package com.kofax.mobile.sdk.ah;

import android.app.Activity;
import android.nfc.NfcAdapter;
import android.nfc.Tag;
import android.nfc.tech.IsoDep;
import android.util.Pair;
import com.kofax.kmc.ken.engines.INFCTagReader;
import com.kofax.kmc.ken.engines.data.IMRZResult;
import com.kofax.kmc.ken.engines.data.ITagData;
import com.kofax.kmc.ken.engines.data.Image;
import com.kofax.kmc.ken.engines.data.NFCTagParameters;
import com.kofax.kmc.kut.utilities.error.ErrorInfo;
import com.kofax.kmc.kut.utilities.error.KmcRuntimeException;
import com.kofax.mobile.sdk.extract.id.ICompletionListener;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Provider;
import java.security.Security;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.CertPathBuilder;
import java.security.cert.CertPathBuilderException;
import java.security.cert.CertSelector;
import java.security.cert.CertStore;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateFactory;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.CollectionCertStoreParameters;
import java.security.cert.PKIXBuilderParameters;
import java.security.cert.PKIXCertPathBuilderResult;
import java.security.cert.TrustAnchor;
import java.security.cert.X509CertSelector;
import java.security.cert.X509Certificate;
import java.security.spec.MGF1ParameterSpec;
import java.security.spec.PSSParameterSpec;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.concurrent.Callable;
import org.bouncycastle.asn1.ASN1InputStream;
import org.bouncycastle.asn1.ASN1Primitive;
import org.bouncycastle.asn1.ASN1Sequence;
import org.bouncycastle.asn1.ASN1Set;
import org.bouncycastle.asn1.BERTaggedObject;
import org.bouncycastle.asn1.DEROctetString;
import org.bouncycastle.asn1.DERTaggedObject;
import org.bouncycastle.asn1.DLTaggedObject;
import org.bouncycastle.asn1.pkcs.SignedData;
import org.bouncycastle.jce.provider.BouncyCastleProvider;
import org.bouncycastle.jce.provider.X509CertificateObject;
import pssssqh.C0511n;

/* loaded from: classes2.dex */
public class c implements INFCTagReader {
    private static final String TAG = "c";
    private static final int Xj = 131;
    private static final CertSelector Xk = new X509CertSelector() { // from class: com.kofax.mobile.sdk.ah.c.1
        @Override // java.security.cert.X509CertSelector, java.security.cert.CertSelector
        public boolean match(Certificate certificate) {
            return certificate instanceof X509Certificate;
        }
    };
    public com.kofax.mobile.sdk.am.f Xl;
    public com.kofax.mobile.sdk.am.g Xm;
    public com.kofax.mobile.sdk.am.a Xn;
    public com.kofax.mobile.sdk.am.h Xo;
    public com.kofax.mobile.sdk.am.d Xp;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: com.kofax.mobile.sdk.ah.c$6, reason: invalid class name */
    /* loaded from: classes.dex */
    public static /* synthetic */ class AnonymousClass6 {
        public static final /* synthetic */ int[] Xu = new int[a.values().length];

        static {
            try {
                Xu[a.SIGNED_DATA.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                Xu[a.CERTIFICATE.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public enum a {
        SIGNED_DATA,
        CERTIFICATE
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public static class b implements ITagData {
        private byte[] XA;
        private IMRZResult Xy;
        private Image Xz;

        public b(IMRZResult iMRZResult, Image image, byte[] bArr) {
            this.Xy = iMRZResult;
            this.Xz = image;
            this.XA = bArr;
        }

        @Override // com.kofax.kmc.ken.engines.data.ITagData
        public byte[] getDocumentSecurityObject() {
            return this.XA;
        }

        @Override // com.kofax.kmc.ken.engines.data.ITagData
        public Image getFaceImage() {
            return this.Xz;
        }

        @Override // com.kofax.kmc.ken.engines.data.ITagData
        public IMRZResult getMRZInformation() {
            return this.Xy;
        }
    }

    /* renamed from: com.kofax.mobile.sdk.ah.c$c, reason: collision with other inner class name */
    /* loaded from: classes.dex */
    private static class CallableC0092c implements Callable<Set<Certificate>> {
        private final String XB;

        public CallableC0092c(String str) {
            this.XB = str;
        }

        @Override // java.util.concurrent.Callable
        /* renamed from: sx, reason: merged with bridge method [inline-methods] */
        public Set<Certificate> call() throws Exception {
            File file = new File(this.XB);
            if (!file.exists()) {
                throw new KmcRuntimeException(ErrorInfo.KMC_NFC_MASTERLIST_NOT_EXIST);
            }
            ArrayList arrayList = new ArrayList();
            HashSet hashSet = new HashSet();
            try {
                for (SignedData signedData : c.a(ASN1Sequence.getInstance(n.a.b.a.b.g(file)), (List) null, a.SIGNED_DATA)) {
                    Enumeration objects = signedData.getCertificates().getObjects();
                    while (objects.hasMoreElements()) {
                        arrayList.add((X509Certificate) CertificateFactory.getInstance(C0511n.a(9858), (Provider) new BouncyCastleProvider()).generateCertificate(new ByteArrayInputStream(org.bouncycastle.asn1.x509.Certificate.getInstance(objects.nextElement()).getEncoded(C0511n.a(9857)))));
                    }
                    c.z(arrayList);
                    for (Certificate certificate : c.a(signedData.getContentInfo().getContent(), (List) null, a.CERTIFICATE)) {
                        if (c.Xk.match(certificate)) {
                            hashSet.add(certificate);
                        }
                    }
                }
                return hashSet;
            } catch (Exception e2) {
                throw new KmcRuntimeException(ErrorInfo.KMC_NFC_CERTIFICATE_VALIDATION_FAILED, new Exception(C0511n.a(9859), e2));
            }
        }
    }

    /* loaded from: classes.dex */
    private static class d implements e.h<Pair<Set<Certificate>, Boolean>, Boolean> {
        private final y XC;

        private d(y yVar) {
            this.XC = yVar;
        }

        private PKIXCertPathBuilderResult a(X509Certificate x509Certificate, Set<Certificate> set, boolean z) throws Exception {
            if (!z && a(x509Certificate)) {
                throw new Exception(C0511n.a(8190));
            }
            HashSet hashSet = new HashSet();
            HashSet hashSet2 = new HashSet();
            hashSet2.add(x509Certificate);
            for (Certificate certificate : set) {
                if (a(certificate)) {
                    hashSet.add(certificate);
                } else {
                    hashSet2.add(certificate);
                }
            }
            X509CertSelector x509CertSelector = new X509CertSelector();
            x509CertSelector.setCertificate(x509Certificate);
            HashSet hashSet3 = new HashSet();
            Iterator it = hashSet.iterator();
            while (it.hasNext()) {
                hashSet3.add(new TrustAnchor((X509Certificate) it.next(), null));
            }
            PKIXBuilderParameters pKIXBuilderParameters = new PKIXBuilderParameters(hashSet3, x509CertSelector);
            pKIXBuilderParameters.setRevocationEnabled(false);
            pKIXBuilderParameters.addCertStore(CertStore.getInstance(C0511n.a(8191), new CollectionCertStoreParameters(hashSet2)));
            return (PKIXCertPathBuilderResult) CertPathBuilder.getInstance(C0511n.a(com.kofax.kmc.kut.utilities.error.a.te), C0511n.a(8193)).build(pKIXBuilderParameters);
        }

        private boolean a(Certificate certificate) throws CertificateException, NoSuchAlgorithmException, NoSuchProviderException {
            try {
                certificate.verify(certificate.getPublicKey());
                return true;
            } catch (InvalidKeyException | SignatureException unused) {
                return false;
            }
        }

        @Override // e.h
        /* renamed from: e, reason: merged with bridge method [inline-methods] */
        public Boolean then(e.j<Pair<Set<Certificate>, Boolean>> jVar) {
            try {
                Security.removeProvider(C0511n.a(8194));
                Security.addProvider(new BouncyCastleProvider());
                Pair<Set<Certificate>, Boolean> b = jVar.b();
                if (!((Boolean) b.second).booleanValue()) {
                    throw new KmcRuntimeException(ErrorInfo.KMC_NFC_CERTIFICATE_VALIDATION_FAILED, new Exception(C0511n.a(8195)));
                }
                boolean z = true;
                PKIXCertPathBuilderResult a = a(this.XC.td(), (Set) b.first, true);
                ArrayList arrayList = new ArrayList(a.getCertPath().getCertificates());
                arrayList.add(a.getTrustAnchor().getTrustedCert());
                c.z(arrayList);
                if (arrayList.size() <= 1) {
                    z = false;
                }
                return Boolean.valueOf(z);
            } catch (KmcRuntimeException e2) {
                throw e2;
            } catch (CertPathBuilderException e3) {
                throw new KmcRuntimeException(ErrorInfo.KMC_NFC_CERTIFICATE_VALIDATION_FAILED, new Exception(C0511n.a(8197), e3));
            } catch (Exception e4) {
                throw new KmcRuntimeException(ErrorInfo.KMC_NFC_CERTIFICATE_VALIDATION_FAILED, new Exception(C0511n.a(8196), e4));
            }
        }
    }

    /* loaded from: classes.dex */
    private static class e implements e.h<Set<Certificate>, Pair<Set<Certificate>, Boolean>> {
        private final y XC;

        private e(y yVar) {
            this.XC = yVar;
        }

        private int a(String str, Certificate certificate, byte[] bArr, byte[] bArr2) {
            Signature signature;
            for (int i2 = 0; i2 <= 512; i2++) {
                try {
                    signature = Signature.getInstance(str, (Provider) new BouncyCastleProvider());
                    if (str.endsWith(C0511n.a(8171))) {
                        signature.setParameter(new PSSParameterSpec(C0511n.a(8173), C0511n.a(8174), new MGF1ParameterSpec(C0511n.a(8172)), i2, 1));
                    }
                    signature.initVerify(certificate);
                    signature.update(bArr);
                } catch (Exception e2) {
                    com.kofax.mobile.sdk._internal.k.e(e2);
                }
                if (signature.verify(bArr2)) {
                    return i2;
                }
            }
            return 0;
        }

        @Override // e.h
        /* renamed from: f, reason: merged with bridge method [inline-methods] */
        public Pair<Set<Certificate>, Boolean> then(e.j<Set<Certificate>> jVar) throws Exception {
            String str;
            MessageDigest messageDigest;
            try {
                Security.removeProvider(C0511n.a(8175));
                Security.addProvider(new BouncyCastleProvider());
                X509Certificate td = this.XC.td();
                td.checkValidity();
                byte[] tc = this.XC.tc();
                byte[] tb = this.XC.tb();
                try {
                    str = this.XC.tf();
                } catch (Exception unused) {
                    str = null;
                }
                if (n.a.b.b.h.b((CharSequence) str)) {
                    String te = this.XC.te();
                    try {
                        messageDigest = MessageDigest.getInstance(te);
                    } catch (Exception unused2) {
                        messageDigest = MessageDigest.getInstance(te, (Provider) new BouncyCastleProvider());
                    }
                    messageDigest.update(tc);
                    return new Pair<>(jVar.b(), Boolean.valueOf(Arrays.equals(messageDigest.digest(), tb)));
                }
                String a = C0511n.a(8176);
                String a2 = C0511n.a(8177);
                String a3 = C0511n.a(8178);
                String a4 = C0511n.a(8179);
                if (a == str) {
                    str = this.XC.te().replace(a4, a2) + a3;
                }
                if (C0511n.a(8180) == str) {
                    str = this.XC.te().replace(a4, a2) + C0511n.a(8181);
                }
                Signature signature = Signature.getInstance(str, (Provider) new BouncyCastleProvider());
                if (str.endsWith(a3)) {
                    signature.setParameter(new PSSParameterSpec(C0511n.a(8183), C0511n.a(8184), new MGF1ParameterSpec(C0511n.a(8182)), a(str, td, tc, tb), 1));
                }
                signature.initVerify(td);
                signature.update(tc);
                return new Pair<>(jVar.b(), Boolean.valueOf(signature.verify(tb)));
            } catch (CertificateExpiredException e2) {
                throw new KmcRuntimeException(ErrorInfo.KMC_NFC_CERTIFICATE_EXPIRED, e2);
            } catch (CertificateNotYetValidException e3) {
                throw new KmcRuntimeException(ErrorInfo.KMC_NFC_CERTIFICATE_EXPIRED, e3);
            } catch (Exception e4) {
                throw new KmcRuntimeException(ErrorInfo.KMC_NFC_CERTIFICATE_VALIDATION_FAILED, new Exception(C0511n.a(8185), e4));
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public ITagData a(Tag tag, NFCTagParameters nFCTagParameters) {
        IsoDep isoDep = IsoDep.get(tag);
        if (isoDep == null) {
            throw new KmcRuntimeException(ErrorInfo.KMC_NFC_NO_TAG_SUPPORTED);
        }
        try {
            try {
                com.kofax.mobile.sdk._internal.k.b(TAG, C0511n.a(20709));
                this.Xl.a(isoDep);
                this.Xl.sR();
                sv();
                this.Xn.a(nFCTagParameters);
                List<byte[]> sA = this.Xn.sA();
                this.Xo.e(sA.get(0), sA.get(1), sA.get(2));
                return new b(new n(this.Xp.B(new byte[]{1, 1})).sI(), new o(this.Xp.B(new byte[]{1, 2})).getFaceImage(), this.Xp.B(new byte[]{1, 29}));
            } catch (KmcRuntimeException e2) {
                throw e2;
            } catch (Exception e3) {
                throw new KmcRuntimeException(ErrorInfo.KMC_NFC_EXCEPTION, e3);
            }
        } finally {
            this.Xo.e(null, null, null);
            this.Xl.sS();
        }
    }

    private e.j<Tag> a(Activity activity) {
        final e.k kVar = new e.k();
        NfcAdapter defaultAdapter = NfcAdapter.getDefaultAdapter(activity);
        if (defaultAdapter == null) {
            kVar.a((Exception) new KmcRuntimeException(ErrorInfo.KMC_NFC_NOT_SUPPORTED));
            return kVar.a();
        }
        if (defaultAdapter.isEnabled()) {
            defaultAdapter.enableReaderMode(activity, new NfcAdapter.ReaderCallback() { // from class: com.kofax.mobile.sdk.ah.c.5
                @Override // android.nfc.NfcAdapter.ReaderCallback
                public void onTagDiscovered(Tag tag) {
                    if (tag == null || !Arrays.asList(tag.getTechList()).contains(C0511n.a(9383))) {
                        kVar.a((Exception) new KmcRuntimeException(ErrorInfo.KMC_NFC_NO_TAG_SUPPORTED));
                    } else {
                        kVar.a((e.k) tag);
                    }
                }
            }, Xj, null);
            return kVar.a();
        }
        kVar.a((Exception) new KmcRuntimeException(ErrorInfo.KMC_NFC_NOT_ENABLED));
        return kVar.a();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static List a(Object obj, List list, a aVar) {
        int i2;
        if (list == null) {
            list = new ArrayList();
        }
        try {
            i2 = AnonymousClass6.Xu[aVar.ordinal()];
        } catch (Exception unused) {
        }
        if (i2 == 1) {
            SignedData signedData = SignedData.getInstance(obj);
            if (signedData != null) {
                list.add(signedData);
            }
            return list;
        }
        if (i2 == 2) {
            list.add(new X509CertificateObject(org.bouncycastle.asn1.x509.Certificate.getInstance(obj)));
            return list;
        }
        if (obj instanceof DLTaggedObject) {
            return a(((DLTaggedObject) obj).getObject(), list, aVar);
        }
        if (obj instanceof BERTaggedObject) {
            return a(((BERTaggedObject) obj).getObject(), list, aVar);
        }
        if (obj instanceof DERTaggedObject) {
            return a(((DERTaggedObject) obj).getObject(), list, aVar);
        }
        if (obj instanceof ASN1Sequence) {
            Enumeration objects = ((ASN1Sequence) obj).getObjects();
            while (objects.hasMoreElements()) {
                list = a(objects.nextElement(), list, aVar);
            }
            return list;
        }
        if (obj instanceof ASN1Set) {
            Enumeration objects2 = ((ASN1Set) obj).getObjects();
            while (objects2.hasMoreElements()) {
                list = a(objects2.nextElement(), list, aVar);
            }
            return list;
        }
        if (!(obj instanceof DEROctetString)) {
            return (aVar == a.CERTIFICATE && (obj instanceof SignedData)) ? a(((SignedData) obj).getContentInfo().getContent(), list, aVar) : list;
        }
        ASN1InputStream aSN1InputStream = new ASN1InputStream(new ByteArrayInputStream(((DEROctetString) obj).getOctets()));
        while (true) {
            try {
                ASN1Primitive readObject = aSN1InputStream.readObject();
                if (readObject == null) {
                    break;
                }
                list = a(readObject, list, aVar);
            } catch (IOException unused2) {
            }
        }
        aSN1InputStream.close();
        aSN1InputStream.close();
        return list;
    }

    private void a(final NFCTagParameters nFCTagParameters, final Activity activity) {
        a(activity).c(new e.h<Tag, ITagData>() { // from class: com.kofax.mobile.sdk.ah.c.4
            @Override // e.h
            /* renamed from: d, reason: merged with bridge method [inline-methods] */
            public ITagData then(e.j<Tag> jVar) {
                activity.runOnUiThread(new Runnable() { // from class: com.kofax.mobile.sdk.ah.c.4.1
                    @Override // java.lang.Runnable
                    public void run() {
                        nFCTagParameters.getTagDetectedListener().onTagDetected();
                    }
                });
                return c.this.a(jVar.b(), nFCTagParameters);
            }
        }, e.j.f5590i).a((e.h<TContinuationResult, TContinuationResult>) new e.h<ITagData, Void>() { // from class: com.kofax.mobile.sdk.ah.c.3
            @Override // e.h
            public Void then(e.j<ITagData> jVar) {
                c.this.b(activity);
                nFCTagParameters.getTagReadListener().onTagRead(jVar.b(), jVar.a());
                return null;
            }
        }, e.j.f5592k);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void b(Activity activity) {
        NfcAdapter defaultAdapter = NfcAdapter.getDefaultAdapter(activity);
        if (defaultAdapter != null) {
            defaultAdapter.disableReaderMode(activity);
        }
    }

    private void sv() {
        com.kofax.mobile.sdk._internal.k.b(TAG, C0511n.a(20710));
        this.Xm.a((byte) 4, (byte) 12, new byte[]{-96, 0, 0, 2, 71, 16, 1}, (byte) 0, false);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static void z(List<X509Certificate> list) throws Exception {
        int size = list.size();
        int i2 = 0;
        while (true) {
            int i3 = size - 1;
            if (i2 >= i3) {
                X509Certificate x509Certificate = list.get(i3);
                if (x509Certificate.getIssuerX500Principal().equals(x509Certificate.getSubjectX500Principal())) {
                    x509Certificate.verify(x509Certificate.getPublicKey());
                    return;
                }
                return;
            }
            X509Certificate x509Certificate2 = list.get(i2);
            i2++;
            X509Certificate x509Certificate3 = list.get(i2);
            if (!x509Certificate2.getIssuerX500Principal().equals(x509Certificate3.getSubjectX500Principal())) {
                throw new Exception(C0511n.a(20711));
            }
            x509Certificate2.verify(x509Certificate3.getPublicKey());
        }
    }

    @Override // com.kofax.kmc.ken.engines.INFCTagReader
    public void readTag(NFCTagParameters nFCTagParameters, Activity activity) {
        a(nFCTagParameters, activity);
    }

    @Override // com.kofax.kmc.ken.engines.INFCTagReader
    public void verifyDocumentSignerCertificate(byte[] bArr, String str, final ICompletionListener<Boolean> iCompletionListener) {
        try {
            y yVar = new y(bArr);
            e.j.b((Callable) new CallableC0092c(str)).c(new e(yVar), e.j.f5590i).c(new d(yVar), e.j.f5590i).a(new e.h<Boolean, Void>() { // from class: com.kofax.mobile.sdk.ah.c.2
                @Override // e.h
                public Void then(e.j<Boolean> jVar) throws Exception {
                    iCompletionListener.onComplete(jVar.b(), jVar.a());
                    return null;
                }
            }, e.j.f5592k);
        } catch (KmcRuntimeException e2) {
            iCompletionListener.onComplete(null, e2);
        } catch (Exception e3) {
            iCompletionListener.onComplete(null, new KmcRuntimeException(ErrorInfo.KMC_NFC_CERTIFICATE_VALIDATION_FAILED, e3));
        }
    }
}
