package com.entrust.identityGuard.mobile.sdk;

import android.content.Context;
import android.content.Intent;
import android.net.Uri;
import android.os.Build;
import android.os.Bundle;
import android.util.Log;
import com.entrust.identityGuard.mobile.client.crypto.RandomGeneratorIntf;
import com.entrust.identityGuard.mobile.crypto.android.DeviceKeyManager;
import com.entrust.identityGuard.mobile.crypto.android.PRNGFixes;
import com.entrust.identityGuard.mobile.sdk.exception.IdentityGuardMobileException;
import com.entrust.identityGuard.mobile.sdk.exception.InvalidLaunchLinkException;
import java.io.File;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.util.List;
import java.util.Locale;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.spec.IvParameterSpec;

/* loaded from: classes.dex */
public class PlatformDelegate {
    public static final String APP_NAME = "IdG Mobile SDK";
    public static final String HTTPS_PROTOCOL_SSLV3 = "SSLv3";
    public static final int LOG_LEVEL_DEBUG = 4;
    public static final int LOG_LEVEL_ERROR = 1;
    public static final int LOG_LEVEL_INFO = 3;
    public static final int LOG_LEVEL_OFF = 0;
    public static final int LOG_LEVEL_WARNING = 2;
    private static com.entrust.identityGuard.mobile.client.crypto.e a = null;
    private static boolean b = false;
    private static com.entrust.identityGuard.mobile.version.a c = null;
    private static CommCallback d = null;
    private static String e = null;
    private static Boolean f = null;
    private static int g = 2;
    private static DeviceKeyManager h = null;
    private static String i = null;
    private static boolean j = true;
    private static String k;
    private static String[] l;
    public static final String HTTPS_PROTOCOL_TLSv1 = "TLSv1";
    public static final String HTTPS_PROTOCOL_TLSv11 = "TLSv1.1";
    public static final String HTTPS_PROTOCOL_TLSv12 = "TLSv1.2";
    private static final String[] m = {HTTPS_PROTOCOL_TLSv1, HTTPS_PROTOCOL_TLSv11, HTTPS_PROTOCOL_TLSv12};
    private static final String[] n = {HTTPS_PROTOCOL_TLSv1};
    private static final String[] o = {SdkHelpers.ONE, "2", "3", "4"};

    /* JADX INFO: Access modifiers changed from: package-private */
    public static RandomGeneratorIntf a() {
        return a;
    }

    private static synchronized void a(Context context) {
        synchronized (PlatformDelegate.class) {
            if (h == null) {
                try {
                    DeviceKeyManager.init(context);
                    h = DeviceKeyManager.getInstance();
                } catch (Exception e2) {
                    Log.e("SmartCredentialSDK", "Failed to initialize DeviceKeyManager. ", e2);
                }
            }
        }
    }

    public static void addTimingSeed() {
    }

    private static void b() {
        logInfo("IGMobileSDK", "Entrust IdentityGuard Soft Token SDK Version:  " + c.b());
        logInfo("IGMobileSDK", "OS API Level:  " + Build.VERSION.SDK_INT);
        logInfo("IGMobileSDK", "Device Model:  " + Build.MANUFACTURER + " " + Build.MODEL + " (" + Build.PRODUCT + ")");
        StringBuilder sb = new StringBuilder();
        sb.append("Current language:  ");
        sb.append(Locale.getDefault().getDisplayName(Locale.US));
        logInfo("IGMobileSDK", sb.toString());
    }

    private static boolean c() {
        String str = Build.TAGS;
        return str != null && str.contains("test-keys");
    }

    private static boolean d() {
        try {
            for (String str : new String[]{"/system/app/Superuser.apk", "/system/app/SuperSU/SuperSU.apk", "/system/xbin/su", "/system/xbin/supolicy"}) {
                if (new File(str).exists()) {
                    return true;
                }
            }
            String[] e2 = e();
            if (e2 != null && e2.length > 0) {
                for (String str2 : e2) {
                    if (!str2.endsWith("/")) {
                        str2 = str2 + "/";
                    }
                    if (new File(str2 + "su").exists()) {
                        return true;
                    }
                }
            }
        } catch (Exception unused) {
        }
        return false;
    }

    public static byte[] decryptData(Context context, byte[] bArr) {
        if (bArr == null || bArr.length == 0) {
            return null;
        }
        a(context);
        byte[] bArr2 = new byte[16];
        for (int i2 = 0; i2 < 16; i2++) {
            bArr2[i2] = bArr[i2];
        }
        byte[] bArr3 = new byte[bArr.length - 16];
        for (int i3 = 0; i3 < bArr3.length; i3++) {
            bArr3[i3] = bArr[i3 + 16];
        }
        try {
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
            try {
                cipher.init(2, h.getKey(), new IvParameterSpec(bArr2));
            } catch (Exception e2) {
                SecretKey fallbackKey = h.getFallbackKey();
                if (fallbackKey == null) {
                    throw new RuntimeException("Cipher key not supported: " + e2.toString());
                }
                try {
                    cipher.init(2, fallbackKey, new IvParameterSpec(bArr2));
                } catch (Exception e3) {
                    throw new RuntimeException("Cipher key not supported: " + e3.toString());
                }
            }
            try {
                return cipher.doFinal(bArr3);
            } catch (Exception e4) {
                if (h.getFallbackKey() == null) {
                    throw new RuntimeException("Cipher completion error: " + e4.toString());
                }
                try {
                    cipher.init(2, h.getFallbackKey(), new IvParameterSpec(bArr2));
                    return cipher.doFinal(bArr3);
                } catch (InvalidAlgorithmParameterException e5) {
                    e = e5;
                    throw new RuntimeException("Cipher key not supported: " + e.toString());
                } catch (InvalidKeyException e6) {
                    e = e6;
                    throw new RuntimeException("Cipher key not supported: " + e.toString());
                } catch (BadPaddingException e7) {
                    throw new RuntimeException("Cipher padding not supported: " + e7.toString());
                } catch (IllegalBlockSizeException e8) {
                    throw new RuntimeException("Cipher block size not supported: " + e8.toString());
                }
            }
        } catch (NoSuchAlgorithmException unused) {
            throw new RuntimeException("AES/CBC/PKCS5Padding cipher algorithm not supported");
        } catch (NoSuchPaddingException unused2) {
            throw new RuntimeException("AES/CBC/PKCS5Padding cipher padding not supported");
        }
    }

    private static String[] e() {
        String str = System.getenv("path");
        if (str == null || str.length() <= 0) {
            return null;
        }
        return str.split(":");
    }

    public static byte[] encryptData(Context context, byte[] bArr) {
        if (bArr == null || bArr.length == 0) {
            return null;
        }
        a(context);
        byte[] bArr2 = new byte[16];
        try {
            SecureRandom.getInstance("SHA1PRNG").nextBytes(bArr2);
            try {
                Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
                try {
                    cipher.init(1, h.getKey(), new IvParameterSpec(bArr2));
                    try {
                        byte[] doFinal = cipher.doFinal(bArr);
                        byte[] bArr3 = new byte[doFinal.length + 16];
                        for (int i2 = 0; i2 < 16; i2++) {
                            bArr3[i2] = bArr2[i2];
                        }
                        for (int i3 = 16; i3 < bArr3.length; i3++) {
                            bArr3[i3] = doFinal[i3 - 16];
                        }
                        return bArr3;
                    } catch (BadPaddingException e2) {
                        throw new RuntimeException("Cipher padding not supported: " + e2.toString());
                    } catch (IllegalBlockSizeException e3) {
                        throw new RuntimeException("Cipher block size not supported: " + e3.toString());
                    }
                } catch (Exception e4) {
                    throw new RuntimeException("Cipher key not supported: " + e4.toString());
                }
            } catch (NoSuchAlgorithmException unused) {
                throw new RuntimeException("AES/CBC/PKCS5Padding cipher algorithm not supported");
            } catch (NoSuchPaddingException unused2) {
                throw new RuntimeException("AES/CBC/PKCS5Padding cipher padding not supported");
            }
        } catch (NoSuchAlgorithmException unused3) {
            throw new RuntimeException("SHA1PRNG secure random algorithm not supported");
        }
    }

    private static boolean f() {
        return new e().a(f.check_su_binary) != null;
    }

    private static boolean g() {
        String lowerCase = System.getProperty("os.version").toLowerCase(Locale.getDefault());
        if (!lowerCase.contains("cyanogenmod") && !lowerCase.contains("modaco") && !lowerCase.contains("miui")) {
            return false;
        }
        Log.w("IGMobileSDK", "device is not secure: device using custom kernel [" + lowerCase + "]");
        return true;
    }

    public static String[] getAllApiVersions() {
        return o;
    }

    public static String[] getAllowedSslProtocols() {
        if (Build.VERSION.SDK_INT < 16) {
            String[] strArr = l;
            return strArr == null ? n : strArr;
        }
        String[] strArr2 = l;
        return strArr2 == null ? m : strArr2;
    }

    public static String getApiVersion() {
        return "4";
    }

    public static String getApplicationId() {
        return i;
    }

    public static String getApplicationScheme() {
        return k;
    }

    public static String getApplicationVersion() {
        String str = e;
        return str == null ? c.a() : str;
    }

    public static CommCallback getCommCallback() {
        return d;
    }

    public static Object getFacephiMatcherLicenseManager() {
        return c.a();
    }

    public static String getFullVersion() {
        return c.b();
    }

    public static int getLogLevel() {
        return g;
    }

    public static String getPlatform() {
        return "ANDROID";
    }

    public static String getVersion() {
        return c.a();
    }

    private static boolean h() {
        String lowerCase = Build.DISPLAY.toLowerCase(Locale.getDefault());
        if (!lowerCase.contains("cyanogen") && !lowerCase.contains("modaco") && !lowerCase.contains("miui") && !lowerCase.contains("darkforest")) {
            return false;
        }
        Log.w("IGMobileSDK", "device is not secure: device using custom build [" + lowerCase + "]");
        return true;
    }

    public static void initialize(Context context) {
        if (!b) {
            PRNGFixes.apply();
            b = true;
        }
        a = new com.entrust.identityGuard.mobile.client.crypto.e();
        d = DefaultCommCallback.getInstance(context);
        c = new com.entrust.identityGuard.mobile.version.a();
        b();
    }

    public static List initializeFaceRecognitionLicense(String str, List list, Context context) throws IdentityGuardMobileException {
        return c.a(str, list, context);
    }

    public static boolean isAutoApiVersionFallbackEnabled() {
        return j;
    }

    public static synchronized boolean isDeviceRooted() {
        synchronized (PlatformDelegate.class) {
            if (f != null) {
                return f.booleanValue();
            }
            if (c()) {
                Log.w("IGMobileSDK", "device is not secure: build tags contain test-keys");
                f = true;
            }
            if (d()) {
                Log.w("IGMobileSDK", "device is not secure: super-user file is accessible");
                f = true;
            }
            if (f()) {
                Log.w("IGMobileSDK", "device is not secure: device can run commands using escalated priviledges");
                f = true;
            }
            if (g()) {
                Log.w("IGMobileSDK", "device is not secure: device running unsupported kernel");
                f = true;
            }
            if (h()) {
                Log.w("IGMobileSDK", "device is not secure: device running unsupported build");
                f = true;
            }
            if (f == null) {
                f = false;
            }
            Log.d("IGMobileSDK", "is device rooted? " + f);
            return f.booleanValue();
        }
    }

    public static void logDebug(String str, String str2) {
        if (g < 4) {
            return;
        }
        Log.d(str, str2);
    }

    public static void logError(String str, String str2) {
        if (g < 1) {
            return;
        }
        logError(str, str2, null);
    }

    public static void logError(String str, String str2, Throwable th) {
        if (g < 1) {
            return;
        }
        if (str2 == null) {
            str2 = "";
        }
        if (th == null) {
            Log.e(str, str2);
        } else {
            Log.e(str, str2, th);
        }
    }

    public static void logInfo(String str, String str2) {
        if (g < 3) {
            return;
        }
        Log.i(str, str2);
    }

    public static void logLongMessage(String str, String str2) {
        int length = str2.length();
        for (int i2 = 0; i2 < length; i2 += 80) {
            logDebug("IGMobileSDK", length - i2 > 80 ? str2.substring(i2, i2 + 80) : str2.substring(i2));
        }
    }

    public static void logWarning(String str, String str2) {
        if (g < 2) {
            return;
        }
        Log.w(str, str2);
    }

    public static void logWarning(String str, String str2, Throwable th) {
        if (g < 2) {
            return;
        }
        Log.w(str, str2, th);
    }

    public static LaunchUrlParams parseLaunchUrl(Intent intent) throws IdentityGuardMobileException {
        LaunchUrlParams launchUrlParams;
        Uri data = intent.getData();
        if (data == null) {
            throw new InvalidLaunchLinkException("The Intent does not contain the URL for the launch link.");
        }
        String scheme = data.getScheme();
        String queryParameter = data.getQueryParameter("action");
        if (scheme == null || queryParameter == null) {
            throw new InvalidLaunchLinkException("The launch link provided is missing the scheme and/or the action.");
        }
        if (queryParameter.equalsIgnoreCase("activate")) {
            String queryParameter2 = data.getQueryParameter("regpwd");
            String queryParameter3 = data.getQueryParameter("regurl");
            String queryParameter4 = data.getQueryParameter("serialnum");
            if (queryParameter2 == null || queryParameter2.trim().isEmpty() || queryParameter3 == null || queryParameter3.trim().isEmpty() || queryParameter4 == null || queryParameter4.trim().isEmpty()) {
                throw new InvalidLaunchLinkException("The launch link provided is missing at least one: registration password, registration URL, or serial number");
            }
            if (queryParameter2.length() < 8) {
                throw new IdentityGuardMobileException("Invalid registration password provided in the activation link: too short.");
            }
            if (queryParameter4.contains("-")) {
                queryParameter4 = queryParameter4.replace("-", "");
            }
            launchUrlParams = new ActivationLaunchUrlParams();
            ActivationLaunchUrlParams activationLaunchUrlParams = (ActivationLaunchUrlParams) launchUrlParams;
            activationLaunchUrlParams.b(queryParameter2);
            activationLaunchUrlParams.a(queryParameter3);
            activationLaunchUrlParams.c(queryParameter4);
        } else if (queryParameter.equalsIgnoreCase("trans")) {
            String queryParameter5 = data.getQueryParameter("enc");
            String queryParameter6 = data.getQueryParameter("mac");
            String queryParameter7 = data.getQueryParameter("sn");
            String queryParameter8 = data.getQueryParameter("v");
            if (queryParameter5 == null || queryParameter5.trim().isEmpty() || queryParameter6 == null || queryParameter6.trim().isEmpty() || queryParameter7 == null || queryParameter7.trim().isEmpty() || queryParameter8 == null || queryParameter8.trim().isEmpty()) {
                throw new InvalidLaunchLinkException("The launch link provided is missing at least one of: encrypted message, MAC, serial number, or version");
            }
            if (queryParameter7.contains("-")) {
                queryParameter7 = queryParameter7.replace("-", "");
            }
            launchUrlParams = new OfflineTransactionUrlParams();
            OfflineTransactionUrlParams offlineTransactionUrlParams = (OfflineTransactionUrlParams) launchUrlParams;
            offlineTransactionUrlParams.b(queryParameter5);
            offlineTransactionUrlParams.c(queryParameter6);
            offlineTransactionUrlParams.a(queryParameter7);
            offlineTransactionUrlParams.f(queryParameter8);
        } else if (queryParameter.equalsIgnoreCase("secactivate")) {
            String queryParameter9 = data.getQueryParameter("enc");
            String queryParameter10 = data.getQueryParameter("mac");
            String queryParameter11 = data.getQueryParameter("v");
            if (queryParameter9 == null || queryParameter9.trim().isEmpty() || queryParameter10 == null || queryParameter10.trim().isEmpty() || queryParameter11 == null || queryParameter11.isEmpty()) {
                throw new InvalidLaunchLinkException("The launch link provided is missing at least one of: encrypted message, MAC, or version");
            }
            SecureOfflineActivationUrlParams secureOfflineActivationUrlParams = new SecureOfflineActivationUrlParams();
            SecureOfflineActivationUrlParams secureOfflineActivationUrlParams2 = secureOfflineActivationUrlParams;
            secureOfflineActivationUrlParams2.a(queryParameter9);
            secureOfflineActivationUrlParams2.b(queryParameter10);
            secureOfflineActivationUrlParams2.c(queryParameter11);
            launchUrlParams = secureOfflineActivationUrlParams;
        } else {
            launchUrlParams = new LaunchUrlParams();
        }
        launchUrlParams.e(queryParameter);
        launchUrlParams.d(scheme);
        return launchUrlParams;
    }

    public static TransactionNotificationParams parseTransactionNotification(Intent intent) throws IdentityGuardMobileException {
        Bundle extras = intent.getExtras();
        if (!extras.containsKey(TransactionProvider.PROTOCOL_INSTANCEID) || !extras.containsKey(TransactionProvider.PROTOCOL_TXNID)) {
            throw new IdentityGuardMobileException("Invalid notification payload provided.");
        }
        String string = extras.getString(TransactionProvider.PROTOCOL_TXNID);
        String string2 = extras.getString(TransactionProvider.PROTOCOL_INSTANCEID);
        if (string == null || string.trim().equals("") || string2 == null || string2.trim().equals("")) {
            throw new IdentityGuardMobileException("Invalid notification payload provided.");
        }
        TransactionNotificationParams transactionNotificationParams = new TransactionNotificationParams();
        transactionNotificationParams.a(string2);
        transactionNotificationParams.b(string);
        return transactionNotificationParams;
    }

    public static void setAllowedSslProtocols(String[] strArr) throws IllegalArgumentException {
        int i2 = 0;
        if (Build.VERSION.SDK_INT < 16) {
            while (i2 < strArr.length) {
                if (!strArr[i2].equalsIgnoreCase(HTTPS_PROTOCOL_SSLV3) || !strArr[i2].equalsIgnoreCase(HTTPS_PROTOCOL_TLSv1)) {
                    throw new IllegalArgumentException("Unsupported SSL/TLS protocol.");
                }
                i2++;
            }
        } else {
            while (i2 < strArr.length) {
                if (!strArr[i2].equalsIgnoreCase(HTTPS_PROTOCOL_SSLV3) || !strArr[i2].equalsIgnoreCase(HTTPS_PROTOCOL_TLSv1) || !strArr[i2].equalsIgnoreCase(HTTPS_PROTOCOL_TLSv11) || !strArr[i2].equalsIgnoreCase(HTTPS_PROTOCOL_TLSv12)) {
                    throw new IllegalArgumentException("Unsupported SSL/TLS protocol.");
                }
                i2++;
            }
        }
        l = strArr;
    }

    public static void setApplicationId(String str) {
        i = str;
    }

    public static void setApplicationScheme(String str) {
        k = str;
    }

    public static void setApplicationVersion(String str) {
        e = str;
    }

    public static void setAutoApiVersionFallback(boolean z) {
        j = z;
    }

    public static void setCommCallback(CommCallback commCallback) {
        d = commCallback;
    }

    public static void setLogLevel(int i2) {
        g = i2;
    }
}
