package com.gmrz.asm.fp.authenticator;

import android.annotation.SuppressLint;
import android.annotation.TargetApi;
import android.content.Context;
import android.security.keystore.KeyPermanentlyInvalidatedException;
import com.gmrz.asm.fp.authenticator.matcherparams.KSMatcherInParams;
import com.gmrz.asm.fp.authenticator.matcherparams.KSMatcherOutParams;
import com.gmrz.asm.fp.authui.FingerprintOperation;
import com.gmrz.authenticationso.AuthKernel;
import com.gmrz.authenticationso.authenticator.KSAuthenticatorKernel;
import com.noknok.android.client.asm.sdk.IMatcher;
import com.noknok.android.client.utils.Charsets;
import com.noknok.android.client.utils.Logger;
import com.noknok.authenticator.AKException;
import java.nio.ByteBuffer;
import java.nio.ByteOrder;
import java.security.KeyStore;
import java.security.Signature;
import java.util.UUID;
import java.util.Vector;

@SuppressLint({"NewApi"})
/* loaded from: classes.dex */
public class FpAuthenticatorKernel extends KSAuthenticatorKernel {
    private static final int Auth_NewIndex = 1;
    private static final int Auth_OldIndex = 0;
    private static final String NewAAID = "004A#01AA";
    private static final String OldAAID = "001A#3333";
    private static final String TAG = "FpAuthenticatorKernel";
    public static String libLoaded = "none";
    private static boolean mIsRegistrationOp = false;

    public FpAuthenticatorKernel() throws AKException {
        Logger.d(TAG, "Library Loaded : " + libLoaded);
    }

    public FpAuthenticatorKernel(Context context, IMatcher iMatcher) throws AKException {
        super(context, iMatcher);
        Logger.d(TAG, "Library Loaded : " + libLoaded);
    }

    @TargetApi(23)
    private byte[] signDataUsingAuthenticatedSignature(byte[] bArr, Signature signature) throws Exception {
        Logger.d(TAG, "signDataUsingAuthenticatedCrypto");
        signature.update(bArr);
        byte[] packageKsEcdsaSignedData = FpCryptoStoreUtils.packageKsEcdsaSignedData(signature.sign());
        Logger.d(TAG, "signDataUsingAuthenticatedCrypto complete");
        return packageKsEcdsaSignedData;
    }

    @Override // com.gmrz.authenticationso.authenticator.KSAuthenticatorKernel
    public byte[] exportPublicKey(byte[] bArr) {
        Logger.i(TAG, "exportPublicKey");
        try {
            String str = new String(bArr, Charsets.utf8Charset);
            Logger.i(TAG, "exportPublicKey uuidBytes:" + str);
            byte[] fpsKsEcdsaPublicKey = FpCryptoStoreUtils.getFpsKsEcdsaPublicKey(str);
            Logger.i(TAG, "Key Export completed");
            return fpsKsEcdsaPublicKey;
        } catch (Exception e) {
            e.printStackTrace();
            Logger.e(TAG, "Exception caught");
            this.statusCode = 1;
            return null;
        }
    }

    @SuppressLint({"NewApi"})
    protected IMatcher.RESULT fpSignData(byte[] bArr, byte[] bArr2, Vector<byte[]> vector) throws Exception {
        KSMatcherInParams matchUI = new KSMatcherInParams().setCustomUI(mMatcherInParams.getCustomUI()).setAntihammeringCallback(mMatcherInParams.getAntiHammeringCallback()).setFinalChallenge(mMatcherInParams.getFinalChallenge()).setTransText(mMatcherInParams.getTransText()).setSignatureObject(FpCryptoStoreUtils.initKsEcdsaSignature(new String(bArr, Charsets.utf8Charset))).setMatchUI(mMatcherInParams.m_matcherUI);
        Logger.d("mIsRegistrationOp", Boolean.toString(mIsRegistrationOp));
        KSMatcherOutParams kSMatcherOutParams = mIsRegistrationOp ? (KSMatcherOutParams) mMatcher.register(matchUI) : (KSMatcherOutParams) mMatcher.authenticate(matchUI);
        String str = TAG;
        StringBuilder sb = new StringBuilder();
        sb.append("outParam: ");
        sb.append(kSMatcherOutParams.getMatchResult());
        sb.append(": compareWithSuccess: ");
        sb.append(!kSMatcherOutParams.getMatchResult().equals(IMatcher.RESULT.SUCCESS));
        Logger.i(str, sb.toString());
        if (kSMatcherOutParams.getMatchResult() != IMatcher.RESULT.SUCCESS) {
            Logger.i(TAG, "Non success");
            return kSMatcherOutParams.getMatchResult();
        }
        Logger.i(TAG, "AKManaged Matcher returned Success. get signature.");
        byte[] signDataUsingAuthenticatedSignature = signDataUsingAuthenticatedSignature(bArr2, kSMatcherOutParams.getAuthenticatedSignature());
        Logger.d(TAG, "fpSignData complete");
        vector.add(0, signDataUsingAuthenticatedSignature);
        return IMatcher.RESULT.SUCCESS;
    }

    @Override // com.gmrz.authenticationso.authenticator.KSAuthenticatorKernel
    public byte[] generateKeyPair() {
        try {
            Logger.i(TAG, "Begin Key generation");
            mIsRegistrationOp = true;
            byte[] generateKeypairUsingFpKeyStore = generateKeypairUsingFpKeyStore();
            ByteBuffer allocate = ByteBuffer.allocate(generateKeypairUsingFpKeyStore.length + 2 + 1);
            allocate.order(ByteOrder.LITTLE_ENDIAN);
            allocate.putShort((short) (generateKeypairUsingFpKeyStore.length + 1));
            allocate.put(generateKeypairUsingFpKeyStore);
            Logger.i(TAG, "End Key generation");
            return allocate.array();
        } catch (Exception e) {
            Logger.e(TAG, "KeyGeneration failed.", e);
            this.statusCode = 1;
            return null;
        }
    }

    protected byte[] generateKeypairUsingFpKeyStore() throws Exception {
        Logger.d(TAG, "Creating Protected Key");
        String uuid = UUID.randomUUID().toString();
        if (!FpCryptoStoreUtils.generateKsEcdsaKeyPair(uuid, mContext)) {
            if (new FingerprintOperation(mContext).hasEnrolledFingerprints()) {
                throw new Exception("FpCryptoStoreUtils.generateKsEcdsaKeyPair failed");
            }
            mMatcher.register(new KSMatcherInParams().setCustomUI(mMatcherInParams.getCustomUI()).setAntihammeringCallback(mMatcherInParams.getAntiHammeringCallback()).setMatchUI(mMatcherInParams.m_matcherUI));
            this.statusCode = 13;
        }
        Logger.d(TAG, "FPSUI: uuid: " + uuid);
        return uuid.getBytes(Charsets.utf8Charset);
    }

    @Override // com.gmrz.authenticationso.authenticator.KSAuthenticatorKernel
    protected String performInitJni(boolean z) {
        Logger.i(TAG, "use new aaid or old aaid, " + z);
        return z ? AuthKernel.initJni(mContext, z, this, "004A#01AA", 1) : AuthKernel.initJni(mContext, z, this, "001A#3333", 0);
    }

    protected String performInitJni(boolean z, boolean z2) {
        return null;
    }

    @Override // com.gmrz.authenticationso.authenticator.KSAuthenticatorKernel
    public byte[] performProcessJni(byte[] bArr) {
        return AuthKernel.processJni(bArr);
    }

    @Override // com.gmrz.authenticationso.authenticator.KSAuthenticatorKernel, com.noknok.android.client.asm.sdk.IAuthenticatorKernel
    public boolean postProcess() {
        super.postProcess();
        mIsRegistrationOp = false;
        return true;
    }

    @Override // com.gmrz.authenticationso.authenticator.KSAuthenticatorKernel
    public void removeKey(byte[] bArr) {
        try {
            Logger.i(TAG, "Begin remove key.");
            FpCryptoStoreUtils.removeKey(new String(bArr, Charsets.utf8Charset));
        } catch (Exception e) {
            Logger.e(TAG, "removeKey failed.", e);
            this.statusCode = 1;
        }
    }

    @Override // com.gmrz.authenticationso.authenticator.KSAuthenticatorKernel
    public byte[] signData(byte[] bArr, byte[] bArr2) {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            String str = new String(bArr, Charsets.utf8Charset);
            KeyStore.Entry entry = keyStore.getEntry(str, null);
            if (entry == null) {
                throw new Exception("Unable to get the signing key by name " + str);
            }
            Signature.getInstance("SHA256withECDSA").initSign(((KeyStore.PrivateKeyEntry) entry).getPrivateKey());
            Logger.i(TAG, "Begin Sign command");
            Vector<byte[]> vector = new Vector<>(1);
            IMatcher.RESULT fpSignData = fpSignData(bArr, bArr2, vector);
            Logger.d(TAG, "signData result:" + fpSignData);
            switch (fpSignData) {
                case SUCCESS:
                    byte[] bArr3 = vector.get(0);
                    Logger.i(TAG, "Sign Command completed");
                    ByteBuffer allocate = ByteBuffer.allocate(bArr3.length + 2);
                    allocate.order(ByteOrder.LITTLE_ENDIAN);
                    allocate.putShort((short) bArr3.length);
                    allocate.put(bArr3);
                    return allocate.array();
                case CANCEL:
                    this.statusCode = 13;
                    return null;
                case CHANGE_AUTHENTICATOR:
                    this.statusCode = 11;
                    return null;
                case FINGER_SET_CHANGE:
                    this.statusCode = 9;
                    return null;
                default:
                    this.statusCode = 1;
                    return null;
            }
        } catch (KeyPermanentlyInvalidatedException e) {
            e.printStackTrace();
            Logger.e(TAG, "KeyStore key invalidated.");
            this.statusCode = 9;
            return null;
        } catch (Exception e2) {
            e2.printStackTrace();
            Logger.e(TAG, "Signing has failed");
            this.statusCode = 1;
            return null;
        }
    }
}
