package X;

import android.content.SharedPreferences;
import android.os.Build;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.KeyPairGenerator;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.spec.ECGenParameterSpec;
import java.util.Calendar;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.concurrent.CopyOnWriteArrayList;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes6.dex */
public final class ER2 {
    public final SharedPreferences A00;
    public final MFK A01;
    public final C28741EFu A02;
    public final String A03;
    public final List A04 = new CopyOnWriteArrayList();

    public ER2(SharedPreferences sharedPreferences, C130566Xg c130566Xg, C28741EFu c28741EFu, C28015DsJ c28015DsJ, String str) {
        this.A03 = str;
        this.A02 = c28741EFu;
        this.A00 = sharedPreferences;
        this.A01 = new MFK(c130566Xg, this, c28015DsJ);
    }

    public static synchronized PublicKey A00(ER2 er2, String str) {
        PublicKey publicKey;
        synchronized (er2) {
            C28741EFu c28741EFu = er2.A02;
            c28741EFu.getClass();
            Certificate certificate = c28741EFu.A01.getCertificate(AbstractC04860Of.A0U(er2.A03, str));
            publicKey = certificate == null ? null : certificate.getPublicKey();
        }
        return publicKey;
    }

    public static Signature A01(ER2 er2, String str) {
        C28741EFu c28741EFu = er2.A02;
        if (c28741EFu == null) {
            throw new GeneralSecurityException("Key Store is null!");
        }
        PrivateKey privateKey = (PrivateKey) c28741EFu.A01.getKey(AbstractC04860Of.A0U(er2.A03, str), null);
        Signature signature = Signature.getInstance("SHA256withECDSA");
        signature.initSign(privateKey);
        return signature;
    }

    public static HashMap A02(ER2 er2) {
        HashMap A0v = AnonymousClass001.A0v();
        Iterator A0z = AnonymousClass001.A0z(er2.A00.getAll());
        while (A0z.hasNext()) {
            Map.Entry A10 = AnonymousClass001.A10(A0z);
            if (A10.getValue() instanceof String) {
                String A0n = AnonymousClass001.A0n(A10);
                String str = er2.A03;
                if (A0n.startsWith(str)) {
                    A0v.put(AnonymousClass001.A0n(A10).substring(str.length()), A10.getValue());
                }
            }
        }
        return A0v;
    }

    public static void A03(EHJ ehj) {
        MFK mfk = ehj.A01.A01;
        EOW.A01(mfk.A03.A00, mfk);
    }

    public C28902ENj A04() {
        PublicKey A00 = A00(this, "MFT_TRUSTED_DEVICE");
        if (A00 == null) {
            return null;
        }
        String encodeToString = Base64.encodeToString(A00.getEncoded(), 2);
        MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
        messageDigest.update(A00.getEncoded());
        String encodeToString2 = Base64.encodeToString(messageDigest.digest(), 11);
        C13970q5.A06(encodeToString2);
        return C28902ENj.A01("MFT_TRUSTED_DEVICE", encodeToString2, encodeToString, "MFT_TRUSTED_DEVICE", AnonymousClass001.A0t());
    }

    public C28902ENj A05(FXQ fxq, C28902ENj c28902ENj) {
        AbstractC05170Pn.A06(c28902ENj.A06.equalsIgnoreCase(fxq.Aet()), "Local Auth Ticket and Server At fingerprint does not match");
        String str = c28902ENj.A04;
        EnumC27220Dbp ASG = fxq.ASG();
        ASG.getClass();
        AbstractC05170Pn.A06(str.equalsIgnoreCase(ASG.name()), "Auth Ticket and Server AT Type is differ!");
        C28902ENj A00 = C28902ENj.A00(fxq, c28902ENj.A02, c28902ENj.A08, System.currentTimeMillis());
        String str2 = A00.A02;
        this.A00.edit().putString(AbstractC04860Of.A0U(this.A03, str2), A00.A07).apply();
        this.A04.add(A00);
        return A00;
    }

    public C28902ENj A06(String str, List list) {
        String encodeToString;
        String encodeToString2;
        String A0k = "MFT_TRUSTED_DEVICE".equalsIgnoreCase(str) ? "MFT_TRUSTED_DEVICE" : AbstractC17930yb.A0k();
        boolean equalsIgnoreCase = "BIO".equalsIgnoreCase(str);
        synchronized (this) {
            this.A02.getClass();
            String A0U = AbstractC04860Of.A0U(this.A03, A0k);
            MvR mvR = new MvR();
            mvR.A00 = A0U;
            mvR.A03 = equalsIgnoreCase;
            Calendar calendar = Calendar.getInstance();
            Calendar calendar2 = Calendar.getInstance();
            calendar2.add(1, 20);
            if (mvR.A01 == null) {
                mvR.A01 = BigInteger.ONE;
            }
            if (mvR.A02 == null) {
                mvR.A02 = new X500Principal(AbstractC04860Of.A0e("CN=", mvR.A00, " CA Certificate"));
            }
            String str2 = mvR.A00;
            str2.getClass();
            MwY mwY = new MwY(str2, mvR.A01, calendar.getTime(), calendar2.getTime(), mvR.A02, mvR.A03);
            KeyGenParameterSpec.Builder algorithmParameterSpec = new KeyGenParameterSpec.Builder(mwY.A00, 12).setKeySize(256).setCertificateSerialNumber(mwY.A01).setCertificateSubject(mwY.A04).setCertificateNotBefore(mwY.A03).setCertificateNotAfter(mwY.A02).setUserAuthenticationRequired(mwY.A05).setDigests("SHA-256").setAlgorithmParameterSpec(new ECGenParameterSpec("secp256r1"));
            if (Build.VERSION.SDK_INT >= 30) {
                C28741EFu.A00(algorithmParameterSpec, mwY);
            }
            KeyGenParameterSpec build = algorithmParameterSpec.build();
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC", "AndroidKeyStore");
            keyPairGenerator.initialize(build);
            PublicKey publicKey = keyPairGenerator.generateKeyPair().getPublic();
            MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
            messageDigest.update(publicKey.getEncoded());
            encodeToString = Base64.encodeToString(messageDigest.digest(), 11);
            C13970q5.A06(encodeToString);
        }
        synchronized (this) {
            PublicKey A00 = A00(this, A0k);
            A00.getClass();
            encodeToString2 = Base64.encodeToString(A00.getEncoded(), 2);
        }
        return C28902ENj.A01(str, encodeToString, encodeToString2, A0k, list);
    }

    public C28902ENj A07(String str, List list) {
        try {
            return A06(str, list);
        } catch (Exception e) {
            C07840dZ.A0H("DefaultAuthTicketManager", "create AT Safe", e);
            return null;
        }
    }

    public synchronized Exception A08(String str) {
        try {
            SharedPreferences.Editor edit = this.A00.edit();
            String str2 = this.A03;
            edit.remove(AbstractC04860Of.A0U(str2, str)).apply();
            C28741EFu c28741EFu = this.A02;
            if (c28741EFu != null) {
                c28741EFu.A01.deleteEntry(AbstractC04860Of.A0U(str2, str));
            }
            List<C28902ENj> list = this.A04;
            for (C28902ENj c28902ENj : list) {
                if (str.equalsIgnoreCase(AbstractC04860Of.A0U(str2, c28902ENj.A02))) {
                    list.remove(c28902ENj);
                }
            }
            e = null;
        } catch (Throwable th) {
            try {
                throw th;
            } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
                e = e;
                C07840dZ.A0H("DefaultAuthTicketManager", "Delete AT", e);
            }
        }
        return e;
    }

    public void A09(C28902ENj c28902ENj, Mw6 mw6) {
        String str = c28902ENj.A06;
        String str2 = mw6.A02;
        AbstractC05170Pn.A06(str.equalsIgnoreCase(str2), "Local Auth Ticket and Server At fingerprint does not match");
        String str3 = c28902ENj.A04;
        String str4 = mw6.A01;
        AbstractC05170Pn.A06(str3.equalsIgnoreCase(str4), "Auth Ticket and Server AT Type is differ!");
        String str5 = c28902ENj.A02;
        String str6 = c28902ENj.A08;
        C28902ENj c28902ENj2 = new C28902ENj(mw6.A03, str4, "VALID", str2, str5, str6, null, mw6.A04, mw6.A00, System.currentTimeMillis());
        String str7 = c28902ENj2.A02;
        this.A00.edit().putString(AbstractC04860Of.A0U(this.A03, str7), c28902ENj2.A07).apply();
    }
}
