package com.samsung.android.spay.vas.wallet.common.core;

import android.util.Base64;
import com.google.gson.Gson;
import com.samsung.android.spay.common.CommonLib;
import com.samsung.android.spay.common.authentication.cloud.CryptoConstantsKt;
import com.samsung.android.spay.common.authentication.npp.AuthSavedPrefs;
import com.samsung.android.spay.common.authentication.npp.GetSignedNonceResp;
import com.samsung.android.spay.common.authentication.npp.NPPAuthFrameworkAdapter;
import com.samsung.android.spay.common.authentication.npp.NPPTAUtils;
import com.samsung.android.spay.common.authentication.npp.NppAuthResponse;
import com.samsung.android.spay.common.authentication.npp.database.manager.model.NppInfoVO;
import com.samsung.android.spay.common.authentication.npp.tainterface.IAuthTAController;
import com.samsung.android.spay.common.constant.FeatureConstants;
import com.samsung.android.spay.common.feature.SpayFeature;
import com.samsung.android.spay.common.util.log.LogUtil;
import com.samsung.android.spay.vas.wallet.common.core.network.model.response.Certificates;
import com.samsung.android.spay.vas.wallet.common.database.manager.model.WalletInfoVO;
import com.samsung.android.spay.vas.wallet.common.database.manager.model.WalletMetaDataVO;
import com.samsung.android.spay.vas.wallet.common.security.TEEManager;
import com.samsung.android.spay.vas.wallet.common.security.TEEUtils;
import com.samsung.android.spay.vas.wallet.common.security.TaData;
import com.samsung.android.spay.vas.wallet.common.utils.WalletUtils;
import com.samsung.android.spay.vas.wallet.online.WalletOnlineConstants;
import com.samsung.android.spaytzsvc.api.TAException;
import com.xshield.dc;
import java.io.ByteArrayInputStream;
import java.nio.charset.StandardCharsets;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;

/* loaded from: classes10.dex */
public final class CommonWalletEngineCryptoOperations {
    public static final String a = "CommonWalletEngineCryptoOperations";

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    private CommonWalletEngineCryptoOperations() throws InstantiationException {
        throw new InstantiationException(dc.m2797(-486676547));
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public static X509Certificate a(Certificates certificates) {
        X509Certificate x509Certificate = null;
        if (certificates == null) {
            return null;
        }
        try {
            String str = certificates.content;
            if (str == null) {
                return null;
            }
            String str2 = a;
            LogUtil.v(str2, str);
            X509Certificate x509Certificate2 = (X509Certificate) CertificateFactory.getInstance(CryptoConstantsKt.CERT_TYPE_X509).generateCertificate(new ByteArrayInputStream(Base64.decode(str, 2)));
            try {
                LogUtil.v(str2, "certificate content: " + certificates.toString());
                return x509Certificate2;
            } catch (CertificateException e) {
                e = e;
                x509Certificate = x509Certificate2;
                LogUtil.e(a, dc.m2800(629596260) + e);
                return x509Certificate;
            }
        } catch (CertificateException e2) {
            e = e2;
        }
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public static Certificates b() {
        IAuthTAController iAuthTAController;
        try {
            iAuthTAController = NPPAuthFrameworkAdapter.getInstance(CommonLib.getApplicationContext()).getNppTAController();
        } catch (TAException e) {
            LogUtil.e(a, dc.m2800(631030364) + e);
            iAuthTAController = null;
        }
        Certificates certificates = new Certificates();
        NPPTAUtils.loadCert(CommonLib.getApplicationContext());
        certificates.usage = dc.m2798(-467682357);
        certificates.alias = dc.m2800(629322692);
        if (iAuthTAController != null && iAuthTAController.getDeviceCertificate() != null) {
            certificates.content = Base64.encodeToString((dc.m2804(1838480321) + new String(iAuthTAController.getDeviceCertificate(), StandardCharsets.UTF_8) + dc.m2794(-877841934)).getBytes(StandardCharsets.UTF_8), 2);
        }
        LogUtil.i(a, dc.m2794(-877904518) + certificates.content);
        return certificates;
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public static String c(GetSignedNonceResp getSignedNonceResp, Certificates certificates) {
        if (getSignedNonceResp != null) {
            if (getSignedNonceResp.getWrappedCounter() != null) {
                LogUtil.i(a, dc.m2798(-466616925) + getSignedNonceResp.getWrappedCounter().length);
                if (getSignedNonceResp.getWrappedCounter().length != 0) {
                    AuthSavedPrefs.getInstance(CommonLib.getApplicationContext()).saveWrappedCounter(getSignedNonceResp.getWrappedCounter());
                }
            }
            String str = a;
            LogUtil.v(str, dc.m2795(-1791514984) + new String(getSignedNonceResp.getIv(), StandardCharsets.UTF_8));
            LogUtil.v(str, dc.m2800(629575044) + new String(getSignedNonceResp.getEncSymmetricKey(), StandardCharsets.UTF_8));
            LogUtil.v(str, dc.m2800(629574388) + new String(getSignedNonceResp.getEncryptedContent(), StandardCharsets.UTF_8));
            LogUtil.v(str, dc.m2804(1839964929) + new String(getSignedNonceResp.getSignature(), StandardCharsets.UTF_8));
            TaData taData = new TaData();
            taData.setIv(getSignedNonceResp.getIv());
            taData.setSignature(getSignedNonceResp.getSignature());
            taData.setEncSymmetricKey(getSignedNonceResp.getEncSymmetricKey());
            taData.setEncContent(getSignedNonceResp.getEncryptedContent());
            X509Certificate a2 = a(certificates);
            r0 = a2 != null ? TEEUtils.wrapCMSDataForLoginToken(taData, dc.m2798(-466897709), dc.m2794(-878152502), dc.m2795(-1791779584), dc.m2798(-466900357), dc.m2800(632602852), a2) : null;
            LogUtil.v(str, "Wrapped Data = " + r0);
        }
        return r0;
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public static NppAuthResponse d() {
        NppAuthResponse nppAuthResponse;
        try {
            NPPAuthFrameworkAdapter nPPAuthFrameworkAdapter = NPPAuthFrameworkAdapter.getInstance(CommonLib.getApplicationContext());
            nPPAuthFrameworkAdapter.nppLoad();
            nppAuthResponse = nPPAuthFrameworkAdapter.nppGetNonce(64);
        } catch (TAException e) {
            LogUtil.e(a, dc.m2800(631030364) + e);
            nppAuthResponse = null;
        }
        if (nppAuthResponse != null) {
            String str = a;
            StringBuilder sb = new StringBuilder();
            String m2805 = dc.m2805(-1523846889);
            sb.append(m2805);
            sb.append(nppAuthResponse.getResponseCode());
            String m2798 = dc.m2798(-466619549);
            sb.append(m2798);
            sb.append(nppAuthResponse.getErrorMsg());
            LogUtil.i(str, sb.toString());
            LogUtil.v(str, m2805 + nppAuthResponse.getResponse().length + m2798 + new String(nppAuthResponse.getResponse(), StandardCharsets.UTF_8));
        }
        return nppAuthResponse;
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public static String e(String str) {
        return getWspToken(WalletInfoVO.getWalletInfoFrmID(str));
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public static boolean f(NppInfoVO nppInfoVO) {
        NPPAuthFrameworkAdapter nPPAuthFrameworkAdapter;
        boolean z;
        NppAuthResponse nppAuthResponse = null;
        try {
            nPPAuthFrameworkAdapter = NPPAuthFrameworkAdapter.getInstance(CommonLib.getApplicationContext());
        } catch (TAException e) {
            LogUtil.e(a, dc.m2805(-1523847105) + e);
            nPPAuthFrameworkAdapter = null;
        }
        byte[] certificateFromPref = AuthSavedPrefs.getInstance(CommonLib.getApplicationContext()).getCertificateFromPref();
        Certificates certificates = (Certificates) new Gson().fromJson(nppInfoVO.getServerCert(), Certificates.class);
        if (nPPAuthFrameworkAdapter == null || certificates == null) {
            LogUtil.v(a, dc.m2800(629599356));
        } else {
            nppAuthResponse = nPPAuthFrameworkAdapter.nppLoadCert(certificateFromPref, certificates.content.getBytes(StandardCharsets.UTF_8));
        }
        if (nppAuthResponse != null) {
            LogUtil.i(a, dc.m2800(629599388) + nppAuthResponse.getResponseCode() + dc.m2798(-466619549) + nppAuthResponse.getErrorMsg());
            z = true;
        } else {
            z = false;
        }
        LogUtil.i(a, dc.m2796(-182952786) + z);
        return z;
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public static Certificates getCertificateContent(String str, String str2) {
        LogUtil.i(a, dc.m2797(-488326115));
        return WalletMetaDataVO.getCertificateFromMetaData(str, str2);
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public static X509Certificate getServerCertificate(String str) {
        String str2;
        String str3 = a;
        LogUtil.i(str3, dc.m2794(-877806454));
        X509Certificate x509Certificate = null;
        try {
            Certificates certificateContent = getCertificateContent(str, WalletOnlineConstants.WALLET_PROVIDER_CERT);
            if (certificateContent == null || (str2 = certificateContent.content) == null) {
                return null;
            }
            LogUtil.v(str3, str2);
            X509Certificate x509Certificate2 = (X509Certificate) CertificateFactory.getInstance(CryptoConstantsKt.CERT_TYPE_X509).generateCertificate(new ByteArrayInputStream(Base64.decode(str2, 2)));
            try {
                LogUtil.v(str3, "certificate content: " + x509Certificate2.toString());
                return x509Certificate2;
            } catch (IllegalArgumentException | CertificateException e) {
                e = e;
                x509Certificate = x509Certificate2;
                LogUtil.e(a, dc.m2794(-879346110) + e);
                return x509Certificate;
            }
        } catch (IllegalArgumentException e2) {
            e = e2;
        } catch (CertificateException e3) {
            e = e3;
        }
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public static String getUnWrappedData(String str, String str2, String str3, String str4, boolean z) {
        String unWrapCMSData;
        String m2794 = dc.m2794(-878010534);
        try {
            X509Certificate serverCertificate = getServerCertificate(str3);
            TEEManager tEEManager = TEEManager.getInstance();
            if (str == null) {
                LogUtil.v(a, "Alias is null, going into Local auth flow using default alias");
                unWrapCMSData = tEEManager.unWrapCMSData(str2, "RSA/None/PKCS1Padding", "AES/CBC/PKCS5PADDING", "SHA256", "RSA", "AES", serverCertificate, str4, z);
            } else {
                LogUtil.v(a, "Alias is : " + str + ", going into Cloud Auth flow !");
                unWrapCMSData = tEEManager.unWrapCMSData(str, str2, "RSA/None/PKCS1Padding", "AES/CBC/PKCS5PADDING", "SHA256", "RSA", "AES", serverCertificate, str4, z);
            }
            r13 = unWrapCMSData != null ? new String(Base64.decode(unWrapCMSData.getBytes(StandardCharsets.UTF_8), 2), StandardCharsets.UTF_8) : null;
            LogUtil.v(a, m2794 + r13);
        } catch (IllegalArgumentException e) {
            LogUtil.i(a, m2794 + e);
        }
        return r13;
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public static String getUnWrappedData(String str, String str2, String str3, boolean z) {
        return getUnWrappedData(null, str, str2, str3, z);
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public static String getWspToken(WalletInfoVO walletInfoVO) {
        String wrapCMSData;
        String str = a;
        LogUtil.i(str, dc.m2795(-1791508144));
        if (walletInfoVO == null) {
            return null;
        }
        try {
            if (!SpayFeature.isFeatureEnabled(FeatureConstants.FEATURE_WALLET_TA_SUPPORTED) || WalletUtils.isFullAppPayTMFrmWalletID(walletInfoVO.getWalletId())) {
                TEEManager tEEManager = TEEManager.getInstance();
                String decryptData = tEEManager.decryptData(walletInfoVO.getTokenValue());
                String str2 = decryptData != null ? new String(Base64.decode(decryptData, 2), StandardCharsets.UTF_8) : null;
                X509Certificate serverCertificate = getServerCertificate(walletInfoVO.getWalletProviderId());
                if (serverCertificate == null) {
                    return null;
                }
                LogUtil.v(str, serverCertificate.toString());
                wrapCMSData = tEEManager.wrapCMSData(str2, "RSA/None/PKCS1Padding", "AES/CBC/PKCS5PADDING", "SHA256", "RSA", "AES", serverCertificate);
            } else {
                wrapCMSData = walletInfoVO.getTokenEncValue();
            }
            return wrapCMSData;
        } catch (IllegalArgumentException e) {
            LogUtil.e(a, dc.m2804(1839973113) + e);
            return null;
        }
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public static void storeWrappedToken(String str, String str2, String str3) {
        try {
            TEEManager.getInstance().storeUPITokenFromCMSData(str, str2, str3, getServerCertificate(str2), "RSA/None/PKCS1Padding", "AES/CBC/PKCS5PADDING", "SHA256");
        } catch (IllegalArgumentException e) {
            LogUtil.i(a, dc.m2794(-877906406) + e);
        }
    }
}
