package com.threatmetrix.TrustDefender.internal;

import android.annotation.TargetApi;
import android.content.Context;
import android.os.Build;
import android.security.KeyChain;
import android.security.KeyPairGeneratorSpec;
import com.adjust.sdk.Constants;
import com.threatmetrix.TrustDefender.StrongAuth;
import com.threatmetrix.TrustDefender.THMStatusCode;
import com.threatmetrix.TrustDefender.internal.N;
import com.threatmetrix.TrustDefender.internal.P;
import java.io.IOException;
import java.math.BigInteger;
import java.nio.charset.Charset;
import java.nio.charset.UnsupportedCharsetException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.UnrecoverableEntryException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Calendar;
import java.util.Collections;
import java.util.HashSet;
import java.util.Random;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes3.dex */
public class X7 {

    /* renamed from: new, reason: not valid java name */
    public static final String f607new = TL.m315if(X7.class);

    /* loaded from: classes3.dex */
    public enum E {
        THM_UNKNOWN_METHOD("unknownmethod"),
        THM_USER_PRESENCE("tmxuserpresence"),
        THM_DEVICE_PRESENCE("tmxdevicepresence");


        /* renamed from: for, reason: not valid java name */
        public final String f614for;

        E(String str) {
            this.f614for = str;
        }

        /* renamed from: int, reason: not valid java name */
        public static E m375int(String str) {
            for (E e : values()) {
                if (str.equals(e.f614for)) {
                    return e;
                }
            }
            return THM_UNKNOWN_METHOD;
        }
    }

    /* loaded from: classes3.dex */
    public interface I {
        /* renamed from: do */
        byte[] mo371do();

        /* renamed from: do */
        byte[] mo372do(byte[] bArr);

        /* renamed from: for */
        byte[] mo373for();

        /* renamed from: new */
        BigInteger mo374new();
    }

    /* loaded from: classes3.dex */
    public static class L {

        /* renamed from: int, reason: not valid java name */
        public final String f615int;

        /* renamed from: new, reason: not valid java name */
        public final W f616new;

        public L(W w, String str) {
            this.f616new = w;
            this.f615int = str;
        }
    }

    /* loaded from: classes3.dex */
    public static class O implements I {

        /* renamed from: do, reason: not valid java name */
        public final byte[] f617do;

        /* renamed from: if, reason: not valid java name */
        public final BigInteger f618if;

        /* renamed from: new, reason: not valid java name */
        public final PrivateKey f619new;

        public O(PrivateKey privateKey, BigInteger bigInteger, byte[] bArr) {
            this.f619new = privateKey;
            this.f618if = bigInteger;
            this.f617do = bArr;
        }

        @Override // com.threatmetrix.TrustDefender.internal.X7.I
        /* renamed from: do */
        public final byte[] mo371do() {
            return this.f617do;
        }

        @Override // com.threatmetrix.TrustDefender.internal.X7.I
        /* renamed from: do */
        public final byte[] mo372do(byte[] bArr) {
            return X7.m370new(this.f619new, bArr);
        }

        @Override // com.threatmetrix.TrustDefender.internal.X7.I
        /* renamed from: for */
        public final byte[] mo373for() {
            return X7.m368int(this.f619new);
        }

        @Override // com.threatmetrix.TrustDefender.internal.X7.I
        /* renamed from: new */
        public final BigInteger mo374new() {
            return this.f618if;
        }
    }

    /* loaded from: classes3.dex */
    public enum W {
        MISSING_PARAMETER("MISSING_PARAMETER", THMStatusCode.THM_Internal_Error),
        NOT_SUPPORTED("NOT_SUPPORTED", THMStatusCode.THM_StrongAuth_Unsupported),
        MISSING_FUNCTION("MISSING_FUNCTION", THMStatusCode.THM_Internal_Error),
        REGISTRATION_FAILED("REGISTRATION_FAILED", THMStatusCode.THM_StrongAuth_Failed),
        REGISTRATION_CANCELLED("REGISTRATION_CANCELLED", THMStatusCode.THM_StrongAuth_Cancelled),
        CONTEXT_NOT_FOUND("CONTEXT_NOT_FOUND", THMStatusCode.THM_StrongAuth_Failed),
        STEPUP_FAILED("STEPUP_FAILED", THMStatusCode.THM_StrongAuth_Failed),
        STEPUP_CANCELLED("STEPUP_CANCELLED", THMStatusCode.THM_StrongAuth_Cancelled),
        REGISTERED("REGISTERED", THMStatusCode.THM_OK),
        STEPUP_COMPLETE("STEPUP_COMPLETE", THMStatusCode.THM_OK);


        /* renamed from: long, reason: not valid java name */
        public final THMStatusCode f631long;

        /* renamed from: this, reason: not valid java name */
        public final String f632this;

        W(String str, THMStatusCode tHMStatusCode) {
            this.f632this = str;
            this.f631long = tHMStatusCode;
        }
    }

    /* renamed from: for, reason: not valid java name */
    public static L m360for(P.O o, E e, String str, String str2, String str3, byte[] bArr, StrongAuth.StrongAuthCallback strongAuthCallback) {
        if (e == E.THM_USER_PRESENCE) {
            StrongAuth.AuthenticationStatus m263for = (strongAuthCallback == null || N.I.C0073I.f387for < 21) ? StrongAuth.AuthenticationStatus.THM_STRONG_AUTH_NOT_POSSIBLE : P3.m263for(o.f486for, str, str2, strongAuthCallback);
            if (m263for == StrongAuth.AuthenticationStatus.THM_STRONG_AUTH_NOT_POSSIBLE) {
                TL.m322new(f607new, "StepUp Failure: Authentication is only for API 21+");
                return new L(W.NOT_SUPPORTED, null);
            }
            if (m263for == StrongAuth.AuthenticationStatus.THM_STRONG_AUTH_CANCELLED) {
                TL.m322new(f607new, "StepUp Failure: User cancelled authentication");
                return new L(W.STEPUP_CANCELLED, null);
            }
            if (m263for != StrongAuth.AuthenticationStatus.THM_STRONG_AUTH_OK) {
                TL.m322new(f607new, "StepUp Failure: User didn't proceed with authentication");
                return new L(W.STEPUP_FAILED, null);
            }
            O m362for = m362for(str3);
            return m362for == null ? new L(W.CONTEXT_NOT_FOUND, null) : m361for(str2, bArr, e, m362for);
        }
        if (e != E.THM_DEVICE_PRESENCE) {
            return new L(W.MISSING_FUNCTION, null);
        }
        StrongAuth.AuthenticationStatus authenticationStatus = StrongAuth.AuthenticationStatus.THM_STRONG_AUTH_NOT_POSSIBLE;
        if (strongAuthCallback instanceof StrongAuth.StrongAuthPromptCallback) {
            authenticationStatus = ((StrongAuth.StrongAuthPromptCallback) strongAuthCallback).prompt(str, str3, str2);
        }
        if (authenticationStatus == StrongAuth.AuthenticationStatus.THM_STRONG_AUTH_NOT_POSSIBLE) {
            authenticationStatus = (strongAuthCallback == null || N.I.C0073I.f387for < 21) ? StrongAuth.AuthenticationStatus.THM_STRONG_AUTH_NOT_POSSIBLE : P3.m263for(o.f486for, str, str2, strongAuthCallback);
        }
        if (authenticationStatus == StrongAuth.AuthenticationStatus.THM_STRONG_AUTH_OK) {
            return m369new(o, str3, str2, bArr, e);
        }
        if (authenticationStatus == StrongAuth.AuthenticationStatus.THM_STRONG_AUTH_CANCELLED) {
            TL.m322new(f607new, "StepUp Failure: User cancelled authentication");
            return new L(W.STEPUP_CANCELLED, null);
        }
        if (authenticationStatus != StrongAuth.AuthenticationStatus.THM_STRONG_AUTH_NOT_POSSIBLE) {
            return new L(W.STEPUP_FAILED, null);
        }
        TL.m322new(f607new, "StepUp Failure: Authentication not possible");
        return new L(W.NOT_SUPPORTED, null);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* renamed from: for, reason: not valid java name */
    public static L m361for(String str, byte[] bArr, E e, I i) {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance(Constants.SHA256);
            try {
                byte[] bytes = str.getBytes(Charset.forName("utf-8"));
                messageDigest.update(bytes);
                byte[] digest = messageDigest.digest();
                messageDigest.reset();
                HashSet hashSet = new HashSet(3);
                hashSet.add(Arrays.asList(B.f52do, new HashSet(Arrays.asList(B.m29if(digest)))));
                hashSet.add(Arrays.asList(B.f56int, new HashSet(Arrays.asList(B.m29if(bArr)))));
                hashSet.add(Arrays.asList(B.f49byte, new HashSet(Arrays.asList(B.f53else))));
                hashSet.add(Arrays.asList(B.f51char, new HashSet(Arrays.asList(B.m29if(e.f614for.getBytes())))));
                byte[] m28if = B.m28if(hashSet);
                NK.m199do(m28if);
                byte[] mo372do = i.mo372do(m28if);
                return mo372do == null ? new L(W.STEPUP_FAILED, null) : new L(W.STEPUP_COMPLETE, NK.m199do(B.m28if(Arrays.asList(B.f50case, B.m24for(Collections.singletonList(Arrays.asList(1, new HashSet(Collections.singletonList(Arrays.asList(B.f58try, null))), Arrays.asList(B.f53else, B.m24for(Collections.singletonList(B.m29if(bytes)))), new HashSet(Collections.singletonList(Arrays.asList(1, Arrays.asList(i.mo371do(), i.mo374new()), Arrays.asList(B.f58try, null), B.m24for((Object) m28if), Arrays.asList(i.mo373for()), B.m29if(mo372do)))))))))));
            } catch (UnsupportedCharsetException unused) {
                return new L(W.MISSING_PARAMETER, null);
            } catch (IllegalArgumentException unused2) {
                return new L(W.MISSING_PARAMETER, null);
            }
        } catch (NoSuchAlgorithmException unused3) {
            return new L(W.NOT_SUPPORTED, null);
        }
    }

    /* renamed from: for, reason: not valid java name */
    public static O m362for(String str) {
        byte[] m364if;
        BigInteger bigInteger;
        String concat = "TrustDefenderSDKStrongAuth".concat(str);
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            KeyStore.Entry entry = keyStore.getEntry(concat, null);
            if (!(entry instanceof KeyStore.PrivateKeyEntry)) {
                return null;
            }
            KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) entry;
            PrivateKey privateKey = privateKeyEntry.getPrivateKey();
            Certificate certificate = privateKeyEntry.getCertificate();
            if (certificate instanceof X509Certificate) {
                bigInteger = ((X509Certificate) certificate).getSerialNumber();
                m364if = ((X509Certificate) certificate).getSubjectX500Principal().getEncoded();
            } else {
                BigInteger bigInteger2 = BigInteger.ZERO;
                m364if = m364if(str);
                bigInteger = bigInteger2;
            }
            return new O(privateKey, bigInteger, m364if);
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableEntryException | CertificateException unused) {
            return null;
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* renamed from: if, reason: not valid java name */
    public static byte[] m364if(String str) {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance(Constants.SHA256);
            messageDigest.update(str.getBytes(Charset.forName("utf-8")));
            byte[] digest = messageDigest.digest();
            messageDigest.reset();
            return B.m28if(Arrays.asList(new HashSet(Arrays.asList(Arrays.asList(B.f54for, NK.m199do(digest))))));
        } catch (NoSuchAlgorithmException unused) {
            return null;
        }
    }

    @TargetApi(18)
    /* renamed from: int, reason: not valid java name */
    public static L m365int(P.O o, E e, String str, String str2, String str3, byte[] bArr, StrongAuth.StrongAuthCallback strongAuthCallback) {
        X509Certificate x509Certificate;
        byte[] signature;
        if (e != E.THM_USER_PRESENCE) {
            return new L(W.MISSING_FUNCTION, null);
        }
        if (NK.m204if(str3)) {
            return new L(W.MISSING_PARAMETER, null);
        }
        String m205int = NK.m205int(str3);
        String concat = "TrustDefenderSDKStrongAuth".concat(str3);
        StrongAuth.AuthenticationStatus m263for = (strongAuthCallback == null || N.I.C0073I.f387for < 21) ? StrongAuth.AuthenticationStatus.THM_STRONG_AUTH_NOT_POSSIBLE : P3.m263for(o.f486for, str, str2, strongAuthCallback);
        if (m263for == StrongAuth.AuthenticationStatus.THM_STRONG_AUTH_NOT_POSSIBLE) {
            TL.m322new(f607new, "Register Failure: Not supported, authentication only possible for API 21+ ");
            return new L(W.NOT_SUPPORTED, null);
        }
        if (m263for == StrongAuth.AuthenticationStatus.THM_STRONG_AUTH_CANCELLED) {
            TL.m322new(f607new, "Register Failure: User cancelled authentication");
            return new L(W.REGISTRATION_CANCELLED, null);
        }
        if (m263for != StrongAuth.AuthenticationStatus.THM_STRONG_AUTH_OK) {
            TL.m322new(f607new, "Register Failure: User didn't proceed with authentication");
            return new L(W.REGISTRATION_FAILED, null);
        }
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            try {
                keyStore.deleteEntry(concat);
            } catch (Exception unused) {
            }
            BigInteger bigInteger = new BigInteger(32, new Random());
            Calendar calendar = Calendar.getInstance();
            Calendar calendar2 = Calendar.getInstance();
            calendar2.add(1, 5);
            KeyPair m367int = m367int("EC", o.f486for, "AndroidKeyStore", concat, m205int, bigInteger, calendar, calendar2, true, bArr);
            if (m367int == null) {
                m367int = m367int("RSA", o.f486for, "AndroidKeyStore", concat, m205int, bigInteger, calendar, calendar2, true, bArr);
            }
            if (m367int == null) {
                m367int = m367int("EC", o.f486for, "AndroidKeyStore", concat, m205int, bigInteger, calendar, calendar2, false, bArr);
            }
            if (m367int == null || m367int.getPrivate() == null || m367int.getPublic() == null) {
                return new L(W.REGISTRATION_FAILED, null);
            }
            try {
                Certificate[] certificateChain = keyStore.getCertificateChain(concat);
                if (certificateChain.length == 0) {
                    return new L(W.REGISTRATION_FAILED, null);
                }
                if (certificateChain.length != 1 || !(certificateChain[0] instanceof X509Certificate) || ((signature = (x509Certificate = (X509Certificate) certificateChain[0]).getSignature()) != null && signature.length > 2)) {
                    byte[] encoded = certificateChain[0].getEncoded();
                    StringBuilder sb = new StringBuilder(((encoded.length * 2) + 1) * certificateChain.length);
                    sb.append(NK.m199do(encoded));
                    for (int i = 1; i < certificateChain.length; i++) {
                        sb.append(",");
                        sb.append(NK.m199do(certificateChain[i].getEncoded()));
                    }
                    return new L(W.REGISTERED, sb.toString());
                }
                byte[] tBSCertificate = x509Certificate.getTBSCertificate();
                byte[] m370new = m370new(m367int.getPrivate(), tBSCertificate);
                if (m370new == null) {
                    return new L(W.REGISTRATION_FAILED, null);
                }
                Object[] objArr = new Object[3];
                objArr[0] = tBSCertificate;
                byte[][] bArr2 = new byte[1];
                bArr2[0] = "EC".equalsIgnoreCase(m367int.getPrivate().getAlgorithm()) ? B.f57new : B.f55if;
                objArr[1] = Arrays.asList(bArr2);
                objArr[2] = B.m25for(m370new);
                return new L(W.REGISTERED, NK.m199do(B.m28if(Arrays.asList(objArr))));
            } catch (KeyStoreException unused2) {
                return new L(W.REGISTRATION_FAILED, null);
            } catch (CertificateException unused3) {
                return new L(W.REGISTRATION_FAILED, null);
            }
        } catch (Exception unused4) {
            return new L(W.REGISTRATION_FAILED, null);
        }
    }

    /* renamed from: int, reason: not valid java name */
    public static L m366int(W w) {
        return new L(w, null);
    }

    @TargetApi(18)
    /* renamed from: int, reason: not valid java name */
    public static KeyPair m367int(String str, Context context, String str2, String str3, String str4, BigInteger bigInteger, Calendar calendar, Calendar calendar2, boolean z, byte[] bArr) {
        if (!KeyChain.isKeyAlgorithmSupported(str)) {
            return null;
        }
        if (N.E.m148int()) {
            return CO.m40do(str, str2, str3, str4, bigInteger, calendar, calendar2, z, bArr);
        }
        if (z) {
            try {
                if (!KeyChain.isBoundKeyAlgorithm(str)) {
                    return null;
                }
            } catch (IllegalStateException | NoSuchAlgorithmException unused) {
            } catch (InvalidAlgorithmParameterException e) {
                TL.m313for(f607new, "Can't create KeyPair {}", e.toString());
            } catch (NoSuchProviderException e2) {
                TL.m313for(f607new, "Can't create KeyPair {}", e2.toString());
            }
        }
        if (N.I.C0073I.f387for >= N.I.W.f403long && N.I.C0073I.f387for < 23 && N.E.m149new()) {
            KeyPairGeneratorSpec.Builder endDate = new KeyPairGeneratorSpec.Builder(context).setAlias(str3).setSubject(new X500Principal("CN=".concat(String.valueOf(str4)))).setSerialNumber(bigInteger).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime());
            int i = Build.VERSION.SDK_INT;
            endDate.setKeyType(str);
            endDate.setEncryptionRequired();
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(str, str2);
            keyPairGenerator.initialize(endDate.build());
            return keyPairGenerator.generateKeyPair();
        }
        return null;
    }

    /* renamed from: int, reason: not valid java name */
    public static /* synthetic */ byte[] m368int(PrivateKey privateKey) {
        return "EC".equalsIgnoreCase(privateKey.getAlgorithm()) ? B.f57new : B.f55if;
    }

    /* renamed from: new, reason: not valid java name */
    public static L m369new(final P.O o, final String str, String str2, byte[] bArr, E e) {
        if (K5.m122int(o)) {
            PrivateKey privateKey = K5.f263for;
            return privateKey == null ? new L(W.CONTEXT_NOT_FOUND, null) : m361for(str2, bArr, e, new O(privateKey, BigInteger.valueOf(K5.f264if), m364if(str)));
        }
        if (PH.m264do().f493char) {
            return m361for(str2, bArr, e, new I() { // from class: com.threatmetrix.TrustDefender.internal.X7.5
                @Override // com.threatmetrix.TrustDefender.internal.X7.I
                /* renamed from: do, reason: not valid java name */
                public final byte[] mo371do() {
                    return X7.m364if(str);
                }

                @Override // com.threatmetrix.TrustDefender.internal.X7.I
                /* renamed from: do, reason: not valid java name */
                public final byte[] mo372do(byte[] bArr2) {
                    return PH.m264do().m283if(bArr2, P.O.this.f486for.getContentResolver());
                }

                @Override // com.threatmetrix.TrustDefender.internal.X7.I
                /* renamed from: for, reason: not valid java name */
                public final byte[] mo373for() {
                    return B.f57new;
                }

                @Override // com.threatmetrix.TrustDefender.internal.X7.I
                /* renamed from: new, reason: not valid java name */
                public final BigInteger mo374new() {
                    return BigInteger.ZERO;
                }
            });
        }
        try {
            PrivateKey privateKey2 = (PrivateKey) ((Class) WM.m349for(0, 42, (char) 42552)).getDeclaredField("do").get(null);
            return privateKey2 == null ? new L(W.CONTEXT_NOT_FOUND, null) : m361for(str2, bArr, e, new O(privateKey2, BigInteger.valueOf(((Class) WM.m349for(0, 42, (char) 42552)).getDeclaredField("for").getLong(null)), m364if(str)));
        } catch (Throwable th) {
            TL.m321int(f607new, "Grave problem with strong ID", th);
            return new L(W.NOT_SUPPORTED, null);
        }
    }

    /* renamed from: new, reason: not valid java name */
    public static byte[] m370new(PrivateKey privateKey, byte[] bArr) {
        try {
            if (!N.E.m147for()) {
                return null;
            }
            Signature signature = Signature.getInstance("EC".equalsIgnoreCase(privateKey.getAlgorithm()) ? "SHA256withECDSA" : "SHA256withRSA");
            signature.initSign(privateKey);
            signature.update(bArr);
            return signature.sign();
        } catch (InvalidKeyException e) {
            TL.m313for(f607new, "Can't sign the input {}", e.toString());
            return null;
        } catch (NoSuchAlgorithmException e2) {
            TL.m313for(f607new, "Can't sign the input {}", e2.toString());
            return null;
        } catch (SignatureException e3) {
            TL.m313for(f607new, "Can't sign the input {}", e3.toString());
            return null;
        }
    }
}
