package cn.com.alliance.fido.ui;

import android.annotation.TargetApi;
import android.app.Activity;
import android.hardware.fingerprint.FingerprintManager;
import android.util.Base64;
import cn.com.alliance.fido.bean.authenticator.RawKeyHandle;
import cn.com.alliance.fido.bean.authenticator.command.RegisterCommand;
import cn.com.alliance.fido.bean.authenticator.command.SignCommand;
import cn.com.alliance.fido.bean.authenticator.command.SignResponse;
import cn.com.alliance.fido.bean.authenticator.tag.TAG_EXTENSION;
import cn.com.alliance.fido.bean.authenticator.tag.TAG_UAFV1_AUTH_ASSERTION;
import cn.com.alliance.fido.bean.authenticator.tag.TAG_UAFV1_SIGNED_DATA;
import cn.com.alliance.fido.bean.authenticator.tag.TAG_USERNAME_AND_KEYHANDLE;
import cn.com.alliance.fido.bean.db.SignCounterEntity;
import cn.com.alliance.fido.bean.uafclient.Operation;
import cn.com.alliance.fido.db.SignCounterManager;
import cn.com.alliance.fido.util.StringTools;
import cn.com.alliance.fido.util.UAFTools;
import cn.com.alliance.fido.util.Utility;
import cn.com.alliance.fido.util.asn1.ASN1Set;
import cn.com.alliance.fido.util.asn1.x509.X509Name;
import cn.com.alliance.fido.util.p10.PKCS10CertificationRequest;
import cn.com.union.fido.util.CryptoTools;
import com.jdcn.fido.constant.BasicInformation;
import com.jdcn.fido.utils.TrackerUtil;
import java.security.KeyPair;
import java.security.PrivateKey;
import java.security.Signature;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;

/* loaded from: classes.dex */
public class FidoSignUtil {
    private SignCommand signCommand = new SignCommand();
    private RegisterCommand registerCommand = new RegisterCommand();
    private List<RawKeyHandle> remainingKeyhandleList = new ArrayList();

    private void getKeyHandle(Activity activity, byte[] bArr) {
        this.signCommand.deserialize(bArr);
        this.remainingKeyhandleList = new ArrayList();
        Iterator<String> it = this.signCommand.keyHandles.iterator();
        while (it.hasNext()) {
            RawKeyHandle generateDecryptedKeyHandle = UAFTools.generateDecryptedKeyHandle(activity, it.next());
            if (generateDecryptedKeyHandle != null && generateDecryptedKeyHandle.KHAccessToken.equals(this.signCommand.khAccessToken)) {
                this.remainingKeyhandleList.add(generateDecryptedKeyHandle);
            }
        }
    }

    private PrivateKey getPrivateHandle(Activity activity, IAuthPresenter iAuthPresenter) {
        PrivateKey privateKey;
        if (iAuthPresenter.getOpType().equals(Operation.Reg.name())) {
            this.registerCommand.deserialize(iAuthPresenter.getFidoCmd());
            privateKey = UAFTools.genUAuthKeyPair(2, StringTools.urlSafeBase64Enc(CryptoTools.hash(this.registerCommand.userName + "004B#0001" + this.registerCommand.extensions.get(1).data, "SHA256")), activity).getPrivate();
        } else {
            privateKey = null;
        }
        if (!iAuthPresenter.getOpType().equals(Operation.Auth.name())) {
            return privateKey;
        }
        getKeyHandle(activity, iAuthPresenter.getFidoCmd());
        if (this.remainingKeyhandleList.size() != 1) {
            return privateKey;
        }
        RawKeyHandle rawKeyHandle = this.remainingKeyhandleList.get(0);
        return UAFTools.getUAuthPrivateKeyTEE(257, rawKeyHandle.PrivateKey, StringTools.urlSafeBase64Enc(CryptoTools.hash(rawKeyHandle.Username + "004B#0001" + this.signCommand.extensions.get(1).data, "SHA256")));
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Removed duplicated region for block: B:23:0x026d A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /* JADX WARN: Type inference failed for: r14v10 */
    /* JADX WARN: Type inference failed for: r14v4, types: [byte[]] */
    /* JADX WARN: Type inference failed for: r14v6 */
    /* JADX WARN: Type inference failed for: r14v7 */
    /* JADX WARN: Type inference failed for: r14v9 */
    /* JADX WARN: Type inference failed for: r2v30, types: [byte[]] */
    /* JADX WARN: Type inference failed for: r3v37 */
    /* JADX WARN: Type inference failed for: r3v38 */
    /* JADX WARN: Type inference failed for: r3v39, types: [cn.com.alliance.fido.bean.authenticator.tag.TAG_EXTENSION] */
    /* JADX WARN: Type inference failed for: r3v52 */
    /* JADX WARN: Type inference failed for: r3v70 */
    /* JADX WARN: Type inference failed for: r3v71 */
    /* JADX WARN: Type inference failed for: r3v72 */
    /* JADX WARN: Type inference failed for: r3v73, types: [cn.com.alliance.fido.bean.authenticator.tag.TAG_EXTENSION] */
    @android.annotation.TargetApi(23)
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public cn.com.alliance.fido.bean.authenticator.command.RegisterResponse doRegProcess(android.app.Activity r22, android.hardware.fingerprint.FingerprintManager.CryptoObject r23, java.lang.String r24) {
        /*
            Method dump skipped, instructions count: 966
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: cn.com.alliance.fido.ui.FidoSignUtil.doRegProcess(android.app.Activity, android.hardware.fingerprint.FingerprintManager$CryptoObject, java.lang.String):cn.com.alliance.fido.bean.authenticator.command.RegisterResponse");
    }

    @TargetApi(23)
    public SignResponse doSignProcess(Activity activity, FingerprintManager.CryptoObject cryptoObject, String str) {
        TAG_EXTENSION tag_extension;
        KeyPair uAuthKeyPairTEE;
        Signature signature;
        SignCounterManager signCounterManager = new SignCounterManager(activity);
        SignResponse signResponse = new SignResponse();
        String str2 = this.signCommand.transactionContent;
        List<TAG_EXTENSION> list = this.signCommand.extensions;
        if (this.remainingKeyhandleList.size() == 0) {
            signResponse.statusCode = (short) 2;
        } else {
            int i = 1;
            if (this.remainingKeyhandleList.size() > 1) {
                ArrayList arrayList = new ArrayList();
                for (RawKeyHandle rawKeyHandle : this.remainingKeyhandleList) {
                    String str3 = rawKeyHandle.Username;
                    String generateEncryptedKeyHandleAhth = UAFTools.generateEncryptedKeyHandleAhth(activity, rawKeyHandle);
                    TAG_USERNAME_AND_KEYHANDLE tag_username_and_keyhandle = new TAG_USERNAME_AND_KEYHANDLE();
                    tag_username_and_keyhandle.keyHandle = generateEncryptedKeyHandleAhth;
                    tag_username_and_keyhandle.userName = str3;
                    arrayList.add(tag_username_and_keyhandle);
                }
                signResponse.userNameAndKeyHandle = arrayList;
            } else if (this.remainingKeyhandleList.size() == 1) {
                RawKeyHandle rawKeyHandle2 = this.remainingKeyhandleList.get(0);
                String generateEncryptedKeyHandleAhth2 = UAFTools.generateEncryptedKeyHandleAhth(activity, rawKeyHandle2);
                TAG_UAFV1_SIGNED_DATA tag_uafv1_signed_data = new TAG_UAFV1_SIGNED_DATA();
                tag_uafv1_signed_data.authenticationMode = (byte) 1;
                if (StringTools.isValidateString(str2)) {
                    tag_uafv1_signed_data.tcHash = CryptoTools.hash(str2, "SHA256");
                    tag_uafv1_signed_data.authenticationMode = (byte) 2;
                }
                TAG_UAFV1_AUTH_ASSERTION tag_uafv1_auth_assertion = new TAG_UAFV1_AUTH_ASSERTION();
                tag_uafv1_signed_data.aaid = "004B#0001";
                tag_uafv1_signed_data.authenticatorVersion = (short) 1;
                tag_uafv1_signed_data.signatureAlgAndEncoding = (short) 2;
                tag_uafv1_signed_data.authnrNonce = CryptoTools.genRandom(8);
                tag_uafv1_signed_data.finalChallenge = this.signCommand.finalChallenge;
                byte[] bArr = null;
                if (tag_uafv1_signed_data.authenticationMode == 1) {
                    tag_uafv1_signed_data.tcHash = null;
                }
                String hash2Hex = CryptoTools.hash2Hex(generateEncryptedKeyHandleAhth2);
                if (hash2Hex == null) {
                    return null;
                }
                String substring = hash2Hex.substring(0, 32);
                tag_uafv1_signed_data.keyID = Utility.strToByte(substring);
                SignCounterEntity entity2 = signCounterManager.getEntity("004B#0001", substring, rawKeyHandle2.Username);
                if (entity2 != null) {
                    i = 1 + entity2.getSignCounter();
                    entity2.setSignCounter(i);
                    signCounterManager.updateCounter(entity2);
                } else {
                    signCounterManager.add(new SignCounterEntity("004B#0001", substring, rawKeyHandle2.Username, 1));
                }
                tag_uafv1_signed_data.signCounter = i;
                tag_uafv1_signed_data.uvi = UAFTools.genUVI(substring, str);
                byte[] serialize = tag_uafv1_signed_data.serialize();
                try {
                    uAuthKeyPairTEE = UAFTools.getUAuthKeyPairTEE(257, rawKeyHandle2.PrivateKey, rawKeyHandle2.Username + "004B#0001");
                    signature = cryptoObject.getSignature();
                } catch (Exception e) {
                    e = e;
                    tag_extension = null;
                }
                if (list == null || list.size() != 3) {
                    signature.update(serialize);
                } else if (Boolean.parseBoolean(list.get(2).data)) {
                    PKCS10CertificationRequest pKCS10CertificationRequest = new PKCS10CertificationRequest("SHA256withRSA", new X509Name("CN=" + rawKeyHandle2.Username + ",O=cfca" + System.currentTimeMillis() + ",OU=cfca,C=CN"), uAuthKeyPairTEE.getPublic(), (ASN1Set) null, signature);
                    tag_extension = new TAG_EXTENSION();
                    try {
                        tag_extension.id = "p10";
                        tag_extension.data = new String(Base64.encode(pKCS10CertificationRequest.getEncoded(), 0));
                    } catch (Exception e2) {
                        e = e2;
                        TrackerUtil.appendException(BasicInformation.SCENE_TRANS_SIG_EXCEPTION, e);
                        tag_uafv1_auth_assertion.signedData = tag_uafv1_signed_data;
                        tag_uafv1_auth_assertion.signature = bArr;
                        tag_uafv1_auth_assertion.extension = tag_extension;
                        signResponse.assertion = tag_uafv1_auth_assertion.serialize();
                        signResponse.statusCode = (short) 0;
                        return signResponse;
                    }
                    tag_uafv1_auth_assertion.signedData = tag_uafv1_signed_data;
                    tag_uafv1_auth_assertion.signature = bArr;
                    tag_uafv1_auth_assertion.extension = tag_extension;
                    signResponse.assertion = tag_uafv1_auth_assertion.serialize();
                    signResponse.statusCode = (short) 0;
                } else {
                    signature.update(serialize);
                }
                tag_extension = null;
                bArr = signature.sign();
                tag_uafv1_auth_assertion.signedData = tag_uafv1_signed_data;
                tag_uafv1_auth_assertion.signature = bArr;
                tag_uafv1_auth_assertion.extension = tag_extension;
                signResponse.assertion = tag_uafv1_auth_assertion.serialize();
                signResponse.statusCode = (short) 0;
            }
        }
        return signResponse;
    }

    @TargetApi(23)
    public FingerprintManager.CryptoObject genCryptoObject(Activity activity, IAuthPresenter iAuthPresenter) {
        Signature signature = Signature.getInstance("SHA256withECDSA");
        signature.initSign(getPrivateHandle(activity, iAuthPresenter));
        return new FingerprintManager.CryptoObject(signature);
    }
}
