package com.intercede.myIDSecurityLibrary;

import android.content.Context;
import android.provider.Settings;
import androidx.annotation.Nullable;
import com.intercede.myIDSecurityLibrary.KSAccess;
import com.intercede.myIDSecurityLibrary.SoftCertIdentitiesMap;
import com.yubico.yubikit.core.fido.CtapException;
import java.nio.charset.StandardCharsets;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Locale;
import java.util.Map;
import java.util.Set;
import java.util.UUID;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes4.dex */
public class SoftCertSecureSigner implements SoftCertSignerProtocol {
    static final String DEVICE_KNOWN_BY_MOBILE_DEVICE_IDENTIFIER = "I0aqLkTxbY2a1veo7r1v";
    static final String IDENTITIES_MAP = "DJ7cBYhJxe4u0eXrGac4";
    static final String MOBILE_DEVICE_IDENTIFIER = "k3i2BjT88WxTVhzk4Sqt";
    static final byte[] SALT_PART2 = {-96, 87, 72, CtapException.ERR_PIN_REQUIRED, 15, 82, -85, -73};
    private static final String UNIQUE_ID = "UniqueID_";
    static final String UNIQUE_ID_IDENTITY_AGENT_KEY_CHAIN_IDENT = "IdentityAgentSecureAndroidKeyChain";
    static final String UNIQUE_ID_SECURE_KEY_CHAIN_IDENT = "SecureAndroidKeyChain";
    static final String USER_DEFINED_SETTINGS_MAP = "sMmo3yz479yvk7iV7qIT";
    private Set<UserDefinedSettingsNames> mDeletionUnderwayNames;
    private final FingerprintAuthenticator mFingerprintAuthenticator;
    private String mIdentityAgentCachedPin;
    protected AndroidSignerOperationsWithOpenSSL mSignerOperationsWithOpenSSL;
    protected SoftCertSecureKeyChainEncryption mSoftCertSecureKeyChainEncryption;
    protected SoftCertSecureKeyChainPINRetry mSoftCertSecureKeyChainPINRetry;

    /* loaded from: classes4.dex */
    public static class KeyItemIDsAndCertData {
        byte[][] certData;
        String[] certItemIDs;
        String[] keyItemIDs;
    }

    /* loaded from: classes4.dex */
    static class UserDefinedSettingsNames {
        public String defaultName;
        public String displayName;

        private UserDefinedSettingsNames() {
        }
    }

    public SoftCertSecureSigner(SoftStoreIdentitySource softStoreIdentitySource, Context context) {
        String string = Settings.Secure.getString(context.getContentResolver(), "android_id");
        this.mSoftCertSecureKeyChainPINRetry = new SoftCertSecureKeyChainPINRetry(string);
        this.mSoftCertSecureKeyChainEncryption = new SoftCertSecureKeyChainEncryption(this, this.mSoftCertSecureKeyChainPINRetry, string);
        this.mSignerOperationsWithOpenSSL = new AndroidSignerOperationsWithOpenSSL();
        this.mFingerprintAuthenticator = new FingerprintAuthenticator(context);
    }

    private int blockSizeOfPrivateKeyForContainerIDAndIdentity(String str, String str2) {
        SoftCertIdentitiesMap createSoftCertIdentitiesMap = createSoftCertIdentitiesMap();
        if (createSoftCertIdentitiesMap == null) {
            return 0;
        }
        byte[] dataForPrivateKeyFromIdentitiesMapForContainerIDIdentity = getDataForPrivateKeyFromIdentitiesMapForContainerIDIdentity(createSoftCertIdentitiesMap, str, str2);
        if (dataForPrivateKeyFromIdentitiesMapForContainerIDIdentity != null) {
            return this.mSignerOperationsWithOpenSSL.blockSizeOfPrivateKey(dataForPrivateKeyFromIdentitiesMapForContainerIDIdentity);
        }
        MyIDSecurityLibraryPrivate.log(6, "blockSizeOfPrivateKeyForContainerIDAndIdentity: Failed to recover private key data");
        return 0;
    }

    private void cardLayoutData(String str, String str2, String str3) {
        SoftCertFileKeyChain softCertFileKeyChain = SoftCertFileKeyChain.getSoftCertFileKeyChain();
        SoftCertIdentitiesMap createSoftCertIdentitiesMap = createSoftCertIdentitiesMap();
        if (softCertFileKeyChain == null || createSoftCertIdentitiesMap == null) {
            return;
        }
        String createKeyChainItemForData = softCertFileKeyChain.createKeyChainItemForData(str.getBytes(StandardCharsets.UTF_8));
        if (createKeyChainItemForData == null || createKeyChainItemForData.length() == 0) {
            MyIDSecurityLibraryPrivate.log(6, "cardLayoutData: Failed to create new card layout object");
            return;
        }
        String replaceCardLayoutItemIDForIdentityName = createSoftCertIdentitiesMap.replaceCardLayoutItemIDForIdentityName(createKeyChainItemForData, str2);
        if (replaceCardLayoutItemIDForIdentityName != null && replaceCardLayoutItemIDForIdentityName.length() != 0) {
            softCertFileKeyChain.deleteKeyChainItemForID(replaceCardLayoutItemIDForIdentityName);
        }
        writeModifiedIdentitiesMap(softCertFileKeyChain, createSoftCertIdentitiesMap);
    }

    private boolean deleteCertificateAndPrivateKeyForContainerIdentityAndBackwardCompatibleIdentity(String str, String str2, String str3) {
        SoftCertFileKeyChain softCertFileKeyChain = SoftCertFileKeyChain.getSoftCertFileKeyChain();
        SoftCertIdentitiesMap createSoftCertIdentitiesMap = createSoftCertIdentitiesMap();
        if (softCertFileKeyChain == null || createSoftCertIdentitiesMap == null) {
            return false;
        }
        String certificateItemIDForContainerIDIdentityName = createSoftCertIdentitiesMap.getCertificateItemIDForContainerIDIdentityName(str, str2);
        if (certificateItemIDForContainerIDIdentityName != null && !certificateItemIDForContainerIDIdentityName.isEmpty()) {
            String serialNumberOfCertificate = this.mSignerOperationsWithOpenSSL.serialNumberOfCertificate(softCertFileKeyChain.getKeyChainItemForID(certificateItemIDForContainerIDIdentityName));
            if (serialNumberOfCertificate != null && !serialNumberOfCertificate.isEmpty()) {
                UserSpecifiedIdentities userSpecifiedIdentities = new UserSpecifiedIdentities(softCertFileKeyChain.getKeyChainItemForID(USER_DEFINED_SETTINGS_MAP));
                Map<String, String> defaultNames = userSpecifiedIdentities.getDefaultNames(str2);
                Map<String, String> specifiedNames = userSpecifiedIdentities.getSpecifiedNames(str2);
                if (defaultNames != null && specifiedNames != null) {
                    String lowerCase = serialNumberOfCertificate.toLowerCase(Locale.ENGLISH);
                    UserDefinedSettingsNames userDefinedSettingsNames = new UserDefinedSettingsNames();
                    userDefinedSettingsNames.defaultName = defaultNames.get(lowerCase);
                    userDefinedSettingsNames.displayName = specifiedNames.get(lowerCase);
                    defaultNames.remove(lowerCase);
                    specifiedNames.remove(lowerCase);
                    writeModifiedUserDefinedSettingsMap(softCertFileKeyChain, userSpecifiedIdentities);
                    if (this.mDeletionUnderwayNames == null) {
                        this.mDeletionUnderwayNames = new HashSet();
                    }
                    this.mDeletionUnderwayNames.add(userDefinedSettingsNames);
                }
            }
        }
        return deleteCertificateAndPrivateKeyItemsFromSoftCertFileKeyChainAndIdentitiesMap(createSoftCertIdentitiesMap.deleteCertificatesAndPrivateKeysForContainerIdentityName(str, str2), softCertFileKeyChain, createSoftCertIdentitiesMap);
    }

    private String getCachedUserPin() {
        return this.mIdentityAgentCachedPin;
    }

    private void getCardLayoutsForAllIdentities(KSAccess.CardDataAndIdentityArrays cardDataAndIdentityArrays) {
        byte[] keyChainItemForID;
        SoftCertFileKeyChain softCertFileKeyChain = SoftCertFileKeyChain.getSoftCertFileKeyChain();
        SoftCertIdentitiesMap createSoftCertIdentitiesMap = createSoftCertIdentitiesMap();
        if (softCertFileKeyChain == null || createSoftCertIdentitiesMap == null) {
            return;
        }
        int i = 0;
        Set<String> allIdenties = createSoftCertIdentitiesMap.getAllIdenties();
        if (allIdenties.size() != 0) {
            cardDataAndIdentityArrays.identity = new String[allIdenties.size()];
            cardDataAndIdentityArrays.cardLayoutData = new String[allIdenties.size()];
            for (String str : allIdenties) {
                String cardLayoutItemIDForIdentityName = createSoftCertIdentitiesMap.getCardLayoutItemIDForIdentityName(str);
                if (cardLayoutItemIDForIdentityName != null && cardLayoutItemIDForIdentityName.length() != 0 && (keyChainItemForID = softCertFileKeyChain.getKeyChainItemForID(cardLayoutItemIDForIdentityName)) != null && keyChainItemForID.length != 0) {
                    cardDataAndIdentityArrays.identity[i] = str;
                    cardDataAndIdentityArrays.cardLayoutData[i] = new String(keyChainItemForID, StandardCharsets.UTF_8);
                    i++;
                }
            }
        }
    }

    private boolean hasContainerName(String str, String str2) {
        String privateKeyItemIDForContainerIDIdentityName;
        SoftCertIdentitiesMap createSoftCertIdentitiesMap = createSoftCertIdentitiesMap();
        return (createSoftCertIdentitiesMap == null || (privateKeyItemIDForContainerIDIdentityName = createSoftCertIdentitiesMap.getPrivateKeyItemIDForContainerIDIdentityName(str2, str)) == null || privateKeyItemIDForContainerIDIdentityName.length() == 0) ? false : true;
    }

    private boolean hasTouchIDEncryptedKey() {
        return this.mSoftCertSecureKeyChainEncryption.isKeyChainInitialisedForTouchID();
    }

    private void lockKeyChain() {
        this.mSoftCertSecureKeyChainEncryption.resetPrivateKeysEncryptionKey();
    }

    private int numberOfRetriesRemaining() {
        return this.mSoftCertSecureKeyChainPINRetry.getPINRetryCount(getUniqueID());
    }

    private boolean removeAllCertificatesAndKeys(boolean z) {
        SoftCertFileKeyChain softCertFileKeyChain = SoftCertFileKeyChain.getSoftCertFileKeyChain();
        SoftCertIdentitiesMap createSoftCertIdentitiesMap = createSoftCertIdentitiesMap();
        if (softCertFileKeyChain == null || createSoftCertIdentitiesMap == null) {
            return false;
        }
        while (true) {
            boolean z2 = true;
            for (String str : createSoftCertIdentitiesMap.getAllIdenties()) {
                if (z || !str.contains(SoftCertIdentitiesMap.IDENTITY_AGENT_ID)) {
                    boolean deleteCertificateAndPrivateKeyItemsFromSoftCertFileKeyChainAndIdentitiesMap = deleteCertificateAndPrivateKeyItemsFromSoftCertFileKeyChainAndIdentitiesMap(createSoftCertIdentitiesMap.deleteAllCertificatesAndPrivateKeysForIdentityName(str), softCertFileKeyChain, createSoftCertIdentitiesMap);
                    if (!z2 || !deleteCertificateAndPrivateKeyItemsFromSoftCertFileKeyChainAndIdentitiesMap) {
                        z2 = false;
                    }
                }
            }
            return z2;
        }
    }

    private void removeCardLayouts(String str, String str2) {
        SoftCertFileKeyChain softCertFileKeyChain = SoftCertFileKeyChain.getSoftCertFileKeyChain();
        SoftCertIdentitiesMap createSoftCertIdentitiesMap = createSoftCertIdentitiesMap();
        if (softCertFileKeyChain == null || createSoftCertIdentitiesMap == null) {
            return;
        }
        for (String str3 : createSoftCertIdentitiesMap.deleteCardLayoutItemIDsForAllIdentities()) {
            if (str3 != null && str3.length() != 0) {
                softCertFileKeyChain.deleteKeyChainItemForID(str3);
            }
        }
        if (writeModifiedIdentitiesMap(softCertFileKeyChain, createSoftCertIdentitiesMap)) {
            return;
        }
        MyIDSecurityLibraryPrivate.log(6, "removeCardLayouts: Failed to write modified Identities Map");
    }

    private boolean removeCardLayouts() {
        SoftCertFileKeyChain softCertFileKeyChain = SoftCertFileKeyChain.getSoftCertFileKeyChain();
        SoftCertIdentitiesMap createSoftCertIdentitiesMap = createSoftCertIdentitiesMap();
        if (softCertFileKeyChain == null || createSoftCertIdentitiesMap == null) {
            return false;
        }
        Iterator<String> it = createSoftCertIdentitiesMap.getAllIdenties().iterator();
        while (it.hasNext()) {
            String deleteCardLayoutItemIDForIdentityName = createSoftCertIdentitiesMap.deleteCardLayoutItemIDForIdentityName(it.next());
            if (deleteCardLayoutItemIDForIdentityName != null && deleteCardLayoutItemIDForIdentityName.length() != 0) {
                softCertFileKeyChain.deleteKeyChainItemForID(deleteCardLayoutItemIDForIdentityName);
            }
        }
        return writeModifiedIdentitiesMap(softCertFileKeyChain, createSoftCertIdentitiesMap);
    }

    private void removeIdentities(boolean z) {
        removeAllCertificatesAndKeys(z);
        removeCardLayouts();
    }

    private void resetUserPin() {
        this.mIdentityAgentCachedPin = null;
    }

    private void setUserPin(String str) {
        this.mIdentityAgentCachedPin = str;
    }

    private byte[] signDataUsingKeyWithContainerIDAndIdentity(byte[] bArr, String str, String str2) {
        SoftCertIdentitiesMap createSoftCertIdentitiesMap = createSoftCertIdentitiesMap();
        if (createSoftCertIdentitiesMap == null) {
            return null;
        }
        byte[] dataForPrivateKeyFromIdentitiesMapForContainerIDIdentity = getDataForPrivateKeyFromIdentitiesMapForContainerIDIdentity(createSoftCertIdentitiesMap, str, str2);
        if (dataForPrivateKeyFromIdentitiesMapForContainerIDIdentity != null) {
            return this.mSignerOperationsWithOpenSSL.signDataWithPrivateKey(bArr, dataForPrivateKeyFromIdentitiesMapForContainerIDIdentity);
        }
        MyIDSecurityLibraryPrivate.log(6, "signDataUsingKeyWithContainerIDAndIdentity: Failed to recover private key data");
        return null;
    }

    @Override // com.intercede.myIDSecurityLibrary.SoftCertSignerProtocol
    public boolean authenticateWithSecurityOfficerPINAndThenSetUserPIN(String str, String str2) {
        return this.mSoftCertSecureKeyChainEncryption.authenticateWithSecurityOfficerPINAndThenSetUserPIN(str, str2);
    }

    @Override // com.intercede.myIDSecurityLibrary.SoftCertSignerProtocol
    public boolean canVerifyUsingTouchID() {
        if (touchIDAllowed()) {
            return hasTouchIDEncryptedKey();
        }
        return false;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public SoftCertIdentitiesMap createSoftCertIdentitiesMap() {
        SoftCertFileKeyChain softCertFileKeyChain = SoftCertFileKeyChain.getSoftCertFileKeyChain();
        if (softCertFileKeyChain == null) {
            return null;
        }
        byte[] keyChainItemForID = softCertFileKeyChain.getKeyChainItemForID(IDENTITIES_MAP);
        SoftCertIdentitiesMap softCertIdentitiesMap = new SoftCertIdentitiesMap();
        if (softCertIdentitiesMap.initWithSerializedData(keyChainItemForID).booleanValue()) {
            return softCertIdentitiesMap;
        }
        return null;
    }

    @Override // com.intercede.myIDSecurityLibrary.SoftCertSignerProtocol
    public byte[] decryptData(byte[] bArr, String str) {
        byte[] decryptPrivateKeyWithItemID = decryptPrivateKeyWithItemID(str);
        if (decryptPrivateKeyWithItemID == null) {
            MyIDSecurityLibraryPrivate.log(6, "decryptDataWithKeyIdent: Unable to decrypt the private key data");
            return null;
        }
        byte[] decryptDataWithPrivateKey = this.mSignerOperationsWithOpenSSL.decryptDataWithPrivateKey(bArr, decryptPrivateKeyWithItemID);
        resetDataBytes(decryptPrivateKeyWithItemID);
        return decryptDataWithPrivateKey;
    }

    @Nullable
    byte[] decryptPrivateKeyWithItemID(String str) {
        String str2;
        SoftCertFileKeyChain softCertFileKeyChain = SoftCertFileKeyChain.getSoftCertFileKeyChain();
        if (softCertFileKeyChain == null) {
            return null;
        }
        byte[] keyChainItemForID = softCertFileKeyChain.getKeyChainItemForID(str);
        if (keyChainItemForID == null) {
            str2 = "decryptPrivateKeyWithItemID: Failed to get private key data from key chain";
        } else if (isLocked()) {
            str2 = "decryptPrivateKeyWithItemID: Unable to get private key data because the key chain is locked";
        } else {
            byte[] usePrivateKeysEncryptionKeyToDecryptData = this.mSoftCertSecureKeyChainEncryption.usePrivateKeysEncryptionKeyToDecryptData(keyChainItemForID);
            if (usePrivateKeysEncryptionKeyToDecryptData != null) {
                return usePrivateKeysEncryptionKeyToDecryptData;
            }
            str2 = "Unable to decrypt the private key data";
        }
        MyIDSecurityLibraryPrivate.log(6, str2);
        return null;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean deleteCertificateAndPrivateKeyItemsFromSoftCertFileKeyChainAndIdentitiesMap(String[] strArr, SoftCertFileKeyChain softCertFileKeyChain, SoftCertIdentitiesMap softCertIdentitiesMap) {
        boolean z;
        if (strArr != null) {
            z = true;
            for (String str : strArr) {
                z = z && softCertFileKeyChain.deleteKeyChainItemForID(str).booleanValue();
            }
        } else {
            z = true;
        }
        return z && writeModifiedIdentitiesMap(softCertFileKeyChain, softCertIdentitiesMap);
    }

    public boolean doesSupportFingerprint() {
        FingerprintAuthenticator fingerprintAuthenticator = this.mFingerprintAuthenticator;
        if (fingerprintAuthenticator != null) {
            return fingerprintAuthenticator.touchIdAllowed();
        }
        return false;
    }

    @Override // com.intercede.myIDSecurityLibrary.SoftCertSignerProtocol
    public void enableTouchID(boolean z) {
        if (z) {
            this.mSoftCertSecureKeyChainEncryption.initialiseWithTouchID();
        } else {
            this.mSoftCertSecureKeyChainEncryption.removeTouchID();
        }
    }

    @Override // com.intercede.myIDSecurityLibrary.SoftCertSignerProtocol
    public boolean existsPassword() {
        return this.mSoftCertSecureKeyChainEncryption.isKeyChainInitialisedForUserPIN();
    }

    public void factoryReset() {
        removeIdentities(true);
        new ExternalStorage().deleteFile();
        SoftCertFileKeyChain softCertFileKeyChain = SoftCertFileKeyChain.getSoftCertFileKeyChain();
        SoftCertIdentitiesMap createSoftCertIdentitiesMap = createSoftCertIdentitiesMap();
        if (softCertFileKeyChain == null || createSoftCertIdentitiesMap == null) {
            return;
        }
        String replaceCarrierPrivateKeyItemIDForSerialNum = createSoftCertIdentitiesMap.replaceCarrierPrivateKeyItemIDForSerialNum(null, getIdentityAgentUniqueID());
        if (replaceCarrierPrivateKeyItemIDForSerialNum != null && !replaceCarrierPrivateKeyItemIDForSerialNum.isEmpty()) {
            softCertFileKeyChain.deleteKeyChainItemForID(replaceCarrierPrivateKeyItemIDForSerialNum);
        }
        String replaceCarrierIdItemIDForSerialNum = createSoftCertIdentitiesMap.replaceCarrierIdItemIDForSerialNum(null, getIdentityAgentUniqueID());
        if (replaceCarrierIdItemIDForSerialNum != null && !replaceCarrierIdItemIDForSerialNum.isEmpty()) {
            softCertFileKeyChain.deleteKeyChainItemForID(replaceCarrierIdItemIDForSerialNum);
        }
        softCertFileKeyChain.deleteKeyChainItemForID(IDENTITIES_MAP);
        softCertFileKeyChain.deleteKeyChainItemForID(DEVICE_KNOWN_BY_MOBILE_DEVICE_IDENTIFIER);
        softCertFileKeyChain.deleteKeyChainItemForID(MOBILE_DEVICE_IDENTIFIER);
        softCertFileKeyChain.deleteKeyChainItemForID("UniqueID_SecureAndroidKeyChain");
        softCertFileKeyChain.deleteKeyChainItemForID("UniqueID_AndroidKeyChain");
        softCertFileKeyChain.deleteKeyChainItemForID("UniqueID_AndroidWorkProfile");
        softCertFileKeyChain.deleteKeyChainItemForID("UniqueID_AndroidWorkProfileWiFi");
        softCertFileKeyChain.deleteKeyChainItemForID("UniqueID_MobileIronKeyChain");
        softCertFileKeyChain.deleteKeyChainItemForID("UniqueID_IdentityAgentSecureAndroidKeyChain");
        softCertFileKeyChain.deleteKeyChainItemForID(USER_DEFINED_SETTINGS_MAP);
        new SoftCertAutoGeneratedUserPin().setAutoPinInUse(false);
        this.mSoftCertSecureKeyChainPINRetry.clearPINRetryCount();
        this.mSoftCertSecureKeyChainPINRetry.clearSecurityOfficerPINRetryCount();
        this.mSoftCertSecureKeyChainEncryption.factoryReset();
    }

    @Override // com.intercede.myIDSecurityLibrary.SoftCertSignerProtocol
    public boolean forSecurityOfficerChangeOldPINToNewPIN(String str, String str2) {
        return this.mSoftCertSecureKeyChainEncryption.forSecurityOfficerChangeOldPINToNewPIN(str, str2);
    }

    public boolean forUserChangeOldPINToNewPIN(String str, String str2) {
        return this.mSoftCertSecureKeyChainEncryption.forUserChangeOldPINToNewPin(str, str2);
    }

    public String getCarrierId(String str) {
        SoftCertFileKeyChain softCertFileKeyChain = SoftCertFileKeyChain.getSoftCertFileKeyChain();
        SoftCertIdentitiesMap createSoftCertIdentitiesMap = createSoftCertIdentitiesMap();
        if (softCertFileKeyChain == null || createSoftCertIdentitiesMap == null) {
            return null;
        }
        byte[] keyChainItemForID = softCertFileKeyChain.getKeyChainItemForID(createSoftCertIdentitiesMap.getCarrierIdKeyItemIDForSerialNum(str));
        return keyChainItemForID == null ? "" : new String(keyChainItemForID, StandardCharsets.UTF_8);
    }

    @Override // com.intercede.myIDSecurityLibrary.SoftCertSignerProtocol
    public String getContainerName(String str, String str2) {
        if (str == null || str.isEmpty()) {
            MyIDSecurityLibraryPrivate.log(6, "read policy data: Empty key identifier");
            return null;
        }
        SoftCertFileKeyChain softCertFileKeyChain = SoftCertFileKeyChain.getSoftCertFileKeyChain();
        SoftCertIdentitiesMap createSoftCertIdentitiesMap = createSoftCertIdentitiesMap();
        if (softCertFileKeyChain == null || createSoftCertIdentitiesMap == null) {
            return null;
        }
        return createSoftCertIdentitiesMap.getContainerName(str, str2);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public byte[] getDataForPrivateKeyFromIdentitiesMapForContainerIDIdentity(SoftCertIdentitiesMap softCertIdentitiesMap, String str, String str2) {
        String privateKeyItemIDForContainerIDIdentityName = softCertIdentitiesMap.getPrivateKeyItemIDForContainerIDIdentityName(str, str2);
        if (privateKeyItemIDForContainerIDIdentityName != null && privateKeyItemIDForContainerIDIdentityName.length() != 0) {
            return decryptPrivateKeyWithItemID(privateKeyItemIDForContainerIDIdentityName);
        }
        MyIDSecurityLibraryPrivate.log(6, "getDataForPrivateKeyFromIdentitiesMapForContainerIDIdentity: No private key found in Identities Map");
        return null;
    }

    public String getIdentityAgentUniqueID() {
        return getUniqueIDForCredentialStoreWithIdentifier(UNIQUE_ID_IDENTITY_AGENT_KEY_CHAIN_IDENT);
    }

    protected String getNonAndroidIdDeviceIdentifier() {
        byte[] keyChainItemForID = SoftCertFileKeyChain.getSoftCertFileKeyChain().getKeyChainItemForID(MOBILE_DEVICE_IDENTIFIER);
        if (keyChainItemForID == null) {
            return null;
        }
        return new String(keyChainItemForID, StandardCharsets.UTF_8);
    }

    @Override // com.intercede.myIDSecurityLibrary.SoftCertSignerProtocol
    public byte[] getPinPolicy() {
        SoftCertFileKeyChain softCertFileKeyChain = SoftCertFileKeyChain.getSoftCertFileKeyChain();
        String pinPolicyKeyItemIDForSerialNum = createSoftCertIdentitiesMap().getPinPolicyKeyItemIDForSerialNum(getIdentityAgentUniqueID());
        if (pinPolicyKeyItemIDForSerialNum == null || pinPolicyKeyItemIDForSerialNum.isEmpty()) {
            return null;
        }
        return softCertFileKeyChain.getKeyChainItemForID(pinPolicyKeyItemIDForSerialNum);
    }

    public String getUniqueID() {
        return getUniqueIDForCredentialStoreWithIdentifier(UNIQUE_ID_SECURE_KEY_CHAIN_IDENT);
    }

    @Override // com.intercede.myIDSecurityLibrary.SoftCertSignerProtocol
    public String getUniqueIDForCredentialStoreWithIdentifier(String str) {
        SoftCertFileKeyChain softCertFileKeyChain = SoftCertFileKeyChain.getSoftCertFileKeyChain();
        String str2 = UNIQUE_ID + str;
        byte[] keyChainItemForID = softCertFileKeyChain.getKeyChainItemForID(str2);
        if (keyChainItemForID == null) {
            keyChainItemForID = UUID.randomUUID().toString().getBytes(StandardCharsets.UTF_8);
            softCertFileKeyChain.createKeyChainItemForID(str2, keyChainItemForID);
        }
        return new String(keyChainItemForID, StandardCharsets.UTF_8);
    }

    @Override // com.intercede.myIDSecurityLibrary.SoftCertSignerProtocol
    public boolean hasCertificateForCertIdent(String str) {
        SoftCertIdentitiesMap createSoftCertIdentitiesMap = createSoftCertIdentitiesMap();
        if (createSoftCertIdentitiesMap == null) {
            return false;
        }
        return createSoftCertIdentitiesMap.getContainerIDsForAllCertificates().contains(str);
    }

    boolean hasCredentials() {
        return createSoftCertIdentitiesMap().numberOfCertificates() > 0;
    }

    @Override // com.intercede.myIDSecurityLibrary.SoftCertSignerProtocol
    public boolean hasPrivateKeyForKeyIdent(String str) {
        SoftCertIdentitiesMap createSoftCertIdentitiesMap = createSoftCertIdentitiesMap();
        if (createSoftCertIdentitiesMap == null) {
            return false;
        }
        return createSoftCertIdentitiesMap.getContainerIDsForAllPrivateKeys().contains(str);
    }

    protected boolean isDeviceKnownByAndroidId() {
        return !SoftCertFileKeyChain.getSoftCertFileKeyChain().hasKeyChainItemForID(MOBILE_DEVICE_IDENTIFIER).booleanValue();
    }

    boolean isLocked() {
        return this.mSoftCertSecureKeyChainEncryption.isLocked();
    }

    @Override // com.intercede.myIDSecurityLibrary.SoftCertSignerProtocol
    public boolean isPINBlocked() {
        return this.mSoftCertSecureKeyChainPINRetry.isPINBlocked(getUniqueID());
    }

    protected int numberOfCertificates() {
        SoftCertIdentitiesMap createSoftCertIdentitiesMap = createSoftCertIdentitiesMap();
        if (createSoftCertIdentitiesMap == null) {
            return 0;
        }
        SoftCertIdentitiesMap.KeyAndCertificateItemIDs keyAndCertificateItemIDs = new SoftCertIdentitiesMap.KeyAndCertificateItemIDs();
        createSoftCertIdentitiesMap.getItemIDsForKeysAndCertificates(keyAndCertificateItemIDs);
        String[] strArr = keyAndCertificateItemIDs.certificateItemIDs;
        if (strArr == null || strArr.length == 0) {
            return 0;
        }
        int i = 0;
        for (String str : strArr) {
            if (!str.startsWith("AKC")) {
                i++;
            }
        }
        return i;
    }

    public boolean pkcsRecoveredCertificates() {
        return true;
    }

    public void postInitialise() {
    }

    @Override // com.intercede.myIDSecurityLibrary.SoftCertSignerProtocol
    public byte[] privateKeyDataForKeyIdent(String str) {
        return decryptPrivateKeyWithItemID(str);
    }

    @Override // com.intercede.myIDSecurityLibrary.SoftCertSignerProtocol
    public void readAllKeyIDsAndCertData(KeyItemIDsAndCertData keyItemIDsAndCertData) {
        SoftCertFileKeyChain softCertFileKeyChain = SoftCertFileKeyChain.getSoftCertFileKeyChain();
        SoftCertIdentitiesMap createSoftCertIdentitiesMap = createSoftCertIdentitiesMap();
        if (softCertFileKeyChain == null || createSoftCertIdentitiesMap == null) {
            return;
        }
        SoftCertIdentitiesMap.KeyAndCertificateItemIDs keyAndCertificateItemIDs = new SoftCertIdentitiesMap.KeyAndCertificateItemIDs();
        createSoftCertIdentitiesMap.getItemIDsForKeysAndCertificates(keyAndCertificateItemIDs);
        keyItemIDsAndCertData.certData = null;
        String[] strArr = keyAndCertificateItemIDs.certificateItemIDs;
        if (strArr == null || keyAndCertificateItemIDs.keyItemIDs == null) {
            return;
        }
        keyItemIDsAndCertData.certItemIDs = new String[strArr.length];
        keyItemIDsAndCertData.certData = new byte[strArr.length];
        int i = 0;
        for (String str : strArr) {
            byte[] keyChainItemForID = softCertFileKeyChain.getKeyChainItemForID(str);
            if (keyChainItemForID == null && SignerUtilities.doesStoreSupportAccessibleCertificateData(str)) {
                MyIDSecurityLibraryPrivate.log(6, "readKeyIDsAndCertData: Failed to recover data from key chain");
                keyItemIDsAndCertData.certData = null;
                return;
            } else {
                keyItemIDsAndCertData.certItemIDs[i] = str;
                keyItemIDsAndCertData.certData[i] = keyChainItemForID;
                i++;
            }
        }
        keyItemIDsAndCertData.keyItemIDs = keyAndCertificateItemIDs.keyItemIDs;
    }

    protected byte[] readCertificateForPrivateKeyItemID(String str) {
        if (SoftCertFileKeyChain.getSoftCertFileKeyChain() == null) {
            return null;
        }
        KeyItemIDsAndCertData keyItemIDsAndCertData = new KeyItemIDsAndCertData();
        readAllKeyIDsAndCertData(keyItemIDsAndCertData);
        int i = 0;
        while (true) {
            String[] strArr = keyItemIDsAndCertData.keyItemIDs;
            if (i >= strArr.length) {
                return null;
            }
            if (str.equals(strArr[i])) {
                return keyItemIDsAndCertData.certData[i];
            }
            i++;
        }
    }

    boolean readHasBeenProvisioned() {
        return createSoftCertIdentitiesMap().readHasBeenProvisioned(getIdentityAgentUniqueID());
    }

    @Override // com.intercede.myIDSecurityLibrary.SoftCertSignerProtocol
    public boolean readKeyCertDataForContainerIDAndIdentity(KeyItemIDsAndCertData keyItemIDsAndCertData, String str, String str2) {
        SoftCertFileKeyChain softCertFileKeyChain = SoftCertFileKeyChain.getSoftCertFileKeyChain();
        SoftCertIdentitiesMap createSoftCertIdentitiesMap = createSoftCertIdentitiesMap();
        if (softCertFileKeyChain == null || createSoftCertIdentitiesMap == null || ((str2 == null || str2.length() == 0) && (str2 = createSoftCertIdentitiesMap.findFirstIdentityWithPrivateKeyContainerID(str)) == null)) {
            return false;
        }
        String certificateItemIDForContainerIDIdentityName = createSoftCertIdentitiesMap.getCertificateItemIDForContainerIDIdentityName(str, str2);
        String privateKeyItemIDForContainerIDIdentityName = createSoftCertIdentitiesMap.getPrivateKeyItemIDForContainerIDIdentityName(str, str2);
        keyItemIDsAndCertData.certData = new byte[1];
        keyItemIDsAndCertData.keyItemIDs = new String[1];
        if (certificateItemIDForContainerIDIdentityName != null && certificateItemIDForContainerIDIdentityName.length() != 0 && privateKeyItemIDForContainerIDIdentityName != null && privateKeyItemIDForContainerIDIdentityName.length() != 0) {
            keyItemIDsAndCertData.certData[0] = softCertFileKeyChain.getKeyChainItemForID(certificateItemIDForContainerIDIdentityName);
            byte[] bArr = keyItemIDsAndCertData.certData[0];
            if (bArr != null && bArr.length != 0) {
                keyItemIDsAndCertData.keyItemIDs[0] = privateKeyItemIDForContainerIDIdentityName;
                return true;
            }
            MyIDSecurityLibraryPrivate.log(6, "readKeyCertDataForContainerIDAndIdentity: Failed to recover certificate data from key chain");
        }
        return false;
    }

    public String readSerialNumber() {
        return "";
    }

    @Override // com.intercede.myIDSecurityLibrary.SoftCertSignerProtocol
    public String remainingAttempts() {
        return Integer.toString(this.mSoftCertSecureKeyChainPINRetry.getPINRetryCount(getUniqueID()));
    }

    @Override // com.intercede.myIDSecurityLibrary.SoftCertSignerProtocol
    public String remainingSecurityOfficerPINAttempts() {
        return Integer.toString(this.mSoftCertSecureKeyChainPINRetry.getSecurityOfficerPINRetryCount(getUniqueID()));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void resetDataBytes(byte[] bArr) {
        if (bArr != null) {
            for (int i = 0; i < bArr.length; i++) {
                bArr[i] = 0;
            }
        }
    }

    protected void setDeviceKnownByAndroidId() {
        SoftCertFileKeyChain softCertFileKeyChain = SoftCertFileKeyChain.getSoftCertFileKeyChain();
        if (softCertFileKeyChain.hasKeyChainItemForID(MOBILE_DEVICE_IDENTIFIER).booleanValue()) {
            softCertFileKeyChain.deleteKeyChainItemForID(MOBILE_DEVICE_IDENTIFIER);
        }
    }

    protected boolean setNonAndroidIdDeviceIdentifier(String str) {
        return SoftCertFileKeyChain.getSoftCertFileKeyChain().updateKeyChainItemForID(MOBILE_DEVICE_IDENTIFIER, str.getBytes(StandardCharsets.UTF_8));
    }

    @Override // com.intercede.myIDSecurityLibrary.SoftCertSignerProtocol
    public byte[] signData(byte[] bArr, String str) {
        byte[] decryptPrivateKeyWithItemID = decryptPrivateKeyWithItemID(str);
        if (decryptPrivateKeyWithItemID == null) {
            MyIDSecurityLibraryPrivate.log(6, "signDataWithKeyIdent: Unable to decrypt the private key data");
            return null;
        }
        byte[] signDataWithPrivateKey = this.mSignerOperationsWithOpenSSL.signDataWithPrivateKey(bArr, decryptPrivateKeyWithItemID);
        resetDataBytes(decryptPrivateKeyWithItemID);
        return signDataWithPrivateKey;
    }

    @Override // com.intercede.myIDSecurityLibrary.SoftCertSignerProtocol
    public boolean touchIDAllowed() {
        FingerprintAuthenticator fingerprintAuthenticator = this.mFingerprintAuthenticator;
        if (fingerprintAuthenticator != null) {
            return fingerprintAuthenticator.touchIdAllowed();
        }
        return false;
    }

    @Override // com.intercede.myIDSecurityLibrary.SoftCertSignerProtocol
    public boolean verifyPassword(String str, boolean z) {
        return z ? this.mSoftCertSecureKeyChainEncryption.verifySecurityOfficerPIN(str) : this.mSoftCertSecureKeyChainEncryption.verifyUserPIN(str);
    }

    @Override // com.intercede.myIDSecurityLibrary.SoftCertSignerProtocol
    public boolean verifyUserPin(String str) {
        return this.mSoftCertSecureKeyChainEncryption.verifyUserPIN(str);
    }

    @Override // com.intercede.myIDSecurityLibrary.SoftCertSignerProtocol
    public boolean verifyUsingTouchID() {
        return this.mSoftCertSecureKeyChainEncryption.verifyUsingTouchID();
    }

    public boolean writeCarrierId(byte[] bArr, String str) {
        String createKeyChainItemForData;
        SoftCertFileKeyChain softCertFileKeyChain = SoftCertFileKeyChain.getSoftCertFileKeyChain();
        SoftCertIdentitiesMap createSoftCertIdentitiesMap = createSoftCertIdentitiesMap();
        if (softCertFileKeyChain == null || createSoftCertIdentitiesMap == null || (createKeyChainItemForData = softCertFileKeyChain.createKeyChainItemForData(bArr)) == null || createKeyChainItemForData.length() == 0) {
            return false;
        }
        String replaceCarrierIdItemIDForSerialNum = createSoftCertIdentitiesMap.replaceCarrierIdItemIDForSerialNum(createKeyChainItemForData, str);
        if (replaceCarrierIdItemIDForSerialNum != null && replaceCarrierIdItemIDForSerialNum.length() != 0) {
            softCertFileKeyChain.deleteKeyChainItemForID(replaceCarrierIdItemIDForSerialNum);
        }
        return softCertFileKeyChain.updateKeyChainItemForID(IDENTITIES_MAP, createSoftCertIdentitiesMap.getSerializedData());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean writeModifiedIdentitiesMap(SoftCertFileKeyChain softCertFileKeyChain, SoftCertIdentitiesMap softCertIdentitiesMap) {
        byte[] serializedData = softCertIdentitiesMap.getSerializedData();
        if (serializedData != null && serializedData.length != 0) {
            return softCertFileKeyChain.updateKeyChainItemForID(IDENTITIES_MAP, serializedData);
        }
        if (softCertFileKeyChain.hasKeyChainItemForID(IDENTITIES_MAP).booleanValue()) {
            return softCertFileKeyChain.deleteKeyChainItemForID(IDENTITIES_MAP).booleanValue();
        }
        return true;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public boolean writeModifiedUserDefinedSettingsMap(SoftCertFileKeyChain softCertFileKeyChain, UserSpecifiedIdentities userSpecifiedIdentities) {
        byte[] serializedData = userSpecifiedIdentities.getSerializedData();
        if (serializedData != null && serializedData.length != 0) {
            return softCertFileKeyChain.updateKeyChainItemForID(USER_DEFINED_SETTINGS_MAP, serializedData);
        }
        if (softCertFileKeyChain.hasKeyChainItemForID(USER_DEFINED_SETTINGS_MAP).booleanValue()) {
            return softCertFileKeyChain.deleteKeyChainItemForID(USER_DEFINED_SETTINGS_MAP).booleanValue();
        }
        return true;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean writeNameForUserSpecifiedDataOfCertificateDataIdentity(String str, byte[] bArr, String str2) {
        SoftCertFileKeyChain softCertFileKeyChain = SoftCertFileKeyChain.getSoftCertFileKeyChain();
        if (softCertFileKeyChain == null) {
            return false;
        }
        String serialNumberOfCertificate = this.mSignerOperationsWithOpenSSL.serialNumberOfCertificate(bArr);
        String str3 = null;
        Set<UserDefinedSettingsNames> set = this.mDeletionUnderwayNames;
        if (set != null) {
            Iterator<UserDefinedSettingsNames> it = set.iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                }
                UserDefinedSettingsNames next = it.next();
                if (next.defaultName.equalsIgnoreCase(str)) {
                    str3 = next.displayName;
                    it.remove();
                    break;
                }
            }
        }
        UserSpecifiedIdentities userSpecifiedIdentities = new UserSpecifiedIdentities(softCertFileKeyChain.getKeyChainItemForID(USER_DEFINED_SETTINGS_MAP));
        userSpecifiedIdentities.addIdentity(str2, true);
        if (str3 == null) {
            str3 = str;
        }
        userSpecifiedIdentities.addUserSpecifiedName(str2, serialNumberOfCertificate, str3);
        userSpecifiedIdentities.addDefaultUserSpecifiedName(str2, serialNumberOfCertificate, str);
        return writeModifiedUserDefinedSettingsMap(softCertFileKeyChain, userSpecifiedIdentities);
    }
}
