package ai.amani.sdk.modules.nfc.util;

import Bj.E;
import Oj.m;
import android.content.Context;
import android.graphics.Bitmap;
import androidx.lifecycle.C1815f;
import com.newrelic.agent.android.instrumentation.Instrumented;
import com.newrelic.agent.android.instrumentation.LogInstrumentation;
import java.io.ByteArrayInputStream;
import java.io.DataInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.math.BigInteger;
import java.security.Key;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.Security;
import java.security.cert.CertPath;
import java.security.cert.CertPathBuilder;
import java.security.cert.CertPathBuilderException;
import java.security.cert.CertPathBuilderResult;
import java.security.cert.CertSelector;
import java.security.cert.CertStore;
import java.security.cert.Certificate;
import java.security.cert.CollectionCertStoreParameters;
import java.security.cert.PKIXBuilderParameters;
import java.security.cert.PKIXCertPathBuilderResult;
import java.security.cert.TrustAnchor;
import java.security.cert.X509CertSelector;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import javax.security.auth.x500.X500Principal;
import org.jmrtd.cert.CVCPrincipal;
import org.jmrtd.cert.CardVerifiableCertificate;
import org.jmrtd.lds.DisplayedImageInfo;
import org.jmrtd.lds.icao.DG2File;
import org.jmrtd.lds.icao.DG3File;
import org.jmrtd.lds.icao.DG5File;
import org.jmrtd.lds.icao.DG7File;
import org.jmrtd.lds.iso19794.FaceImageInfo;
import org.jmrtd.lds.iso19794.FaceInfo;
import org.jmrtd.lds.iso19794.FingerImageInfo;
import org.jmrtd.lds.iso19794.FingerInfo;
import org.spongycastle.jce.provider.BouncyCastleProvider;

@Instrumented
/* loaded from: classes.dex */
public final class PassportNfcUtils {
    public static final PassportNfcUtils INSTANCE = new PassportNfcUtils();

    /* renamed from: a, reason: collision with root package name */
    public static final String f14323a = "PassportNfcUtils";

    static {
        Security.addProvider(new BouncyCastleProvider());
    }

    public static EACCredentials a(CVCPrincipal cVCPrincipal, KeyStore keyStore) {
        if (cVCPrincipal == null) {
            throw new IllegalArgumentException("CA reference cannot be null");
        }
        Iterator it = Collections.list(keyStore.aliases()).iterator();
        while (it.hasNext()) {
            String str = (String) it.next();
            if (keyStore.isKeyEntry(str)) {
                char[] charArray = "".toCharArray();
                m.e(charArray, "toCharArray(...)");
                Key key = keyStore.getKey(str, charArray);
                if (key instanceof PrivateKey) {
                    Certificate[] certificateChain = keyStore.getCertificateChain(str);
                    m.c(certificateChain);
                    return new EACCredentials((PrivateKey) key, certificateChain);
                }
                LogInstrumentation.w(f14323a, "skipping non-private key " + str);
            } else if (keyStore.isCertificateEntry(str)) {
                Certificate certificate = keyStore.getCertificate(str);
                m.d(certificate, "null cannot be cast to non-null type org.jmrtd.cert.CardVerifiableCertificate");
                CardVerifiableCertificate cardVerifiableCertificate = (CardVerifiableCertificate) certificate;
                CVCPrincipal authorityReference = cardVerifiableCertificate.getAuthorityReference();
                CVCPrincipal holderReference = cardVerifiableCertificate.getHolderReference();
                if (cVCPrincipal.equals(authorityReference)) {
                    String name = holderReference.getName();
                    char[] charArray2 = "".toCharArray();
                    m.e(charArray2, "toCharArray(...)");
                    Key key2 = keyStore.getKey(name, charArray2);
                    m.d(key2, "null cannot be cast to non-null type java.security.PrivateKey");
                    PrivateKey privateKey = (PrivateKey) key2;
                    Certificate[] certificateChain2 = keyStore.getCertificateChain(holderReference.getName());
                    LogInstrumentation.i(f14323a, "found a key, privateKey = " + privateKey);
                    m.c(certificateChain2);
                    return new EACCredentials(privateKey, certificateChain2);
                }
            } else {
                LogInstrumentation.e(f14323a, C1815f.g("null chain or key for entry ", str, ": chain = ", Arrays.toString((Object[]) null), ", privateKey = null"));
            }
        }
        return null;
    }

    public final List<Certificate> getCertificateChain(X509Certificate x509Certificate, X500Principal x500Principal, BigInteger bigInteger, List<? extends CertStore> list, Set<? extends TrustAnchor> set) {
        PKIXCertPathBuilderResult pKIXCertPathBuilderResult;
        X509Certificate trustedCert;
        CertPath certPath;
        m.f(x500Principal, "sodIssuer");
        m.f(bigInteger, "sodSerialNumber");
        m.f(list, "cscaStores");
        m.f(set, "cscaTrustAnchors");
        ArrayList arrayList = new ArrayList();
        X509CertSelector x509CertSelector = new X509CertSelector();
        try {
            if (x509Certificate != null) {
                x509CertSelector.setCertificate(x509Certificate);
            } else {
                x509CertSelector.setIssuer(x500Principal);
                x509CertSelector.setSerialNumber(bigInteger);
            }
            m.d(x509Certificate, "null cannot be cast to non-null type java.security.cert.Certificate");
            CertStore certStore = CertStore.getInstance("Collection", new CollectionCertStoreParameters(E.D(x509Certificate)));
            CertPathBuilder certPathBuilder = CertPathBuilder.getInstance("PKIX", BouncyCastleProvider.PROVIDER_NAME);
            PKIXBuilderParameters pKIXBuilderParameters = new PKIXBuilderParameters((Set<TrustAnchor>) set, (CertSelector) x509CertSelector);
            pKIXBuilderParameters.addCertStore(certStore);
            Iterator<? extends CertStore> it = list.iterator();
            while (it.hasNext()) {
                pKIXBuilderParameters.addCertStore(it.next());
            }
            pKIXBuilderParameters.setRevocationEnabled(false);
            try {
                CertPathBuilderResult build = certPathBuilder.build(pKIXBuilderParameters);
                m.d(build, "null cannot be cast to non-null type java.security.cert.PKIXCertPathBuilderResult");
                pKIXCertPathBuilderResult = (PKIXCertPathBuilderResult) build;
            } catch (CertPathBuilderException unused) {
                pKIXCertPathBuilderResult = null;
            }
            if (pKIXCertPathBuilderResult != null && (certPath = pKIXCertPathBuilderResult.getCertPath()) != null) {
                arrayList.addAll(certPath.getCertificates());
            }
            if (!arrayList.contains(x509Certificate)) {
                LogInstrumentation.w(f14323a, "Adding doc signing certificate after PKIXBuilder finished");
                arrayList.add(0, x509Certificate);
            }
            if (pKIXCertPathBuilderResult != null && (trustedCert = pKIXCertPathBuilderResult.getTrustAnchor().getTrustedCert()) != null && !arrayList.contains(trustedCert)) {
                LogInstrumentation.w(f14323a, "Adding trust anchor certificate after PKIXBuilder finished");
                arrayList.add(trustedCert);
            }
        } catch (Exception e) {
            e.printStackTrace();
            LogInstrumentation.i(f14323a, "Building a chain failed (" + e.getMessage() + ").");
        }
        return arrayList;
    }

    public final EACCredentials getEACCredentials(CVCPrincipal cVCPrincipal, List<? extends KeyStore> list) {
        m.f(cVCPrincipal, "caReference");
        m.f(list, "cvcaStores");
        Iterator<? extends KeyStore> it = list.iterator();
        while (it.hasNext()) {
            EACCredentials a10 = a(cVCPrincipal, it.next());
            if (a10 != null) {
                return a10;
            }
        }
        return null;
    }

    public final Bitmap retrieveFaceImage(Context context, DG2File dG2File) {
        m.f(context, "context");
        m.f(dG2File, "dg2File");
        ArrayList arrayList = new ArrayList();
        Iterator<FaceInfo> it = dG2File.getFaceInfos().iterator();
        while (it.hasNext()) {
            arrayList.addAll(it.next().getFaceImageInfos());
        }
        if (arrayList.isEmpty()) {
            throw new IOException("Unable to decodeImage Image");
        }
        Object next = arrayList.iterator().next();
        m.e(next, "allFaceImageInfos.iterator().next()");
        FaceImageInfo faceImageInfo = (FaceImageInfo) next;
        int imageLength = faceImageInfo.getImageLength();
        InputStream imageInputStream = faceImageInfo.getImageInputStream();
        m.e(imageInputStream, "faceImageInfo.imageInputStream");
        String mimeType = faceImageInfo.getMimeType();
        m.e(mimeType, "faceImageInfo.mimeType");
        DataInputStream dataInputStream = new DataInputStream(imageInputStream);
        byte[] bArr = new byte[imageLength];
        dataInputStream.readFully(bArr, 0, imageLength);
        return ImagePassportUtil.INSTANCE.decodeImage(new ByteArrayInputStream(bArr, 0, imageLength), imageLength, mimeType);
    }

    public final List<Bitmap> retrieveFingerPrintImage(Context context, DG3File dG3File) {
        m.f(context, "context");
        m.f(dG3File, "dg3File");
        ArrayList arrayList = new ArrayList();
        List<FingerInfo> fingerInfos = dG3File.getFingerInfos();
        ArrayList arrayList2 = new ArrayList();
        Iterator<FingerInfo> it = fingerInfos.iterator();
        while (it.hasNext()) {
            arrayList.addAll(it.next().getFingerImageInfos());
        }
        Iterator it2 = arrayList.iterator();
        m.e(it2, "allFingerImageInfos.iterator()");
        while (it2.hasNext()) {
            Object next = it2.next();
            m.e(next, "iterator.next()");
            FingerImageInfo fingerImageInfo = (FingerImageInfo) next;
            int imageLength = fingerImageInfo.getImageLength();
            InputStream imageInputStream = fingerImageInfo.getImageInputStream();
            m.e(imageInputStream, "fingerImageInfo.imageInputStream");
            String mimeType = fingerImageInfo.getMimeType();
            m.e(mimeType, "fingerImageInfo.mimeType");
            DataInputStream dataInputStream = new DataInputStream(imageInputStream);
            byte[] bArr = new byte[imageLength];
            dataInputStream.readFully(bArr, 0, imageLength);
            arrayList2.add(ImagePassportUtil.INSTANCE.decodeImage(new ByteArrayInputStream(bArr, 0, imageLength), imageLength, mimeType));
        }
        if (arrayList2.isEmpty()) {
            throw new IOException("Unable to decodeImage Finger print Image");
        }
        return arrayList2;
    }

    public final Bitmap retrievePortraitImage(Context context, DG5File dG5File) {
        m.f(context, "context");
        m.f(dG5File, "dg5File");
        List<DisplayedImageInfo> images = dG5File.getImages();
        if (images.isEmpty()) {
            throw new IOException("Unable to decodeImage Image");
        }
        DisplayedImageInfo next = images.iterator().next();
        int imageLength = next.getImageLength();
        InputStream imageInputStream = next.getImageInputStream();
        m.e(imageInputStream, "faceImageInfo.imageInputStream");
        String mimeType = next.getMimeType();
        m.e(mimeType, "faceImageInfo.mimeType");
        DataInputStream dataInputStream = new DataInputStream(imageInputStream);
        byte[] bArr = new byte[imageLength];
        dataInputStream.readFully(bArr, 0, imageLength);
        return ImagePassportUtil.INSTANCE.decodeImage(new ByteArrayInputStream(bArr, 0, imageLength), imageLength, mimeType);
    }

    public final Bitmap retrieveSignatureImage(Context context, DG7File dG7File) {
        m.f(context, "context");
        m.f(dG7File, "dg7File");
        List<DisplayedImageInfo> images = dG7File.getImages();
        if (images.isEmpty()) {
            throw new IOException("Unable to decodeImage Image");
        }
        DisplayedImageInfo next = images.iterator().next();
        int imageLength = next.getImageLength();
        InputStream imageInputStream = next.getImageInputStream();
        m.e(imageInputStream, "displayedImageInfo.imageInputStream");
        String mimeType = next.getMimeType();
        m.e(mimeType, "displayedImageInfo.mimeType");
        DataInputStream dataInputStream = new DataInputStream(imageInputStream);
        byte[] bArr = new byte[imageLength];
        dataInputStream.readFully(bArr, 0, imageLength);
        return ImagePassportUtil.INSTANCE.decodeImage(new ByteArrayInputStream(bArr, 0, imageLength), imageLength, mimeType);
    }
}
