package defpackage;

import android.content.SharedPreferences;
import android.content.pm.PackageManager;
import android.os.Build;
import android.os.SystemProperties;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Log;
import com.samsung.android.security.keystore.AttestParameterSpec;
import com.samsung.android.security.keystore.AttestationUtils;
import io.github.vvb2060.keyattestation.AppApplication;
import java.io.ByteArrayInputStream;
import java.nio.charset.Charset;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.ProviderException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.ECGenParameterSpec;
import java.util.ArrayList;
import java.util.Date;
import java.util.Iterator;
import java.util.Locale;
import java.util.NoSuchElementException;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes.dex */
public final class Na extends AbstractC0021ak {
    public final SharedPreferences b;
    public final KeyStore c = KeyStore.getInstance("AndroidKeyStore");
    public final CertificateFactory d = CertificateFactory.getInstance("X.509");
    public final C0059ce e = new C0059ce();
    public boolean f;
    public final boolean g;
    public boolean h;
    public final boolean i;
    public boolean j;
    public final boolean k;
    public boolean l;
    public final boolean m;
    public boolean n;

    public Na(PackageManager packageManager, SharedPreferences sharedPreferences) {
        boolean z;
        this.b = sharedPreferences;
        this.f = sharedPreferences.getBoolean("secret_mode", true);
        if (Build.VERSION.SDK_INT >= 29) {
            AppApplication appApplication = AppApplication.a;
            String[] systemSharedLibraryNames = (appApplication == null ? null : appApplication).getPackageManager().getSystemSharedLibraryNames();
            if (systemSharedLibraryNames != null) {
                int i = 0;
                while (i < systemSharedLibraryNames.length) {
                    int i2 = i + 1;
                    try {
                        String str = systemSharedLibraryNames[i];
                        if (str != null) {
                            Locale locale = Locale.ROOT;
                            if (str.toLowerCase(locale).equals("samsungkeystoreutils")) {
                                if (Nh.w0(SystemProperties.get("ro.security.keystore.keytype", "").toLowerCase(locale), "sak", 0, false) >= 0) {
                                    AppApplication appApplication2 = AppApplication.a;
                                    if (AbstractC0553z4.h(appApplication2 == null ? null : appApplication2, "com.samsung.android.security.permission.SAMSUNG_KEYSTORE_PERMISSION") == 0) {
                                        z = true;
                                        this.g = z;
                                        this.h = this.b.getBoolean("prefer_sak", z);
                                        int i3 = Build.VERSION.SDK_INT;
                                        this.i = i3 < 28 && packageManager.hasSystemFeature("android.hardware.strongbox_keystore");
                                        this.j = this.b.getBoolean("prefer_strongbox", false);
                                        this.k = i3 < 31 && packageManager.hasSystemFeature("android.hardware.keystore.app_attest_key");
                                        this.l = this.b.getBoolean("prefer_attest_key", false);
                                        this.m = i3 < 31 && packageManager.hasSystemFeature("android.software.device_id_attestation");
                                        this.n = this.b.getBoolean("prefer_including_props", false);
                                        this.f = true;
                                        SharedPreferences.Editor edit = this.b.edit();
                                        edit.putBoolean("secret_mode", true);
                                        edit.apply();
                                        this.h = false;
                                        SharedPreferences.Editor edit2 = this.b.edit();
                                        edit2.putBoolean("prefer_sak", false);
                                        edit2.apply();
                                        this.j = false;
                                        SharedPreferences.Editor edit3 = this.b.edit();
                                        edit3.putBoolean("prefer_strongbox", false);
                                        edit3.apply();
                                        this.l = false;
                                        SharedPreferences.Editor edit4 = this.b.edit();
                                        edit4.putBoolean("prefer_attest_key", false);
                                        edit4.apply();
                                        this.n = false;
                                        SharedPreferences.Editor edit5 = this.b.edit();
                                        edit5.putBoolean("prefer_including_props", false);
                                        edit5.apply();
                                        this.c.load(null);
                                        e(this);
                                    }
                                    Log.e("KeyAttestation", "SAMSUNG_KEYSTORE_PERMISSION has not been granted to the app, skipping SAK.");
                                } else {
                                    Log.w("KeyAttestation", "This device has no SAK support, skipping SAK.");
                                }
                            }
                        }
                        i = i2;
                    } catch (ArrayIndexOutOfBoundsException e) {
                        throw new NoSuchElementException(e.getMessage());
                    }
                }
            }
            Log.w("KeyAttestation", "This device has no samsungkeystoreutils library, skipping SAK.");
        }
        z = false;
        this.g = z;
        this.h = this.b.getBoolean("prefer_sak", z);
        int i32 = Build.VERSION.SDK_INT;
        this.i = i32 < 28 && packageManager.hasSystemFeature("android.hardware.strongbox_keystore");
        this.j = this.b.getBoolean("prefer_strongbox", false);
        this.k = i32 < 31 && packageManager.hasSystemFeature("android.hardware.keystore.app_attest_key");
        this.l = this.b.getBoolean("prefer_attest_key", false);
        this.m = i32 < 31 && packageManager.hasSystemFeature("android.software.device_id_attestation");
        this.n = this.b.getBoolean("prefer_including_props", false);
        this.f = true;
        SharedPreferences.Editor edit6 = this.b.edit();
        edit6.putBoolean("secret_mode", true);
        edit6.apply();
        this.h = false;
        SharedPreferences.Editor edit22 = this.b.edit();
        edit22.putBoolean("prefer_sak", false);
        edit22.apply();
        this.j = false;
        SharedPreferences.Editor edit32 = this.b.edit();
        edit32.putBoolean("prefer_strongbox", false);
        edit32.apply();
        this.l = false;
        SharedPreferences.Editor edit42 = this.b.edit();
        edit42.putBoolean("prefer_attest_key", false);
        edit42.apply();
        this.n = false;
        SharedPreferences.Editor edit52 = this.b.edit();
        edit52.putBoolean("prefer_including_props", false);
        edit52.apply();
        this.c.load(null);
        e(this);
    }

    public static void d(String str, boolean z, boolean z2, boolean z3, String str2) {
        Date date = new Date();
        boolean g = AbstractC0553z4.g(str, str2);
        int i = Build.VERSION.SDK_INT;
        KeyGenParameterSpec.Builder certificateNotBefore = new KeyGenParameterSpec.Builder(str, (i < 31 || !g) ? 4 : 128).setAlgorithmParameterSpec(new ECGenParameterSpec("secp256r1")).setDigests("SHA-256").setCertificateNotBefore(date);
        String date2 = date.toString();
        Charset charset = I4.a;
        KeyGenParameterSpec.Builder attestationChallenge = certificateNotBefore.setAttestationChallenge(date2.getBytes(charset));
        if (i >= 28 && z2) {
            attestationChallenge.setIsStrongBoxBacked(true);
        }
        if (i >= 31) {
            if (z3) {
                attestationChallenge.setDevicePropertiesAttestationIncluded(true);
            }
            if (g) {
                attestationChallenge.setCertificateSubject(new X500Principal("CN=App Attest Key"));
            } else {
                attestationChallenge.setAttestKeyAlias(str2);
            }
        }
        if (i < 29 || !z) {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC", "AndroidKeyStore");
            keyPairGenerator.initialize(attestationChallenge.build());
            keyPairGenerator.generateKeyPair();
            return;
        }
        AttestParameterSpec.Builder verifiableIntegrity = new AttestParameterSpec.Builder(str, date.toString().getBytes(charset)).setAlgorithm("EC").setKeyGenParameterSpec(attestationChallenge.build()).setVerifiableIntegrity(true);
        AppApplication appApplication = AppApplication.a;
        if (appApplication == null) {
            appApplication = null;
        }
        AttestParameterSpec.Builder packageName = verifiableIntegrity.setPackageName(appApplication.getPackageName());
        if (i >= 33 && z3) {
            packageName.setDevicePropertiesAttestationIncluded(true);
        }
        if (i >= 31 && g) {
            packageName.setCertificateSubject(new X500Principal("CN=App Attest Key"));
        }
        new AttestationUtils().generateKeyPair(packageName.build());
    }

    public static void e(Na na) {
        na.getClass();
        AppApplication.b.execute(new La(na, false));
    }

    public final C0201j3 c(boolean z, boolean z2, boolean z3, boolean z4) {
        String message;
        int numericErrorCode;
        boolean isTransientFailure;
        boolean isTransientFailure2;
        CertificateFactory certificateFactory;
        ArrayList arrayList = new ArrayList();
        String str = z2 ? "KeyAttestation_strongbox" : "KeyAttestation";
        String concat = z4 ? str.concat("_persistent") : null;
        KeyStore keyStore = this.c;
        if (z4) {
            try {
                if (!keyStore.containsAlias(concat)) {
                    d(concat, z, z2, z3, concat);
                }
            } catch (ProviderException e) {
                Throwable cause = e.getCause();
                int i = Build.VERSION.SDK_INT;
                if (i >= 28 && J.l(e)) {
                    throw new C0158h3(3, e);
                }
                if (i < 33 || !O.k(cause)) {
                    if (cause == null || (message = cause.getMessage()) == null || Nh.w0(message, "device ids", 0, false) < 0) {
                        throw new C0158h3(0, e);
                    }
                    throw new C0158h3(4, e);
                }
                numericErrorCode = O.b(cause).getNumericErrorCode();
                if (numericErrorCode == 8) {
                    throw new C0158h3(4, e);
                }
                if (numericErrorCode != 16) {
                    isTransientFailure2 = O.b(cause).isTransientFailure();
                    if (isTransientFailure2) {
                        throw new C0158h3(7, e);
                    }
                    throw new C0158h3(0, e);
                }
                isTransientFailure = O.b(cause).isTransientFailure();
                if (isTransientFailure) {
                    throw new C0158h3(6, e);
                }
                throw new C0158h3(5, e);
            } catch (Exception e2) {
                throw new C0158h3(-1, e2);
            }
        }
        d(str, z, z2, z3, concat);
        Certificate[] certificateChain = keyStore.getCertificateChain(str);
        if (certificateChain == null) {
            throw new CertificateException("Unable to get certificate chain");
        }
        int length = certificateChain.length;
        int i2 = 0;
        while (true) {
            certificateFactory = this.d;
            if (i2 >= length) {
                break;
            }
            arrayList.add(certificateFactory.generateCertificate(new ByteArrayInputStream(certificateChain[i2].getEncoded())));
            i2++;
        }
        if (z4) {
            Certificate[] certificateChain2 = keyStore.getCertificateChain(concat);
            if (certificateChain2 == null) {
                throw new CertificateException("Unable to get certificate chain");
            }
            for (Certificate certificate : certificateChain2) {
                arrayList.add(certificateFactory.generateCertificate(new ByteArrayInputStream(certificate.getEncoded())));
            }
        }
        ArrayList arrayList2 = new ArrayList();
        Iterator it = arrayList.iterator();
        while (it.hasNext()) {
            Object next = it.next();
            if (next instanceof X509Certificate) {
                arrayList2.add(next);
            }
        }
        return C0531y4.b(arrayList2);
    }
}
