package ai.protectt.app.security.attestation;

import ai.protectt.app.security.main.g;
import android.os.Build;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Log;
import com.facebook.GraphResponse;
import com.rudderstack.android.sdk.core.MessageType;
import com.userexperior.models.recording.enums.UeCustomType;
import java.security.GeneralSecurityException;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.ProviderException;
import java.security.cert.Certificate;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate;
import java.security.spec.ECGenParameterSpec;
import java.util.Date;
import kotlin.Metadata;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.jvm.internal.Intrinsics;
import kotlin.text.Charsets;
import kotlin.text.StringsKt__StringsKt;
import kotlin.time.DurationKt;
import org.jetbrains.annotations.NotNull;

/* compiled from: AttestationHelper.kt */
@Metadata(d1 = {"\u0000$\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0002\u0010\u0002\n\u0000\n\u0002\u0010\u000e\n\u0000\n\u0002\u0010\u000b\n\u0002\b\u0003\n\u0002\u0018\u0002\n\u0002\b\u0017\u0018\u0000 \u00032\u00020\u0001:\u0001\u000eB\u0007¢\u0006\u0004\b\u001f\u0010 J\b\u0010\u0003\u001a\u00020\u0002H\u0007J \u0010\t\u001a\u00020\u00022\u0006\u0010\u0005\u001a\u00020\u00042\u0006\u0010\u0007\u001a\u00020\u00062\u0006\u0010\b\u001a\u00020\u0006H\u0003J \u0010\u000b\u001a\u00020\n2\u0006\u0010\u0005\u001a\u00020\u00042\u0006\u0010\u0007\u001a\u00020\u00062\u0006\u0010\b\u001a\u00020\u0006H\u0003J\u0010\u0010\r\u001a\u00020\u00022\u0006\u0010\f\u001a\u00020\nH\u0002R\u0016\u0010\u0010\u001a\u00020\u00048\u0002@\u0002X\u0082\u000e¢\u0006\u0006\n\u0004\b\u000e\u0010\u000fR\u0017\u0010\u0015\u001a\u00020\u00068\u0006¢\u0006\f\n\u0004\b\u0011\u0010\u0012\u001a\u0004\b\u0013\u0010\u0014R\"\u0010\u0019\u001a\u00020\u00068\u0006@\u0006X\u0086\u000e¢\u0006\u0012\n\u0004\b\r\u0010\u0012\u001a\u0004\b\u0016\u0010\u0014\"\u0004\b\u0017\u0010\u0018R\u0017\u0010\u001b\u001a\u00020\u00068\u0006¢\u0006\f\n\u0004\b\u000b\u0010\u0012\u001a\u0004\b\u001a\u0010\u0014R\"\u0010\u001e\u001a\u00020\u00068\u0006@\u0006X\u0086\u000e¢\u0006\u0012\n\u0004\b\t\u0010\u0012\u001a\u0004\b\u001c\u0010\u0014\"\u0004\b\u001d\u0010\u0018¨\u0006!"}, d2 = {"Lai/protectt/app/security/attestation/r;", "", "", com.apxor.androidsdk.plugins.realtimeui.f.x, "", MessageType.ALIAS, "", "useStrongBox", "includeProps", com.bumptech.glide.gifdecoder.e.u, "Lai/protectt/app/security/attestation/t;", "d", GraphResponse.SUCCESS_KEY, "c", "a", "Ljava/lang/String;", UeCustomType.TAG, "b", "Z", "getHasStrongBox", "()Z", "hasStrongBox", "getPreferStrongBox", "setPreferStrongBox", "(Z)V", "preferStrongBox", "getHasDeviceIds", "hasDeviceIds", "getPreferIncludeProps", "setPreferIncludeProps", "preferIncludeProps", "<init>", "()V", "app-security_onlineProdRelease"}, k = 1, mv = {1, 6, 0})
/* loaded from: classes.dex */
public final class r {

    /* renamed from: f, reason: from kotlin metadata */
    @NotNull
    public static final Companion INSTANCE = new Companion(null);
    public static r g;

    /* renamed from: a, reason: collision with root package name and from kotlin metadata */
    @NotNull
    public String TAG = "AttestationHelper";

    /* renamed from: b, reason: collision with root package name and from kotlin metadata */
    public final boolean hasStrongBox;

    /* renamed from: c, reason: collision with root package name and from kotlin metadata */
    public boolean preferStrongBox;

    /* renamed from: d, reason: collision with root package name and from kotlin metadata */
    public final boolean hasDeviceIds;

    /* renamed from: e, reason: collision with root package name and from kotlin metadata */
    public boolean preferIncludeProps;

    /* compiled from: AttestationHelper.kt */
    @Metadata(d1 = {"\u0000\u0016\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0002\u0010\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\t\b\u0086\u0003\u0018\u00002\u00020\u0001B\t\b\u0002¢\u0006\u0004\b\u000b\u0010\fJ\u0006\u0010\u0003\u001a\u00020\u0002R$\u0010\u0005\u001a\u0004\u0018\u00010\u00048\u0006@\u0006X\u0086\u000e¢\u0006\u0012\n\u0004\b\u0005\u0010\u0006\u001a\u0004\b\u0007\u0010\b\"\u0004\b\t\u0010\n¨\u0006\r"}, d2 = {"Lai/protectt/app/security/attestation/r$a;", "", "", "b", "Lai/protectt/app/security/attestation/r;", "instance", "Lai/protectt/app/security/attestation/r;", "a", "()Lai/protectt/app/security/attestation/r;", "c", "(Lai/protectt/app/security/attestation/r;)V", "<init>", "()V", "app-security_onlineProdRelease"}, k = 1, mv = {1, 6, 0})
    /* renamed from: ai.protectt.app.security.attestation.r$a, reason: from kotlin metadata */
    /* loaded from: classes.dex */
    public static final class Companion {
        public Companion() {
        }

        public /* synthetic */ Companion(DefaultConstructorMarker defaultConstructorMarker) {
            this();
        }

        public final r a() {
            return r.g;
        }

        public final void b() {
            if (a() == null) {
                c(new r());
            }
        }

        public final void c(r rVar) {
            r.g = rVar;
        }
    }

    public r() {
        int i = Build.VERSION.SDK_INT;
        boolean z = false;
        this.hasStrongBox = i >= 28 && ai.protectt.app.security.main.g.INSTANCE.v().getPackageManager().hasSystemFeature("android.hardware.strongbox_keystore");
        this.preferStrongBox = true;
        if (i >= 31 && ai.protectt.app.security.main.g.INSTANCE.v().getPackageManager().hasSystemFeature("android.software.device_id_attestation")) {
            z = true;
        }
        this.hasDeviceIds = z;
        this.preferIncludeProps = true;
    }

    public final void c(AttestationResult success) {
        Log.i("Validation", "flag validation one inside");
        try {
            d attestation = success.getAttestation();
            if (!success.getIsGoogleRootCertificate()) {
                ai.protectt.app.security.common.helper.q.f168a.e("Appprotectattestation", "=============>>>>:: Unknown Root certificate");
                ai.protectt.app.security.main.g.INSTANCE.f0(new ai.protectt.app.security.shouldnotobfuscated.dto.a("ATTESTATION_SUCCESS", "Unknown Root certificate"));
            }
            u d2 = attestation.d();
            Boolean bool = null;
            v e2 = d2 == null ? null : d2.e();
            if (e2 != null) {
                bool = Boolean.valueOf(e2.b());
            }
            boolean z = false;
            if (e2 != null && e2.a() == 0) {
                z = true;
            }
            boolean z2 = !z;
            if (bool == null) {
                ai.protectt.app.security.common.helper.q.f168a.e("Appprotectattestation", "=============>>>>:: Bootloader status is unknown");
                g.Companion companion = ai.protectt.app.security.main.g.INSTANCE;
                if (companion.f() == null) {
                    companion.f0(new ai.protectt.app.security.shouldnotobfuscated.dto.a("ATTESTATION_SUCCESS", "Bootloader status is unknown"));
                    return;
                }
                ai.protectt.app.security.shouldnotobfuscated.dto.a f = companion.f();
                Intrinsics.checkNotNull(f);
                f.setAttestationResInfo(Intrinsics.stringPlus(f.getAttestationResInfo(), "|-|Bootloader status is unknown"));
                companion.f0(f);
                return;
            }
            if (!bool.booleanValue()) {
                ai.protectt.app.security.common.helper.q.f168a.e("Appprotectattestation", "=============>>>>:: Bootloader is unlocked");
                ai.protectt.app.security.main.g.INSTANCE.f0(new ai.protectt.app.security.shouldnotobfuscated.dto.a("ATTESTATION_SUCCESS", "Bootloader is unlocked"));
            } else if (z2) {
                ai.protectt.app.security.common.helper.q.f168a.e("Appprotectattestation", "=============>>>>:: Bootloader is locked");
                ai.protectt.app.security.main.g.INSTANCE.f0(new ai.protectt.app.security.shouldnotobfuscated.dto.a("ATTESTATION_SUCCESS", "Bootloader is locked"));
            } else {
                ai.protectt.app.security.common.helper.q.f168a.e("Appprotectattestation", "=============>>>>:: Bootloader is locked");
                ai.protectt.app.security.main.g.INSTANCE.f0(new ai.protectt.app.security.shouldnotobfuscated.dto.a("ATTESTATION_SUCCESS", "Bootloader is locked"));
            }
        } catch (Exception e3) {
            ai.protectt.app.security.common.helper.q.f168a.a(this.TAG, Intrinsics.stringPlus("Error: ", e3), e3);
        }
    }

    public final AttestationResult d(String alias, boolean useStrongBox, boolean includeProps) throws f {
        String message;
        boolean contains$default;
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            e(alias, useStrongBox, includeProps);
            Certificate[] certificateChain = keyStore.getCertificateChain(alias);
            int length = certificateChain.length;
            X509Certificate[] x509CertificateArr = new X509Certificate[length];
            int i = 0;
            while (i < length) {
                int i2 = i + 1;
                Certificate certificate = certificateChain[i];
                if (certificate == null) {
                    throw new NullPointerException("null cannot be cast to non-null type java.security.cert.X509Certificate");
                }
                x509CertificateArr[i] = (X509Certificate) certificate;
                i = i2;
            }
            try {
                try {
                    return new AttestationResult(useStrongBox, new d(x509CertificateArr[0]), w.a(x509CertificateArr));
                } catch (CertificateParsingException e2) {
                    throw new f(2, e2);
                }
            } catch (GeneralSecurityException e3) {
                throw new f(1, e3);
            }
        } catch (ProviderException e4) {
            if (Build.VERSION.SDK_INT >= 28 && i.a(e4)) {
                throw new f(3, e4);
            }
            Throwable cause = e4.getCause();
            if (cause != null && (message = cause.getMessage()) != null) {
                contains$default = StringsKt__StringsKt.contains$default((CharSequence) message, (CharSequence) "device ids", false, 2, (Object) null);
                if (contains$default) {
                    throw new f(4, e4);
                }
            }
            throw new f(0, e4);
        } catch (Exception e5) {
            throw new f(0, e5);
        }
    }

    public final void e(String alias, boolean useStrongBox, boolean includeProps) throws GeneralSecurityException {
        KeyGenParameterSpec.Builder algorithmParameterSpec;
        KeyGenParameterSpec.Builder keyValidityStart;
        KeyGenParameterSpec.Builder keyValidityForOriginationEnd;
        KeyGenParameterSpec.Builder keyValidityForConsumptionEnd;
        KeyGenParameterSpec.Builder attestationChallenge;
        KeyGenParameterSpec build;
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC", "AndroidKeyStore");
        Date date = new Date();
        Date date2 = new Date(date.getTime() + DurationKt.NANOS_IN_MILLIS);
        Date date3 = new Date(date.getTime() + 2000000);
        algorithmParameterSpec = g.a(alias, 4).setAlgorithmParameterSpec(new ECGenParameterSpec("secp256r1"));
        keyValidityStart = algorithmParameterSpec.setKeyValidityStart(date);
        keyValidityForOriginationEnd = keyValidityStart.setKeyValidityForOriginationEnd(date2);
        keyValidityForConsumptionEnd = keyValidityForOriginationEnd.setKeyValidityForConsumptionEnd(date3);
        String date4 = date.toString();
        Intrinsics.checkNotNullExpressionValue(date4, "now.toString()");
        byte[] bytes = date4.getBytes(Charsets.UTF_8);
        Intrinsics.checkNotNullExpressionValue(bytes, "(this as java.lang.String).getBytes(charset)");
        attestationChallenge = keyValidityForConsumptionEnd.setAttestationChallenge(bytes);
        Intrinsics.checkNotNullExpressionValue(attestationChallenge, "Builder(alias, KeyProper…toString().toByteArray())");
        int i = Build.VERSION.SDK_INT;
        if (i >= 31 && includeProps) {
            attestationChallenge.setDevicePropertiesAttestationIncluded(true);
        }
        if (i >= 28 && useStrongBox) {
            attestationChallenge.setIsStrongBoxBacked(true);
        }
        attestationChallenge.setDigests("NONE", "SHA-256");
        build = attestationChallenge.build();
        keyPairGenerator.initialize(build);
        keyPairGenerator.generateKeyPair();
    }

    public final void f() {
        Throwable th;
        boolean z = false;
        boolean z2 = this.hasStrongBox && this.preferStrongBox;
        if (this.hasDeviceIds && this.preferIncludeProps) {
            z = true;
        }
        try {
            c(d("Key_" + z2 + '_' + z, z2, z));
        } catch (Throwable th2) {
            boolean z3 = th2 instanceof f;
            if (z3) {
                th = th2.getCause();
                Intrinsics.checkNotNull(th);
            } else {
                th = th2;
            }
            ai.protectt.app.security.common.helper.q qVar = ai.protectt.app.security.common.helper.q.f168a;
            qVar.e(this.TAG, Intrinsics.stringPlus("Do attestation error.", th));
            if (z3) {
                qVar.e(this.TAG, String.valueOf(th2));
            } else {
                qVar.e(this.TAG, String.valueOf(th2));
            }
            Log.i("Validation", "flag validation two inside");
            ai.protectt.app.security.main.g.INSTANCE.f0(new ai.protectt.app.security.shouldnotobfuscated.dto.a("ATTESTATION_FAILED", th2.getMessage()));
        }
    }
}
