package com.ebay.nautilus.domain.content.dm.uaf.util;

import android.annotation.TargetApi;
import android.content.Context;
import android.content.pm.PackageManager;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import androidx.annotation.NonNull;
import androidx.annotation.Nullable;
import androidx.annotation.VisibleForTesting;
import com.ebay.nautilus.domain.content.EbayPreferences;
import com.ebay.nautilus.domain.dagger.DomainComponent;
import com.ebay.nautilus.kernel.content.EbayContext;
import com.ebay.nautilus.kernel.util.FwLog;
import io.fabric.sdk.android.services.common.CommonUtils;
import java.io.ByteArrayInputStream;
import java.lang.ref.WeakReference;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyFactory;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.spec.ECGenParameterSpec;
import java.security.spec.PKCS8EncodedKeySpec;
import javax.crypto.KeyGenerator;
import org.ebayopensource.fidouaf.marvin.client.OperationalParamsIntf;
import org.ebayopensource.fidouaf.marvin.client.RegRecord;
import org.ebayopensource.fidouaf.marvin.client.StorageInterface;

@TargetApi(23)
/* loaded from: classes3.dex */
public class EbayUafOperationalParameters implements OperationalParamsIntf {
    public static final String PREF_UAF_APP_ID = "PREF_UAF_APP_ID";
    public static final String PREF_UAF_DE_REG_KEY_ID = "PREF_UAF_DE_REG_KEY_ID";
    public static final String PREF_UAF_KEY_ID_PREFIX = "PREF_UAF_KEY_ID_PREFIX::";
    private String aaid;
    private byte[] attestCert;
    private byte[] attestPrivKey;

    @VisibleForTesting
    EbayPreferences preferences;
    private StorageInterface storage;

    @VisibleForTesting
    WeakReference<Context> weakReferenceContext;
    private static final FwLog.LogInfo log = new FwLog.LogInfo("EbayUafOpParams", 3, "EbayUafOperationalParameters");
    public static String ANDROID_AAID = "EBA0#0003";

    public EbayUafOperationalParameters(@NonNull EbayContext ebayContext) {
        this.preferences = ((DomainComponent) ebayContext.as(DomainComponent.class)).getEbayPreferences();
        this.weakReferenceContext = new WeakReference<>(ebayContext.getContext());
        init(ANDROID_AAID, this.attestCert, this.attestPrivKey, new EbayUafStorage(ebayContext));
    }

    public EbayUafOperationalParameters(@NonNull EbayContext ebayContext, byte[] bArr, byte[] bArr2) {
        this.preferences = ((DomainComponent) ebayContext.as(DomainComponent.class)).getEbayPreferences();
        this.weakReferenceContext = new WeakReference<>(ebayContext.getContext());
        init(ANDROID_AAID, bArr, bArr2, new EbayUafStorage(ebayContext));
    }

    private String generateUniqueKeyId() {
        try {
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
            keyGenerator.init(256, SecureRandom.getInstance("SHA1PRNG"));
            return String.format("ebay-uaf-keyid-%s", Base64.encodeToString(keyGenerator.generateKey().getEncoded(), 10));
        } catch (NoSuchAlgorithmException e) {
            if (!log.isLoggable) {
                return null;
            }
            log.log("Error generating unique Key ID:", e);
            return null;
        }
    }

    @Override // org.ebayopensource.fidouaf.marvin.client.OperationalParamsIntf
    public RegRecord genAndRecord(String str) {
        String generateUniqueKeyId = generateUniqueKeyId();
        this.preferences.edit().putString(false, PREF_UAF_KEY_ID_PREFIX + str, generateUniqueKeyId).apply();
        this.preferences.edit().putString(false, PREF_UAF_APP_ID, str).commit();
        RegRecord regRecord = new RegRecord(generateUniqueKeyId, getKeyPairGenerator(generateUniqueKeyId).generateKeyPair().getPublic().getEncoded());
        this.storage.addRecord(regRecord);
        return regRecord;
    }

    @Override // org.ebayopensource.fidouaf.marvin.client.OperationalParamsIntf
    public String getAAID() {
        return this.aaid;
    }

    public String getAppId() {
        return this.preferences.getString(false, PREF_UAF_APP_ID, "");
    }

    @Override // org.ebayopensource.fidouaf.marvin.client.OperationalParamsIntf
    public byte[] getAttestCert() {
        return this.attestCert;
    }

    @Override // org.ebayopensource.fidouaf.marvin.client.OperationalParamsIntf
    public long getAuthCounter() {
        return 0L;
    }

    public String getFacetId() {
        Context context = this.weakReferenceContext.get();
        if (context == null) {
            return null;
        }
        try {
            return String.format("android:apk-key-hash:%s", Base64.encodeToString(MessageDigest.getInstance("SHA1").digest(CertificateFactory.getInstance("X509").generateCertificate(new ByteArrayInputStream(context.getPackageManager().getPackageInfo(context.getPackageName(), 64).signatures[0].toByteArray())).getEncoded()), 3));
        } catch (PackageManager.NameNotFoundException unused) {
            if (log.isLoggable) {
                log.log("Error requesting packageInfo as a requisite for X509 cert generation:");
            }
            return null;
        } catch (NoSuchAlgorithmException | CertificateException e) {
            if (log.isLoggable) {
                log.log("Error generating X509 cert for Facet ID generation:");
                e.printStackTrace();
            }
            return null;
        }
    }

    @Override // org.ebayopensource.fidouaf.marvin.client.OperationalParamsIntf
    public String getFacetId(String str) {
        return getFacetId();
    }

    @Override // org.ebayopensource.fidouaf.marvin.client.OperationalParamsIntf
    public String getKeyId(String str) {
        return this.preferences.getString(false, PREF_UAF_KEY_ID_PREFIX + str, "");
    }

    public String getKeyIdForDeRegistration() {
        return this.preferences.getString(false, PREF_UAF_DE_REG_KEY_ID, "");
    }

    @Override // org.ebayopensource.fidouaf.marvin.client.OperationalParamsIntf
    @Nullable
    public KeyPairGenerator getKeyPairGenerator(String str) {
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC", "AndroidKeyStore");
            keyPairGenerator.initialize(new KeyGenParameterSpec.Builder(str, 4).setAlgorithmParameterSpec(new ECGenParameterSpec("secp256r1")).setDigests(CommonUtils.SHA256_INSTANCE, "SHA-384", "SHA-512").setUserAuthenticationRequired(true).setUserAuthenticationValidityDurationSeconds(300).build());
            return keyPairGenerator;
        } catch (InvalidAlgorithmParameterException | NoSuchAlgorithmException | NoSuchProviderException e) {
            if (!log.isLoggable) {
                return null;
            }
            log.log("getKeyPairGenerator", e);
            return null;
        }
    }

    @Override // org.ebayopensource.fidouaf.marvin.client.OperationalParamsIntf
    public long getRegCounter() {
        return this.preferences.getInt(false, "EBAY_UAF_OPERATION_COUNTER", 0);
    }

    @Override // org.ebayopensource.fidouaf.marvin.client.OperationalParamsIntf
    public byte[] getSignature(byte[] bArr, String str) throws Exception {
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null);
        PrivateKey privateKey = (PrivateKey) keyStore.getKey(str, null);
        Signature signature = Signature.getInstance("SHA256withECDSA");
        signature.initSign(privateKey);
        signature.update(bArr);
        return signature.sign();
    }

    @Override // org.ebayopensource.fidouaf.marvin.client.OperationalParamsIntf
    public StorageInterface getStorage() {
        return this.storage;
    }

    @Override // org.ebayopensource.fidouaf.marvin.client.OperationalParamsIntf
    public void incrementAuthCounter() {
    }

    @Override // org.ebayopensource.fidouaf.marvin.client.OperationalParamsIntf
    public void incrementRegCounter() {
        this.preferences.edit().putInt(false, "EBAY_UAF_OPERATION_COUNTER", this.preferences.getInt(false, "EBAY_UAF_OPERATION_COUNTER", 0) + 1).commit();
    }

    @Override // org.ebayopensource.fidouaf.marvin.client.OperationalParamsIntf
    public void init(String str, byte[] bArr, byte[] bArr2, StorageInterface storageInterface) {
        this.aaid = str;
        this.attestCert = bArr;
        this.attestPrivKey = bArr2;
        this.storage = storageInterface;
    }

    @Override // org.ebayopensource.fidouaf.marvin.client.OperationalParamsIntf
    public boolean isFacetIdValid(String str, String str2) {
        throw new UnsupportedOperationException("This method is not required the service does this validation for us");
    }

    public void saveKeyIdForDeRegistration(String str) {
        this.preferences.edit().putString(false, PREF_UAF_DE_REG_KEY_ID, str).commit();
    }

    @Override // org.ebayopensource.fidouaf.marvin.client.OperationalParamsIntf
    public byte[] signWithAttestationKey(byte[] bArr) throws Exception {
        PrivateKey generatePrivate = KeyFactory.getInstance("EC").generatePrivate(new PKCS8EncodedKeySpec(this.attestPrivKey));
        Signature signature = Signature.getInstance("SHA256withECDSA");
        signature.initSign(generatePrivate);
        signature.update(bArr);
        return signature.sign();
    }
}
