package com.orange.authentication.lowLevelApi;

import android.content.Context;
import android.content.pm.SigningInfo;
import android.os.Build;
import android.util.Base64;
import com.google.android.gms.common.api.ApiException;
import com.google.android.gms.safetynet.SafetyNetApi;
import com.google.android.gms.tasks.OnFailureListener;
import com.google.android.gms.tasks.OnSuccessListener;
import com.nimbusds.jose.JWSHeader;
import com.nimbusds.jose.JWSObject;
import com.orange.authentication.lowLevelApi.securitylib.api.RootCheckData;
import com.orange.authentication.lowLevelApi.securitylib.api.SafetyNetCheckData;
import com.orange.authentication.lowLevelApi.securitylib.api.SafetyNetCheckListener;
import com.orange.authentication.lowLevelApi.securitylib.api.SecurityCheckApi;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.nio.charset.Charset;
import java.security.MessageDigest;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import kotlin.jvm.internal.Intrinsics;
import kotlin.jvm.internal.Ref;
import kotlin.text.StringsKt__StringsKt;
import org.jetbrains.annotations.NotNull;

/* compiled from: File */
/* loaded from: classes2.dex */
public final class f implements SecurityCheckApi {

    /* renamed from: a, reason: collision with root package name */
    private Context f30121a;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* compiled from: File */
    /* loaded from: classes2.dex */
    public static final class a<TResult> implements OnSuccessListener<SafetyNetApi.AttestationResponse> {

        /* renamed from: b, reason: collision with root package name */
        final /* synthetic */ Ref.ObjectRef f30123b;

        /* renamed from: c, reason: collision with root package name */
        final /* synthetic */ SafetyNetCheckListener f30124c;

        a(Ref.ObjectRef objectRef, SafetyNetCheckListener safetyNetCheckListener) {
            this.f30123b = objectRef;
            this.f30124c = safetyNetCheckListener;
        }

        /* JADX WARN: Multi-variable type inference failed */
        @Override // com.google.android.gms.tasks.OnSuccessListener
        /* renamed from: a, reason: merged with bridge method [inline-methods] */
        public final void onSuccess(@NotNull SafetyNetApi.AttestationResponse response) {
            Intrinsics.checkNotNullParameter(response, "response");
            f fVar = f.this;
            String jwsResult = response.getJwsResult();
            Intrinsics.checkNotNullExpressionValue(jwsResult, "response.jwsResult");
            fVar.e(jwsResult, (byte[]) this.f30123b.element, this.f30124c);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* compiled from: File */
    /* loaded from: classes2.dex */
    public static final class b implements OnFailureListener {

        /* renamed from: a, reason: collision with root package name */
        final /* synthetic */ Ref.ObjectRef f30125a;

        /* renamed from: b, reason: collision with root package name */
        final /* synthetic */ SafetyNetCheckListener f30126b;

        b(Ref.ObjectRef objectRef, SafetyNetCheckListener safetyNetCheckListener) {
            this.f30125a = objectRef;
            this.f30126b = safetyNetCheckListener;
        }

        /* JADX WARN: Multi-variable type inference failed */
        @Override // com.google.android.gms.tasks.OnFailureListener
        public final void onFailure(@NotNull Exception exception) {
            Ref.ObjectRef objectRef;
            T t8;
            Intrinsics.checkNotNullParameter(exception, "exception");
            if (exception instanceof ApiException) {
                objectRef = this.f30125a;
                t8 = SafetyNetCheckData.SN_API_UNAVAILABLE;
            } else {
                objectRef = this.f30125a;
                t8 = SafetyNetCheckData.SN_API_UNEXPECTED_ERROR;
            }
            objectRef.element = t8;
            ((SafetyNetCheckData) this.f30125a.element).setError(exception.getMessage());
            this.f30126b.b((SafetyNetCheckData) this.f30125a.element);
        }
    }

    public f(@NotNull Context ctx) {
        Intrinsics.checkNotNullParameter(ctx, "ctx");
        this.f30121a = ctx;
    }

    private final void d(String str, String str2) {
    }

    /* JADX INFO: Access modifiers changed from: private */
    public final void e(String str, byte[] bArr, SafetyNetCheckListener safetyNetCheckListener) {
        Map<String, Object> jSONObject;
        List x509CertChain;
        byte[] decode;
        byte[] decode2;
        byte[] f9;
        Object obj;
        SafetyNetCheckData safetyNetCheckData;
        String str2;
        boolean contains$default;
        try {
            JWSObject parse = JWSObject.parse(str);
            Intrinsics.checkNotNullExpressionValue(parse, "JWSObject.parse(jws)");
            jSONObject = parse.getPayload().toJSONObject();
            JWSHeader header = parse.getHeader();
            Intrinsics.checkNotNullExpressionValue(header, "jwsObject.header");
            x509CertChain = header.getX509CertChain();
            decode = Base64.decode(String.valueOf(jSONObject.get("nonce")), 0);
            decode2 = Base64.decode(String.valueOf(jSONObject.get("apkCertificateDigestSha256")), 0);
            f9 = f();
            obj = jSONObject.get("timestampMs");
        } catch (Exception e9) {
            e = e9;
        }
        try {
            if (obj == null) {
                throw new NullPointerException("null cannot be cast to non-null type kotlin.Long");
            }
            long longValue = ((Long) obj).longValue();
            String valueOf = String.valueOf(jSONObject.get("apkPackageName"));
            Object obj2 = jSONObject.get("ctsProfileMatch");
            if (obj2 == null) {
                throw new NullPointerException("null cannot be cast to non-null type kotlin.Boolean");
            }
            boolean booleanValue = ((Boolean) obj2).booleanValue();
            Object obj3 = jSONObject.get("basicIntegrity");
            if (obj3 == null) {
                throw new NullPointerException("null cannot be cast to non-null type kotlin.Boolean");
            }
            e eVar = new e(decode, longValue, valueOf, booleanValue, decode2, ((Boolean) obj3).booleanValue(), String.valueOf(jSONObject.get("evaluationType")));
            Iterator it = x509CertChain.iterator();
            boolean z8 = false;
            while (it.hasNext()) {
                Certificate generateCertificate = CertificateFactory.getInstance("X509").generateCertificate(new ByteArrayInputStream(Base64.decode(((com.nimbusds.jose.util.Base64) it.next()).toString(), 0)));
                if (generateCertificate == null) {
                    throw new NullPointerException("null cannot be cast to non-null type java.security.cert.X509Certificate");
                }
                X509Certificate x509Certificate = (X509Certificate) generateCertificate;
                x509Certificate.checkValidity();
                String x500Principal = x509Certificate.getIssuerX500Principal().toString();
                Intrinsics.checkNotNullExpressionValue(x500Principal, "cert.issuerX500Principal.toString()");
                contains$default = StringsKt__StringsKt.contains$default((CharSequence) x500Principal, (CharSequence) "Google Trust Services", false, 2, (Object) null);
                if (contains$default) {
                    z8 = true;
                }
            }
            Date date = new Date(eVar.e());
            Date date2 = new Date();
            Date date3 = new Date();
            date2.setTime(System.currentTimeMillis() - 3000);
            date3.setTime(System.currentTimeMillis() + 3000);
            if (z8) {
                eVar.d();
                Context applicationContext = this.f30121a.getApplicationContext();
                Intrinsics.checkNotNullExpressionValue(applicationContext, "ctx.applicationContext");
                if (true ^ Intrinsics.areEqual(applicationContext.getPackageName(), eVar.a())) {
                    safetyNetCheckData = SafetyNetCheckData.SN_APP_NOT_ATTESTED_JWS_WRONG_APP_NAME;
                    safetyNetCheckData.setJws(str);
                    str2 = "wrong app package name in jws";
                } else {
                    if (!date.after(date3) && !date.before(date2)) {
                        if (!Arrays.equals(bArr, decode)) {
                            safetyNetCheckData = SafetyNetCheckData.SN_APP_NOT_ATTESTED_JWS_WRONG_NONCE;
                            safetyNetCheckData.setJws(str);
                            str2 = "not the nonce expected";
                        } else if (f9 == null) {
                            safetyNetCheckData = SafetyNetCheckData.SN_APP_NOT_ATTESTED_JWS_WRONG_CERTIFICATE;
                            safetyNetCheckData.setJws(str);
                            str2 = "jws, no app certificate";
                        } else {
                            if (Arrays.equals(f9, decode2)) {
                                SafetyNetCheckData safetyNetCheckData2 = SafetyNetCheckData.SN_APP_ATTESTED;
                                safetyNetCheckData2.setJws(str);
                                safetyNetCheckData2.setDeviceStatus(!eVar.b() ? SafetyNetCheckData.SafetyNetCheckDeviceStatus.SN_APP_ATTESTED_DEVICE_CORRUPTED : !eVar.c() ? SafetyNetCheckData.SafetyNetCheckDeviceStatus.SN_APP_ATTESTED_DEVICE_TAMPERED : SafetyNetCheckData.SafetyNetCheckDeviceStatus.SN_APP_ATTESTED_DEVICE_RELIABLE);
                                safetyNetCheckListener.a(safetyNetCheckData2);
                                return;
                            }
                            safetyNetCheckData = SafetyNetCheckData.SN_APP_NOT_ATTESTED_JWS_WRONG_CERTIFICATE;
                            safetyNetCheckData.setJws(str);
                            str2 = "jws, not the app certificate expected";
                        }
                    }
                    safetyNetCheckData = SafetyNetCheckData.SN_APP_NOT_ATTESTED_JWS_OUT_OF_DATE;
                    safetyNetCheckData.setJws(str);
                    str2 = "jws out of date";
                }
                safetyNetCheckData.setError(str2);
            } else {
                safetyNetCheckData = SafetyNetCheckData.SN_APP_NOT_ATTESTED_JWS_WRONG_SIGNATURE;
                safetyNetCheckData.setJws(str);
                safetyNetCheckData.setError("jws not issued from Google");
            }
            safetyNetCheckListener.b(safetyNetCheckData);
        } catch (Exception e10) {
            e = e10;
            SafetyNetCheckData safetyNetCheckData3 = SafetyNetCheckData.SN_API_UNEXPECTED_ERROR;
            safetyNetCheckData3.setJws(str);
            safetyNetCheckData3.setError(e.getMessage());
            safetyNetCheckListener.b(safetyNetCheckData3);
        }
    }

    private final byte[] f() {
        try {
            SigningInfo info = this.f30121a.getPackageManager().getPackageInfo(this.f30121a.getPackageName(), 134217728).signingInfo;
            if (!info.hasMultipleSigners()) {
                Intrinsics.checkNotNullExpressionValue(info, "info");
                Certificate cert = CertificateFactory.getInstance("X509").generateCertificate(new ByteArrayInputStream(info.getApkContentsSigners()[0].toByteArray()));
                MessageDigest messageDigest = MessageDigest.getInstance("SHA256");
                Intrinsics.checkNotNullExpressionValue(cert, "cert");
                return messageDigest.digest(cert.getEncoded());
            }
        } catch (Exception unused) {
        }
        return null;
    }

    private final byte[] g(Context context) {
        byte[] h9 = h(context);
        if (h9 != null) {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            byte[] bArr = new byte[48];
            new SecureRandom().nextBytes(bArr);
            try {
                byteArrayOutputStream.write(bArr);
                byteArrayOutputStream.write(h9);
                return byteArrayOutputStream.toByteArray();
            } catch (Exception unused) {
            }
        }
        return null;
    }

    private final byte[] h(Context context) {
        long j8 = context.getApplicationInfo().uid + Build.TIME + context.getPackageManager().getPackageInfo(context.getPackageName(), 0).firstInstallTime;
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
            String valueOf = String.valueOf(j8);
            Charset forName = Charset.forName("UTF-8");
            Intrinsics.checkNotNullExpressionValue(forName, "Charset.forName(charsetName)");
            if (valueOf == null) {
                throw new NullPointerException("null cannot be cast to non-null type java.lang.String");
            }
            byte[] bytes = valueOf.getBytes(forName);
            Intrinsics.checkNotNullExpressionValue(bytes, "(this as java.lang.String).getBytes(charset)");
            return messageDigest.digest(bytes);
        } catch (Exception unused) {
            return null;
        }
    }

    /* JADX WARN: Code restructure failed: missing block: B:10:0x0031, code lost:
    
        if ((((byte[]) r5).length == 0) != false) goto L12;
     */
    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r4v5, types: [com.orange.authentication.lowLevelApi.securitylib.api.SafetyNetCheckData, T] */
    /* JADX WARN: Type inference failed for: r4v9, types: [com.orange.authentication.lowLevelApi.securitylib.api.SafetyNetCheckData, T] */
    /* JADX WARN: Type inference failed for: r5v1, types: [com.orange.authentication.lowLevelApi.securitylib.api.SafetyNetCheckData, T] */
    /* JADX WARN: Type inference failed for: r5v7, types: [byte[], T] */
    @Override // com.orange.authentication.lowLevelApi.securitylib.api.SecurityCheckApi
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public void a(@org.jetbrains.annotations.NotNull java.lang.String r4, @org.jetbrains.annotations.Nullable byte[] r5, @org.jetbrains.annotations.NotNull com.orange.authentication.lowLevelApi.securitylib.api.SafetyNetCheckListener r6) {
        /*
            r3 = this;
            java.lang.String r0 = "googleSafetyNetKey"
            kotlin.jvm.internal.Intrinsics.checkNotNullParameter(r4, r0)
            java.lang.String r0 = "listener"
            kotlin.jvm.internal.Intrinsics.checkNotNullParameter(r6, r0)
            kotlin.jvm.internal.Ref$ObjectRef r0 = new kotlin.jvm.internal.Ref$ObjectRef
            r0.<init>()
            kotlin.jvm.internal.Ref$ObjectRef r1 = new kotlin.jvm.internal.Ref$ObjectRef     // Catch: java.lang.Exception -> L89
            r1.<init>()     // Catch: java.lang.Exception -> L89
            r1.element = r5     // Catch: java.lang.Exception -> L89
            com.google.android.gms.common.GoogleApiAvailability r5 = com.google.android.gms.common.GoogleApiAvailability.getInstance()     // Catch: java.lang.Exception -> L89
            android.content.Context r2 = r3.f30121a     // Catch: java.lang.Exception -> L89
            int r5 = r5.isGooglePlayServicesAvailable(r2)     // Catch: java.lang.Exception -> L89
            if (r5 != 0) goto L79
            T r5 = r1.element     // Catch: java.lang.Exception -> L89
            r2 = r5
            byte[] r2 = (byte[]) r2     // Catch: java.lang.Exception -> L89
            if (r2 == 0) goto L33
            byte[] r5 = (byte[]) r5     // Catch: java.lang.Exception -> L89
            int r5 = r5.length     // Catch: java.lang.Exception -> L89
            if (r5 != 0) goto L30
            r5 = 1
            goto L31
        L30:
            r5 = 0
        L31:
            if (r5 == 0) goto L3b
        L33:
            android.content.Context r5 = r3.f30121a     // Catch: java.lang.Exception -> L89
            byte[] r5 = r3.g(r5)     // Catch: java.lang.Exception -> L89
            r1.element = r5     // Catch: java.lang.Exception -> L89
        L3b:
            T r5 = r1.element     // Catch: java.lang.Exception -> L89
            byte[] r5 = (byte[]) r5     // Catch: java.lang.Exception -> L89
            if (r5 == 0) goto L6b
            android.content.Context r5 = r3.f30121a     // Catch: java.lang.Exception -> L89
            com.google.android.gms.safetynet.SafetyNetClient r5 = com.google.android.gms.safetynet.SafetyNet.getClient(r5)     // Catch: java.lang.Exception -> L89
            T r2 = r1.element     // Catch: java.lang.Exception -> L89
            byte[] r2 = (byte[]) r2     // Catch: java.lang.Exception -> L89
            com.google.android.gms.tasks.Task r4 = r5.attest(r2, r4)     // Catch: java.lang.Exception -> L89
            java.lang.String r5 = "client.attest(nonce, googleSafetyNetKey)"
            kotlin.jvm.internal.Intrinsics.checkNotNullExpressionValue(r4, r5)     // Catch: java.lang.Exception -> L89
            com.orange.authentication.lowLevelApi.f$a r5 = new com.orange.authentication.lowLevelApi.f$a     // Catch: java.lang.Exception -> L89
            r5.<init>(r1, r6)     // Catch: java.lang.Exception -> L89
            r4.addOnSuccessListener(r5)     // Catch: java.lang.Exception -> L89
            com.orange.authentication.lowLevelApi.f$b r5 = new com.orange.authentication.lowLevelApi.f$b     // Catch: java.lang.Exception -> L89
            r5.<init>(r0, r6)     // Catch: java.lang.Exception -> L89
            com.google.android.gms.tasks.Task r4 = r4.addOnFailureListener(r5)     // Catch: java.lang.Exception -> L89
            java.lang.String r5 = "api.addOnFailureListener…                       })"
            kotlin.jvm.internal.Intrinsics.checkNotNullExpressionValue(r4, r5)     // Catch: java.lang.Exception -> L89
            goto L9c
        L6b:
            com.orange.authentication.lowLevelApi.securitylib.api.SafetyNetCheckData r4 = com.orange.authentication.lowLevelApi.securitylib.api.SafetyNetCheckData.SN_API_UNABLE_TO_CONFIGURE     // Catch: java.lang.Exception -> L89
            r0.element = r4     // Catch: java.lang.Exception -> L89
            java.lang.String r5 = "no SafetyNet nonce"
            r4.setError(r5)     // Catch: java.lang.Exception -> L89
            T r4 = r0.element     // Catch: java.lang.Exception -> L89
        L76:
            com.orange.authentication.lowLevelApi.securitylib.api.SafetyNetCheckData r4 = (com.orange.authentication.lowLevelApi.securitylib.api.SafetyNetCheckData) r4     // Catch: java.lang.Exception -> L89
            goto L85
        L79:
            com.orange.authentication.lowLevelApi.securitylib.api.SafetyNetCheckData r4 = com.orange.authentication.lowLevelApi.securitylib.api.SafetyNetCheckData.SN_API_UNAVAILABLE     // Catch: java.lang.Exception -> L89
            r0.element = r4     // Catch: java.lang.Exception -> L89
            java.lang.String r5 = "no Google play services available"
            r4.setError(r5)     // Catch: java.lang.Exception -> L89
            T r4 = r0.element     // Catch: java.lang.Exception -> L89
            goto L76
        L85:
            r6.b(r4)     // Catch: java.lang.Exception -> L89
            goto L9c
        L89:
            r4 = move-exception
            com.orange.authentication.lowLevelApi.securitylib.api.SafetyNetCheckData r5 = com.orange.authentication.lowLevelApi.securitylib.api.SafetyNetCheckData.SN_API_UNAVAILABLE
            r0.element = r5
            java.lang.String r4 = r4.getMessage()
            r5.setError(r4)
            T r4 = r0.element
            com.orange.authentication.lowLevelApi.securitylib.api.SafetyNetCheckData r4 = (com.orange.authentication.lowLevelApi.securitylib.api.SafetyNetCheckData) r4
            r6.b(r4)
        L9c:
            return
        */
        throw new UnsupportedOperationException("Method not decompiled: com.orange.authentication.lowLevelApi.f.a(java.lang.String, byte[], com.orange.authentication.lowLevelApi.securitylib.api.SafetyNetCheckListener):void");
    }

    @Override // com.orange.authentication.lowLevelApi.securitylib.api.SecurityCheckApi
    @NotNull
    public RootCheckData b() {
        try {
            return new com.scottyab.rootbeer.d(this.f30121a).s() ? RootCheckData.RB_ROOT_DETECTED : RootCheckData.RB_NO_ROOT_DETECTED;
        } catch (Exception e9) {
            RootCheckData rootCheckData = RootCheckData.RB_UNABLE_TO_CHECK_ROOT;
            rootCheckData.setError(e9.getMessage());
            return rootCheckData;
        }
    }
}
