package com.airwatch.sdk.context.awsdkcontext;

import android.content.ComponentName;
import android.content.Context;
import android.util.Base64;
import com.airwatch.app.KoinModule;
import com.airwatch.core.R;
import com.airwatch.crypto.openssl.OpenSSLCryptUtil;
import com.airwatch.crypto.util.KeyGuard;
import com.airwatch.keymanagement.unifiedpin.interfaces.TokenChannel;
import com.airwatch.keymanagement.unifiedpin.interfaces.UnifiedPinContext;
import com.airwatch.keymanagement.unifiedpin.token.DefaultTokenFactory;
import com.airwatch.keymanagement.unifiedpin.token.Token;
import com.airwatch.log.AWTags;
import com.airwatch.login.biometrics.BiometricUtility;
import com.airwatch.login.ui.models.SDKPasscodeDetails;
import com.airwatch.sdk.AirWatchSDKException;
import com.airwatch.sdk.SDKStatusCode;
import com.airwatch.sdk.context.SDKContext;
import com.airwatch.sdk.context.SDKContextException;
import com.airwatch.sdk.context.SDKContextManager;
import com.airwatch.sdk.context.awsdkcontext.SDKContextHelper;
import com.airwatch.sdk.p2p.P2PChannel;
import com.airwatch.sdk.p2p.P2PContext;
import com.airwatch.sdk.p2p.PasscodeExpiryIntimationChannel;
import com.airwatch.storage.SDKSecurePreferencesKeys;
import com.airwatch.task.CallbackFuture;
import com.airwatch.task.IFutureFailureCallback;
import com.airwatch.util.AWStringUtils;
import com.airwatch.util.ArrayUtils;
import com.airwatch.util.ByteConverter;
import com.airwatch.util.Logger;
import com.airwatch.util.NetworkUtility;
import java.util.Arrays;
import java.util.concurrent.ExecutionException;

/* loaded from: classes4.dex */
public class SDKPasscodeHelper {
    public static final int ALPHANUMERIC_ERROR = 8;
    public static final int COMPLEX_CHARACTER_ERROR = 9;
    public static final int EMPTY_ERROR = 0;
    public static final int INITIALIZE_START = 101;
    public static final int INVALID_PASSCODE_ERROR = 4;
    public static final int LENGTH_ERROR = 2;
    public static final int MAX_ALLOWED_LENGTH_ERROR = 12;
    public static final int MAX_ALLOWED_PASSCODE_LENGTH = 512;
    public static final int NOT_EQUAL_ERROR = 1;
    public static final int NO_NETWORK_ERROR = 11;
    public static final int ONE_ATTEMPT_LEFT_ERROR = 6;
    public static final int PASSCODE_IN_HISTORY_ERROR = 7;
    public static final int PASSCODE_VALID = 10;
    public static final int REACH_MAXIMUM_ATTEMPTS_ERROR = 5;
    public static final int SIMPLE_ERROR = 3;
    private static final String TAG = "SDKPasscodeHelper";
    private SDKPasscodeModel dataModel;
    private SDKPasscodeDetails passcodeDetails;

    public SDKPasscodeHelper(SDKPasscodeModel sDKPasscodeModel) {
        this.dataModel = sDKPasscodeModel;
        this.passcodeDetails = sDKPasscodeModel.getCurrentPasscodeDetails();
    }

    public static boolean checkAlphanumeric(char[] cArr) {
        boolean z = false;
        boolean z2 = false;
        for (int i = 0; i < cArr.length; i++) {
            if (Character.isLetter(cArr[i])) {
                z = true;
            }
            if (Character.isDigit(cArr[i])) {
                z2 = true;
            }
        }
        return z && z2;
    }

    public static int checkComplexCharacter(char[] cArr) {
        int i = 0;
        for (char c : cArr) {
            if (!Character.isLetterOrDigit(c)) {
                i++;
            }
        }
        return i;
    }

    private void incrementPasscodeAttempt() {
        this.dataModel.setAttemptsNumber(this.dataModel.getAttemptsNumber() + 1);
    }

    /* JADX WARN: Multi-variable type inference failed */
    private CallbackFuture<Boolean> initialize(Context context, byte[] bArr, final SDKContextHelper.AWContextCallBack aWContextCallBack, final int i) {
        if (context == 0 || !(context instanceof UnifiedPinContext)) {
            aWContextCallBack.onFailed(new AirWatchSDKException(SDKStatusCode.SDK_CONTEXT_NOT_ABLE_TO_INITIALIZE));
            return null;
        }
        UnifiedPinContext unifiedPinContext = (UnifiedPinContext) context;
        final TokenChannel tokenChannel = unifiedPinContext.getTokenChannel();
        tokenChannel.registerListener(new TokenChannel.Listener() { // from class: com.airwatch.sdk.context.awsdkcontext.SDKPasscodeHelper.2
            @Override // com.airwatch.keymanagement.unifiedpin.interfaces.TokenChannel.Listener
            public void onRotationComplete(boolean z, byte[] bArr2) {
            }

            @Override // com.airwatch.keymanagement.unifiedpin.interfaces.TokenChannel.Listener
            public void onTokenChange(TokenChannel tokenChannel2, Token token, Token token2) {
            }

            @Override // com.airwatch.keymanagement.unifiedpin.interfaces.TokenChannel.Listener
            public void onTokenResponse(ComponentName componentName, TokenChannel tokenChannel2, Token token) {
            }

            @Override // com.airwatch.keymanagement.unifiedpin.interfaces.TokenChannel.Listener
            public void onValidateInit(boolean z) {
                tokenChannel.unregisterListener(this);
            }

            @Override // com.airwatch.keymanagement.unifiedpin.interfaces.TokenChannel.Listener
            public void onValidateInit(boolean z, byte[] bArr2) {
                tokenChannel.unregisterListener(this);
                if (z) {
                    aWContextCallBack.onSuccess(i, null);
                } else {
                    aWContextCallBack.onFailed(new AirWatchSDKException(SDKStatusCode.SDK_CONTEXT_NOT_ABLE_TO_INITIALIZE));
                }
            }
        });
        return tokenChannel.init(null, bArr, unifiedPinContext.getTokenFactory().getStorage().getAuthType());
    }

    private boolean isOneAttemptLeft() {
        return this.dataModel.getMaxPasscodeFailedLimit() - this.dataModel.getAttemptsNumber() == 1;
    }

    public static boolean isSimple(char[] cArr) {
        return AWStringUtils.isSimple(cArr);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static /* synthetic */ void lambda$validatePasscode$0(SDKContextHelper.AWContextCallBack aWContextCallBack, Exception exc) {
        Logger.d("SDKPasscode", "onFailure SDKPasscodeHelper " + exc);
        if ((exc instanceof SDKContextException) && ((SDKContextException) exc).getErrorCode() == SDKContextException.SDKErrorCode.SDK_DECRYPTION_FAILED) {
            aWContextCallBack.onFailed(new AirWatchSDKException(SDKStatusCode.SDK_INITIALIZE_FAILED_UNKNOWN_FORMAT));
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    private void rotate(final Context context, byte[] bArr, byte[] bArr2, final SDKContextHelper.AWContextCallBack aWContextCallBack, final int i) {
        TokenChannel.Listener listener = new TokenChannel.Listener() { // from class: com.airwatch.sdk.context.awsdkcontext.SDKPasscodeHelper.1
            @Override // com.airwatch.keymanagement.unifiedpin.interfaces.TokenChannel.Listener
            public void onRotationComplete(boolean z, byte[] bArr3) {
                ((UnifiedPinContext) context).getTokenChannel().unregisterListener(this);
                if (z) {
                    aWContextCallBack.onSuccess(i, null);
                } else {
                    aWContextCallBack.onFailed(new AirWatchSDKException(SDKStatusCode.SDK_CONTEXT_NOT_ABLE_TO_INITIALIZE));
                }
            }

            @Override // com.airwatch.keymanagement.unifiedpin.interfaces.TokenChannel.Listener
            public void onTokenChange(TokenChannel tokenChannel, Token token, Token token2) {
            }

            @Override // com.airwatch.keymanagement.unifiedpin.interfaces.TokenChannel.Listener
            public void onTokenResponse(ComponentName componentName, TokenChannel tokenChannel, Token token) {
            }

            @Override // com.airwatch.keymanagement.unifiedpin.interfaces.TokenChannel.Listener
            public void onValidateInit(boolean z) {
            }

            @Override // com.airwatch.keymanagement.unifiedpin.interfaces.TokenChannel.Listener
            public void onValidateInit(boolean z, byte[] bArr3) {
            }
        };
        UnifiedPinContext unifiedPinContext = (UnifiedPinContext) context;
        unifiedPinContext.getTokenChannel().registerListener(listener);
        char[] secure = KeyGuard.secure(ByteConverter.convertToCharArray(bArr), (Integer) 101);
        unifiedPinContext.getTokenChannel().validateRotationPassphrase(bArr2, sha1HashAndEncode(secure), this.dataModel.getAuthInfo(secure, 1));
    }

    private byte[] sha1HashAndEncode(char[] cArr) {
        return KeyGuard.secure(Base64.encodeToString(KeyGuard.secure(OpenSSLCryptUtil.getInstance().generateSHA1(KeyGuard.secure(ByteConverter.convertToByteArray(cArr), (Integer) 101)), (Integer) 101), 2).getBytes(), (Integer) 101);
    }

    /* JADX WARN: Multi-variable type inference failed */
    private boolean validatePasscodeWithToken(byte[] bArr, Context context) {
        return ((UnifiedPinContext) context).getTokenFactory().getPFromEP1(bArr) != null;
    }

    public int changePasscode(char[] cArr, char[] cArr2, char[] cArr3, SDKContextHelper.AWContextCallBack aWContextCallBack, int i, Context context, boolean z) {
        int validatePasscode = validatePasscode(cArr, aWContextCallBack, i, context, z);
        return validatePasscode == 10 ? setPasscode(cArr2, cArr3, aWContextCallBack, i, context) : validatePasscode;
    }

    public boolean changePasscodeRequired() {
        return this.dataModel.getAuthenticationType() == 1 && !this.passcodeDetails.isCurrentPasscodeMatchPolicy(this.dataModel.getPasscodePolicy()) && this.dataModel.getSettings().getAuthMetadata().passcodePolicy.mAuthenticationType == 1;
    }

    public int checkPasscodeRules(char[] cArr, Context context) {
        if (cArr.length < this.dataModel.getPasscodePolicy().getMinPasscodeLength()) {
            return 2;
        }
        if (cArr.length > 512) {
            return 12;
        }
        if (!this.dataModel.getPasscodePolicy().isAllowSimple() && isSimple(cArr)) {
            return 3;
        }
        if (this.dataModel.getPasscodePolicy().getPasscodeMode() == 2) {
            if (!checkAlphanumeric(cArr)) {
                return 8;
            }
            if (checkComplexCharacter(cArr) < this.dataModel.getPasscodePolicy().getMinComplexChars()) {
                return 9;
            }
        }
        return this.dataModel.getPasscodeHistory().contains(sha1HashAndEncode(cArr), context) ? 7 : 10;
    }

    public String generatePasscodeGuideline(Context context) {
        int i;
        StringBuilder sb = new StringBuilder(context.getString(R.string.awsdk_passcode_heading));
        if (this.dataModel.getPasscodePolicy().getPasscodeMode() == 1) {
            sb.append(context.getString(R.string.awsdk_passcode_numeric, Integer.valueOf(this.dataModel.getPasscodePolicy().getMinPasscodeLength())));
            if (!this.dataModel.getPasscodePolicy().isAllowSimple()) {
                i = R.string.awsdk_passcode_numeric_notsimple;
                sb.append(context.getString(i));
            }
        } else {
            int minPasscodeLength = this.dataModel.getPasscodePolicy().getMinPasscodeLength();
            int minComplexChars = this.dataModel.getPasscodePolicy().getMinComplexChars();
            sb.append(context.getString(R.string.awsdk_passcode_alphanumeric, Integer.valueOf(minPasscodeLength)));
            sb.append(minComplexChars > 0 ? context.getString(R.string.awsdk_passcode_characters, Integer.valueOf(minComplexChars)) : context.getString(R.string.awsdk_passcode_characters_zero_symbols));
            if (!this.dataModel.getPasscodePolicy().isAllowSimple()) {
                i = R.string.awsdk_passcode_alphanumeric_notsimple;
                sb.append(context.getString(i));
            }
        }
        int passcodeHistoryLimit = this.dataModel.getPasscodePolicy().getPasscodeHistoryLimit();
        if (passcodeHistoryLimit > 0) {
            sb.append(context.getString(R.string.awsdk_passcode_history, Integer.valueOf(passcodeHistoryLimit)));
        }
        return sb.toString();
    }

    public int getBiometricMode() {
        return this.dataModel.getBiometricMode();
    }

    public int getOriginalPasscodeType() {
        SDKPasscodeDetails sDKPasscodeDetails = this.passcodeDetails;
        if (sDKPasscodeDetails == null) {
            return -1;
        }
        return sDKPasscodeDetails.getPasscodeMode();
    }

    public int getPasscodeType() {
        return this.dataModel.getPasscodeType();
    }

    public boolean isMaximumAttemptsReached() {
        int attemptsNumber = this.dataModel.getAttemptsNumber();
        int maxPasscodeFailedLimit = this.dataModel.getMaxPasscodeFailedLimit();
        return maxPasscodeFailedLimit > 0 && attemptsNumber >= maxPasscodeFailedLimit;
    }

    public void passcodeSetSuccess() {
        Logger.d(TAG, "Passcode set successfully!");
        SDKContext sDKContext = SDKContextManager.getSDKContext();
        sDKContext.getSDKSecurePreferences().edit().putLong(SDKSecurePreferencesKeys.PASSCODE_SET_TIME, System.currentTimeMillis()).apply();
        sDKContext.getSDKSecurePreferences().edit().putLong(SDKSecurePreferencesKeys.PASSCODE_EXPIRY_INTIMATED_TIME, 0L).apply();
        P2PChannel channel = ((P2PContext) sDKContext.getContext().getApplicationContext()).getChannel(PasscodeExpiryIntimationChannel.getChannelIdentifier());
        if (channel == null) {
            Logger.d(TAG, "PasscodeExpiryIntimationChannel is not available, not able to push passcode expiry data to P2P channel!");
        } else {
            Logger.d(TAG, "Pushing passcode expiry data to P2P channel!");
            channel.pushData();
        }
    }

    public void setIsAuthenticated(boolean z) {
        this.dataModel.setUserAuthenticated(z);
    }

    public int setPasscode(char[] cArr, char[] cArr2, SDKContextHelper.AWContextCallBack aWContextCallBack, int i, Context context) {
        if (!NetworkUtility.isDeviceConnectedToNetwork(context)) {
            return 11;
        }
        if (ArrayUtils.isEmpty(cArr) && ArrayUtils.isEmpty(cArr2)) {
            return 0;
        }
        if (ArrayUtils.isEmpty(cArr) || !Arrays.equals(cArr, cArr2)) {
            return 1;
        }
        int checkPasscodeRules = checkPasscodeRules(cArr, context);
        if (checkPasscodeRules != 10) {
            return checkPasscodeRules;
        }
        rotate(context, KeyGuard.secure(ByteConverter.convertToByteArray(cArr), (Integer) 101), DefaultTokenFactory.getInitPasscode(context), aWContextCallBack, i);
        return 101;
    }

    public int validatePasscode(char[] cArr, final SDKContextHelper.AWContextCallBack aWContextCallBack, int i, Context context, boolean z) {
        if (ArrayUtils.isEmpty(cArr)) {
            return 0;
        }
        SDKContext.State currentState = SDKContextManager.getSDKContext().getCurrentState();
        SDKContext.State state = SDKContext.State.IDLE;
        byte[] sha1HashAndEncode = sha1HashAndEncode(cArr);
        if (currentState == state) {
            initialize(context, sha1HashAndEncode, aWContextCallBack, i).on(new IFutureFailureCallback() { // from class: com.airwatch.sdk.context.awsdkcontext.-$$Lambda$SDKPasscodeHelper$WB46H0AXF8P9sKddxIAy4OA0pks
                @Override // com.airwatch.task.IFutureFailureCallback
                public final void onFailure(Exception exc) {
                    SDKPasscodeHelper.lambda$validatePasscode$0(SDKContextHelper.AWContextCallBack.this, exc);
                }
            });
            return 101;
        }
        if (!validatePasscodeWithToken(sha1HashAndEncode, context)) {
            return validatePasscodeFailure();
        }
        if (z) {
            try {
                CallbackFuture<Boolean> initialize = initialize(context, sha1HashAndEncode, aWContextCallBack, i);
                if (initialize != null) {
                    initialize.get();
                }
            } catch (InterruptedException | ExecutionException e) {
                Logger.e(AWTags.SITH_TAG, "Exception", e);
            }
        }
        validateSuccess();
        return 10;
    }

    public int validatePasscodeFailure() {
        incrementPasscodeAttempt();
        if (isMaximumAttemptsReached()) {
            return 5;
        }
        return isOneAttemptLeft() ? 6 : 4;
    }

    public void validateSuccess() {
        this.dataModel.setAttemptsNumber(0);
        this.dataModel.setUserAuthenticated(true);
        this.dataModel.getSettings().setLastCredEntryTime(System.currentTimeMillis());
        ((BiometricUtility) KoinModule.get(BiometricUtility.class)).resetBiometricKey();
    }
}
