package com.rsa.mfasecuridlib.internal;

import android.content.Context;
import android.os.Build;
import android.util.Base64;
import androidx.biometric.BiometricPrompt;
import com.rsa.jsafe.cms.ParameterFactory;
import com.rsa.mfasecuridlib.Status;
import com.rsa.mfasecuridlib.exception.CryptoException;
import com.rsa.mfasecuridlib.exception.DecryptFailException;
import com.rsa.mfasecuridlib.exception.MfaException;
import java.security.KeyStore;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.spec.GCMParameterSpec;

/* loaded from: classes.dex */
public class g2 {
    public static final String f = "com.rsa.mfasecuridlib.internal.g2";

    /* renamed from: a, reason: collision with root package name */
    public final c3 f3461a;

    /* renamed from: b, reason: collision with root package name */
    public final Context f3462b;

    /* renamed from: d, reason: collision with root package name */
    public final b f3464d;

    /* renamed from: c, reason: collision with root package name */
    public final f2 f3463c = new f2();
    public final i2 e = new i2(new v2());

    /* loaded from: classes.dex */
    public enum a {
        Seed,
        Bio,
        Pin
    }

    public g2(Context context, c3 c3Var) {
        this.f3462b = context;
        this.f3461a = c3Var;
        this.f3464d = new b(c3Var);
    }

    public final int a(a aVar) {
        int ordinal = aVar.ordinal();
        return (ordinal == 0 || ordinal != 2) ? 5 : 7;
    }

    public void a() {
        c.d(f, "deactivate", "start");
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            keyStore.deleteEntry("com.rsa.mfasecurid.cas.bio.seed");
        } catch (Exception e) {
            c.a(m2.f3658a, "deleteCasBioSeedKey", e);
        }
        this.f3461a.f3335c.b(7);
        this.f3461a.f3335c.b(6);
        this.f3461a.f3335c.b(5);
    }

    public void a(byte[] bArr) {
        c.d(f, "activate", "start");
        byte[] bArr2 = new byte[16];
        this.f3463c.c(bArr2);
        try {
            try {
                a(bArr2, a.Seed);
                a(bArr2, bArr);
                this.f3463c.b(bArr2);
                b(a.Bio);
            } catch (Exception e) {
                c.a(f, "activate", e);
                throw new MfaException(Status.PIN_PROTECTION_CRYPTO_INIT_KEY_FAILURE);
            }
        } catch (Throwable th) {
            this.f3463c.b(bArr2);
            throw th;
        }
    }

    public final void a(byte[] bArr, a aVar) {
        SecretKey b2 = b(aVar);
        Cipher cipher = Cipher.getInstance(ParameterFactory.ENCRYPTION_ALG_AES_GCM_NOPAD);
        cipher.init(1, b2);
        byte[] doFinal = cipher.doFinal(bArr);
        byte[] iv = cipher.getIV();
        int a2 = a(aVar);
        aVar.ordinal();
        y5 a3 = this.f3461a.f3335c.a(a2);
        y5 a4 = this.f3461a.f3335c.a(6);
        if (a3 != null && a4 != null) {
            a3.f3977c = Base64.encodeToString(doFinal, 2);
            a4.f3977c = Base64.encodeToString(iv, 2);
            return;
        }
        y5 y5Var = new y5();
        y5Var.f3976b = a2;
        y5Var.f3978d = 1;
        y5Var.f3977c = Base64.encodeToString(doFinal, 2);
        y5 y5Var2 = new y5();
        y5Var2.f3976b = 6;
        y5Var2.f3978d = 1;
        y5Var2.f3977c = Base64.encodeToString(iv, 2);
        this.f3461a.f3335c.b(y5Var, y5Var2);
    }

    public final void a(byte[] bArr, byte[] bArr2) {
        c.d(f, "wrapAndSaveKey", "start");
        byte[] a2 = this.f3463c.a(c.a(bArr2), bArr2, b());
        byte[] b2 = this.f3463c.b(bArr, a2);
        this.e.b(a2);
        this.f3463c.a(a2);
        int a3 = a(a.Pin);
        y5 a4 = this.f3461a.f3335c.a(a3);
        if (a4 != null) {
            a4.f3977c = Base64.encodeToString(b2, 2);
            return;
        }
        y5 y5Var = new y5();
        y5Var.f3976b = a3;
        y5Var.f3978d = 1;
        y5Var.f3977c = Base64.encodeToString(b2, 2);
        this.f3461a.f3335c.a(y5Var);
    }

    public boolean a(BiometricPrompt.c cVar) {
        if (cVar == null || cVar.c() == null) {
            return false;
        }
        try {
            return cVar.c().doFinal(new byte[16]) != null;
        } catch (Exception unused) {
            throw new MfaException(Status.PIN_PROTECTION_CRYPTO_OBJECT_VERIFICATION_FAILURE);
        }
    }

    public final int b() {
        int i = Build.VERSION.SDK_INT;
        return 50000;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r4v0, types: [java.lang.Enum, com.rsa.mfasecuridlib.internal.g2$a] */
    /* JADX WARN: Type inference failed for: r4v1, types: [java.lang.Enum] */
    /* JADX WARN: Type inference failed for: r4v10 */
    /* JADX WARN: Type inference failed for: r4v11 */
    /* JADX WARN: Type inference failed for: r4v6, types: [javax.crypto.SecretKey] */
    /* JADX WARN: Type inference failed for: r4v7 */
    /* JADX WARN: Unsupported multi-entry loop pattern (BACK_EDGE: B:17:0x0029 -> B:7:0x002b). Please report as a decompilation issue!!! */
    public final SecretKey b(a aVar) {
        m2 m2Var;
        int ordinal;
        try {
            m2Var = new m2();
            ordinal = aVar.ordinal();
        } catch (DecryptFailException unused) {
            l2 l2Var = new l2(this.f3462b);
            try {
                if (aVar.ordinal() == 0) {
                    return l2Var.a();
                }
            } catch (CryptoException e) {
                c.a(f, "CryptoException", e);
                throw new DecryptFailException(e.getStatus());
            }
        }
        aVar = ordinal != 0 ? ordinal != 1 ? 0 : m2Var.a("com.rsa.mfasecurid.cas.bio.seed", true, true) : m2Var.a("com.rsa.mfasecurid.cas.seed", false, false);
        return aVar;
    }

    public synchronized byte[] b(byte[] bArr) {
        byte[] c2;
        String str;
        c2 = this.e.c();
        if (c2 == null) {
            c2 = this.f3463c.a(c.a(bArr), bArr, b());
        }
        if (c2 == null) {
            c.e(f, "getKey", "pin key is null");
            throw new DecryptFailException(Status.PIN_PROTECTION_GET_KEY_FAILURE);
        }
        y5 a2 = this.f3461a.f3335c.a(a(a.Pin));
        try {
            if (a2 != null) {
                try {
                    str = a2.f3977c;
                    if (str != null) {
                    }
                } catch (Exception e) {
                    c.a(f, "getKey by pin", e);
                    throw new DecryptFailException(Status.PIN_PROTECTION_GET_KEY_FAILURE);
                }
            }
            throw new DecryptFailException(Status.PIN_PROTECTION_GET_KEY_INVALID_PARAM_FAILURE);
        } finally {
            this.f3463c.a(c2);
        }
        return this.f3463c.a(lb.a(str), c2);
    }

    public synchronized byte[] c() {
        String str;
        byte[] a2;
        Cipher cipher;
        a aVar = a.Seed;
        int i = Build.VERSION.SDK_INT;
        SecretKey b2 = b(aVar);
        try {
            y5 a3 = this.f3461a.f3335c.a(a(aVar));
            y5 a4 = this.f3461a.f3335c.a(6);
            if (a3 == null || a4 == null || (str = a3.f3977c) == null || a4.f3977c == null) {
                c.e(f, "getKey", "key and iv is null");
                throw new DecryptFailException(Status.PIN_PROTECTION_GET_KEY_INVALID_PARAM_FAILURE);
            }
            a2 = lb.a(str);
            byte[] a5 = lb.a(a4.f3977c);
            cipher = Cipher.getInstance(ParameterFactory.ENCRYPTION_ALG_AES_GCM_NOPAD);
            cipher.init(2, b2, new GCMParameterSpec(128, a5));
        } catch (Exception e) {
            c.a(f, "getKey by key type", e);
            throw new DecryptFailException(Status.PIN_PROTECTION_GET_KEY_FAILURE);
        }
        return cipher.doFinal(a2);
    }
}
