keyExpiredException = new KeyExpiredException();
                } else {
                    if (!(e7.getCause() instanceof android.security.keystore.KeyExpiredException)) {
                        iVar2 = i.this;
                        pKIException = new PKIException(e7);
                        iVar2.b(pKIException);
                    }
                    iVar = i.this;
                    keyExpiredException = new KeyExpiredException();
                }
                iVar.b(keyExpiredException);
            }
        }

        @Override // androidx.biometric.BiometricPrompt.AuthenticationCallback
        public void onAuthenticationError(int i, CharSequence charSequence) {
            i.this.b(new PKIException(new SecurityException("Biometric failed")));
        }

        @Override // androidx.biometric.BiometricPrompt.AuthenticationCallback
        public void onAuthenticationFailed() {
            i.this.b(new PKIException(new SecurityException("Biometric failed")));
        }

        @Override // androidx.biometric.BiometricPrompt.AuthenticationCallback
        public void onAuthenticationSucceeded(BiometricPrompt.AuthenticationResult authenticationResult) {
            final String str = this.f254a;
            new Thread(new Runnable() { // from class: com.tosan.faceet.eid.utils.i$a$$ExternalSyntheticLambda0
                @Override // java.lang.Runnable
                public final void run() {
                    i.a.this.a(str);
                }
            }).start();
        }
    }

    /* loaded from: classes3.dex */
    public static abstract class b {
        public void a() {
        }

        public void a(KeyExpiredException keyExpiredException) {
        }

        public abstract void a(PKIException pKIException);

        public void a(String str) {
        }

        public void b(String str) {
        }
    }

    public i() throws PKIException {
        try {
            KeyStore keyStore = KeyStore.getInstance(Constants.KEYSTORE_PROVIDER_1);
            this.f252a = keyStore;
            keyStore.load(null);
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            throw new PKIException(e);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public /* synthetic */ void a(KeyExpiredException keyExpiredException) {
        this.f253b.a(keyExpiredException);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public /* synthetic */ void a(PKIException pKIException) {
        this.f253b.a(pKIException);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public /* synthetic */ void a(String str) {
        try {
            X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(org.spongycastle.util.encoders.Base64.decode(str.replaceAll("-----BEGIN CERTIFICATE-----", "").replaceAll("-----END CERTIFICATE-----", "").replaceAll(c, ""))));
            this.f252a.setKeyEntry("TOSAN_FACEET_EID", this.f252a.getKey("TOSAN_FACEET_EID", null), null, new Certificate[]{x509Certificate});
            e();
        } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException | CertificateException e) {
            b(new PKIException(e));
        }
    }

    public static i b() throws PKIException {
        if (d == null) {
            d = new i();
        }
        return d;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public /* synthetic */ void b(String str) {
        this.f253b.a(str);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public /* synthetic */ void c() {
        this.f253b.a();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public /* synthetic */ void c(Context context, String str, String str2) {
        KeyPair d2;
        try {
            try {
                d2 = b(context, str, str2);
            } catch (IOException e) {
                b(new PKIException(e));
                return;
            }
        } catch (PKIException e2) {
            try {
                if (!(e2.getCause() instanceof IllegalStateException)) {
                    throw e2;
                }
                d2 = d();
            } catch (PKIException e3) {
                b(e3);
                return;
            }
        }
        PemObject pemObject = new PemObject("CERTIFICATE REQUEST", com.tosan.faceet.eid.utils.b.a(d2, str).getEncoded());
        StringWriter stringWriter = new StringWriter();
        PemWriter pemWriter = new PemWriter(stringWriter);
        pemWriter.writeObject(pemObject);
        pemWriter.close();
        stringWriter.close();
        e(stringWriter.toString().replaceAll("-----BEGIN CERTIFICATE REQUEST-----", "").replaceAll("-----END CERTIFICATE REQUEST-----", "").replaceAll(c, ""));
    }

    /* JADX INFO: Access modifiers changed from: private */
    public /* synthetic */ void c(String str) {
        this.f253b.b(str);
    }

    public void a() throws PKIException {
        try {
            if (this.f252a.containsAlias("TOSAN_FACEET_EID")) {
                this.f252a.deleteEntry("TOSAN_FACEET_EID");
            }
        } catch (KeyStoreException e) {
            throw new PKIException(e);
        }
    }

    public void a(Activity activity, String str) throws BiometricException {
        a aVar = new a(str);
        String string = activity.getResources().getString(R.string.biometric_title);
        String string2 = activity.getResources().getString(R.string.biometric_subtitle);
        String string3 = activity.getResources().getString(R.string.biometric_description);
        BiometricManager from = BiometricManager.from(activity);
        BiometricPrompt biometricPrompt = new BiometricPrompt((FragmentActivity) activity, ContextCompat.getMainExecutor(activity), aVar);
        BiometricPrompt.PromptInfo build = new BiometricPrompt.PromptInfo.Builder().setTitle(string).setSubtitle(string2).setDescription(string3).setAllowedAuthenticators(33023).build();
        int canAuthenticate = from.canAuthenticate(33023);
        if (canAuthenticate != -2 && canAuthenticate != -1) {
            if (canAuthenticate == 1) {
                throw new BiometricException("Biometric features are currently unavailable", 1);
            }
            if (canAuthenticate != 15) {
                if (canAuthenticate == 11) {
                    throw new BiometricException("No biometric has been enrolled", 2);
                }
                if (canAuthenticate == 12) {
                    throw new BiometricException("No biometric features available on this device", 0);
                }
                biometricPrompt.authenticate(build);
                return;
            }
        }
        throw new BiometricException("General error occurred during biometric checking", 3);
    }

    public void a(final Context context, final String str, final String str2) {
        new Thread(new Runnable() { // from class: com.tosan.faceet.eid.utils.i$$ExternalSyntheticLambda1
            @Override // java.lang.Runnable
            public final void run() {
                i.this.c(context, str, str2);
            }
        }).start();
    }

    public final KeyPair b(Context context, String str, String str2) throws PKIException {
        try {
            if (this.f252a.containsAlias("TOSAN_FACEET_EID")) {
                throw new PKIException(new IllegalStateException("Key already exists, call logout() first."));
            }
            Locale locale = Locale.getDefault();
            try {
                Locale.setDefault(Locale.ENGLISH);
                KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", Constants.KEYSTORE_PROVIDER_1);
                X500Principal x500Principal = new X500Principal("CN=" + str + ", O=Android Authority");
                GregorianCalendar gregorianCalendar = new GregorianCalendar();
                GregorianCalendar gregorianCalendar2 = new GregorianCalendar();
                gregorianCalendar2.add(1, 1);
                keyPairGenerator.initialize(Build.VERSION.SDK_INT >= 23 ? new KeyGenParameterSpec.Builder("TOSAN_FACEET_EID", 15).setDigests("SHA-256").setKeySize(2048).setSignaturePaddings("PKCS1").setEncryptionPaddings("PKCS1Padding").setCertificateSerialNumber(new BigInteger(str2)).setCertificateNotBefore(gregorianCalendar.getTime()).setCertificateNotAfter(gregorianCalendar2.getTime()).setCertificateSubject(x500Principal).setKeyValidityStart(gregorianCalendar.getTime()).setKeyValidityEnd(gregorianCalendar2.getTime()).build() : new KeyPairGeneratorSpec.Builder(context).setAlias("TOSAN_FACEET_EID").setSubject(x500Principal).setSerialNumber(new BigInteger(str2)).setStartDate(gregorianCalendar.getTime()).setEndDate(gregorianCalendar2.getTime()).setKeySize(2048).build());
                KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
                Locale.setDefault(locale);
                return generateKeyPair;
            } catch (InvalidAlgorithmParameterException | NoSuchAlgorithmException | NoSuchProviderException e) {
                Locale.setDefault(locale);
                throw new PKIException(e);
            }
        } catch (KeyStoreException e2) {
            throw new PKIException(e2);
        }
    }

    public final void b(final KeyExpiredException keyExpiredException) {
        if (this.f253b != null) {
            new Handler(Looper.getMainLooper()).post(new Runnable() { // from class: com.tosan.faceet.eid.utils.i$$ExternalSyntheticLambda2
                @Override // java.lang.Runnable
                public final void run() {
                    i.this.a(keyExpiredException);
                }
            });
        }
    }

    public final void b(final PKIException pKIException) {
        if (this.f253b != null) {
            new Handler(Looper.getMainLooper()).post(new Runnable() { // from class: com.tosan.faceet.eid.utils.i$$ExternalSyntheticLambda3
                @Override // java.lang.Runnable
                public final void run() {
                    i.this.a(pKIException);
                }
            });
        }
    }

    public final KeyPair d() throws PKIException {
        try {
            if (!this.f252a.containsAlias("TOSAN_FACEET_EID")) {
                throw new PKIException(new IllegalStateException("Key does not exist."));
            }
            try {
                return new KeyPair(this.f252a.getCertificate("TOSAN_FACEET_EID").getPublicKey(), ((KeyStore.PrivateKeyEntry) this.f252a.getEntry("TOSAN_FACEET_EID", null)).getPrivateKey());
            } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableEntryException e) {
                throw new PKIException(e);
            }
        } catch (KeyStoreException e2) {
            throw new PKIException(e2);
        }
    }

    public void d(final String str) {
        new Thread(new Runnable() { // from class: com.tosan.faceet.eid.utils.i$$ExternalSyntheticLambda6
            @Override // java.lang.Runnable
            public final void run() {
                i.this.a(str);
            }
        }).start();
    }

    public final void e() {
        if (this.f253b != null) {
            new Handler(Looper.getMainLooper()).post(new Runnable() { // from class: com.tosan.faceet.eid.utils.i$$ExternalSyntheticLambda0
                @Override // java.lang.Runnable
                public final void run() {
                    i.this.c();
                }
            });
        }
    }

    public final void e(final String str) {
        if (this.f253b != null) {
            new Handler(Looper.getMainLooper()).post(new Runnable() { // from class: com.tosan.faceet.eid.utils.i$$ExternalSyntheticLambda5
                @Override // java.lang.Runnable
                public final void run() {
                    i.this.b(str);
                }
            });
        }
    }

    public final void f(final String str) {
        if (this.f253b != null) {
            new Handler(Looper.getMainLooper()).post(new Runnable() { // from class: com.tosan.faceet.eid.utils.i$$ExternalSyntheticLambda4
                @Override // java.lang.Runnable
                public final void run() {
                    i.this.c(str);
                }
            });
        }
    }
}
