package com.android.identity.wallet.util;

import android.content.Context;
import android.graphics.Bitmap;
import android.graphics.BitmapFactory;
import android.graphics.Canvas;
import android.graphics.Paint;
import android.graphics.Rect;
import androidx.core.view.ViewCompat;
import com.android.identity.cbor.Bstr;
import com.android.identity.cbor.Cbor;
import com.android.identity.cbor.DataItemExtensionsKt;
import com.android.identity.cbor.TaggedItem;
import com.android.identity.cose.Cose;
import com.android.identity.cose.CoseNumberLabel;
import com.android.identity.credential.Credential;
import com.android.identity.crypto.Algorithm;
import com.android.identity.crypto.Certificate;
import com.android.identity.crypto.CertificateChain;
import com.android.identity.crypto.EcCurve;
import com.android.identity.crypto.EcPrivateKey;
import com.android.identity.crypto.EcPrivateKeyKt;
import com.android.identity.document.Document;
import com.android.identity.document.DocumentStore;
import com.android.identity.document.DocumentUtil;
import com.android.identity.document.NameSpacedData;
import com.android.identity.mdoc.credential.MdocCredential;
import com.android.identity.mdoc.mso.MobileSecurityObjectGenerator;
import com.android.identity.mdoc.mso.StaticAuthDataGenerator;
import com.android.identity.mdoc.util.MdocUtil;
import com.android.identity.securearea.CreateKeySettings;
import com.android.identity.securearea.KeyInfo;
import com.android.identity.securearea.KeyPurpose;
import com.android.identity.securearea.SecureArea;
import com.android.identity.securearea.SecureAreaRepository;
import com.android.identity.util.ApplicationData;
import com.android.identity.util.Timestamp;
import com.android.identity.wallet.HolderApp;
import com.android.identity.wallet.document.DocumentInformation;
import com.android.identity.wallet.document.KeysAndCertificates;
import com.android.identity.wallet.selfsigned.ProvisionInfo;
import com.android.identity.wallet.support.SecureAreaSupport;
import java.io.ByteArrayOutputStream;
import java.security.KeyPair;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.X509Certificate;
import java.time.Instant;
import java.time.ZoneId;
import java.time.ZonedDateTime;
import java.time.format.DateTimeFormatter;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import kotlin.Lazy;
import kotlin.LazyKt;
import kotlin.LazyThreadSafetyMode;
import kotlin.Metadata;
import kotlin.Pair;
import kotlin.TuplesKt;
import kotlin.collections.CollectionsKt;
import kotlin.collections.MapsKt;
import kotlin.jvm.functions.Function0;
import kotlin.jvm.functions.Function1;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.jvm.internal.Intrinsics;
import kotlin.random.Random;
import kotlin.text.Charsets;
import kotlin.text.Regex;
import kotlin.text.StringsKt;

/* compiled from: ProvisioningUtil.kt */
@Metadata(d1 = {"\u0000R\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0005\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0010\u0012\n\u0002\b\u0002\n\u0002\u0010\u0004\n\u0000\n\u0002\u0010\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u000e\n\u0002\b\u0004\b\u0007\u0018\u0000 !2\u00020\u0001:\u0001!B\u000f\b\u0002\u0012\u0006\u0010\u0002\u001a\u00020\u0003¢\u0006\u0002\u0010\u0004J\u0018\u0010\u000f\u001a\u00020\u00102\u0006\u0010\u0011\u001a\u00020\u00102\u0006\u0010\u0012\u001a\u00020\u0013H\u0002J\u0016\u0010\u0014\u001a\u00020\u00152\u0006\u0010\u0016\u001a\u00020\u00172\u0006\u0010\u0018\u001a\u00020\u0019J\u0016\u0010\u001a\u001a\u00020\u00152\u0006\u0010\u001b\u001a\u00020\u001c2\u0006\u0010\u001d\u001a\u00020\u001eJ\u000e\u0010\u001f\u001a\u00020\u00152\u0006\u0010\u001b\u001a\u00020\u001cJ\f\u0010 \u001a\u00020\u001e*\u00020\u0019H\u0002R\u000e\u0010\u0002\u001a\u00020\u0003X\u0082\u0004¢\u0006\u0002\n\u0000R\u001b\u0010\u0005\u001a\u00020\u00068FX\u0086\u0084\u0002¢\u0006\f\n\u0004\b\t\u0010\n\u001a\u0004\b\u0007\u0010\bR\u0011\u0010\u000b\u001a\u00020\f¢\u0006\b\n\u0000\u001a\u0004\b\r\u0010\u000e¨\u0006\""}, d2 = {"Lcom/android/identity/wallet/util/ProvisioningUtil;", "", "context", "Landroid/content/Context;", "(Landroid/content/Context;)V", "documentStore", "Lcom/android/identity/document/DocumentStore;", "getDocumentStore", "()Lcom/android/identity/document/DocumentStore;", "documentStore$delegate", "Lkotlin/Lazy;", "secureAreaRepository", "Lcom/android/identity/securearea/SecureAreaRepository;", "getSecureAreaRepository", "()Lcom/android/identity/securearea/SecureAreaRepository;", "overridePortrait", "", "encodedPortrait", "counter", "", "provisionSelfSigned", "", "nameSpacedData", "Lcom/android/identity/document/NameSpacedData;", "provisionInfo", "Lcom/android/identity/wallet/selfsigned/ProvisionInfo;", "refreshCredentials", "document", "Lcom/android/identity/document/Document;", "docType", "", "trackUsageTimestamp", "documentName", "Companion", "appholder_walletDebug"}, k = 1, mv = {1, 8, 0}, xi = 48)
/* loaded from: classes24.dex */
public final class ProvisioningUtil {
    private static final String AUTH_KEY_SECURE_AREA_IDENTIFIER = "authKeySecureAreaIdentifier";
    private static final String AUTH_KEY_SETTINGS = "authKeySettings";
    private static final String CARD_ART = "cardArt";
    public static final String CREDENTIAL_DOMAIN = "mdoc/MSO";
    private static final String DATE_PROVISIONED = "dateProvisioned";
    public static final String DOCUMENT_TYPE = "documentType";
    private static final String IS_SELF_SIGNED = "isSelfSigned";
    private static final String LAST_TIME_USED = "lastTimeUsed";
    private static final String MAX_USAGES_PER_KEY = "maxUsagesPerCredential";
    private static final String MIN_VALIDITY_IN_DAYS = "minValidityInDays";
    private static final String NUM_CREDENTIALS = "numCredentials";
    private static final String USER_VISIBLE_NAME = "userVisibleName";
    private static final String VALIDITY_IN_DAYS = "validityInDays";
    private static volatile ProvisioningUtil instance;
    private final Context context;

    /* renamed from: documentStore$delegate, reason: from kotlin metadata */
    private final Lazy documentStore;
    private final SecureAreaRepository secureAreaRepository;

    /* renamed from: Companion, reason: from kotlin metadata */
    public static final Companion INSTANCE = new Companion(null);
    public static final int $stable = LiveLiterals$ProvisioningUtilKt.INSTANCE.m7735Int$classProvisioningUtil();
    private static final DateTimeFormatter dateTimeFormatter = DateTimeFormatter.ISO_LOCAL_DATE_TIME;

    /* compiled from: ProvisioningUtil.kt */
    @Metadata(d1 = {"\u0000B\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0002\b\u0002\n\u0002\u0010\u000e\n\u0002\b\r\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0000\b\u0086\u0003\u0018\u00002\u00020\u0001B\u0007\b\u0002¢\u0006\u0002\u0010\u0002J\u000e\u0010\u001a\u001a\u00020\u00192\u0006\u0010\u001b\u001a\u00020\u001cJ\f\u0010\u001d\u001a\u00020\u0004*\u00020\u001eH\u0002J\u000e\u0010\u001f\u001a\u0004\u0018\u00010 *\u0004\u0018\u00010!R\u000e\u0010\u0003\u001a\u00020\u0004X\u0082T¢\u0006\u0002\n\u0000R\u000e\u0010\u0005\u001a\u00020\u0004X\u0082T¢\u0006\u0002\n\u0000R\u000e\u0010\u0006\u001a\u00020\u0004X\u0082T¢\u0006\u0002\n\u0000R\u000e\u0010\u0007\u001a\u00020\u0004X\u0086T¢\u0006\u0002\n\u0000R\u000e\u0010\b\u001a\u00020\u0004X\u0082T¢\u0006\u0002\n\u0000R\u000e\u0010\t\u001a\u00020\u0004X\u0086T¢\u0006\u0002\n\u0000R\u000e\u0010\n\u001a\u00020\u0004X\u0082T¢\u0006\u0002\n\u0000R\u000e\u0010\u000b\u001a\u00020\u0004X\u0082T¢\u0006\u0002\n\u0000R\u000e\u0010\f\u001a\u00020\u0004X\u0082T¢\u0006\u0002\n\u0000R\u000e\u0010\r\u001a\u00020\u0004X\u0082T¢\u0006\u0002\n\u0000R\u000e\u0010\u000e\u001a\u00020\u0004X\u0082T¢\u0006\u0002\n\u0000R\u000e\u0010\u000f\u001a\u00020\u0004X\u0082T¢\u0006\u0002\n\u0000R\u000e\u0010\u0010\u001a\u00020\u0004X\u0082T¢\u0006\u0002\n\u0000R\u0016\u0010\u0011\u001a\n \u0013*\u0004\u0018\u00010\u00120\u0012X\u0082\u0004¢\u0006\u0002\n\u0000R\u0011\u0010\u0014\u001a\u00020\u00158F¢\u0006\u0006\u001a\u0004\b\u0016\u0010\u0017R\u0014\u0010\u0018\u001a\u0004\u0018\u00010\u00198\u0002@\u0002X\u0083\u000e¢\u0006\u0002\n\u0000¨\u0006\""}, d2 = {"Lcom/android/identity/wallet/util/ProvisioningUtil$Companion;", "", "()V", "AUTH_KEY_SECURE_AREA_IDENTIFIER", "", "AUTH_KEY_SETTINGS", "CARD_ART", "CREDENTIAL_DOMAIN", "DATE_PROVISIONED", "DOCUMENT_TYPE", "IS_SELF_SIGNED", "LAST_TIME_USED", "MAX_USAGES_PER_KEY", "MIN_VALIDITY_IN_DAYS", "NUM_CREDENTIALS", "USER_VISIBLE_NAME", "VALIDITY_IN_DAYS", "dateTimeFormatter", "Ljava/time/format/DateTimeFormatter;", "kotlin.jvm.PlatformType", "defaultSecureArea", "Lcom/android/identity/securearea/SecureArea;", "getDefaultSecureArea", "()Lcom/android/identity/securearea/SecureArea;", "instance", "Lcom/android/identity/wallet/util/ProvisioningUtil;", "getInstance", "context", "Landroid/content/Context;", "formatted", "Lcom/android/identity/util/Timestamp;", "toDocumentInformation", "Lcom/android/identity/wallet/document/DocumentInformation;", "Lcom/android/identity/document/Document;", "appholder_walletDebug"}, k = 1, mv = {1, 8, 0}, xi = 48)
    /* loaded from: classes24.dex */
    public static final class Companion {
        private Companion() {
        }

        public /* synthetic */ Companion(DefaultConstructorMarker defaultConstructorMarker) {
            this();
        }

        private final String formatted(Timestamp timestamp) {
            String format = ProvisioningUtil.dateTimeFormatter.format(ZonedDateTime.ofInstant(Instant.ofEpochMilli(timestamp.getEpochMillis()), ZoneId.systemDefault()));
            Intrinsics.checkNotNullExpressionValue(format, "dateTimeFormatter.format(dateTime)");
            return format;
        }

        public final SecureArea getDefaultSecureArea() {
            SecureAreaRepository secureAreaRepository;
            List<SecureArea> implementations;
            ProvisioningUtil provisioningUtil = ProvisioningUtil.instance;
            SecureArea secureArea = (provisioningUtil == null || (secureAreaRepository = provisioningUtil.getSecureAreaRepository()) == null || (implementations = secureAreaRepository.getImplementations()) == null) ? null : (SecureArea) CollectionsKt.first((List) implementations);
            if (secureArea != null) {
                return secureArea;
            }
            throw new IllegalArgumentException("Required value was null.".toString());
        }

        public final ProvisioningUtil getInstance(Context context) {
            ProvisioningUtil provisioningUtil;
            Intrinsics.checkNotNullParameter(context, "context");
            ProvisioningUtil provisioningUtil2 = ProvisioningUtil.instance;
            if (provisioningUtil2 != null) {
                return provisioningUtil2;
            }
            synchronized (this) {
                provisioningUtil = ProvisioningUtil.instance;
                if (provisioningUtil == null) {
                    provisioningUtil = new ProvisioningUtil(context, null);
                    Companion companion = ProvisioningUtil.INSTANCE;
                    ProvisioningUtil.instance = provisioningUtil;
                }
            }
            return provisioningUtil;
        }

        public final DocumentInformation toDocumentInformation(Document document) {
            if (document == null) {
                return null;
            }
            boolean z = false;
            String string = document.getApplicationData().getString(ProvisioningUtil.AUTH_KEY_SECURE_AREA_IDENTIFIER);
            ProvisioningUtil provisioningUtil = ProvisioningUtil.instance;
            Intrinsics.checkNotNull(provisioningUtil);
            SecureArea implementation = provisioningUtil.getSecureAreaRepository().getImplementation(string);
            if (implementation == null) {
                throw new IllegalStateException(LiveLiterals$ProvisioningUtilKt.INSTANCE.m7744x309f78fb() + string + LiveLiterals$ProvisioningUtilKt.INSTANCE.m7749x4e56d87d() + document.getName());
            }
            List<Credential> certifiedCredentials = document.getCertifiedCredentials();
            boolean z2 = false;
            ArrayList arrayList = new ArrayList(CollectionsKt.collectionSizeOrDefault(certifiedCredentials, 10));
            for (Credential credential : certifiedCredentials) {
                Intrinsics.checkNotNull(credential, "null cannot be cast to non-null type com.android.identity.mdoc.credential.MdocCredential");
                KeyInfo keyInfo = implementation.getKeyInfo(((MdocCredential) credential).getAlias());
                arrayList.add(new DocumentInformation.KeyData((int) credential.getCredentialCounter(), ProvisioningUtil.INSTANCE.formatted(credential.getValidFrom()), ProvisioningUtil.INSTANCE.formatted(credential.getValidUntil()), credential.getDomain(), credential.getIssuerProvidedData().length, credential.getUsageCount(), (KeyPurpose) CollectionsKt.first(keyInfo.getKeyPurposes()), keyInfo.getPublicKey().getCurve(), LiveLiterals$ProvisioningUtilKt.INSTANCE.m7718xa401e4bd(), implementation.getDisplayName()));
                certifiedCredentials = certifiedCredentials;
                z2 = z2;
                z = z;
            }
            ArrayList arrayList2 = arrayList;
            long number = document.getApplicationData().getNumber(ProvisioningUtil.LAST_TIME_USED);
            return new DocumentInformation(document.getApplicationData().getString(ProvisioningUtil.USER_VISIBLE_NAME), document.getName(), document.getApplicationData().getString(ProvisioningUtil.DOCUMENT_TYPE), document.getApplicationData().getString(ProvisioningUtil.DATE_PROVISIONED), document.getApplicationData().getBoolean(ProvisioningUtil.IS_SELF_SIGNED), (int) document.getApplicationData().getNumber(ProvisioningUtil.CARD_ART), (int) document.getApplicationData().getNumber(ProvisioningUtil.MAX_USAGES_PER_KEY), number == LiveLiterals$ProvisioningUtilKt.INSTANCE.m7738x97ca96de() ? LiveLiterals$ProvisioningUtilKt.INSTANCE.m7762xff022fa2() : ProvisioningUtil.INSTANCE.formatted(Timestamp.INSTANCE.ofEpochMilli(number)), arrayList2);
        }
    }

    private ProvisioningUtil(Context context) {
        this.context = context;
        this.secureAreaRepository = new SecureAreaRepository();
        this.documentStore = LazyKt.lazy(LazyThreadSafetyMode.SYNCHRONIZED, (Function0) new Function0<DocumentStore>() { // from class: com.android.identity.wallet.util.ProvisioningUtil$documentStore$2
            /* JADX INFO: Access modifiers changed from: package-private */
            {
                super(0);
            }

            /* JADX WARN: Can't rename method to resolve collision */
            @Override // kotlin.jvm.functions.Function0
            public final DocumentStore invoke() {
                Context context2;
                HolderApp.Companion companion = HolderApp.INSTANCE;
                context2 = ProvisioningUtil.this.context;
                return companion.createDocumentStore(context2, ProvisioningUtil.this.getSecureAreaRepository());
            }
        });
    }

    public /* synthetic */ ProvisioningUtil(Context context, DefaultConstructorMarker defaultConstructorMarker) {
        this(context);
    }

    private final String documentName(ProvisionInfo provisionInfo) {
        String lowerCase = StringsKt.replace$default(new Regex(LiveLiterals$ProvisioningUtilKt.INSTANCE.m7752x59e8baa8()).replace(provisionInfo.getDocName(), LiveLiterals$ProvisioningUtilKt.INSTANCE.m7761xc6e6085d()), LiveLiterals$ProvisioningUtilKt.INSTANCE.m7757xdb66aad7(), LiveLiterals$ProvisioningUtilKt.INSTANCE.m7760x1d7dd836(), false, 4, (Object) null).toLowerCase(Locale.ROOT);
        Intrinsics.checkNotNullExpressionValue(lowerCase, "toLowerCase(...)");
        return lowerCase;
    }

    private final byte[] overridePortrait(byte[] encodedPortrait, Number counter) {
        BitmapFactory.Options options = new BitmapFactory.Options();
        options.inMutable = LiveLiterals$ProvisioningUtilKt.INSTANCE.m7719x583ca529();
        Bitmap decodeByteArray = BitmapFactory.decodeByteArray(encodedPortrait, LiveLiterals$ProvisioningUtilKt.INSTANCE.m7731x3bb9f17b(), encodedPortrait.length, options);
        String str = LiveLiterals$ProvisioningUtilKt.INSTANCE.m7746xc4775ee2() + counter;
        Canvas canvas = new Canvas(decodeByteArray);
        Paint paint = new Paint(1);
        paint.setColor(-1);
        paint.setTextSize(decodeByteArray.getWidth() / LiveLiterals$ProvisioningUtilKt.INSTANCE.m7720xf6e9838a());
        paint.setShadowLayer(LiveLiterals$ProvisioningUtilKt.INSTANCE.m7723x82f1bb3a(), LiveLiterals$ProvisioningUtilKt.INSTANCE.m7724xd0b1333b(), LiveLiterals$ProvisioningUtilKt.INSTANCE.m7725x1e70ab3c(), ViewCompat.MEASURED_STATE_MASK);
        paint.getTextBounds(str, LiveLiterals$ProvisioningUtilKt.INSTANCE.m7732xed53e7d7(), str.length(), new Rect());
        canvas.drawText(str, (decodeByteArray.getWidth() - r5.width()) / LiveLiterals$ProvisioningUtilKt.INSTANCE.m7721xfa9e22ec(), (decodeByteArray.getHeight() - r5.height()) / LiveLiterals$ProvisioningUtilKt.INSTANCE.m7722x953ee56d(), paint);
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        decodeByteArray.compress(Bitmap.CompressFormat.JPEG, LiveLiterals$ProvisioningUtilKt.INSTANCE.m7730x1130bb21(), byteArrayOutputStream);
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        Intrinsics.checkNotNullExpressionValue(byteArray, "baos.toByteArray()");
        return byteArray;
    }

    public final DocumentStore getDocumentStore() {
        return (DocumentStore) this.documentStore.getValue();
    }

    public final SecureAreaRepository getSecureAreaRepository() {
        return this.secureAreaRepository;
    }

    public final void provisionSelfSigned(NameSpacedData nameSpacedData, ProvisionInfo provisionInfo) {
        Intrinsics.checkNotNullParameter(nameSpacedData, "nameSpacedData");
        Intrinsics.checkNotNullParameter(provisionInfo, "provisionInfo");
        Document createDocument = getDocumentStore().createDocument(documentName(provisionInfo));
        getDocumentStore().addDocument(createDocument);
        createDocument.getApplicationData().setNameSpacedData(LiveLiterals$ProvisioningUtilKt.INSTANCE.m7758x2d3d6319(), nameSpacedData);
        SecureArea secureArea = provisionInfo.getCurrentSecureArea().getSecureArea();
        createDocument.getApplicationData().setString(USER_VISIBLE_NAME, provisionInfo.getDocName());
        createDocument.getApplicationData().setString(DOCUMENT_TYPE, provisionInfo.getDocType());
        ApplicationData applicationData = createDocument.getApplicationData();
        String format = dateTimeFormatter.format(ZonedDateTime.now());
        Intrinsics.checkNotNullExpressionValue(format, "dateTimeFormatter.format(ZonedDateTime.now())");
        applicationData.setString(DATE_PROVISIONED, format);
        createDocument.getApplicationData().setNumber(CARD_ART, provisionInfo.getDocColor());
        createDocument.getApplicationData().setBoolean(IS_SELF_SIGNED, LiveLiterals$ProvisioningUtilKt.INSTANCE.m7715xcfdad48e());
        createDocument.getApplicationData().setNumber(MAX_USAGES_PER_KEY, provisionInfo.getMaxUseMso());
        createDocument.getApplicationData().setNumber(VALIDITY_IN_DAYS, provisionInfo.getValidityInDays());
        createDocument.getApplicationData().setNumber(MIN_VALIDITY_IN_DAYS, provisionInfo.getMinValidityInDays());
        createDocument.getApplicationData().setNumber(LAST_TIME_USED, LiveLiterals$ProvisioningUtilKt.INSTANCE.m7739x6153a08());
        createDocument.getApplicationData().setString(AUTH_KEY_SECURE_AREA_IDENTIFIER, secureArea.getIdentifier());
        createDocument.getApplicationData().setNumber(NUM_CREDENTIALS, provisionInfo.getNumberMso());
        createDocument.getApplicationData().setData(AUTH_KEY_SETTINGS, SecureAreaSupport.INSTANCE.getInstance(this.context, secureArea).createAuthKeySettingsConfiguration(provisionInfo.getSecureAreaSupportState()));
        refreshCredentials(createDocument, provisionInfo.getDocType());
    }

    public final void refreshCredentials(final Document document, final String docType) {
        Iterator it;
        ProvisioningUtil provisioningUtil = this;
        Intrinsics.checkNotNullParameter(document, "document");
        Intrinsics.checkNotNullParameter(docType, "docType");
        String string = document.getApplicationData().getString(AUTH_KEY_SECURE_AREA_IDENTIFIER);
        long number = document.getApplicationData().getNumber(MIN_VALIDITY_IN_DAYS);
        long number2 = document.getApplicationData().getNumber(MAX_USAGES_PER_KEY);
        long number3 = document.getApplicationData().getNumber(NUM_CREDENTIALS);
        int number4 = (int) document.getApplicationData().getNumber(VALIDITY_IN_DAYS);
        Timestamp now = Timestamp.INSTANCE.now();
        Timestamp ofEpochMilli = Timestamp.INSTANCE.ofEpochMilli(now.getEpochMillis() + (number4 * LiveLiterals$ProvisioningUtilKt.INSTANCE.m7728x3ba0a0cc() * LiveLiterals$ProvisioningUtilKt.INSTANCE.m7736x34203f08()));
        final SecureArea implementation = provisioningUtil.secureAreaRepository.getImplementation(string);
        if (implementation == null) {
            throw new IllegalStateException(LiveLiterals$ProvisioningUtilKt.INSTANCE.m7745x37670637() + string + LiveLiterals$ProvisioningUtilKt.INSTANCE.m7750xf86a95f5() + document.getName());
        }
        SecureAreaSupport companion = SecureAreaSupport.INSTANCE.getInstance(provisioningUtil.context, implementation);
        byte[] data = document.getApplicationData().getData(AUTH_KEY_SETTINGS);
        byte[] bytes = LiveLiterals$ProvisioningUtilKt.INSTANCE.m7743xa686b73f().getBytes(Charsets.UTF_8);
        Intrinsics.checkNotNullExpressionValue(bytes, "getBytes(...)");
        final CreateKeySettings createAuthKeySettingsFromConfiguration = companion.createAuthKeySettingsFromConfiguration(data, bytes, now, ofEpochMilli);
        int managedCredentialHelper = DocumentUtil.managedCredentialHelper(document, CREDENTIAL_DOMAIN, new Function1<Credential, Credential>() { // from class: com.android.identity.wallet.util.ProvisioningUtil$refreshCredentials$pendingCredsCount$1
            /* JADX INFO: Access modifiers changed from: package-private */
            /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
            {
                super(1);
            }

            @Override // kotlin.jvm.functions.Function1
            public final Credential invoke(Credential credential) {
                return new MdocCredential(Document.this, credential, ProvisioningUtil.CREDENTIAL_DOMAIN, implementation, createAuthKeySettingsFromConfiguration, docType);
            }
        }, now, (int) number3, (int) number2, LiveLiterals$ProvisioningUtilKt.INSTANCE.m7737x915b93da() * LiveLiterals$ProvisioningUtilKt.INSTANCE.m7726xb33447e() * number * LiveLiterals$ProvisioningUtilKt.INSTANCE.m7727x5826402d() * LiveLiterals$ProvisioningUtilKt.INSTANCE.m7729xba4a949e(), LiveLiterals$ProvisioningUtilKt.INSTANCE.m7717x8268595b());
        if (managedCredentialHelper <= LiveLiterals$ProvisioningUtilKt.INSTANCE.m7733x4b1bee78()) {
            return;
        }
        List<Credential> pendingCredentials = document.getPendingCredentials();
        ArrayList arrayList = new ArrayList();
        for (Object obj : pendingCredentials) {
            int i = managedCredentialHelper;
            List<Credential> list = pendingCredentials;
            if (Intrinsics.areEqual(((Credential) obj).getDomain(), CREDENTIAL_DOMAIN)) {
                arrayList.add(obj);
            }
            managedCredentialHelper = i;
            pendingCredentials = list;
        }
        Iterator it2 = arrayList.iterator();
        while (it2.hasNext()) {
            Credential credential = (Credential) it2.next();
            Intrinsics.checkNotNull(credential, "null cannot be cast to non-null type com.android.identity.mdoc.credential.MdocCredential");
            MobileSecurityObjectGenerator mobileSecurityObjectGenerator = new MobileSecurityObjectGenerator(LiveLiterals$ProvisioningUtilKt.INSTANCE.m7751x792b5170(), docType, ((Certificate) CollectionsKt.first((List) ((MdocCredential) credential).getAttestation().getCertificates())).getPublicKey());
            mobileSecurityObjectGenerator.setValidityInfo(now, now, ofEpochMilli, null);
            Map map = null;
            Map map2 = null;
            if (docType.equals(LiveLiterals$ProvisioningUtilKt.INSTANCE.m7753x564cff02())) {
                byte[] overridePortrait = provisioningUtil.overridePortrait(document.getApplicationData().getNameSpacedData(LiveLiterals$ProvisioningUtilKt.INSTANCE.m7755xa89bec67()).getDataElementByteString(LiveLiterals$ProvisioningUtilKt.INSTANCE.m7754x1870e677(), LiveLiterals$ProvisioningUtilKt.INSTANCE.m7759x58ebfc16()), Long.valueOf(credential.getCredentialCounter()));
                map = MapsKt.mapOf(TuplesKt.to(LiveLiterals$ProvisioningUtilKt.INSTANCE.m7741x65155e75(), CollectionsKt.listOf((Object[]) new String[]{LiveLiterals$ProvisioningUtilKt.INSTANCE.m7747x6b22a5c6(), LiveLiterals$ProvisioningUtilKt.INSTANCE.m7748x76a28b47()})));
                it = it2;
                map2 = MapsKt.mapOf(TuplesKt.to(LiveLiterals$ProvisioningUtilKt.INSTANCE.m7742xbdefb8ba(), MapsKt.mapOf(TuplesKt.to(LiveLiterals$ProvisioningUtilKt.INSTANCE.m7740x5d767c3a(), Cbor.encode(new Bstr(overridePortrait))))));
            } else {
                it = it2;
            }
            Map<String, List<byte[]>> generateIssuerNameSpaces = MdocUtil.generateIssuerNameSpaces(document.getApplicationData().getNameSpacedData(LiveLiterals$ProvisioningUtilKt.INSTANCE.m7756x477a3d5a()), Random.INSTANCE, LiveLiterals$ProvisioningUtilKt.INSTANCE.m7734xd0869c61(), map2);
            for (String str : generateIssuerNameSpaces.keySet()) {
                mobileSecurityObjectGenerator.addDigestIdsForNamespace(str, MdocUtil.calculateDigestsForNameSpace(str, generateIssuerNameSpaces, Algorithm.SHA256));
            }
            byte[] encode = Cbor.encode(new TaggedItem(24L, new Bstr(mobileSecurityObjectGenerator.generate())));
            KeyPair mekbDsKeyPair = Intrinsics.areEqual(docType, "nl.rdw.mekb.1") ? KeysAndCertificates.INSTANCE.getMekbDsKeyPair(provisioningUtil.context) : Intrinsics.areEqual(docType, DocumentData.MICOV_DOCTYPE) ? KeysAndCertificates.INSTANCE.getMicovDsKeyPair(provisioningUtil.context) : KeysAndCertificates.INSTANCE.getMdlDsKeyPair(provisioningUtil.context);
            X509Certificate mekbDsCertificate = Intrinsics.areEqual(docType, "nl.rdw.mekb.1") ? KeysAndCertificates.INSTANCE.getMekbDsCertificate(provisioningUtil.context) : Intrinsics.areEqual(docType, DocumentData.MICOV_DOCTYPE) ? KeysAndCertificates.INSTANCE.getMicovDsCertificate(provisioningUtil.context) : KeysAndCertificates.INSTANCE.getMdlDsCertificate(provisioningUtil.context);
            PrivateKey privateKey = mekbDsKeyPair.getPrivate();
            Intrinsics.checkNotNullExpressionValue(privateKey, "issuerKeyPair.private");
            PublicKey publicKey = mekbDsKeyPair.getPublic();
            Intrinsics.checkNotNullExpressionValue(publicKey, "issuerKeyPair.public");
            EcPrivateKey ecPrivateKey = EcPrivateKeyKt.toEcPrivateKey(privateKey, publicKey, EcCurve.P256);
            boolean m7716x32f3baaf = LiveLiterals$ProvisioningUtilKt.INSTANCE.m7716x32f3baaf();
            Algorithm algorithm = Algorithm.ES256;
            Map mapOf = MapsKt.mapOf(new Pair(new CoseNumberLabel(1L), DataItemExtensionsKt.getToDataItem(Algorithm.ES256.getCoseAlgorithmIdentifier())));
            CoseNumberLabel coseNumberLabel = new CoseNumberLabel(33L);
            byte[] encoded = mekbDsCertificate.getEncoded();
            Intrinsics.checkNotNullExpressionValue(encoded, "issuerCert.encoded");
            credential.certify(new StaticAuthDataGenerator(MdocUtil.stripIssuerNameSpaces(generateIssuerNameSpaces, map), Cbor.encode(Cose.coseSign1Sign(ecPrivateKey, encode, m7716x32f3baaf, algorithm, mapOf, MapsKt.mapOf(new Pair(coseNumberLabel, new CertificateChain(CollectionsKt.listOf(new Certificate(encoded))).getToDataItem()))).getToDataItem())).generate(), now, ofEpochMilli);
            provisioningUtil = this;
            it2 = it;
        }
    }

    public final void trackUsageTimestamp(Document document) {
        Intrinsics.checkNotNullParameter(document, "document");
        document.getApplicationData().setNumber(LAST_TIME_USED, Timestamp.INSTANCE.now().getEpochMillis());
    }
}
