package com.earlywarning.sdk;

import android.app.Activity;
import android.content.Context;
import android.os.CancellationSignal;
import android.security.keystore.KeyGenParameterSpec;
import android.security.keystore.KeyPermanentlyInvalidatedException;
import android.util.Base64;
import androidx.biometric.BiometricManager;
import androidx.biometric.BiometricPrompt;
import androidx.core.content.ContextCompat;
import androidx.fragment.app.FragmentActivity;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.util.UUID;

/* loaded from: classes.dex */
public class EwsBiometrics {
    public static final int ANDROID_FINGERPRINT_LOCKOUT_PERIOD = 30;
    private static final int ANDROID_OS_BIOMETRIC_ACQUIRED_GOOD = 0;
    private static final int ANDROID_OS_BIOMETRIC_ACQUIRED_IMAGER_DIRTY = 3;
    private static final int ANDROID_OS_BIOMETRIC_ACQUIRED_INSUFFICIENT = 2;
    private static final int ANDROID_OS_BIOMETRIC_ACQUIRED_PARTIAL = 1;
    private static final int ANDROID_OS_BIOMETRIC_ACQUIRED_TOO_FAST = 5;
    private static final int ANDROID_OS_BIOMETRIC_ACQUIRED_TOO_SLOW = 4;
    private static final int ANDROID_OS_BIOMETRIC_ERROR_CANCELED = 5;
    private static final int ANDROID_OS_BIOMETRIC_ERROR_HW_NOT_PRESENT = 12;
    private static final int ANDROID_OS_BIOMETRIC_ERROR_HW_UNAVAILABLE = 1;
    public static final int ANDROID_OS_BIOMETRIC_ERROR_LOCKOUT = 7;
    private static final int ANDROID_OS_BIOMETRIC_ERROR_LOCKOUT_PERMANENT = 9;
    private static final int ANDROID_OS_BIOMETRIC_ERROR_NEGATIVE_BUTTON = 13;
    private static final int ANDROID_OS_BIOMETRIC_ERROR_NO_BIOMETRICS_ENROLLED = 11;
    private static final int ANDROID_OS_BIOMETRIC_ERROR_NO_DEVICE_CREDENTIAL = 14;
    private static final int ANDROID_OS_BIOMETRIC_ERROR_NO_SPACE = 4;
    private static final int ANDROID_OS_BIOMETRIC_ERROR_TIMEOUT = 3;
    private static final int ANDROID_OS_BIOMETRIC_ERROR_UNABLE_TO_PROCESS = 2;
    private static final int ANDROID_OS_BIOMETRIC_ERROR_UNABLE_TO_REMOVE = 6;
    private static final int ANDROID_OS_BIOMETRIC_ERROR_USER_CANCELLED = 10;
    private static final int ANDROID_OS_BIOMETRIC_ERROR_VENDOR = 8;
    protected static final String KEY_NAME = "AUTHENTIFY_EWS_FINGERPRINT_KEY";
    public static final int MILLISECONDS_IN_SECOND = 1000;
    protected static KeyPairGenerator mKeyPairGenerator;
    protected static KeyStore mKeyStore;
    private EwsSdk mSdk;
    protected BiometricPrompt.AuthenticationCallback mBiometricCallback = null;
    protected BiometricPrompt.PromptInfo mPromptInfo = null;
    protected BiometricPrompt mBiometricPrompt = null;
    protected Activity mFingerprintActivity = null;
    protected String mFingerprintDialogString = null;
    protected CancellationSignal mCancellationSignal = null;
    protected boolean mSelfCancelled = false;
    protected boolean mAndroidFingerprintLockout = false;
    protected boolean mAndroidFingerprintLockoutPermanent = false;
    protected long mAndroidFingerprintLockoutTimestamp = 0;
    private int mFingerprintStatusCode = -1;
    private Context mAppContext = null;

    public EwsBiometrics(EwsSdk ewsSdk) {
        this.mSdk = ewsSdk;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void fingerprintCheck() {
        CancellationSignal cancellationSignal = this.mCancellationSignal;
        if (cancellationSignal != null) {
            cancellationSignal.cancel();
        }
        BiometricPrompt biometricPrompt = this.mBiometricPrompt;
        if (biometricPrompt != null) {
            biometricPrompt.cancelAuthentication();
        }
        int credentialAttempts = EwsCore.instance != null ? EwsCore.instance.getCredentialAttempts() : 0;
        if (credentialAttempts == 0) {
            credentialAttempts++;
        }
        fingerprintChecked(String.valueOf(credentialAttempts), this.mSdk.mReasonType, this.mSdk.mReasonContext);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void stopAndroidFingerprintListening() {
        BiometricPrompt biometricPrompt = this.mBiometricPrompt;
        if (biometricPrompt != null) {
            biometricPrompt.cancelAuthentication();
            this.mSelfCancelled = true;
        }
    }

    public void checkFingerprint(Context context) {
        if (true == isAndroidBiometricRegistered()) {
            EwsBiometricVerifyTask ewsBiometricVerifyTask = new EwsBiometricVerifyTask();
            ewsBiometricVerifyTask.isValidation = false;
            ewsBiometricVerifyTask.execute(new Void[0]);
        }
    }

    public void checkFingerprintLockout() {
        if (!isAndroidBiometricRegistered() || (System.currentTimeMillis() / 1000) - (this.mAndroidFingerprintLockoutTimestamp / 1000) <= 30) {
            return;
        }
        this.mAndroidFingerprintLockout = false;
    }

    public String convertKeyToPem(PublicKey publicKey) {
        if (publicKey != null) {
            return "-----BEGIN PUBLIC KEY-----\n" + new String(Base64.encode(publicKey.getEncoded(), 0)) + "-----END PUBLIC KEY-----";
        }
        return null;
    }

    public void deleteKey() {
        try {
            KeyStore keyStore = mKeyStore;
            if (keyStore != null) {
                keyStore.load(null);
                mKeyStore.deleteEntry(KEY_NAME);
            }
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException unused) {
        }
    }

    public boolean fingerprintChecked(String str, int i, String str2) {
        if (EwsCore.instance == null) {
            return true;
        }
        this.mSdk.setCurrentSdkState(8);
        EwsCore.instance.checkCredentials(5, str, i, str2);
        return true;
    }

    public PublicKey generateFingerprintKeys() {
        Certificate certificate;
        PublicKey publicKey = null;
        try {
            this.mSdk.debugAndroidLog("generateFingerprintKeys() loading from KeyStore");
            KeyStore keyStore = mKeyStore;
            if (keyStore != null) {
                keyStore.load(null);
            }
        } catch (IOException | RuntimeException | InvalidAlgorithmParameterException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            this.mSdk.debugAndroidLog("generateFingerprintKeys() exception" + e.toString());
        }
        if (ContextCompat.checkSelfPermission(this.mAppContext, "android.permission.USE_FINGERPRINT") != 0 && ContextCompat.checkSelfPermission(this.mAppContext, "android.permission.USE_BIOMETRIC") != 0) {
            this.mSdk.debugAndroidLog("generateFingerprintKeys() permission not granted");
            return publicKey;
        }
        KeyStore keyStore2 = mKeyStore;
        if (keyStore2 == null || !keyStore2.containsAlias(KEY_NAME)) {
            this.mSdk.debugAndroidLog("generateFingerprintKeys() no existing cert in keystore");
            certificate = null;
        } else {
            certificate = mKeyStore.getCertificate(KEY_NAME);
        }
        if (certificate != null) {
            publicKey = certificate.getPublicKey();
            this.mSdk.debugAndroidLog("generateFingerprintKeys() grabbed key from cert");
            if (publicKey == null || publicKey.toString().isEmpty()) {
                this.mSdk.debugAndroidLog("generateFingerprintKeys() public key is either null or empty");
            } else {
                this.mSdk.debugAndroidLog("generateFingerprintKeys() successfully retrieved public key from key store");
            }
        } else if (BiometricManager.from(this.mAppContext).canAuthenticate() == 0) {
            KeyPairGenerator keyPairGenerator = mKeyPairGenerator;
            if (keyPairGenerator != null) {
                keyPairGenerator.initialize(new KeyGenParameterSpec.Builder(KEY_NAME, 4).setDigests("SHA-256").setSignaturePaddings("PKCS1").setUserAuthenticationRequired(true).build());
                mKeyPairGenerator.generateKeyPair();
            } else {
                this.mSdk.debugAndroidLog("generateFingerprintKeys() KeyPairGenerator is null");
            }
            KeyStore keyStore3 = mKeyStore;
            if (keyStore3 != null) {
                publicKey = keyStore3.getCertificate(KEY_NAME).getPublicKey();
            } else {
                this.mSdk.debugAndroidLog("generateFingerprintKeys() KeyStore is null");
            }
            if (publicKey == null || publicKey.toString().isEmpty()) {
                this.mSdk.debugAndroidLog("generateFingerprintKeys() public key is either null or empty");
            } else {
                this.mSdk.debugAndroidLog("generateFingerprintKeys() successfully retrieved a newsly generated public key from key store");
            }
        } else {
            this.mSdk.debugAndroidLog("generateFingerprintKeys() bad case, no keys will be generated");
        }
        return publicKey;
    }

    public String generateNonce() {
        return UUID.randomUUID().toString();
    }

    public void initializeBiometricPromptCallback() {
        if (isAndroidBiometricRegistered()) {
            if (this.mBiometricCallback == null) {
                this.mBiometricCallback = new BiometricPrompt.AuthenticationCallback() { // from class: com.earlywarning.sdk.EwsBiometrics.1
                    @Override // androidx.biometric.BiometricPrompt.AuthenticationCallback
                    public void onAuthenticationError(int i, CharSequence charSequence) {
                        EwsBiometrics.this.mSdk.debugAndroidLog("BioMetricPrompt.AuthenticationCallback() onAuthenticationError");
                        EwsBiometrics.this.mSdk.debugAndroidLog("BioMetricPrompt " + i);
                        if (i == 7) {
                            if (!EwsBiometrics.this.mAndroidFingerprintLockout) {
                                EwsBiometrics.this.stopAndroidFingerprintListening();
                                EwsBiometrics.this.mSdk.debugAndroidLog("BioMetricPrompt.AuthenticationCallback() OS fingerprint lockout");
                                EwsBiometrics.this.mAndroidFingerprintLockout = true;
                                EwsBiometrics.this.mAndroidFingerprintLockoutTimestamp = System.currentTimeMillis();
                            }
                            if (EwsBiometrics.this.mAndroidFingerprintLockoutPermanent) {
                                EwsBiometrics.this.mSdk.finishBiometricFlow(48);
                            } else {
                                EwsBiometrics.this.mSdk.finishBiometricFlow(30);
                            }
                            if (EwsCore.instance != null) {
                                EwsCore.instance.dbgPrint("XfaMobileSdk::initializeBiometricPromptCallback() Android OS FP error: " + i + " msg: " + ((Object) charSequence));
                            }
                            EwsBiometrics.this.mSdk.debugAndroidLog("BiometricPrompt.AuthenticationCallback() OS fingerprint lockout");
                            return;
                        }
                        if (i == 9) {
                            EwsBiometrics.this.mAndroidFingerprintLockoutPermanent = true;
                            if (EwsCore.instance != null) {
                                EwsCore.instance.dbgPrint("XfaMobileSdk::initializeBiometricPromptCallback() Android OS FP error: " + i + " msg: " + ((Object) charSequence));
                            }
                            EwsBiometrics.this.mSdk.debugAndroidLog("BioMetricPrompt.AuthenticationCallback() OS fingerprint lockout permanently, unlock device and authenticate");
                            EwsBiometrics.this.mSdk.finishBiometricFlow(48);
                            return;
                        }
                        if (EwsBiometrics.this.mSelfCancelled || i == 10 || i == 13) {
                            EwsBiometrics.this.mAndroidFingerprintLockoutPermanent = false;
                            if (EwsBiometrics.this.mSdk.mReasonType != 7) {
                                EwsBiometrics.this.mSdk.cancelAuthentication(EwsBiometrics.this.mSdk.mReasonType, EwsBiometrics.this.mSdk.mReasonContext);
                                return;
                            }
                            if (EwsCore.instance != null) {
                                EwsBiometrics.this.mSdk.setCurrentSdkState(8);
                                EwsCore.instance.checkCredentials(5, "1", EwsBiometrics.this.mSdk.mReasonType, EwsBiometrics.this.mSdk.mReasonContext);
                            }
                            EwsBiometrics.this.mSdk.debugAndroidLog("initializeBiometricPromptCallback() user hit cancel, reason: " + EwsBiometrics.this.mSdk.mReasonType + " reasonContext: " + EwsBiometrics.this.mSdk.mReasonContext);
                            return;
                        }
                        EwsBiometrics.this.stopAndroidFingerprintListening();
                        EwsBiometrics.this.mAndroidFingerprintLockoutPermanent = false;
                        if (i != 5 && i != 3 && i != 4 && i != 2) {
                            EwsBiometrics.this.mSdk.finishBiometricFlow(35);
                        }
                        EwsBiometrics.this.mSdk.debugAndroidLog("BiometricPrompt.AuthenticationCallback::onAuthenticationError() error: " + i + " msg: " + ((Object) charSequence));
                    }

                    @Override // androidx.biometric.BiometricPrompt.AuthenticationCallback
                    public void onAuthenticationFailed() {
                        EwsBiometrics.this.mAndroidFingerprintLockout = false;
                        EwsBiometrics.this.mAndroidFingerprintLockoutPermanent = false;
                        EwsBiometrics.this.fingerprintCheck();
                        EwsBiometrics.this.mSdk.debugAndroidLog("BiometricPrompt.AuthenticationCallback() onAuthenticationFailed");
                    }

                    @Override // androidx.biometric.BiometricPrompt.AuthenticationCallback
                    public void onAuthenticationSucceeded(BiometricPrompt.AuthenticationResult authenticationResult) {
                        EwsBiometrics.this.mAndroidFingerprintLockout = false;
                        EwsBiometrics.this.mAndroidFingerprintLockoutPermanent = false;
                        BiometricPrompt.CryptoObject cryptoObject = authenticationResult.getCryptoObject();
                        if (cryptoObject == null) {
                            onAuthenticationFailed();
                        } else {
                            EwsBiometrics.this.useKeyToSignSendNonce(cryptoObject.getSignature());
                        }
                    }
                };
            } else {
                this.mSdk.debugAndroidLog("initializeBiometricPrompt() not newing up a new callback");
            }
        }
    }

    public void initializeBiometrics() {
        if (this.mAppContext == null || !isAndroidBiometricHardwareDetected()) {
            return;
        }
        this.mSdk.debugAndroidLog("initializeBiometrics() init bio prompt callback");
        initializeBiometricPromptCallback();
    }

    public void initializeKeystore() {
        if (mKeyStore == null) {
            try {
                mKeyStore = KeyStore.getInstance("AndroidKeyStore");
            } catch (KeyStoreException e) {
                throw new RuntimeException("Failed to get an instance of KeyStore", e);
            }
        }
        if (mKeyPairGenerator == null) {
            try {
                mKeyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
            } catch (NoSuchAlgorithmException | NoSuchProviderException e2) {
                throw new RuntimeException("Failed to get an instance of KeyPairGenerator", e2);
            }
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r4v10 */
    /* JADX WARN: Type inference failed for: r4v11 */
    /* JADX WARN: Type inference failed for: r4v7 */
    /* JADX WARN: Type inference failed for: r4v9 */
    public boolean initializeSignature(Signature signature) {
        boolean z = false;
        if (ContextCompat.checkSelfPermission(this.mAppContext, "android.permission.USE_FINGERPRINT") != 0) {
            this.mSdk.debugAndroidLog("initializeSignature() do not have fp permission");
        } else if (BiometricManager.from(this.mAppContext).canAuthenticate() == 0) {
            try {
                KeyStore keyStore = mKeyStore;
                this = this;
                if (keyStore != null) {
                    keyStore.load(null);
                    PrivateKey privateKey = (PrivateKey) mKeyStore.getKey(KEY_NAME, null);
                    this = this;
                    if (privateKey == null) {
                        this.mSdk.debugAndroidLog("initializeSignature() private key is null");
                        this = this;
                    } else if (signature != null) {
                        signature.initSign(privateKey);
                        this = 1;
                        z = true;
                    }
                }
            } catch (KeyPermanentlyInvalidatedException e) {
                this.deleteKey();
                this.mSdk.debugAndroidLog("initializeSignature() deleting key,  KeyPermanentlyInvalidatedException exception" + e.toString());
            } catch (IOException | InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException | CertificateException e2) {
                this.mSdk.debugAndroidLog("initializeSignature() exception" + e2.toString());
            }
        } else {
            this.mSdk.debugAndroidLog("initializeSignature() device does not have enrolled biometric authenticators");
        }
        return z;
    }

    public boolean isAndroidBiometricAvailableNotEnrolled() {
        if (this.mAppContext != null) {
            return (ContextCompat.checkSelfPermission(this.mAppContext, "android.permission.USE_BIOMETRIC") == 0 || ContextCompat.checkSelfPermission(this.mAppContext, "android.permission.USE_FINGERPRINT") == 0) && BiometricManager.from(this.mAppContext).canAuthenticate() == 11;
        }
        this.mSdk.debugAndroidLog("isAndroidFingerprintAvailableNotEnrolled() appContext is null");
        return false;
    }

    public boolean isAndroidBiometricHardwareDetected() {
        if (this.mAppContext == null) {
            this.mSdk.debugAndroidLog("isAndroidBiometricHardwareDetected() appConext is null");
        } else if (ContextCompat.checkSelfPermission(this.mAppContext, "android.permission.USE_BIOMETRIC") != 0 && ContextCompat.checkSelfPermission(this.mAppContext, "android.permission.USE_FINGERPRINT") != 0) {
            this.mSdk.debugAndroidLog("isAndroidBiometricHardwareDetected() permission not granted");
        } else if (BiometricManager.from(this.mAppContext).canAuthenticate() != 12) {
            return true;
        }
        return false;
    }

    public boolean isAndroidBiometricReady() {
        if (this.mAppContext == null) {
            this.mSdk.debugAndroidLog("isAndroidBiometricReady() appContext is null");
        } else if ((ContextCompat.checkSelfPermission(this.mAppContext, "android.permission.USE_BIOMETRIC") == 0 || ContextCompat.checkSelfPermission(this.mAppContext, "android.permission.USE_FINGERPRINT") == 0) && BiometricManager.from(this.mAppContext).canAuthenticate() != 1) {
            return true;
        }
        return false;
    }

    public boolean isAndroidBiometricRegistered() {
        if (this.mAppContext == null) {
            this.mSdk.debugAndroidLog("isAndroidBiometricRegistered() appContext is null");
        } else if (!isAndroidBiometricHardwareDetected()) {
            this.mSdk.debugAndroidLog("isAndroidBiometricRegistered() biometric hardware not detected");
        } else if ((ContextCompat.checkSelfPermission(this.mAppContext, "android.permission.USE_BIOMETRIC") == 0 || ContextCompat.checkSelfPermission(this.mAppContext, "android.permission.USE_FINGERPRINT") == 0) && BiometricManager.from(this.mAppContext).canAuthenticate() != 11) {
            return true;
        }
        return false;
    }

    public boolean isFingerprintTokenAvailable() {
        try {
            return initializeSignature(Signature.getInstance("SHA256withRSA"));
        } catch (NoSuchAlgorithmException e) {
            throw new RuntimeException("Failed to get an instance of Cipher", e);
        }
    }

    public void setContext(Context context) {
        this.mAppContext = context;
    }

    public void setFingerprintActivity(Activity activity) {
        this.mFingerprintActivity = activity;
    }

    public void setFingerprintDialogString(String str) {
        this.mFingerprintDialogString = str;
    }

    public void showBiometricPrompt() {
        this.mPromptInfo = new BiometricPrompt.PromptInfo.Builder().setTitle("Verify Biometric").setDescription(this.mFingerprintDialogString).setNegativeButtonText("Cancel").build();
    }

    public void startAndroidFingerprintListening(Object obj) {
        this.mSelfCancelled = false;
        try {
            this.mBiometricPrompt = new BiometricPrompt((FragmentActivity) this.mFingerprintActivity, ContextCompat.getMainExecutor(this.mAppContext), this.mBiometricCallback);
            this.mSdk.debugAndroidLog("startAndroidFingerprintListening() about to create and pop the biometric prompt");
            if (this.mBiometricPrompt != null) {
                this.mSdk.debugAndroidLog("startAndroidFingerprintListening() prompt.authenticate()");
                this.mBiometricPrompt.authenticate(this.mPromptInfo, (BiometricPrompt.CryptoObject) obj);
            }
        } catch (IllegalArgumentException e) {
            this.mSdk.debugAndroidLog("startAndroidFingerprintListening() illegal arg exception " + e.getMessage());
            stopAndroidFingerprintListening();
            this.mSdk.finishAppResumed(35);
        } catch (SecurityException e2) {
            this.mSdk.debugAndroidLog("startAndroidFingerprintListening() security exception " + e2.getMessage());
            stopAndroidFingerprintListening();
            this.mSdk.finishAppResumed(35);
        }
    }

    public boolean useKeyToSignSendNonce(Signature signature) {
        boolean z;
        byte[] bytes = "".getBytes();
        String generateNonce = generateNonce();
        if (signature != null) {
            try {
                signature.update(generateNonce.getBytes());
                bytes = signature.sign();
            } catch (SignatureException unused) {
                z = false;
            }
        }
        z = true;
        fingerprintChecked(new String(Base64.encode(new String(bytes).getBytes(), 0)) + ":" + generateNonce, this.mSdk.mReasonType, this.mSdk.mReasonContext);
        return z;
    }

    public void validateFingerprintSignature() {
        if (!isAndroidBiometricHardwareDetected()) {
            if (this.mSdk.getCurrentSdkState() == 25) {
                this.mSdk.finishAppResumed(0);
            }
        } else {
            if (isAndroidBiometricRegistered()) {
                if (true == isAndroidBiometricRegistered()) {
                    EwsBiometricVerifyTask ewsBiometricVerifyTask = new EwsBiometricVerifyTask();
                    ewsBiometricVerifyTask.isValidation = true;
                    ewsBiometricVerifyTask.execute(new Void[0]);
                    return;
                }
                return;
            }
            if (EwsCore.instance != null) {
                EwsCore.instance.setLocalAvailableCreds(16);
                EwsCore.instance.setLocalEnrolledCreds(0);
                this.mSdk.debugAndroidLog("validateFingerprintSignature() setting android finger available but not enrolled, deleting any previous keys from keystore");
                EwsCore.instance.doPublishLocalAuthentifiers();
                deleteKey();
            }
        }
    }
}
