package defpackage;

import android.annotation.TargetApi;
import android.content.Context;
import android.security.keystore.KeyGenParameterSpec;
import com.truekey.api.v0.crypto.CommonCryptoUtils;
import com.truekey.api.v0.crypto.SimpleCryptoUtils;
import com.truekey.api.v0.modules.AccountState;
import com.truekey.core.IDVault;
import com.truekey.intel.manager.storage.UserDataSource;
import com.truekey.intel.model.LocalError;
import com.truekey.intel.model.RemoteUser;
import com.truekey.intel.network.response.IdApiAuthenticationResponse;
import com.truekey.intel.tools.SharedPreferencesHelper;
import defpackage.et;
import java.math.BigInteger;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.ProviderException;
import java.security.cert.Certificate;
import java.security.spec.RSAKeyGenParameterSpec;
import java.util.Calendar;
import java.util.Locale;
import java.util.concurrent.Callable;
import javax.security.auth.x500.X500Principal;
import org.apache.commons.lang3.StringUtils;
import rx.Observable;
import rx.Subscriber;
import rx.android.schedulers.AndroidSchedulers;
import rx.functions.Action0;
import rx.functions.Action1;
import rx.functions.Func1;
import rx.functions.Func2;
import rx.schedulers.Schedulers;
import timber.log.Timber;

/* loaded from: classes.dex */
public class beq {
    private ez a;
    private Context b;
    private ayy<bes> c;
    private AccountState d;
    private SharedPreferencesHelper e;
    private UserDataSource f;
    private IDVault g;
    private int h = 0;
    private Locale i;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: beq$4, reason: invalid class name */
    /* loaded from: classes.dex */
    public class AnonymousClass4 implements Observable.OnSubscribe<Boolean> {
        AnonymousClass4() {
        }

        @Override // rx.functions.Action1
        /* renamed from: a, reason: merged with bridge method [inline-methods] */
        public void call(Subscriber<? super Boolean> subscriber) {
            bet betVar = new bet(beq.this.b);
            int b = betVar.b();
            Timber.a("fp state: " + betVar.c(), new Object[0]);
            beq.this.c.call(new bes(5, b));
            if (b != 2) {
                subscriber.onNext(false);
                subscriber.onCompleted();
                return;
            }
            try {
                betVar.a(beq.this.a, new et.a() { // from class: beq.4.1
                    @Override // et.a
                    public void a() {
                        Timber.b("onAuthenticationFailed", new Object[0]);
                        Timber.b("Generic failure, detected fp doesn't match expected value: error count %d", Integer.valueOf(beq.this.h));
                        if (beq.this.h >= 3) {
                            beq.this.c.call(new bes(4, null, 7));
                        } else {
                            beq.this.c.call(new bes(2, null, 102));
                        }
                        beq.i(beq.this);
                    }

                    @Override // et.a
                    public void a(int i, CharSequence charSequence) {
                        Timber.b("onAuthenticationError %s, %d", charSequence, Integer.valueOf(i));
                        if (bmg.a(charSequence)) {
                            beq.this.c.call(new bes(4, LocalError.ERROR_PROGRAMMATIC_ERROR, i));
                        } else {
                            beq.this.c.call(new bes(4, charSequence.toString(), i));
                        }
                    }

                    @Override // et.a
                    public void a(et.b bVar) {
                        Timber.b("onAuthenticationSucceeded %s ", bVar);
                        beq.this.c.call(bes.b(6));
                        beq.this.a.b();
                        beq.this.a(beq.this.d, beq.this.e, beq.this.f, beq.this.g).observeOn(Schedulers.newThread()).subscribeOn(Schedulers.computation()).subscribe(new Action1<Boolean>() { // from class: beq.4.1.1
                            @Override // rx.functions.Action1
                            /* renamed from: a, reason: merged with bridge method [inline-methods] */
                            public void call(Boolean bool) {
                                Timber.b("Succeeded: %s", bool);
                                if (bool.booleanValue()) {
                                    beq.this.c.call(new bes(1, 1));
                                } else {
                                    beq.this.c.call(new bes(4, 104));
                                }
                            }
                        }, new Action1<Throwable>() { // from class: beq.4.1.2
                            @Override // rx.functions.Action1
                            /* renamed from: a, reason: merged with bridge method [inline-methods] */
                            public void call(Throwable th) {
                                Timber.b(th, "Failed: %s", th.getMessage());
                                beq.this.c.call(new bes(4, 101));
                                bix.a(new IllegalStateException("Error on fp enroll", th));
                            }
                        });
                    }

                    @Override // et.a
                    public void b(int i, CharSequence charSequence) {
                        Timber.b("onAuthenticationHelp %s, %d", charSequence, Integer.valueOf(i));
                        beq.this.c.call(new bes(3, charSequence.toString(), i));
                    }
                });
                subscriber.onNext(true);
                subscriber.onCompleted();
            } catch (Exception e) {
                Timber.c(e, "Error while initializing fp manager", new Object[0]);
                bix.a(e);
                beq.this.c.call(bes.a(104));
            }
        }
    }

    public beq(Context context, IDVault iDVault, AccountState accountState, SharedPreferencesHelper sharedPreferencesHelper, UserDataSource userDataSource) {
        this.g = iDVault;
        this.b = context;
        this.f = userDataSource;
        this.e = sharedPreferencesHelper;
        this.d = accountState;
    }

    @TargetApi(23)
    private Observable<String> c() {
        this.i = Locale.getDefault();
        Timber.b("Start certificate generation", new Object[0]);
        return Observable.fromCallable(new Callable<String>() { // from class: beq.7
            @Override // java.util.concurrent.Callable
            /* renamed from: a, reason: merged with bridge method [inline-methods] */
            public String call() throws Exception {
                Calendar calendar = Calendar.getInstance(Locale.US);
                Calendar calendar2 = (Calendar) calendar.clone();
                calendar2.add(1, 5);
                String b = bet.b(beq.this.d());
                if (bmg.g(b)) {
                    return null;
                }
                String str = "tk_fp_key" + b;
                X500Principal x500Principal = new X500Principal("CN=localhost, O=Intel Security Inc., C=CA");
                KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
                keyPairGenerator.initialize(new KeyGenParameterSpec.Builder(str, 12).setDigests("SHA-256").setUserAuthenticationRequired(true).setSignaturePaddings("PKCS1").setKeySize(SimpleCryptoUtils.DEFAULT_RSA_KEY_SIZE_IN_BITS_2048).setCertificateSerialNumber(new BigInteger(Integer.toString(CommonCryptoUtils.getDefaultSecureRandom().nextInt()), 10)).setCertificateSubject(x500Principal).setCertificateNotBefore(calendar.getTime()).setCertificateNotAfter(calendar2.getTime()).setAlgorithmParameterSpec(new RSAKeyGenParameterSpec(SimpleCryptoUtils.DEFAULT_RSA_KEY_SIZE_IN_BITS_2048, RSAKeyGenParameterSpec.F4)).build());
                keyPairGenerator.generateKeyPair();
                KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
                keyStore.load(null);
                Certificate certificate = keyStore.getCertificate(str);
                keyStore.setCertificateEntry("tk_fp_public_key_" + b, certificate);
                String a = bvz.a(certificate.getEncoded());
                Timber.b("Certificate:" + a, new Object[0]);
                return a;
            }
        }).retry(new Func2<Integer, Throwable, Boolean>() { // from class: beq.6
            @Override // rx.functions.Func2
            /* renamed from: a, reason: merged with bridge method [inline-methods] */
            public Boolean call(Integer num, Throwable th) {
                if ((th instanceof ProviderException) && (((ProviderException) th).getCause() instanceof IllegalArgumentException) && num.intValue() < 2) {
                    Timber.b(th, "Certificate generation failed, recreating for attempt %d", num);
                    Locale.setDefault(Locale.US);
                    return true;
                }
                bix.a(new IllegalStateException("Certificate generation failed", th));
                Timber.b(th, "Unhandled error, will fail, attempt %d", num);
                return false;
            }
        }).doOnTerminate(new Action0() { // from class: beq.5
            @Override // rx.functions.Action0
            public void call() {
                Timber.b("Resetting default locale", new Object[0]);
                Locale.setDefault(beq.this.i);
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: private */
    public String d() {
        String l = this.d.getDashboardInformation().l();
        if (bmg.g(l)) {
            if (this.d.getDashboardInformation().j() == null) {
                bix.a("ProfileUID not found for certificate, 0");
            } else {
                bix.a("ProfileUID not found for certificate: " + this.d.getDashboardInformation().j().size());
            }
            RemoteUser a = this.f.a(this.d.getCustomerEmail());
            if (a != null) {
                l = a.getProfileId();
            } else {
                bix.a("ProfileUID not found for certificate, no RU");
            }
        }
        if (bmg.g(l)) {
            bix.a(new IllegalStateException("Unable track user id, no PUID"));
        }
        return l;
    }

    static /* synthetic */ int i(beq beqVar) {
        int i = beqVar.h + 1;
        beqVar.h = i;
        return i;
    }

    @TargetApi(23)
    public Observable<bes> a() {
        Timber.a("startListeningForEnrollment", new Object[0]);
        this.c = ayy.a();
        this.a = new ez();
        Observable.create(new AnonymousClass4()).onErrorReturn(new Func1<Throwable, Boolean>() { // from class: beq.3
            @Override // rx.functions.Func1
            /* renamed from: a, reason: merged with bridge method [inline-methods] */
            public Boolean call(Throwable th) {
                Timber.b("Generic failure, detected fp doesn't match expected value: error count %d", Integer.valueOf(beq.this.h));
                beq.this.c.call(bes.a(103));
                bix.a(th);
                return false;
            }
        }).subscribeOn(Schedulers.computation()).subscribe(new Action1<Boolean>() { // from class: beq.2
            @Override // rx.functions.Action1
            /* renamed from: a, reason: merged with bridge method [inline-methods] */
            public void call(Boolean bool) {
                Timber.a("Fingerprint listening to user input? %s", bool);
            }
        });
        return this.c;
    }

    public Observable<Boolean> a(final AccountState accountState, final SharedPreferencesHelper sharedPreferencesHelper, final UserDataSource userDataSource, final IDVault iDVault) {
        Timber.b("Start fp enrolment", new Object[0]);
        return c().flatMap(new Func1<String, Observable<? extends Boolean>>() { // from class: beq.1
            @Override // rx.functions.Func1
            /* renamed from: a, reason: merged with bridge method [inline-methods] */
            public Observable<Boolean> call(String str) {
                if (str != null) {
                    return iDVault.a(accountState.getCustomerEmail(), sharedPreferencesHelper.V().e(), accountState.getJwt(), str).observeOn(AndroidSchedulers.mainThread()).subscribeOn(Schedulers.computation()).map(new Func1<IdApiAuthenticationResponse, Boolean>() { // from class: beq.1.1
                        @Override // rx.functions.Func1
                        /* renamed from: a, reason: merged with bridge method [inline-methods] */
                        public Boolean call(IdApiAuthenticationResponse idApiAuthenticationResponse) {
                            Timber.b("Response: %s, %s, %s", idApiAuthenticationResponse, idApiAuthenticationResponse.getErrorCode(), idApiAuthenticationResponse.getErrorDescription());
                            if (idApiAuthenticationResponse.succeeded()) {
                                accountState.getDashboardInformation().b(true);
                                RemoteUser a = userDataSource.a(accountState.getCustomerEmail());
                                StringBuilder sb = new StringBuilder();
                                sb.append("Succeeded for ");
                                sb.append(a == null ? "untrusted" : "trusted");
                                sb.append(" user");
                                bix.a(sb.toString());
                                if (a != null) {
                                    a.setFpAvailable(true);
                                    a.setFpEnabled(true);
                                    userDataSource.b(a);
                                }
                            } else {
                                bix.a(new IllegalStateException("Error while enrolling fp: " + idApiAuthenticationResponse.succeeded() + StringUtils.SPACE + idApiAuthenticationResponse.getErrorCode() + StringUtils.SPACE + idApiAuthenticationResponse.getErrorDescription()));
                            }
                            iDVault.a(true);
                            return Boolean.valueOf(idApiAuthenticationResponse.succeeded());
                        }
                    });
                }
                Timber.b("Unable to enroll fingerprint, certificate creation failed", new Object[0]);
                bix.a(new IllegalStateException("Unable to enroll fingerprint, certificate creation failed"));
                return Observable.just(false);
            }
        });
    }

    public void b() {
        Object[] objArr = new Object[1];
        objArr[0] = Boolean.valueOf(this.a != null);
        Timber.b("Request cancel signal: cancellationSignal available %s", objArr);
        ez ezVar = this.a;
        if (ezVar != null) {
            if (ezVar.a()) {
                Timber.b("Request cancel signal: already canceled", new Object[0]);
            } else {
                this.a.b();
                Timber.b("Request cancel signal: requesting...", new Object[0]);
            }
        }
    }
}
