package com.daon.sdk.authenticator.controller.impl;

import android.content.Context;
import android.os.Bundle;
import android.security.keystore.KeyPermanentlyInvalidatedException;
import android.security.keystore.UserNotAuthenticatedException;
import android.util.Base64;
import com.daon.sdk.authenticator.Authenticator;
import com.daon.sdk.authenticator.CommonExtensions;
import com.daon.sdk.authenticator.Extensions;
import com.daon.sdk.authenticator.GlobalAuthAttempts;
import com.daon.sdk.authenticator.R;
import com.daon.sdk.authenticator.VerificationAttemptParameters;
import com.daon.sdk.authenticator.controller.AuthenticatorError;
import com.daon.sdk.authenticator.controller.BaseClientCaptureController;
import com.daon.sdk.authenticator.controller.BiometricApiCaptureControllerProtocol;
import com.daon.sdk.authenticator.controller.CaptureCompleteListener;
import com.daon.sdk.authenticator.controller.ClientLockingProtocol;
import com.daon.sdk.authenticator.controller.OnAttemptFailedListener;
import com.daon.sdk.authenticator.util.SharedPreference;
import com.daon.sdk.crypto.SecureKeyStore;
import com.daon.sdk.crypto.SecureStorageFactory;
import com.daon.sdk.crypto.exception.SecurityFactoryException;
import com.daon.sdk.crypto.log.LogUtils;
import com.daon.sdk.device.IXABiometricFactor;
import com.daon.sdk.device.IXAErrorCodes;
import com.daon.sdk.device.IXAFactor;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyStoreException;
import java.security.Signature;
import java.security.UnrecoverableKeyException;
import java.util.UUID;

/* loaded from: classes.dex */
public class b extends BaseClientCaptureController implements BiometricApiCaptureControllerProtocol {

    /* renamed from: a, reason: collision with root package name */
    private Boolean f31236a = null;

    /* renamed from: b, reason: collision with root package name */
    private boolean f31237b;

    /* renamed from: c, reason: collision with root package name */
    private boolean f31238c;

    /* renamed from: d, reason: collision with root package name */
    private boolean f31239d;

    /* renamed from: e, reason: collision with root package name */
    private String f31240e;

    /* renamed from: f, reason: collision with root package name */
    private Signature f31241f;

    /* renamed from: g, reason: collision with root package name */
    private IXAFactor f31242g;

    /* renamed from: h, reason: collision with root package name */
    private int f31243h;

    /* renamed from: i, reason: collision with root package name */
    private AuthenticatorError f31244i;

    private String a(Context context) {
        boolean z10;
        boolean z11;
        int i10 = SharedPreference.instance().getInt(context, "AuthKeyVersion");
        if (i10 != 0) {
            LogUtils.INSTANCE.logDebug(getContext(), "AKV found. Return AKA: daon.fingerprint" + i10);
            return "daon.fingerprint" + i10;
        }
        LogUtils logUtils = LogUtils.INSTANCE;
        logUtils.logDebug(getContext(), "No AKV");
        String string = SharedPreference.instance().getString(context, "df2Mode");
        if (string != null) {
            z11 = Boolean.parseBoolean(string);
            logUtils.logDebug(getContext(), "DF2 flag: " + z11);
        } else {
            logUtils.logDebug(getContext(), "No DF2 flag. Flag whether DF2 is present.");
            try {
                z10 = b(context).hasKey("daon.fingerprint2");
            } catch (Exception e10) {
                LogUtils.INSTANCE.logWarn(getContext(), "Failed to check for daon.fingerprint2 in key store: " + e10.getMessage() + ". Presume key store entry corrupted.");
                z10 = false;
            }
            z11 = z10;
            LogUtils.INSTANCE.logDebug(getContext(), "Write DF2 flag: " + z11);
            SharedPreference.instance().putString(context, "df2Mode", Boolean.toString(z11));
        }
        if (z11) {
            LogUtils.INSTANCE.logDebug(getContext(), "Return AKA: daon.fingerprint2");
            return "daon.fingerprint2";
        }
        String string2 = SharedPreference.instance().getString(context, "AuthKeyAlias");
        if (string2 == null) {
            string2 = c(context);
        }
        LogUtils.INSTANCE.logDebug(getContext(), "Return AKA:" + string2);
        return string2;
    }

    private SecureKeyStore b(Context context) throws SecurityFactoryException {
        Bundle bundle = new Bundle();
        bundle.putString("key.property.algorithm", "EC");
        return SecureStorageFactory.getKeyStoreInstance(context, bundle);
    }

    private String c(Context context) {
        String uuid = UUID.randomUUID().toString();
        LogUtils.INSTANCE.logDebug(getContext(), "write aka:" + uuid);
        SharedPreference.instance().remove(context, "AuthKeyVersion");
        SharedPreference.instance().putString(context, "df2Mode", "false");
        SharedPreference.instance().putString(context, "AuthKeyAlias", uuid);
        return uuid;
    }

    public void a(CaptureCompleteListener captureCompleteListener) {
        try {
            if (!isRegistration()) {
                if (getFactor() != Authenticator.Factor.SILENT) {
                    GlobalAuthAttempts.getInstance().reset();
                }
                resetAttemptsOnSuccess();
            }
            captureComplete(captureCompleteListener);
        } catch (Exception e10) {
            throwCaptureCompleteException(e10, "Failed to complete authenticator data capture.", captureCompleteListener);
        }
    }

    public void a(IXAFactor iXAFactor) {
        this.f31242g = iXAFactor;
    }

    public void a(Boolean bool) {
        this.f31236a = bool;
    }

    public void a(String str) {
        this.f31240e = str;
    }

    public void a(boolean z10) {
        this.f31238c = z10;
    }

    public void a(boolean z10, int i10, OnAttemptFailedListener onAttemptFailedListener) {
        try {
            ClientLockingProtocol.LockInfo lockInfo = new ClientLockingProtocol.LockInfo();
            lockInfo.setState(Authenticator.Lock.UNLOCKED);
            if (!z10) {
                this.f31243h++;
            }
            boolean j10 = j();
            if (!z10 && !j10) {
                GlobalAuthAttempts.getInstance().increment();
            }
            getResponseExtensions().putInt(CommonExtensions.INFO_ATTEMPTS, this.f31243h);
            Bundle bundle = new Bundle();
            if (z10) {
                bundle.putInt(VerificationAttemptParameters.PARAM_ERROR_CODE, i10);
            }
            bundle.putInt(VerificationAttemptParameters.PARAM_ATTEMPT, this.f31243h);
            bundle.putInt(VerificationAttemptParameters.PARAM_GLOBAL_ATTEMPT, GlobalAuthAttempts.getInstance().getValue());
            if (getKey() == null && !z10 && j10) {
                onAttemptFailed(bundle, onAttemptFailedListener);
                return;
            }
            notifyVerificationAttemptFailed(bundle);
            if (onAttemptFailedListener != null) {
                onAttemptFailedListener.onAttemptFailedComplete(new OnAttemptFailedListener.OnAttemptFailedResult(lockInfo, null));
            }
        } catch (Exception e10) {
            if (onAttemptFailedListener != null) {
                onAttemptFailedListener.onAttemptFailedComplete(new OnAttemptFailedListener.OnAttemptFailedResult(null, e10));
            }
        }
    }

    public boolean a() {
        try {
            a((getKey() == null || k()) ? false : true);
        } catch (UnrecoverableKeyException unused) {
            LogUtils.INSTANCE.logWarn(getContext(), "Canary key corrupted. Continue processing.");
        } catch (Exception unused2) {
            captureFailed(2, "");
            return false;
        }
        return true;
    }

    public void b(CaptureCompleteListener captureCompleteListener) {
        checkIfStarted();
        try {
            if (preCompleteCapture(captureCompleteListener)) {
                a(captureCompleteListener);
            }
        } catch (Exception e10) {
            throwCaptureCompleteException(e10, "Failed to complete authenticator data capture.", captureCompleteListener);
        }
    }

    public void b(boolean z10) {
        this.f31239d = z10;
    }

    public boolean b() {
        try {
            setLegacyMode(getKey() == null && !k());
            return true;
        } catch (UnrecoverableKeyException unused) {
            captureFailed(IXAErrorCodes.ERROR_KEYS_INVALIDATED, getContext().getString(R.string.error_keys_invalidated));
            return false;
        } catch (Exception unused2) {
            captureFailed(2, "");
            return false;
        }
    }

    public void c() throws Exception {
        int i10;
        LogUtils.INSTANCE.logDebug(getContext(), "FLAM");
        if (!IXABiometricFactor.isEnrolled(getContext())) {
            captureFailed(1001, getContext().getString(R.string.error_no_prints));
            return;
        }
        a(getKey() == null ? "daon.fingerprint" : getKey());
        Bundle bundle = new Bundle();
        String extension = getExtension(CommonExtensions.KEY_ATTESTATION_CHALLENGE, null);
        if (extension != null) {
            bundle.putByteArray("key.property.attestation.challenge", Base64.decode(extension, 0));
        }
        String extension2 = getExtension(CommonExtensions.KEY_STORE_ORDER, null);
        if (extension2 != null) {
            bundle.putString(CommonExtensions.KEY_STORE_ORDER, extension2);
        }
        if (getBooleanExtension(Extensions.FINGER_INVALIDATE_BY_ENROLLMENT, false)) {
            b(true);
            i10 = 88;
        } else {
            i10 = 16;
        }
        a(new IXAFactor(getContext(), g(), i10 | 4, bundle));
    }

    @Override // com.daon.sdk.authenticator.controller.BaseCaptureController, com.daon.sdk.authenticator.controller.CaptureControllerProtocol
    public void cancelCapture() {
        if (isStarted() && !isCaptureFailed()) {
            e();
            captureFailed(5, null);
        }
    }

    @Override // com.daon.sdk.authenticator.controller.BiometricApiCaptureControllerProtocol
    public void cancelCapture(boolean z10) {
        if (isStarted() && !isCaptureFailed()) {
            e();
            captureFailed(5, null, Boolean.valueOf(z10));
        }
    }

    @Override // com.daon.sdk.authenticator.controller.BaseCaptureController
    public void captureFailed(int i10, String str, Boolean bool) {
        this.f31244i = new AuthenticatorError(i10, str);
        super.captureFailed(i10, str, bool);
    }

    @Override // com.daon.sdk.authenticator.controller.BaseCaptureController, com.daon.sdk.authenticator.controller.CaptureControllerProtocol
    public void completeCapture(CaptureCompleteListener captureCompleteListener) {
        if (j()) {
            ClientLockingProtocol.LockInfo lockInfo = getLockInfo();
            if (lockInfo.getState() != Authenticator.Lock.UNLOCKED) {
                notifyListenerThatAuthenticatorIsLocked(lockInfo, captureCompleteListener);
                return;
            }
        }
        if (this.f31237b) {
            b(captureCompleteListener);
        } else {
            super.completeCapture(captureCompleteListener);
        }
    }

    @Override // com.daon.sdk.authenticator.controller.BaseCaptureController, com.daon.sdk.authenticator.controller.CaptureControllerProtocol
    public void completeCaptureWithError(AuthenticatorError authenticatorError) {
        checkIfStarted();
        if (isCaptureFailed()) {
            return;
        }
        e();
        super.completeCaptureWithError(authenticatorError);
    }

    @Override // com.daon.sdk.authenticator.controller.BiometricApiCaptureControllerProtocol
    public void completeCaptureWithFingerVerificationError(AuthenticatorError authenticatorError) {
        checkIfStarted();
        if (isCaptureFailed()) {
            return;
        }
        e();
        a(true, authenticatorError.getCode(), null);
        captureFailed(authenticatorError.getCode(), authenticatorError.getMessage());
    }

    public void d() throws Exception {
        LogUtils.INSTANCE.logDebug(getContext(), "noFLAM");
        if (!IXABiometricFactor.isEnrolled(getContext())) {
            captureFailed(1001, getContext().getString(R.string.error_no_prints));
            return;
        }
        if (a()) {
            b(true);
            int i10 = getKey() == null ? 26 : 24;
            if (getBooleanExtension(Extensions.FINGER_INVALIDATE_BY_ENROLLMENT, true)) {
                i10 |= 64;
            }
            int i11 = i10 | 4;
            try {
                a(a(getContext()));
                a(new IXAFactor(getContext(), g(), i11, null));
            } catch (UnrecoverableKeyException unused) {
                c(getContext());
                a(a(getContext()));
                a(new IXAFactor(getContext(), g(), i11, null));
            }
        }
    }

    public void e() {
        if (l()) {
            try {
                f().removeKey(a(getContext()));
            } catch (KeyStoreException unused) {
                LogUtils.INSTANCE.logWarn(getContext(), "Failed to remove " + a(getContext()) + " probably because it has been invalidated by the OS");
            } catch (Exception e10) {
                LogUtils logUtils = LogUtils.INSTANCE;
                logUtils.logError(getContext(), logUtils.getStackTrace(e10));
                logUtils.logError(getContext(), "Failed to remove " + a(getContext()));
            }
        }
    }

    public SecureKeyStore f() throws SecurityFactoryException {
        return SecureStorageFactory.getKeyStoreInstance(getContext(), L6.b.a("key.property.algorithm", "EC"));
    }

    public String g() {
        return this.f31240e;
    }

    @Override // com.daon.sdk.authenticator.controller.BiometricApiCaptureControllerProtocol
    public AuthenticatorError getCaptureFailedError() {
        return this.f31244i;
    }

    @Override // com.daon.sdk.authenticator.controller.BaseClientCaptureController
    public String getCounterStorageId() {
        return "PREFS_DAON_FingerprintCounter";
    }

    @Override // com.daon.sdk.authenticator.controller.BaseClientCaptureController, com.daon.sdk.authenticator.controller.ClientLockingProtocol
    public int getCurrentAttempt() {
        return j() ? super.getCurrentAttempt() : this.f31243h + 1;
    }

    @Override // com.daon.sdk.authenticator.controller.BiometricApiCaptureControllerProtocol
    public Signature getSignature() {
        checkIfStarted();
        try {
            if (o()) {
                this.f31241f = f().getSignature(g());
            }
            return this.f31241f;
        } catch (Exception e10) {
            throw new RuntimeException("Failed to generate signature on key with alias " + g() + ".", e10);
        }
    }

    public IXAFactor h() {
        return this.f31242g;
    }

    public Boolean i() {
        return this.f31236a;
    }

    @Override // com.daon.sdk.authenticator.controller.BiometricApiCaptureControllerProtocol
    public AuthenticatorError initialize() {
        super.startCapture();
        this.f31244i = null;
        if (!b()) {
            return this.f31244i;
        }
        try {
            if (m()) {
                c();
            } else {
                d();
            }
            return this.f31244i;
        } catch (IllegalStateException | InvalidAlgorithmParameterException unused) {
            captureFailed(IXAErrorCodes.ERROR_DEVICE_LOCK_DISABLED, getContext().getString(R.string.error_device_lock_disabled));
            return this.f31244i;
        } catch (Exception e10) {
            LogUtils logUtils = LogUtils.INSTANCE;
            logUtils.logError(getContext(), logUtils.getStackTrace(e10));
            logUtils.logError(getContext(), "Finger authenticate exception: " + e10.getMessage());
            captureFailed(2, "");
            return this.f31244i;
        }
    }

    public boolean j() {
        return getBooleanExtension(Extensions.FINGER_SDK_LOCKING, false);
    }

    public boolean k() throws Exception {
        if (i() == null) {
            a(Boolean.valueOf(f().hasKey(a(getContext()))));
        }
        return i().booleanValue();
    }

    public boolean l() {
        return this.f31238c;
    }

    public boolean m() {
        return this.f31237b;
    }

    public boolean n() {
        return (getBooleanExtension(Extensions.SILENT_REGISTRATION, false) || getBooleanExtension("silent", false)) && getKey() != null;
    }

    @Override // com.daon.sdk.authenticator.controller.BiometricApiCaptureControllerProtocol
    public void notifyFingerVerificationAttemptFailed(OnAttemptFailedListener onAttemptFailedListener) {
        a(false, 0, onAttemptFailedListener);
    }

    public boolean o() {
        return this.f31239d;
    }

    public byte[] p() {
        try {
            return h().sign(this.f31241f, "challenge".getBytes());
        } catch (Exception e10) {
            if (e10 instanceof KeyPermanentlyInvalidatedException) {
                captureFailed(IXAErrorCodes.ERROR_KEYS_INVALIDATED, getContext().getString(R.string.error_keys_invalidated));
            } else if (e10 instanceof UserNotAuthenticatedException) {
                captureFailed(IXAErrorCodes.ERROR_USER_NOT_AUTHENTICATED, getContext().getString(R.string.error_user_not_authenticated));
            } else if (e10.getMessage().contains("user not authenticated")) {
                captureFailed(IXAErrorCodes.ERROR_KEYS_INVALIDATED, getContext().getString(R.string.error_keys_invalidated));
            } else {
                captureFailed(IXAErrorCodes.ERROR_SIGN, getContext().getString(R.string.error_sign));
            }
            return null;
        }
    }

    @Override // com.daon.sdk.authenticator.controller.BaseClientCaptureController, com.daon.sdk.authenticator.controller.BaseCaptureController
    public boolean preCompleteCapture(CaptureCompleteListener captureCompleteListener) {
        boolean preCompleteCapture = super.preCompleteCapture(captureCompleteListener);
        if (n() || p() != null) {
            return preCompleteCapture;
        }
        e();
        return false;
    }

    @Override // com.daon.sdk.authenticator.controller.BiometricApiCaptureControllerProtocol
    public void setLegacyMode(boolean z10) {
        this.f31237b = z10;
    }

    @Override // com.daon.sdk.authenticator.controller.BiometricApiCaptureControllerProtocol
    public void stopCapture() {
        checkIfStarted();
        e();
    }
}
