package g62;

import android.content.Context;
import android.util.Base64;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SignatureException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.RSAKeyGenParameterSpec;
import java.util.Arrays;
import java.util.Calendar;
import java.util.Locale;
import javax.crypto.BadPaddingException;
import javax.crypto.IllegalBlockSizeException;
import org.spongycastle.asn1.x500.X500Name;
import org.spongycastle.cert.jcajce.JcaX509CertificateConverter;
import org.spongycastle.cert.jcajce.JcaX509v3CertificateBuilder;
import org.spongycastle.operator.OperatorCreationException;
import org.spongycastle.operator.jcajce.JcaContentSignerBuilder;

/* loaded from: classes.dex */
public final class d extends a {
    public d(Context context, String str, String str2, boolean z13, boolean z14) throws k62.a {
        super(context, str, str2, z13, z14);
        h62.a aVar = new h62.a(context);
        j62.c.d(context, "envDataModel", "2.0", this.f17028l);
        this.f17020c = h62.a.a(aVar.b());
        this.f17021d = aVar.e();
        b bVar = this.f17022f;
        bVar.getClass();
        try {
            bVar.f17031a.f(true);
            this.e.a(true);
            j62.c.d(context, "deviceEnvironmentData", null, this.f17028l);
            j62.c.d(context, "keyId", null, this.f17028l);
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            throw new k62.a(e);
        }
    }

    public final void c(l62.g gVar) throws k62.a {
        this.f17027k.a(3);
        try {
            ut.a.u(gVar.encryptedDeviceEnvironmentDataSignature, "encryptedDeviceEnvironmentDataSignature");
            boolean z13 = true;
            ut.a.r("deviceEnvironmentDataSignature length invalid", gVar.encryptedDeviceEnvironmentDataSignature.length >= 256);
            ut.a.u(gVar.encryptedDeviceToken, "encryptedDeviceToken");
            ut.a.r("encryptedDeviceToken length too small", gVar.encryptedDeviceToken.length >= 64);
            if (Arrays.equals(gVar.encryptedDeviceEnvironmentDataSignature, gVar.encryptedDeviceToken)) {
                z13 = false;
            }
            ut.a.r("deviceEnvironmentDataSignature cannot be equal to encryptedDeviceToken", z13);
            byte[] k2 = this.f17022f.k("deviceAuthenticator.deviceToken", gVar.encryptedDeviceToken);
            if (k2.length < 32) {
                throw new k62.a("deviceToken length too small");
            }
            g gVar2 = this.e;
            gVar2.f17050d = gVar2.b(gVar2.f17048b, k2);
            byte[] k4 = this.f17022f.k("deviceAuthenticator.deviceEnvironmentDataSignature", gVar.encryptedDeviceEnvironmentDataSignature);
            if (!this.f17022f.j(this.f17021d, k4)) {
                throw new k62.a("Invalid environment data signature");
            }
            g gVar3 = this.e;
            gVar3.e = gVar3.b(gVar3.f17049c, k4);
            i62.b bVar = this.f17022f.f17031a;
            bVar.getClass();
            try {
                ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                bVar.f18811i.store(byteArrayOutputStream, bVar.f18814m.toCharArray());
                bVar.f18812k.b(bVar.f18813l, byteArrayOutputStream.toByteArray());
                j62.c.d(this.f17018a, "deviceEnvironmentData", new String(this.f17021d), this.f17028l);
                byte[] bArr = this.f17030n;
                j62.c.d(this.f17018a, "keyId", bArr != null ? Base64.encodeToString(bArr, 2) : null, this.f17028l);
                this.f17027k.f17046a = 4;
            } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
                throw new k62.a(e);
            }
        } catch (Exception e13) {
            j62.c.c("Invalid response", e13);
            throw null;
        }
    }

    public final l62.d d() throws k62.a {
        this.f17027k.a(1);
        b bVar = this.f17022f;
        i62.b bVar2 = bVar.f17031a;
        bVar2.getClass();
        try {
            RSAKeyGenParameterSpec rSAKeyGenParameterSpec = new RSAKeyGenParameterSpec(2048, RSAKeyGenParameterSpec.F4);
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA");
            keyPairGenerator.initialize(rSAKeyGenParameterSpec);
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            PublicKey publicKey = generateKeyPair.getPublic();
            PrivateKey privateKey = generateKeyPair.getPrivate();
            String format = String.format("CN=%s, O=%s", bVar2.f18808f, "Morpho");
            Calendar calendar = Calendar.getInstance();
            Calendar calendar2 = Calendar.getInstance();
            calendar2.add(1, 20);
            Locale locale = Locale.getDefault();
            bVar2.g(Locale.ENGLISH);
            try {
                try {
                    X509Certificate a13 = new JcaX509CertificateConverter().a(new JcaX509v3CertificateBuilder(new X500Name(format), BigInteger.ONE, calendar.getTime(), calendar2.getTime(), new X500Name(format), publicKey).a(new JcaContentSignerBuilder().a(privateKey)));
                    String str = bVar2.f18808f;
                    try {
                        if (privateKey != null) {
                            bVar2.f18811i.setKeyEntry(str, privateKey, null, new Certificate[]{a13});
                        } else {
                            bVar2.f18811i.setCertificateEntry(str, a13);
                        }
                        bVar2.f18805b = publicKey;
                        bVar2.f18806c = privateKey;
                        try {
                            bVar2.o.init(3, publicKey);
                            bVar2.f18816p.init(4, bVar2.f18806c);
                            bVar2.f18807d = bVar2.d();
                            try {
                                i62.b bVar3 = bVar.f17031a;
                                if (bVar3.f18806c == null) {
                                    bVar3.b();
                                }
                                PrivateKey privateKey2 = bVar3.f18806c;
                                i62.b bVar4 = bVar.f17031a;
                                if (bVar4.f18805b == null) {
                                    bVar4.b();
                                }
                                bVar.f17033c.initSign(privateKey2);
                                j62.b.a(this.f17023g);
                                l62.d dVar = new l62.d();
                                dVar.identity = this.f17019b;
                                dVar.clientRandom = this.f17023g;
                                i62.b bVar5 = this.f17022f.f17031a;
                                if (bVar5.f18805b == null) {
                                    bVar5.b();
                                }
                                dVar.devicePublicKey = bVar5.f18805b.getEncoded();
                                j62.c.e(dVar.identity.getBytes(hb.g.f18053a), this.f17025i);
                                j62.c.e(dVar.clientRandom, this.f17025i);
                                j62.c.e(dVar.devicePublicKey, this.f17025i);
                                this.f17027k.f17046a = 2;
                                return dVar;
                            } catch (InvalidKeyException e) {
                                throw new k62.a(e);
                            }
                        } catch (IOException | InvalidKeyException | IllegalBlockSizeException e13) {
                            throw new k62.a(e13);
                        }
                    } catch (KeyStoreException e14) {
                        throw new k62.a(e14);
                    }
                } catch (CertificateException | OperatorCreationException e15) {
                    throw new k62.a(e15);
                }
            } finally {
                bVar2.g(locale);
            }
        } catch (InvalidAlgorithmParameterException | NoSuchAlgorithmException e16) {
            throw new k62.a(e16);
        }
    }

    public final l62.f e(l62.e eVar) throws k62.a {
        this.f17027k.a(2);
        try {
            ut.a.u(eVar.serverRandom, "serverRandom");
            ut.a.r("serverRandom length too small", eVar.serverRandom.length >= 32);
            ut.a.u(eVar.serverCertificate, "serverCertificate");
            ut.a.u(eVar.signature, "signature");
            ut.a.r("signature length invalid", eVar.signature.length == 256);
            byte[] bArr = eVar.serverRandom;
            byte[] bArr2 = eVar.serverCertificate;
            b bVar = this.f17022f;
            i62.b bVar2 = bVar.f17031a;
            bVar2.getClass();
            try {
                X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(bArr2));
                i62.a.a(x509Certificate, i62.a.f18803j, "Server certificate");
                try {
                    bVar2.f18811i.setCertificateEntry(bVar2.f18809g, x509Certificate);
                    bVar2.e = x509Certificate;
                    try {
                        i62.b bVar3 = bVar.f17031a;
                        if (bVar3.e == null) {
                            bVar3.b();
                            i62.a.a(bVar3.e, i62.a.f18803j, "Server certificate");
                        }
                        PublicKey publicKey = bVar3.e.getPublicKey();
                        bVar.f17032b.init(1, publicKey);
                        bVar.f17034d.initVerify(publicKey);
                        this.f17030n = this.f17022f.f(this.f17029m);
                        j62.c.e(bArr, this.f17025i);
                        j62.c.e(bArr2, this.f17025i);
                        byte[] bArr3 = eVar.signature;
                        if (!this.f17022f.j(this.f17025i.toByteArray(), bArr3)) {
                            throw new k62.a("Invalid response signature");
                        }
                        j62.c.e(bArr3, this.f17025i);
                        j62.b.a(this.f17024h);
                        b bVar4 = this.f17022f;
                        byte[] bArr4 = this.f17024h;
                        bVar4.getClass();
                        try {
                            byte[] doFinal = bVar4.f17032b.doFinal(bArr4);
                            this.f17022f.e(this.f17024h, this.f17023g, bArr);
                            b bVar5 = this.f17022f;
                            byte[] bArr5 = this.f17024h;
                            byte[] bArr6 = this.f17023g;
                            bVar5.getClass();
                            b.d(bArr5, bArr6, bArr);
                            byte[] c13 = this.f17022f.c("deviceAuthenticator.deviceStaticId", this.f17020c);
                            byte[] c14 = this.f17022f.c("deviceAuthenticator.deviceEnvironmentData", this.f17021d);
                            l62.f fVar = new l62.f();
                            fVar.encryptedMasterSecret = doFinal;
                            fVar.encryptedDeviceStaticId = c13;
                            fVar.encryptedDeviceEnvironmentData = c14;
                            j62.c.e(doFinal, this.f17025i);
                            b bVar6 = this.f17022f;
                            byte[] byteArray = this.f17025i.toByteArray();
                            bVar6.getClass();
                            try {
                                bVar6.f17033c.update(byteArray);
                                fVar.signature = bVar6.f17033c.sign();
                                this.f17027k.f17046a = 3;
                                return fVar;
                            } catch (SignatureException e) {
                                throw new k62.a(e);
                            }
                        } catch (BadPaddingException | IllegalBlockSizeException e13) {
                            throw new k62.a(e13);
                        }
                    } catch (InvalidKeyException e14) {
                        throw new k62.a(e14);
                    }
                } catch (KeyStoreException e15) {
                    throw new k62.a(e15);
                }
            } catch (CertificateException e16) {
                throw new k62.a(e16);
            }
        } catch (Exception e17) {
            j62.c.c("Invalid response", e17);
            throw null;
        }
    }
}
