package com.tencent.tmf.biometricauth.task.auth;

import android.annotation.SuppressLint;
import android.content.Context;
import android.text.TextUtils;
import android.util.Base64;
import androidx.annotation.NonNull;
import com.tencent.qapmsdk.crash.CrashConstants;
import com.tencent.tmf.biometricauth.api.BiometricCanceller;
import com.tencent.tmf.biometricauth.api.BiometricStateCallback;
import com.tencent.tmf.biometricauth.api.auth.RemoteAuthParam;
import com.tencent.tmf.biometricauth.core.biometric.BiometricManagerCompact;
import com.tencent.tmf.biometricauth.core.keystore.KeyStoreWrapper;
import com.tencent.tmf.biometricauth.core.keystore.rsa.CertStringDataParser;
import com.tencent.tmf.biometricauth.core.model.Triple;
import com.tencent.tmf.biometricauth.model.CacheDataCenter;
import com.tencent.tmf.biometricauth.model.ReturnResult;
import com.tencent.tmf.biometricauth.model.SignatureResultModel;
import com.tencent.tmf.biometricauth.net.IGetChallengeStrNetHelper;
import com.tencent.tmf.biometricauth.net.INetCallback;
import com.tencent.tmf.biometricauth.net.IUploadKeyNetHelper;
import com.tencent.tmf.biometricauth.net.IUploadSignatureNetHelper;
import com.tencent.tmf.biometricauth.task.AuthCancellationCallable;
import com.tencent.tmf.biometricauth.task.BaseTask;
import com.tencent.tmf.biometricauth.task.TaskCallback;
import com.tencent.tmf.biometricauth.task.TaskManager;
import com.tencent.tmf.biometricauth.task.TaskThread;
import com.tencent.tmf.biometricauth.util.DebugLogger;
import java.lang.ref.WeakReference;
import java.nio.charset.Charset;
import java.security.Signature;
import java.security.SignatureException;
import javax.crypto.Cipher;
import javax.crypto.Mac;

/* loaded from: classes.dex */
public final class RemoteAuthTask extends BaseTask implements AuthCancellationCallable {
    public static final String TAG = "TMF.RemoteAuthTask";
    public boolean mAutoPrepareIfNotExist;
    public BiometricCanceller mBiometricCanceller;
    public BiometricStateCallback mBiometricStateCallback;
    public int mBiometricType;
    public String mChallenge;
    public WeakReference<Context> mContext;
    public boolean mDeleteIfExist;
    public IGetChallengeStrNetHelper mGetChallengeStrNetHelper;
    public int mScene;
    public IUploadKeyNetHelper mUploadASKNetHelper;
    public IUploadKeyNetHelper mUploadAuthKeyNetHelper;
    public IUploadSignatureNetHelper mUploadSignatureNetHelper;
    public boolean mIsAuthenticationAlreadyCancelled = false;
    public String mAuthKeyName = null;
    public AuthenticationCallbackImpl mAuthenticationCallbackIml = null;
    public SignatureResultModel mFinalResult = null;

    /* loaded from: classes.dex */
    public class AuthenticationCallbackImpl implements BiometricManagerCompact.AuthenticationCallback {
        public Signature mSignatureToAuth;

        public AuthenticationCallbackImpl(Signature signature) {
            this.mSignatureToAuth = signature;
        }

        @SuppressLint({"NewApi"})
        private void authenticationMaybeContinue() {
            if (RemoteAuthTask.this.mBiometricType == 2) {
                DebugLogger.i(RemoteAuthTask.TAG, "should compat faceid logic.", new Object[0]);
                RemoteAuthTask.this.callback(new ReturnResult(29, "faceid not match"));
            }
        }

        @SuppressLint({"NewApi"})
        private void authenticationShouldComplete() {
            if (RemoteAuthTask.this.mBiometricType == 2) {
                RemoteAuthTask.this.mBiometricCanceller.asyncCancelBiometricAuthenticationInnerImp(false);
                RemoteAuthTask.this.mIsAuthenticationAlreadyCancelled = true;
            }
        }

        /* JADX INFO: Access modifiers changed from: private */
        public String charSequenceToStringNullAsNil(CharSequence charSequence) {
            return charSequence == null ? "unknown error" : charSequence.toString();
        }

        @Override // com.tencent.tmf.biometricauth.core.biometric.BiometricManagerCompact.AuthenticationCallback
        public void onAuthenticationCancelled() {
            DebugLogger.i(RemoteAuthTask.TAG, "called onAuthenticationCancelled", new Object[0]);
            if (RemoteAuthTask.this.mIsAuthenticationAlreadyCancelled) {
                DebugLogger.v(RemoteAuthTask.TAG, "during ignore cancel period", new Object[0]);
                return;
            }
            TaskThread.getInstance().postToMainThread(new Runnable() { // from class: com.tencent.tmf.biometricauth.task.auth.RemoteAuthTask.AuthenticationCallbackImpl.6
                @Override // java.lang.Runnable
                public void run() {
                    if (RemoteAuthTask.this.mBiometricStateCallback != null) {
                        RemoteAuthTask.this.mBiometricStateCallback.onAuthenticationCancelled();
                    }
                }
            });
            RemoteAuthTask.this.callback(new ReturnResult(32, "user cancelled authentication"));
            authenticationShouldComplete();
        }

        @Override // com.tencent.tmf.biometricauth.core.biometric.BiometricManagerCompact.AuthenticationCallback
        public void onAuthenticationError(final int i10, final CharSequence charSequence) {
            DebugLogger.e(RemoteAuthTask.TAG, "on authentication fatal error: %d, %s", Integer.valueOf(i10), charSequence);
            TaskThread.getInstance().postToMainThread(new Runnable() { // from class: com.tencent.tmf.biometricauth.task.auth.RemoteAuthTask.AuthenticationCallbackImpl.1
                @Override // java.lang.Runnable
                public void run() {
                    if (RemoteAuthTask.this.mBiometricStateCallback != null) {
                        RemoteAuthTask.this.mBiometricStateCallback.onAuthenticationError(i10, charSequence);
                    }
                }
            });
            if (i10 == 50) {
                RemoteAuthTask.this.callback(new ReturnResult(34, charSequenceToStringNullAsNil(charSequence)));
            } else {
                RemoteAuthTask.this.callback(new ReturnResult(29, charSequenceToStringNullAsNil(charSequence)));
            }
            authenticationShouldComplete();
        }

        @Override // com.tencent.tmf.biometricauth.core.biometric.BiometricManagerCompact.AuthenticationCallback
        public void onAuthenticationFailed() {
            DebugLogger.w(RemoteAuthTask.TAG, "authentication failed once", new Object[0]);
            TaskThread.getInstance().postToMainThread(new Runnable() { // from class: com.tencent.tmf.biometricauth.task.auth.RemoteAuthTask.AuthenticationCallbackImpl.5
                @Override // java.lang.Runnable
                public void run() {
                    if (RemoteAuthTask.this.mBiometricStateCallback != null) {
                        RemoteAuthTask.this.mBiometricStateCallback.onAuthenticationFailed();
                    }
                }
            });
            authenticationMaybeContinue();
        }

        @Override // com.tencent.tmf.biometricauth.core.biometric.BiometricManagerCompact.AuthenticationCallback
        public void onAuthenticationHelp(final int i10, final CharSequence charSequence) {
            DebugLogger.w(RemoteAuthTask.TAG, "on authentication help. you do not need to cancel the authentication: %d, %s", Integer.valueOf(i10), charSequence);
            TaskThread.getInstance().postToMainThread(new Runnable() { // from class: com.tencent.tmf.biometricauth.task.auth.RemoteAuthTask.AuthenticationCallbackImpl.2
                @Override // java.lang.Runnable
                public void run() {
                    if (RemoteAuthTask.this.mBiometricStateCallback != null) {
                        RemoteAuthTask.this.mBiometricStateCallback.onAuthenticationHelp(i10, AuthenticationCallbackImpl.this.charSequenceToStringNullAsNil(charSequence));
                    }
                }
            });
        }

        @Override // com.tencent.tmf.biometricauth.core.biometric.BiometricManagerCompact.AuthenticationCallback
        public void onAuthenticationSucceeded(final BiometricManagerCompact.AuthenticationResult authenticationResult) {
            DebugLogger.i(RemoteAuthTask.TAG, "authentication succeed. start sign and upload upload signature", new Object[0]);
            TaskThread.getInstance().postToMainThread(new Runnable() { // from class: com.tencent.tmf.biometricauth.task.auth.RemoteAuthTask.AuthenticationCallbackImpl.3
                @Override // java.lang.Runnable
                public void run() {
                    if (RemoteAuthTask.this.mBiometricStateCallback != null) {
                        RemoteAuthTask.this.mBiometricStateCallback.onAuthenticationSucceeded(authenticationResult);
                    }
                }
            });
            TaskThread.getInstance().postToWorker(new Runnable() { // from class: com.tencent.tmf.biometricauth.task.auth.RemoteAuthTask.AuthenticationCallbackImpl.4
                @Override // java.lang.Runnable
                public void run() {
                    if (TextUtils.isEmpty(RemoteAuthTask.this.mChallenge)) {
                        DebugLogger.e(RemoteAuthTask.TAG, "mChallenge is null. should not happen here", new Object[0]);
                        AuthenticationCallbackImpl.this.onAuthenticationError(-1000, "mChallenge is null");
                        return;
                    }
                    try {
                        AuthenticationCallbackImpl.this.mSignatureToAuth.update(RemoteAuthTask.this.mChallenge.getBytes(Charset.forName(CrashConstants.UTF8)));
                    } catch (SignatureException e10) {
                        DebugLogger.e(RemoteAuthTask.TAG, "exception in update", new Object[0]);
                        DebugLogger.printErrStackTrace(RemoteAuthTask.TAG, e10, "exception in update");
                        DebugLogger.e(RemoteAuthTask.TAG, "remove the auth key: %s", RemoteAuthTask.this.mAuthKeyName);
                        KeyStoreWrapper.getInstance().removeAuthKey(RemoteAuthTask.this.mAuthKeyName, false);
                        RemoteAuthTask.this.callback(new ReturnResult(36, "update signature failed, please check."));
                    }
                    try {
                        RemoteAuthTask.this.executeWhenAuthenticated(AuthenticationCallbackImpl.this.mSignatureToAuth);
                    } catch (Exception e11) {
                        DebugLogger.e(RemoteAuthTask.TAG, "exception in executeWhenAuthenticated method", new Object[0]);
                        DebugLogger.printErrStackTrace(RemoteAuthTask.TAG, e11, "exception when execute");
                        AuthenticationCallbackImpl.this.onAuthenticationError(-1000, "execute failed");
                    }
                }
            });
            authenticationShouldComplete();
        }
    }

    public RemoteAuthTask(RemoteAuthParam remoteAuthParam) {
        if (remoteAuthParam == null) {
            throw new IllegalArgumentException("param is null!");
        }
        this.mContext = new WeakReference<>(remoteAuthParam.getContext());
        this.mBiometricStateCallback = remoteAuthParam.getBiometricStateCallback();
        this.mBiometricCanceller = remoteAuthParam.getBiometricCanceller();
        this.mBiometricType = remoteAuthParam.getBiometricType();
        this.mScene = remoteAuthParam.getScene();
        this.mChallenge = remoteAuthParam.getChallenge();
        this.mGetChallengeStrNetHelper = remoteAuthParam.getGetChallengeStrNetHelper();
        this.mUploadAuthKeyNetHelper = remoteAuthParam.getUploadKeyNetHelper();
        this.mUploadSignatureNetHelper = remoteAuthParam.getUploadSignatureNetHelper();
        this.mUploadASKNetHelper = remoteAuthParam.getUploadASKNetHelper();
        this.mDeleteIfExist = remoteAuthParam.deleteAndReGenIfExist();
        this.mAutoPrepareIfNotExist = remoteAuthParam.isAutoPrepareASKIfNotExist();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void doBiometricAuth() {
        if (KeyStoreWrapper.getInstance().getKeyStoreType() != 1) {
            if (this.mBiometricStateCallback != null) {
                TaskThread.getInstance().postToMainThread(new Runnable() { // from class: com.tencent.tmf.biometricauth.task.auth.RemoteAuthTask.9
                    @Override // java.lang.Runnable
                    public void run() {
                        RemoteAuthTask.this.mBiometricStateCallback.onAuthenticationError(15, "current key store is not supported, please call RemoteAuthWrapperApi.init() first!");
                    }
                });
            }
            callback(new ReturnResult(15, "current key store is not supported, please call  AuthWrapperApi.initForRemoteAuth() first!"));
            return;
        }
        Triple<Signature, Cipher, Mac> authInitAndSign = KeyStoreWrapper.getInstance().getAuthInitAndSign(this.mAuthKeyName);
        Signature signature = authInitAndSign == null ? null : authInitAndSign.first;
        if (signature != null) {
            this.mAuthenticationCallbackIml = new AuthenticationCallbackImpl(signature);
            performStartBiometricLogic(signature);
            TaskThread.getInstance().postToMainThread(new Runnable() { // from class: com.tencent.tmf.biometricauth.task.auth.RemoteAuthTask.8
                @Override // java.lang.Runnable
                public void run() {
                    if (RemoteAuthTask.this.mBiometricStateCallback != null) {
                        RemoteAuthTask.this.mBiometricStateCallback.onStartAuthentication();
                    }
                }
            });
        } else {
            DebugLogger.w(TAG, "error occurred when init sign", new Object[0]);
            if (this.mBiometricStateCallback != null) {
                TaskThread.getInstance().postToMainThread(new Runnable() { // from class: com.tencent.tmf.biometricauth.task.auth.RemoteAuthTask.7
                    @Override // java.lang.Runnable
                    public void run() {
                        RemoteAuthTask.this.mBiometricStateCallback.onAuthenticationError(6, "prepare auth key failed.");
                    }
                });
            }
            callback(new ReturnResult(21));
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void executeWhenAuthenticated(@NonNull Signature signature) {
        try {
            byte[] sign = signature.sign();
            try {
                this.mFinalResult = CertStringDataParser.convertFromBytesToSignatureResult(sign);
            } catch (Exception e10) {
                e10.printStackTrace();
            }
            if (this.mFinalResult == null) {
                this.mFinalResult = new SignatureResultModel();
                this.mFinalResult.setSignature(Base64.encodeToString(sign, 2));
            }
            if (this.mUploadSignatureNetHelper != null) {
                uploadSignature();
            } else {
                DebugLogger.i(TAG, "no upload wrapper, return directly", new Object[0]);
                callback(new ReturnResult(0, this.mFinalResult != null ? this.mFinalResult.toString() : "signature result is nil"));
            }
        } catch (SignatureException e11) {
            DebugLogger.e(TAG, "sign failed due to exception: %s", e11.getMessage());
            DebugLogger.printErrStackTrace(TAG, e11, "sign failed due to exception");
            callback(new ReturnResult(30, "sign failed even after user authenticated the key."));
        }
    }

    @SuppressLint({"NewApi"})
    private void performStartBiometricLogic(Signature signature) {
        if (isFinished()) {
            DebugLogger.w(TAG, "already finished. can not authenticate", new Object[0]);
            return;
        }
        if (this.mContext.get() == null) {
            DebugLogger.w(TAG, "context instance released in startAuthenticate", new Object[0]);
            callback(new ReturnResult(25));
            return;
        }
        try {
            DebugLogger.v(TAG, "performing start", new Object[0]);
            BiometricManagerCompact.from(this.mBiometricType).authenticate(this.mContext.get(), new BiometricManagerCompact.CryptoObject(signature), 0, this.mBiometricCanceller.getSignalObj(), this.mAuthenticationCallbackIml, null);
        } catch (Exception e10) {
            String message = e10.getMessage();
            DebugLogger.e(TAG, "caused exception when authenticating: %s", message);
            DebugLogger.printErrStackTrace(TAG, e10, "caused exception when authenticating");
            callback(new ReturnResult(27, String.format("start authentication failed due to %s", message)));
        }
    }

    private void prepareAuthKeyFirst() {
        PrepareAuthKeyTask prepareAuthKeyTask = new PrepareAuthKeyTask(this.mScene, this.mUploadAuthKeyNetHelper, this.mUploadASKNetHelper, this.mDeleteIfExist, this.mAutoPrepareIfNotExist);
        prepareAuthKeyTask.setTaskCallback(new TaskCallback() { // from class: com.tencent.tmf.biometricauth.task.auth.RemoteAuthTask.6
            @Override // com.tencent.tmf.biometricauth.task.TaskCallback
            public void onResult(@NonNull final ReturnResult returnResult) {
                if (returnResult.mErrorCode == 0) {
                    RemoteAuthTask.this.doBiometricAuth();
                    return;
                }
                if (RemoteAuthTask.this.mBiometricStateCallback != null) {
                    TaskThread.getInstance().postToMainThread(new Runnable() { // from class: com.tencent.tmf.biometricauth.task.auth.RemoteAuthTask.6.1
                        @Override // java.lang.Runnable
                        public void run() {
                            BiometricStateCallback biometricStateCallback = RemoteAuthTask.this.mBiometricStateCallback;
                            ReturnResult returnResult2 = returnResult;
                            biometricStateCallback.onAuthenticationError(returnResult2.mErrorCode, returnResult2.mExtraText);
                        }
                    });
                }
                RemoteAuthTask.this.callback(new ReturnResult(returnResult.mErrorCode, returnResult.mExtraText));
            }
        });
        TaskManager.getInstance().addToTask(prepareAuthKeyTask);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void startAuthFlow() {
        prepareAuthKeyFirst();
    }

    private void uploadSignature() {
        SignatureResultModel signatureResultModel = this.mFinalResult;
        if (signatureResultModel == null) {
            callback(new ReturnResult(30, "sign failed even after user authenticated the key."));
            return;
        }
        this.mUploadSignatureNetHelper.setRequest(new IUploadSignatureNetHelper.UploadSignatureRequest(signatureResultModel.getSignature(), this.mFinalResult.getJsonValue(), this.mFinalResult.getSaltLen()));
        this.mUploadSignatureNetHelper.setCallback(new INetCallback<IUploadSignatureNetHelper.UploadSignatureResult>() { // from class: com.tencent.tmf.biometricauth.task.auth.RemoteAuthTask.10
            @Override // com.tencent.tmf.biometricauth.net.INetCallback
            public void onNetEnd(IUploadSignatureNetHelper.UploadSignatureResult uploadSignatureResult) {
                if (uploadSignatureResult == null || !uploadSignatureResult.isVerified) {
                    DebugLogger.w(RemoteAuthTask.TAG, "upload or verify failed", new Object[0]);
                    RemoteAuthTask.this.callback(new ReturnResult(31));
                } else {
                    DebugLogger.i(RemoteAuthTask.TAG, "upload and verify succeed", new Object[0]);
                    RemoteAuthTask remoteAuthTask = RemoteAuthTask.this;
                    remoteAuthTask.callback(new ReturnResult(0, remoteAuthTask.mFinalResult.toString()));
                }
            }
        });
        this.mUploadSignatureNetHelper.execute();
    }

    @Override // com.tencent.tmf.biometricauth.task.AuthCancellationCallable
    public void callCancellationInternal() {
        AuthenticationCallbackImpl authenticationCallbackImpl = this.mAuthenticationCallbackIml;
        if (authenticationCallbackImpl != null) {
            authenticationCallbackImpl.onAuthenticationCancelled();
        }
    }

    @Override // com.tencent.tmf.biometricauth.task.BaseTask
    public void execute() {
        if (!TextUtils.isEmpty(this.mChallenge)) {
            DebugLogger.i(TAG, "already provided the mChallenge. directly authenticate", new Object[0]);
            startAuthFlow();
        } else {
            DebugLogger.i(TAG, "get the mChallenge online.", new Object[0]);
            this.mGetChallengeStrNetHelper.setRequest(new IGetChallengeStrNetHelper.GetChallengeRequest());
            this.mGetChallengeStrNetHelper.setCallback(new INetCallback<IGetChallengeStrNetHelper.GetChallengeResult>() { // from class: com.tencent.tmf.biometricauth.task.auth.RemoteAuthTask.5
                @Override // com.tencent.tmf.biometricauth.net.INetCallback
                public void onNetEnd(IGetChallengeStrNetHelper.GetChallengeResult getChallengeResult) {
                    if (getChallengeResult == null || TextUtils.isEmpty(getChallengeResult.mChallenge)) {
                        DebugLogger.w(RemoteAuthTask.TAG, "get mChallenge from server failed", new Object[0]);
                        RemoteAuthTask.this.callback(new ReturnResult(26));
                    } else {
                        RemoteAuthTask.this.mChallenge = getChallengeResult.mChallenge;
                        RemoteAuthTask.this.startAuthFlow();
                    }
                }
            });
            this.mGetChallengeStrNetHelper.execute();
        }
    }

    @Override // com.tencent.tmf.biometricauth.task.AuthCancellationCallable
    public boolean isCancelled() {
        return this.mIsAuthenticationAlreadyCancelled;
    }

    @Override // com.tencent.tmf.biometricauth.task.BaseTask
    public boolean isSingleInstance() {
        return true;
    }

    @Override // com.tencent.tmf.biometricauth.task.BaseTask
    public void onRemovedFromTaskPoolActively() {
        BiometricCanceller biometricCanceller = this.mBiometricCanceller;
        if (biometricCanceller != null) {
            biometricCanceller.asyncCancelBiometricAuthentication();
        }
    }

    @Override // com.tencent.tmf.biometricauth.task.BaseTask
    public boolean preExecute() {
        try {
            if (!KeyStoreWrapper.getInstance().isSupport()) {
                if (this.mBiometricStateCallback != null) {
                    TaskThread.getInstance().postToMainThread(new Runnable() { // from class: com.tencent.tmf.biometricauth.task.auth.RemoteAuthTask.1
                        @Override // java.lang.Runnable
                        public void run() {
                            RemoteAuthTask.this.mBiometricStateCallback.onAuthenticationError(2, "not support.");
                        }
                    });
                }
                callback(new ReturnResult(2));
                return true;
            }
            if (this.mContext.get() == null) {
                callback(new ReturnResult(25));
                return true;
            }
            if (!BiometricManagerCompact.from(this.mBiometricType).checkAvailable(this.mContext.get())) {
                if (this.mBiometricStateCallback != null) {
                    TaskThread.getInstance().postToMainThread(new Runnable() { // from class: com.tencent.tmf.biometricauth.task.auth.RemoteAuthTask.3
                        @Override // java.lang.Runnable
                        public void run() {
                            RemoteAuthTask.this.mBiometricStateCallback.onAuthenticationError(2, "current biometric type is not supported.");
                        }
                    });
                }
                callback(new ReturnResult(2));
                return true;
            }
            this.mAuthKeyName = CacheDataCenter.getInstance().getAuthKeyName(this.mScene);
            if (TextUtils.isEmpty(this.mAuthKeyName)) {
                DebugLogger.w(TAG, "request prepare auth key scene: %d, but key name is not registered. Please make sure you register the scene in init", new Object[0]);
                callback(new ReturnResult(23));
                return true;
            }
            if (this.mGetChallengeStrNetHelper == null && TextUtils.isEmpty(this.mChallenge)) {
                callback(new ReturnResult(24, "neither get mChallenge wrapper nor mChallenge text is found in request parameter"));
                return true;
            }
            if (KeyStoreWrapper.getInstance().getKeyStoreType() != 1) {
                if (this.mBiometricStateCallback != null) {
                    TaskThread.getInstance().postToMainThread(new Runnable() { // from class: com.tencent.tmf.biometricauth.task.auth.RemoteAuthTask.4
                        @Override // java.lang.Runnable
                        public void run() {
                            RemoteAuthTask.this.mBiometricStateCallback.onAuthenticationError(15, "current key store is not supported, please call AuthWrapperApi.initForRemoteAuth() first!");
                        }
                    });
                }
                callback(new ReturnResult(15, "current key store is not supported, please call AuthWrapperApi.initForRemoteAuth() first!"));
            }
            if (this.mBiometricCanceller == null) {
                this.mBiometricCanceller = new BiometricCanceller();
            }
            return false;
        } catch (IllegalAccessException unused) {
            if (this.mBiometricStateCallback != null) {
                TaskThread.getInstance().postToMainThread(new Runnable() { // from class: com.tencent.tmf.biometricauth.task.auth.RemoteAuthTask.2
                    @Override // java.lang.Runnable
                    public void run() {
                        RemoteAuthTask.this.mBiometricStateCallback.onAuthenticationError(11, "call AuthWrapperApi.initForRemoteAuth() first.");
                    }
                });
            }
            callback(new ReturnResult(11));
            return true;
        }
    }
}
