package com.daon.sdk.authenticator.otp;

import android.content.Context;
import android.os.Bundle;
import android.util.Base64;
import com.daon.sdk.authenticator.Extensions;
import com.daon.sdk.authenticator.data.Storage;
import com.daon.sdk.authenticator.data.StorageUtils;
import com.daon.sdk.authenticator.time.TimeInfo;
import com.daon.sdk.authenticator.time.TrustedTimeUtils;
import com.daon.sdk.crypto.otp.TOTPGenerator;
import com.google.gson.Gson;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.MessageDigest;
import java.security.PublicKey;
import java.security.spec.ECGenParameterSpec;
import java.util.Arrays;
import java.util.concurrent.TimeUnit;
import javax.crypto.KeyAgreement;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: classes.dex */
public class b {

    /* renamed from: a, reason: collision with root package name */
    private Gson f10120a;

    /* renamed from: b, reason: collision with root package name */
    private OOTPConfigData f10121b;

    private Bundle a(Context context, String str, Bundle bundle, String str2, boolean z10) throws Exception {
        Bundle bundle2 = new Bundle();
        PublicKey a10 = new c().a(bundle);
        if (a10 == null) {
            throw new RuntimeException("No ECDH key supplied");
        }
        byte[] b10 = b();
        if (b10 != null && Arrays.equals(b10, a10.getEncoded())) {
            b(context, str, bundle);
            if (z10) {
                bundle2.putString(Extensions.OTP_CLIENT_PUBLIC_KEY, this.f10121b.f10113a);
                bundle2.putString(Extensions.OTP_CLIENT_PUBLIC_KEY_FORMAT, this.f10121b.f10114b);
            }
            return bundle2;
        }
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC");
        keyPairGenerator.initialize(new ECGenParameterSpec(a.a(str2)));
        KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
        KeyAgreement keyAgreement = KeyAgreement.getInstance("ECDH");
        keyAgreement.init(generateKeyPair.getPrivate());
        keyAgreement.doPhase(a10, true);
        OOTPConfigData a11 = a(context, str, keyAgreement.generateSecret(), generateKeyPair.getPublic(), a10, bundle);
        this.f10121b = a11;
        bundle2.putString(Extensions.OTP_CLIENT_PUBLIC_KEY, a11.f10113a);
        bundle2.putString(Extensions.OTP_CLIENT_PUBLIC_KEY_FORMAT, this.f10121b.f10114b);
        return bundle2;
    }

    private Bundle a(Context context, String str, String str2, Bundle bundle, String str3) throws Exception {
        TimeInfo currentTime = TrustedTimeUtils.getCurrentTime();
        byte[] bytes = str2 == null ? null : str2.getBytes();
        byte[] decode = Base64.decode(this.f10121b.f10115c, 0);
        a(decode, bytes, str3);
        a(context, decode);
        int generateOneTimePassword = new TOTPGenerator(r0.f10118f, TimeUnit.SECONDS, this.f10121b.f10119g, a.b(str3)).generateOneTimePassword(new SecretKeySpec(decode, a.b(str3)), currentTime.getTime());
        Bundle bundle2 = new Bundle();
        bundle2.putString(Extensions.OTP_VALUE, a(Integer.valueOf(generateOneTimePassword).toString(), this.f10121b.f10119g));
        if (str2 != null) {
            bundle2.putString(Extensions.OTP_TRANSACTION_DATA, str2);
        }
        return bundle2;
    }

    private OOTPConfigData a(Context context, String str) throws Exception {
        Storage enrolmentStorage = StorageUtils.getEnrolmentStorage(context, str);
        if (!enrolmentStorage.exists("daon.otp.data")) {
            return null;
        }
        return (OOTPConfigData) c().fromJson(enrolmentStorage.read("daon.otp.data"), OOTPConfigData.class);
    }

    private OOTPConfigData a(Context context, String str, byte[] bArr, PublicKey publicKey, PublicKey publicKey2, Bundle bundle) throws Exception {
        OOTPConfigData oOTPConfigData = new OOTPConfigData();
        oOTPConfigData.f10113a = Base64.encodeToString(publicKey.getEncoded(), 2);
        oOTPConfigData.f10114b = "257";
        oOTPConfigData.f10115c = Base64.encodeToString(bArr, 2);
        oOTPConfigData.f10116d = Base64.encodeToString(publicKey2.getEncoded(), 2);
        oOTPConfigData.f10117e = com.daon.sdk.authenticator.util.b.a(bundle, Extensions.OTP_ALGORITHM, "OOTPSha256");
        oOTPConfigData.f10118f = com.daon.sdk.authenticator.util.b.a(bundle, Extensions.OTP_TIME_STEP, 30);
        oOTPConfigData.f10119g = com.daon.sdk.authenticator.util.b.a(bundle, Extensions.OTP_LENGTH, 8);
        StorageUtils.getEnrolmentStorage(context, str).write("daon.otp.data", c().toJson(oOTPConfigData));
        return oOTPConfigData;
    }

    private static String a(String str) throws Exception {
        Class<?> cls = Class.forName("android.os.SystemProperties");
        return (String) cls.getMethod("get", String.class).invoke(cls, str);
    }

    private String a(String str, int i10) {
        if (str == null) {
            return null;
        }
        if (str.length() >= i10) {
            return str;
        }
        StringBuilder sb2 = new StringBuilder(i10);
        for (int i11 = 0; i11 < i10 - str.length(); i11++) {
            sb2.append("0");
        }
        sb2.append(str);
        return sb2.toString();
    }

    private void a(Context context, byte[] bArr) {
        byte b10 = new nb.b(context).isRooted() ? (byte) 4 : (byte) 0;
        if (a(context)) {
            b10 = (byte) (b10 | 2);
        }
        if (a()) {
            b10 = (byte) (b10 | 1);
        }
        int length = bArr.length - 1;
        bArr[length] = (byte) (b10 ^ bArr[length]);
    }

    private static boolean a() {
        try {
            return a("ro.kernel.qemu").equals("1") || a("ro.hardware").contains("goldfish") || a("ro.product.model").equals("sdk");
        } catch (Exception unused) {
            return false;
        }
    }

    private static boolean a(Context context) {
        return (context.getApplicationInfo().flags & 2) != 0;
    }

    private byte[] a(byte[] bArr, byte[] bArr2, String str) throws Exception {
        if (bArr2 == null) {
            return null;
        }
        byte[] digest = MessageDigest.getInstance(a.c(str)).digest(bArr2);
        for (int i10 = 0; i10 < bArr.length && i10 < digest.length; i10++) {
            bArr[i10] = (byte) (bArr[i10] ^ digest[i10]);
        }
        return digest;
    }

    private void b(Context context, String str, Bundle bundle) throws Exception {
        OOTPConfigData oOTPConfigData = new OOTPConfigData();
        OOTPConfigData oOTPConfigData2 = this.f10121b;
        oOTPConfigData.f10115c = oOTPConfigData2.f10115c;
        oOTPConfigData.f10116d = oOTPConfigData2.f10116d;
        oOTPConfigData.f10113a = oOTPConfigData2.f10113a;
        oOTPConfigData.f10114b = oOTPConfigData2.f10114b;
        oOTPConfigData.f10117e = com.daon.sdk.authenticator.util.b.a(bundle, Extensions.OTP_ALGORITHM, "OOTPSha256");
        oOTPConfigData.f10118f = com.daon.sdk.authenticator.util.b.a(bundle, Extensions.OTP_TIME_STEP, 30);
        oOTPConfigData.f10119g = com.daon.sdk.authenticator.util.b.a(bundle, Extensions.OTP_LENGTH, 8);
        StorageUtils.getEnrolmentStorage(context, str).write("daon.otp.data", c().toJson(oOTPConfigData));
    }

    private byte[] b() throws Exception {
        OOTPConfigData oOTPConfigData = this.f10121b;
        if (oOTPConfigData == null) {
            return null;
        }
        return Base64.decode(oOTPConfigData.f10116d, 0);
    }

    private Gson c() {
        if (this.f10120a == null) {
            this.f10120a = new Gson();
        }
        return this.f10120a;
    }

    public Bundle a(Context context, String str, Bundle bundle) throws Exception {
        OOTPConfigData a10 = a(context, str);
        this.f10121b = a10;
        return a(context, str, bundle, com.daon.sdk.authenticator.util.b.a(bundle, Extensions.OTP_ALGORITHM, a10 == null ? "OOTPSha256" : a10.f10117e), true);
    }

    public Bundle a(Context context, String str, Bundle bundle, String str2) throws Exception {
        this.f10121b = a(context, str);
        return com.daon.sdk.authenticator.util.b.a(bundle, Extensions.OTP_SERVER_PUBLIC_KEY_CHAIN, (String) null) != null ? a(context, str, bundle, com.daon.sdk.authenticator.util.b.a(bundle, Extensions.OTP_ALGORITHM, this.f10121b.f10117e), false) : a(context, str, str2, bundle, this.f10121b.f10117e);
    }
}
