package com.samsung.android.spay.vas.wallet.common.security;

import android.text.TextUtils;
import android.util.Base64;
import com.google.gson.Gson;
import com.samsung.android.spay.common.CommonLib;
import com.samsung.android.spay.common.util.log.LogUtil;
import com.samsung.android.spay.common.util.pref.ProvisioningPref;
import com.samsung.android.spay.vas.wallet.common.core.network.CommonNetworkController;
import com.samsung.android.spay.vas.wallet.common.core.network.model.VerifyOtpCmsData;
import com.samsung.android.spay.vas.wallet.common.core.network.model.WalletRegReqData;
import com.samsung.android.spay.vas.wallet.common.core.network.model.WalletRegRespData;
import com.samsung.android.spay.vas.wallet.common.core.network.model.response.Certificates;
import com.samsung.android.spay.vas.wallet.common.database.manager.model.WalletInfoVO;
import com.samsung.android.spay.vas.wallet.common.utils.SharedPrefUtil;
import com.xshield.dc;
import java.io.ByteArrayInputStream;
import java.nio.charset.Charset;
import java.nio.charset.StandardCharsets;
import java.security.MessageDigest;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.Objects;
import kotlin.Metadata;
import kotlin.jvm.JvmName;
import kotlin.jvm.internal.Intrinsics;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;

@Metadata(d1 = {"\u00006\n\u0000\n\u0002\u0010\b\n\u0000\n\u0002\u0010\u000e\n\u0002\b\u0003\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\b\u0006\n\u0002\u0018\u0002\n\u0002\b\u0006\n\u0002\u0010\u000b\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0004\u001a\u0006\u0010\u0004\u001a\u00020\u0003\u001a \u0010\u0005\u001a\u00020\u00032\u0016\u0010\u0006\u001a\u0012\u0012\u0004\u0012\u00020\b0\u0007j\b\u0012\u0004\u0012\u00020\b`\tH\u0002\u001a\u0010\u0010\n\u001a\u00020\u00032\u0006\u0010\u000b\u001a\u00020\u0003H\u0002\u001a*\u0010\f\u001a\u0004\u0018\u00010\u00032\u0006\u0010\u000b\u001a\u00020\u00032\u0006\u0010\r\u001a\u00020\u00032\u0006\u0010\u000e\u001a\u00020\u00032\u0006\u0010\u000f\u001a\u00020\u0010H\u0002\u001a\u0010\u0010\u0011\u001a\u0004\u0018\u00010\u00032\u0006\u0010\r\u001a\u00020\u0003\u001a.\u0010\u0012\u001a\u00020\u00032\u0016\u0010\u0006\u001a\u0012\u0012\u0004\u0012\u00020\b0\u0007j\b\u0012\u0004\u0012\u00020\b`\t2\u0006\u0010\u0013\u001a\u00020\u00032\u0006\u0010\u000e\u001a\u00020\u0003\u001a\u0010\u0010\u0014\u001a\u00020\u00102\u0006\u0010\u0015\u001a\u00020\u0003H\u0002\u001a\u0016\u0010\u0016\u001a\u00020\u00172\u0006\u0010\u0018\u001a\u00020\u00192\u0006\u0010\u001a\u001a\u00020\u0003\u001a(\u0010\u001b\u001a\u00020\u00172\b\u0010\u000b\u001a\u0004\u0018\u00010\u00032\u0006\u0010\r\u001a\u00020\u00032\u0006\u0010\u000e\u001a\u00020\u00032\u0006\u0010\u001c\u001a\u00020\u0003\"\u000e\u0010\u0000\u001a\u00020\u0001X\u0082T¢\u0006\u0002\n\u0000\"\u000e\u0010\u0002\u001a\u00020\u0003X\u0082T¢\u0006\u0002\n\u0000¨\u0006\u001d"}, d2 = {"MAX_NONCE_LENGTH", "", "TAG", "", "generateNonce", "getCertDigest", "certs", "Ljava/util/ArrayList;", "Lcom/samsung/android/spay/vas/wallet/common/core/network/model/response/Certificates;", "Lkotlin/collections/ArrayList;", "getDigestForString", "data", "getNonceFromRegCMS", "walletId", CommonNetworkController.EXTRA_WALLET_NAME, "serverCert", "Ljava/security/cert/X509Certificate;", "getTxnCounterAndUpdateInDBUsingWalletId", "getWrappedCmsForRegWallet", CommonNetworkController.EXTRA_WALLET_SERVER_CERT_CONTENT, "getX509CertFromContent", "content", "isValidOtpResponse", "", "cmsData", "Lcom/samsung/android/spay/vas/wallet/common/core/network/model/VerifyOtpCmsData;", "wspToken", "isValidRegResponse", "severCertContent", "wallet_usFullRelease"}, k = 2, mv = {1, 6, 0}, xi = 48)
@JvmName(name = "CloudAuthWalletUtils")
/* loaded from: classes10.dex */
public final class CloudAuthWalletUtils {
    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    @NotNull
    public static final String generateNonce() {
        SecureRandom secureRandom = new SecureRandom();
        StringBuilder sb = new StringBuilder();
        for (int i = 0; i < 32; i++) {
            sb.append(secureRandom.nextInt(10));
        }
        String sb2 = sb.toString();
        Intrinsics.checkNotNullExpressionValue(sb2, dc.m2796(-182540826));
        SharedPrefUtil.setCurrentWalletNonce(sb2);
        return sb2;
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    private static final String getCertDigest(ArrayList<Certificates> arrayList) {
        ArrayList arrayList2 = new ArrayList();
        Iterator<Certificates> it = arrayList.iterator();
        Intrinsics.checkNotNullExpressionValue(it, "certs.iterator()");
        while (it.hasNext()) {
            String str = it.next().content;
            Intrinsics.checkNotNullExpressionValue(str, dc.m2794(-877999910));
            arrayList2.add(str);
        }
        return getDigestForString(arrayList2.toString());
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    private static final String getDigestForString(String str) {
        MessageDigest messageDigest = MessageDigest.getInstance(dc.m2805(-1523498417));
        Charset charset = StandardCharsets.UTF_8;
        Intrinsics.checkNotNullExpressionValue(charset, dc.m2800(629151156));
        byte[] bytes = str.getBytes(charset);
        Intrinsics.checkNotNullExpressionValue(bytes, dc.m2794(-879548974));
        messageDigest.update(bytes);
        String encodeToString = Base64.encodeToString(messageDigest.digest(), 2);
        LogUtil.i(dc.m2797(-488387291), dc.m2804(1840069129) + encodeToString);
        Intrinsics.checkNotNullExpressionValue(encodeToString, dc.m2796(-182541698));
        return encodeToString;
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    private static final String getNonceFromRegCMS(String str, String str2, String str3, X509Certificate x509Certificate) {
        String unWrapCMSData = TEEManager.getInstance().unWrapCMSData(str3, str, dc.m2798(-466897709), dc.m2794(-878152502), dc.m2795(-1791779584), dc.m2798(-466900357), dc.m2800(632602852), x509Certificate, str2, false);
        if (unWrapCMSData == null) {
            return null;
        }
        Charset UTF_8 = StandardCharsets.UTF_8;
        Intrinsics.checkNotNullExpressionValue(UTF_8, "UTF_8");
        byte[] bytes = unWrapCMSData.getBytes(UTF_8);
        Intrinsics.checkNotNullExpressionValue(bytes, "this as java.lang.String).getBytes(charset)");
        byte[] decode = Base64.decode(bytes, 2);
        Intrinsics.checkNotNullExpressionValue(decode, "decode(encodedString.toB…          Base64.NO_WRAP)");
        Charset UTF_82 = StandardCharsets.UTF_8;
        Intrinsics.checkNotNullExpressionValue(UTF_82, "UTF_8");
        return ((WalletRegRespData) new Gson().fromJson(new String(decode, UTF_82), WalletRegRespData.class)).getNonce();
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    @Nullable
    public static final String getTxnCounterAndUpdateInDBUsingWalletId(@NotNull String str) {
        WalletInfoVO walletInfoFrmID;
        Intrinsics.checkNotNullParameter(str, dc.m2794(-879407406));
        String m2797 = dc.m2797(-488387291);
        LogUtil.i(m2797, dc.m2804(1840069593));
        String str2 = null;
        try {
            if (TextUtils.isEmpty(str) || (walletInfoFrmID = WalletInfoVO.getWalletInfoFrmID(str)) == null) {
                return null;
            }
            LogUtil.v(m2797, "encrypted Trx Counter is " + walletInfoFrmID.getTxnCounter());
            TEEManager tEEManager = TEEManager.getInstance();
            String decryptData = tEEManager.decryptData(walletInfoFrmID.getWalletName(), walletInfoFrmID.getTxnCounter());
            if (decryptData != null) {
                byte[] decode = Base64.decode(decryptData, 2);
                Intrinsics.checkNotNullExpressionValue(decode, "decode(decryptedTxnCounter, Base64.NO_WRAP)");
                Charset UTF_8 = StandardCharsets.UTF_8;
                Intrinsics.checkNotNullExpressionValue(UTF_8, "UTF_8");
                str2 = new String(decode, UTF_8);
            }
            LogUtil.v(m2797, "Plain txnCounter: " + str2);
            if (str2 == null) {
                return str2;
            }
            str2 = String.valueOf(Integer.parseInt(str2) + 1);
            walletInfoFrmID.setTxnCounter(tEEManager.encryptData(walletInfoFrmID.getWalletName(), str2));
            WalletInfoVO.updateWalletInfo(walletInfoFrmID);
            return str2;
        } catch (IllegalArgumentException e) {
            LogUtil.e(m2797, dc.m2794(-879346110) + e);
            return str2;
        }
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    @NotNull
    public static final String getWrappedCmsForRegWallet(@NotNull ArrayList<Certificates> arrayList, @NotNull String str, @NotNull String str2) {
        Intrinsics.checkNotNullParameter(arrayList, dc.m2795(-1791935608));
        Intrinsics.checkNotNullParameter(str, dc.m2795(-1791935504));
        Intrinsics.checkNotNullParameter(str2, dc.m2805(-1523608313));
        String generateNonce = generateNonce();
        String devicePrimaryId = ProvisioningPref.getDevicePrimaryId(CommonLib.getApplicationContext());
        String certDigest = getCertDigest(arrayList);
        Intrinsics.checkNotNullExpressionValue(devicePrimaryId, dc.m2798(-467071645));
        String json = new Gson().toJson(new WalletRegReqData(generateNonce, certDigest, devicePrimaryId), WalletRegReqData.class);
        String str3 = dc.m2796(-182542154) + json;
        String m2797 = dc.m2797(-488387291);
        LogUtil.i(m2797, str3);
        TEEManager tEEManager = TEEManager.getInstance();
        LogUtil.i(m2797, dc.m2797(-488390179) + str2);
        String wrapCMSData = tEEManager.wrapCMSData(str2, json, dc.m2798(-466897709), dc.m2794(-878152502), dc.m2795(-1791779584), dc.m2798(-466900357), dc.m2800(632602852), getX509CertFromContent(str));
        Intrinsics.checkNotNullExpressionValue(wrapCMSData, "teeManager.wrapCMSData(w…ntent(serverCertContent))");
        return wrapCMSData;
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    private static final X509Certificate getX509CertFromContent(String str) {
        LogUtil.v(dc.m2797(-488387291), dc.m2804(1840068329) + str);
        byte[] decode = Base64.decode(str, 2);
        Intrinsics.checkNotNullExpressionValue(decode, dc.m2798(-467074125));
        Certificate generateCertificate = CertificateFactory.getInstance(dc.m2800(630285644)).generateCertificate(new ByteArrayInputStream(decode));
        Objects.requireNonNull(generateCertificate, dc.m2795(-1791936640));
        return (X509Certificate) generateCertificate;
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public static final boolean isValidOtpResponse(@NotNull VerifyOtpCmsData verifyOtpCmsData, @NotNull String str) {
        Intrinsics.checkNotNullParameter(verifyOtpCmsData, dc.m2800(629152412));
        Intrinsics.checkNotNullParameter(str, dc.m2795(-1791938544));
        String currentWalletNonce = SharedPrefUtil.getCurrentWalletNonce();
        String str2 = dc.m2800(629152740) + currentWalletNonce + dc.m2805(-1523775553) + verifyOtpCmsData.getNonce();
        String m2797 = dc.m2797(-488387291);
        LogUtil.i(m2797, str2);
        if (!Intrinsics.areEqual(verifyOtpCmsData.getNonce(), currentWalletNonce)) {
            LogUtil.i(m2797, "Nonce NOT matched, skip digest validation and return false");
            return false;
        }
        String digestForString = getDigestForString(str);
        LogUtil.i(m2797, dc.m2798(-467073853) + digestForString + dc.m2797(-488389011) + verifyOtpCmsData.getWspDigest());
        return Intrinsics.areEqual(digestForString, verifyOtpCmsData.getWspDigest());
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public static final boolean isValidRegResponse(@Nullable String str, @NotNull String str2, @NotNull String str3, @NotNull String str4) {
        Intrinsics.checkNotNullParameter(str2, dc.m2794(-879407406));
        Intrinsics.checkNotNullParameter(str3, dc.m2805(-1523608313));
        Intrinsics.checkNotNullParameter(str4, dc.m2804(1840074385));
        String m2797 = dc.m2797(-488387291);
        if (str == null) {
            LogUtil.i(m2797, "CMS data is null, returning false");
            return false;
        }
        String nonceFromRegCMS = getNonceFromRegCMS(str, str2, str3, getX509CertFromContent(str4));
        String currentWalletNonce = SharedPrefUtil.getCurrentWalletNonce();
        LogUtil.i(m2797, "Original Nonce: " + currentWalletNonce + " and Response Nonce " + nonceFromRegCMS);
        return Intrinsics.areEqual(currentWalletNonce, nonceFromRegCMS);
    }
}
