package pingidsdkclient.util;

import android.app.KeyguardManager;
import android.content.Context;
import android.content.Intent;
import android.os.Build;
import android.provider.Settings;
import android.util.Base64;
import androidx.localbroadcastmanager.content.LocalBroadcastManager;
import ch.qos.logback.core.net.ssl.SSL;
import com.accells.util.EnvironmentProxyHelper;
import com.arlo.app.utils.Constants;
import java.io.UnsupportedEncodingException;
import java.math.BigInteger;
import java.security.KeyFactory;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.interfaces.RSAKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.RSAPrivateKeySpec;
import javax.crypto.Cipher;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.spongycastle.asn1.cmp.PKIFailureInfo;
import pingidsdkclient.PingIdSDKApplicationContext;
import pingidsdkclient.accellsutils.AccellsParams;
import pingidsdkclient.accellsutils.AccellsSecurityException;
import pingidsdkclient.accellsutils.AccellsSecurityUtil;
import pingidsdkclient.accellsutils.OtpMgr;
import pingidsdkclient.access.AndroidKeyStoreHelper;
import pingidsdkclient.access.PreferenceMgr;

/* loaded from: classes4.dex */
public class Util {
    private static final String ALPHA_BET = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789";
    private static final int DEVICE_FP_LENGTH = 20;
    private static final Logger logger = LoggerFactory.getLogger((Class<?>) Util.class);

    public static String encodeBase64(String str) {
        try {
            return new String(Base64.encode(str.getBytes("UTF-8"), 2));
        } catch (UnsupportedEncodingException e) {
            logger.error("message=\"Unsupported Encoding UTF-8\"", (Throwable) e);
            return null;
        }
    }

    public static String generateDeviceFingerPrint() {
        logger.error("inside device FP generation");
        return Settings.Secure.getString(PingIdSDKApplicationContext.getInstance().getApplicationContext().getContentResolver(), "android_id");
    }

    public static String generateOtpStr(Context context) {
        return generateOtpStr(context, 6);
    }

    public static String generateOtpStr(Context context, int i) {
        String sid;
        PreferenceMgr preferenceManager = PingIdSDKApplicationContext.getInstance().getPreferenceManager();
        long otpCounter = preferenceManager.getOtpCounter(context);
        String base64DeviceFp = getBase64DeviceFp(context);
        String str = null;
        try {
            sid = preferenceManager.getSID(context);
        } catch (AccellsSecurityException e) {
            logger.error("message=\"Can not generate real SID\"", (Throwable) e);
        }
        if (sid != null && sid.trim().length() != 0) {
            str = AccellsSecurityUtil.generateSid(base64DeviceFp, sid);
            String createOtp = OtpMgr.get().createOtp(str, Long.valueOf(otpCounter), i);
            preferenceManager.setOtpCounter(context, OtpMgr.get().getIncreasedOtpCounter(otpCounter, AccellsParams.Security.MAX_OTP_COUNTER));
            return createOtp;
        }
        logger.error("message=\"Can not generate real SID, because SID is empty\"");
        return null;
    }

    public static String generateRandomString(int i) {
        return generateRandomString(i, ALPHA_BET);
    }

    public static String generateRandomString(int i, String str) {
        try {
            SecureRandom secureRandom = SecureRandom.getInstance(SSL.DEFAULT_SECURE_RANDOM_ALGORITHM);
            StringBuilder sb = new StringBuilder();
            for (int i2 = 0; i2 < i; i2++) {
                sb.append(str.charAt(secureRandom.nextInt(str.length())));
            }
            return sb.toString();
        } catch (Throwable th) {
            logger.error("message=\"DeviceFP Generation failed\"", th);
            return null;
        }
    }

    public static byte[] generateSha256(byte[] bArr) throws NoSuchAlgorithmException, NoSuchProviderException {
        MessageDigest messageDigest;
        try {
            messageDigest = MessageDigest.getInstance("SHA-256", Constants.Security.ANDROID_OPEN_SSL_PROVIDER);
        } catch (Exception e) {
            logger.error("message=\"AndroidOpenSSL provider is not supported\"", (Throwable) e);
            messageDigest = MessageDigest.getInstance("SHA-256", "SC");
        }
        return messageDigest.digest(bArr);
    }

    public static String getBase64DeviceFp(Context context) {
        logger.error("Getting device FP");
        String deviceFp = getDeviceFp(context);
        logger.error("Device fp = " + deviceFp);
        if (deviceFp == null) {
            logger.error("Device fp = null, generating new");
            deviceFp = generateDeviceFingerPrint();
            logger.error("generated device FP = " + deviceFp);
        }
        String encodeBase64 = encodeBase64(deviceFp);
        logger.error("Encoded device FP = " + encodeBase64);
        return encodeBase64;
    }

    public static String getDeviceFp(Context context) {
        return PingIdSDKApplicationContext.getInstance().getPreferenceManager().getDeviceFingerPrint(context);
    }

    public static PrivateKey getPrivateKey(Context context) throws NoSuchAlgorithmException, InvalidKeySpecException {
        String privateKeyPrivateExponent;
        PreferenceMgr preferenceManager = PingIdSDKApplicationContext.getInstance().getPreferenceManager();
        if (Build.VERSION.SDK_INT < 21) {
            String maskPrivateKey = EnvironmentProxyHelper.getInstance().maskPrivateKey(context, preferenceManager.getPrivateKey(context));
            if (maskPrivateKey != null) {
                return KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(Base64.decode(maskPrivateKey.getBytes(), 2)));
            }
            return null;
        }
        RSAKey privateKey = AndroidKeyStoreHelper.getPrivateKey(AndroidKeyStoreHelper.ANDROID_KEY_STORE_PRK_ALIAS);
        if (privateKey == null || (privateKeyPrivateExponent = preferenceManager.getPrivateKeyPrivateExponent(context)) == null) {
            return null;
        }
        return KeyFactory.getInstance("RSA").generatePrivate(new RSAPrivateKeySpec(privateKey.getModulus(), new BigInteger(privateKeyPrivateExponent)));
    }

    public static PublicKey getPublicKey(Context context) throws AccellsSecurityException {
        String publicKey = PingIdSDKApplicationContext.getInstance().getPreferenceManager().getPublicKey(context);
        if (publicKey == null || publicKey.trim().length() == 0) {
            throw new AccellsSecurityException(new IllegalStateException("PublicKey does not exist"));
        }
        return AccellsSecurityUtil.getPublicKeyFromBytes(Base64.decode(publicKey, 0));
    }

    public static boolean isLockScreenSecured(Context context) {
        boolean booleanValue;
        boolean z = false;
        try {
            KeyguardManager keyguardManager = (KeyguardManager) context.getSystemService("keyguard");
            if (Build.VERSION.SDK_INT >= 23) {
                booleanValue = keyguardManager.isDeviceSecure();
            } else {
                Class<?> cls = Class.forName("com.android.internal.widget.LockPatternUtils");
                booleanValue = Boolean.valueOf(String.valueOf(cls.getMethod("isSecure", new Class[0]).invoke(cls.getConstructor(Context.class).newInstance(context), new Object[0]))).booleanValue();
            }
            z = booleanValue;
        } catch (Exception e) {
            logger.error("message=\"Reflection failed. isSecure\"", (Throwable) e);
        }
        logger.info("message=\"isLockScreenSecured = " + z + "\"");
        return z;
    }

    public static void resyncOtp(Context context, String str) {
        logger.info("message=\"OTP re-sync flow start\"");
        try {
            byte[] decode = Base64.decode(str, 0);
            PrivateKey privateKey = getPrivateKey(context);
            Cipher cipher = Cipher.getInstance(privateKey.getAlgorithm(), "SC");
            cipher.init(2, privateKey);
            PingIdSDKApplicationContext.getInstance().getPreferenceManager().setOtpCounter(context, Long.parseLong(new String(cipher.doFinal(decode))));
            logger.info("message=\"OTP re-sync flow finished SUCCESSFULLY\"");
            logger.info("message=\"Util re-syncOtp LOCAL_INTENT_OTP_IS_CHANGED\"");
            LocalBroadcastManager.getInstance(context).sendBroadcast(new Intent(AccellsConstants.LOCAL_INTENT_OTP_IS_CHANGED));
        } catch (Exception e) {
            logger.error("message=\"OTP re-sync flow FAILED\"", (Throwable) e);
        }
    }

    public static void startNewActivity(Context context, Intent intent) {
        intent.addFlags(4);
        intent.addFlags(PKIFailureInfo.duplicateCertReq);
        intent.addFlags(268435456);
        context.startActivity(intent);
    }

    public static void startNewActivity(Context context, Class<?> cls) {
        startNewActivity(context, new Intent(context, cls));
    }
}
