package com.scl.rdservice.ecsclient.managementclient;

import android.app.Activity;
import android.content.Context;
import android.content.pm.PackageManager;
import android.content.pm.Signature;
import android.support.annotation.NonNull;
import android.support.annotation.Nullable;
import android.util.Base64;
import android.util.Log;
import com.google.android.gms.common.api.ApiException;
import com.google.android.gms.safetynet.SafetyNet;
import com.google.android.gms.safetynet.SafetyNetApi;
import com.google.android.gms.tasks.OnFailureListener;
import com.google.android.gms.tasks.OnSuccessListener;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.DigestInputStream;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.SecureRandom;
import java.security.cert.CertificateEncodingException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.List;
import org.bouncycastle.pqc.jcajce.spec.McElieceCCA2KeyGenParameterSpec;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes2.dex */
public class SafetyNetExecutor {
    private static final int BUFFER_SIZE = 2048;
    private List<String> apkCertificateDigests;
    private String apkDigest;
    private SafetyNetCallback callback;
    private Activity context;
    private String mResult;
    private String packageName;
    private byte[] requestNonce;
    private long requestTimestamp;
    private final SecureRandom secureRandom = new SecureRandom();

    private static List<String> calcApkCertificateDigests(Context context, String str) {
        ArrayList arrayList = new ArrayList();
        try {
            for (Signature signature : context.getPackageManager().getPackageInfo(str, 64).signatures) {
                try {
                    MessageDigest messageDigest = MessageDigest.getInstance(McElieceCCA2KeyGenParameterSpec.SHA256);
                    messageDigest.update(signature.toByteArray());
                    arrayList.add(Base64.encodeToString(messageDigest.digest(), 2));
                } catch (NoSuchAlgorithmException e) {
                    e.getCause();
                }
            }
        } catch (PackageManager.NameNotFoundException e2) {
            e2.printStackTrace();
        }
        return arrayList;
    }

    private static String calcApkDigest(Context context) {
        return Base64.encodeToString(getApkFileDigest(context), 2);
    }

    private byte[] generateOneTimeRequestNonce() {
        byte[] bArr = new byte[32];
        this.secureRandom.nextBytes(bArr);
        return Utils.a(bArr).getBytes();
    }

    private static byte[] getApkFileDigest(Context context) {
        try {
            return getDigest(new FileInputStream(context.getPackageCodePath()), McElieceCCA2KeyGenParameterSpec.SHA256);
        } catch (Throwable th) {
            th.getCause();
            return null;
        }
    }

    private static byte[] getDigest(InputStream inputStream, String str) {
        MessageDigest messageDigest = MessageDigest.getInstance(str);
        try {
            DigestInputStream digestInputStream = new DigestInputStream(inputStream, messageDigest);
            do {
            } while (digestInputStream.read(new byte[2048]) != -1);
            digestInputStream.close();
            return messageDigest.digest();
        } finally {
            inputStream.close();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    @Nullable
    public SafetyNetResponse parseJsonWebSignature(String str) {
        if (str == null) {
            return null;
        }
        String[] split = str.split("\\.");
        if (split.length == 3) {
            return SafetyNetResponse.a(new String(Base64.decode(split[1], 0)));
        }
        return null;
    }

    private void sendSafetyNetRequest() {
        this.requestNonce = generateOneTimeRequestNonce();
        this.requestTimestamp = System.currentTimeMillis();
        SafetyNet.getClient(this.context).attest(this.requestNonce, com.scl.rdservice.utilities.Utils.API_KEY).addOnSuccessListener(this.context, new OnSuccessListener<SafetyNetApi.AttestationResponse>() { // from class: com.scl.rdservice.ecsclient.managementclient.SafetyNetExecutor.2
            @Override // com.google.android.gms.tasks.OnSuccessListener
            public void onSuccess(SafetyNetApi.AttestationResponse attestationResponse) {
                SafetyNetExecutor.this.mResult = attestationResponse.getJwsResult();
                if (SafetyNetExecutor.this.mResult == null || SafetyNetExecutor.this.mResult.isEmpty()) {
                    SafetyNetExecutor.this.callback.onSafetyNetError("ERROR! Data not available");
                    SafetyNetExecutor.this.mResult = null;
                    return;
                }
                List<Object> process = new SafetyNetResponseVerify().process(SafetyNetExecutor.this.mResult);
                if (process == null) {
                    SafetyNetExecutor.this.callback.onSafetyNetError("Your Smart phone does not meet minimum security requirement of UIDAI. Please try some other handset.");
                    SafetyNetExecutor.this.mResult = null;
                    return;
                }
                if (!process.get(0).toString().equalsIgnoreCase("00")) {
                    SafetyNetExecutor.this.callback.onSafetyNetError(process.get(1).toString());
                    SafetyNetExecutor.this.mResult = null;
                    return;
                }
                try {
                    SafetyNetResponse parseJsonWebSignature = SafetyNetExecutor.this.parseJsonWebSignature(SafetyNetExecutor.this.mResult);
                    if (SafetyNetExecutor.this.validateSafetyNetResponsePayload(parseJsonWebSignature) && parseJsonWebSignature.f() && parseJsonWebSignature.a().equals(Base64.encodeToString(SafetyNetExecutor.this.requestNonce, 2).trim())) {
                        try {
                            SafetyNetExecutor.this.callback.onSafetyNetResponse(true);
                            SafetyNetExecutor.this.mResult = null;
                        } catch (IOException | CertificateEncodingException e) {
                            SafetyNetExecutor.this.callback.onSafetyNetError("Your Smart phone does not meet minimum security requirement of UIDAI. Please try some other handset.");
                            SafetyNetExecutor.this.mResult = null;
                        }
                    } else {
                        SafetyNetExecutor.this.callback.onSafetyNetError("Your Smart phone does not meet minimum security requirement of UIDAI. Please try some other handset.");
                        SafetyNetExecutor.this.mResult = null;
                    }
                } catch (Exception e2) {
                    SafetyNetExecutor.this.callback.onSafetyNetError("Your Smart phone does not meet minimum security requirement of UIDAI. Please try some other handset.");
                    SafetyNetExecutor.this.mResult = null;
                }
            }
        }).addOnFailureListener(this.context, new OnFailureListener() { // from class: com.scl.rdservice.ecsclient.managementclient.SafetyNetExecutor.1
            @Override // com.google.android.gms.tasks.OnFailureListener
            public void onFailure(@NonNull Exception exc) {
                String str;
                if (!(exc instanceof ApiException)) {
                    Log.d("SafetyNet: ", "Error: " + exc.getMessage());
                    SafetyNetExecutor.this.callback.onSafetyNetError("Unknown Error");
                    SafetyNetExecutor.this.mResult = null;
                    return;
                }
                switch (((ApiException) exc).getStatusCode()) {
                    case 7:
                        str = "Network Error. Please check your connectivity";
                        break;
                    case 8:
                        str = "Internal Error Occur. Please check your connectivity";
                        break;
                    case 9:
                    case 10:
                    case 11:
                    case 12:
                    case 14:
                    case 16:
                    default:
                        str = "Internal Error Occur. Please check your connectivity";
                        break;
                    case 13:
                        str = "Internal Error Occur. Please check your connectivity";
                        break;
                    case 15:
                        str = "Connection Timeout. Please check your connectivity";
                        break;
                    case 17:
                        str = "Server not connected.";
                        break;
                }
                SafetyNetExecutor.this.callback.onSafetyNetError(str);
                SafetyNetExecutor.this.mResult = null;
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: private */
    public boolean validateSafetyNetResponsePayload(SafetyNetResponse safetyNetResponse) {
        if (safetyNetResponse == null) {
            this.callback.onSafetyNetError("SafetyNetResponse is null.");
            return false;
        }
        if (!Base64.encodeToString(this.requestNonce, 2).trim().equals(safetyNetResponse.a())) {
            this.callback.onSafetyNetError("invalid nonce");
            return false;
        }
        if (!this.packageName.equalsIgnoreCase(safetyNetResponse.c())) {
            this.callback.onSafetyNetError("invalid packageName");
            return false;
        }
        long b = safetyNetResponse.b() - this.requestTimestamp;
        if (b > 120000) {
            this.callback.onSafetyNetError("Duration calculated from the timestamp of response \"" + b + " \" exceeds maximum permitted duration");
            return false;
        }
        if (!Arrays.equals(this.apkCertificateDigests.toArray(), safetyNetResponse.d())) {
            this.callback.onSafetyNetError("invalid apkCertificateDigest");
            return false;
        }
        if (this.apkDigest.equals(safetyNetResponse.e())) {
            return true;
        }
        this.callback.onSafetyNetError("invalid ApkDigest");
        return false;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void a(@NonNull Activity activity, SafetyNetCallback safetyNetCallback) {
        this.context = activity;
        this.packageName = activity.getPackageName();
        this.callback = safetyNetCallback;
        this.apkCertificateDigests = calcApkCertificateDigests(activity, this.packageName);
        this.apkDigest = calcApkDigest(activity);
        sendSafetyNetRequest();
    }
}
