package com.samsung.android.spay.common.security;

import android.os.Build;
import androidx.annotation.Nullable;
import androidx.annotation.WorkerThread;
import com.samsung.android.spay.common.frameworkInterface.APIFactory;
import com.samsung.android.spay.common.security.TEEUtils;
import com.samsung.android.spay.common.util.log.LogUtil;
import com.sec.dcm.DcmAdapter;
import com.sec.dcm.DcmKeyManager;
import com.xshield.dc;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.cert.X509Certificate;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;

/* loaded from: classes16.dex */
public class TEEUtils {
    public static PrivateKey a;
    public static CertificationManagerType b = a();
    public static ExecutorService c = Executors.newSingleThreadExecutor();
    public static int d;

    /* loaded from: classes16.dex */
    public enum CertificatePurpose {
        SIGN_IN(3);

        public final int b;
        public int c = -1;

        /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
        CertificatePurpose(int i) {
            this.b = i;
        }

        /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
        public int getMaxRetryCount() {
            return this.b;
        }

        /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
        public int getRetryCount() {
            return this.c;
        }

        /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
        public void setRetryCount(int i) {
            this.c = i;
        }
    }

    /* loaded from: classes16.dex */
    public enum CertificationManagerType {
        DCM { // from class: com.samsung.android.spay.common.security.TEEUtils.CertificationManagerType.1
            /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
            @Override // com.samsung.android.spay.common.security.TEEUtils.CertificationManagerType
            public boolean a() {
                return true;
            }

            /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
            @Override // com.samsung.android.spay.common.security.TEEUtils.CertificationManagerType
            public X509Certificate[] b() {
                return new DcmKeyManager().getCertificateChain((String) TEEHelper.a(DcmAdapter.class, dc.m2794(-885130926), new Object[0]));
            }

            /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
            @Override // com.samsung.android.spay.common.security.TEEUtils.CertificationManagerType
            public PrivateKey c() {
                try {
                    return new DcmKeyManager().getPrivateKey((String) TEEHelper.a(DcmAdapter.class, "getDefaultAlias", new Object[0]));
                } catch (NoClassDefFoundError | NoSuchMethodError | UnsatisfiedLinkError e) {
                    e.printStackTrace();
                    return null;
                }
            }

            /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
            @Override // com.samsung.android.spay.common.security.TEEUtils.CertificationManagerType
            public String d() {
                return "AndroidOpenSSL";
            }
        },
        CCM { // from class: com.samsung.android.spay.common.security.TEEUtils.CertificationManagerType.2
            /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
            @Override // com.samsung.android.spay.common.security.TEEUtils.CertificationManagerType
            public boolean a() {
                return APIFactory.getAdapter().enableDefaultCCMProfile();
            }

            /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
            @Override // com.samsung.android.spay.common.security.TEEUtils.CertificationManagerType
            public X509Certificate[] b() {
                return CcmHelper.b();
            }

            /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
            @Override // com.samsung.android.spay.common.security.TEEUtils.CertificationManagerType
            public PrivateKey c() {
                return CcmHelper.c();
            }

            /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
            @Override // com.samsung.android.spay.common.security.TEEUtils.CertificationManagerType
            public String d() {
                return "AndroidOpenSSL";
            }
        },
        UKS { // from class: com.samsung.android.spay.common.security.TEEUtils.CertificationManagerType.3
            /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
            @Override // com.samsung.android.spay.common.security.TEEUtils.CertificationManagerType
            public boolean a() {
                return APIFactory.getAdapter().enableDefaultCCMProfile();
            }

            /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
            @Override // com.samsung.android.spay.common.security.TEEUtils.CertificationManagerType
            public X509Certificate[] b() {
                return UksHelper.b();
            }

            /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
            @Override // com.samsung.android.spay.common.security.TEEUtils.CertificationManagerType
            public PrivateKey c() {
                return UksHelper.d();
            }

            /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
            @Override // com.samsung.android.spay.common.security.TEEUtils.CertificationManagerType
            public String d() {
                return "AndroidKeyStoreBCWorkaround";
            }
        };

        public abstract boolean a();

        @Nullable
        public abstract X509Certificate[] b();

        @Nullable
        public abstract PrivateKey c();

        public abstract String d();
    }

    /* loaded from: classes16.dex */
    public interface ResultListener<T> {
        void onFail();

        void onSuccess(T t);
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public static CertificationManagerType a() {
        CertificationManagerType certificationManagerType;
        int i = Build.VERSION.SDK_INT;
        if (i > 29) {
            throw new RuntimeException(dc.m2800(622273244));
        }
        if (i < 23) {
            try {
                new DcmKeyManager().getCertificateChain((String) TEEHelper.a(DcmAdapter.class, "getDefaultAlias", new Object[0]));
                certificationManagerType = CertificationManagerType.DCM;
            } catch (NoClassDefFoundError | NoSuchMethodError | UnsatisfiedLinkError unused) {
                certificationManagerType = CertificationManagerType.CCM;
            }
        } else {
            certificationManagerType = APIFactory.getAdapter().FloatingFeature_SEC_FLOATING_FEATURE_KNOX_SUPPORT_UKS() ? CertificationManagerType.UKS : CertificationManagerType.CCM;
        }
        LogUtil.i(dc.m2805(-1514521097), dc.m2797(-495650059) + certificationManagerType.name());
        return certificationManagerType;
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public static /* synthetic */ void b(byte[] bArr, ResultListener resultListener) {
        byte[] signInput = signInput(bArr);
        if (signInput != null) {
            resultListener.onSuccess(signInput);
        } else {
            resultListener.onFail();
        }
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public static byte[] decryptBytes(byte[] bArr) {
        LogUtil.i("SpayCommon", dc.m2804(1832905233));
        if (!b.a()) {
            LogUtil.i("SpayCommon", dc.m2795(-1784280264));
            return null;
        }
        synchronized (TEEUtils.class) {
            if (a != null) {
                LogUtil.i("SpayCommon", "mPrivKey is already initialized.");
            } else {
                PrivateKey c2 = b.c();
                a = c2;
                if (c2 == null) {
                    LogUtil.i("SpayCommon", "failed to get private key");
                    return null;
                }
                LogUtil.i("SpayCommon", "mPrivKey is initialized.");
            }
            if (bArr == null) {
                LogUtil.i("SpayCommon", dc.m2805(-1514520737));
                return null;
            }
            try {
                Cipher cipher = Cipher.getInstance("RSA/None/PKCS1Padding");
                cipher.init(2, a);
                try {
                    return cipher.doFinal(bArr);
                } catch (BadPaddingException | IllegalBlockSizeException e) {
                    e.printStackTrace();
                    return null;
                }
            } catch (InvalidKeyException | NoSuchAlgorithmException | NoSuchPaddingException e2) {
                e2.printStackTrace();
                return null;
            }
        }
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public static byte[] encryptData(String str) {
        try {
            X509Certificate[] signInCertificateChain = getSignInCertificateChain();
            Cipher cipher = Cipher.getInstance("RSA/None/PKCS1Padding", b.d());
            cipher.init(1, signInCertificateChain != null ? signInCertificateChain[0].getPublicKey() : null);
            return cipher.doFinal(str.getBytes());
        } catch (InvalidKeyException | NoSuchAlgorithmException | NoSuchProviderException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e) {
            e.printStackTrace();
            return null;
        }
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    @Nullable
    public static X509Certificate[] getSignInCertificateChain() {
        return getSignInCertificateChain(CertificatePurpose.SIGN_IN);
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    @Nullable
    public static synchronized X509Certificate[] getSignInCertificateChain(CertificatePurpose certificatePurpose) {
        X509Certificate[] x509CertificateArr;
        synchronized (TEEUtils.class) {
            LogUtil.i("SpayCommon", "get certificate = " + certificatePurpose);
            x509CertificateArr = null;
            if (Build.VERSION.SDK_INT > 29) {
                throw new RuntimeException("Deleted API due to Tima SEP API deprecated");
            }
            d = 1;
            while (true) {
                if (d > certificatePurpose.getMaxRetryCount()) {
                    break;
                }
                x509CertificateArr = b.b();
                if (x509CertificateArr != null) {
                    TEEHelper.a = "CCM_PASS=" + d;
                    break;
                }
                try {
                    Thread.sleep(150L);
                } catch (InterruptedException unused) {
                }
                d++;
            }
            int i = d - 1;
            d = i;
            certificatePurpose.setRetryCount(i);
            LogUtil.i("SpayCommon", "get certificate Cnt= " + d);
        }
        return x509CertificateArr;
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    @WorkerThread
    public static byte[] signInput(byte[] bArr) {
        byte[] bArr2;
        String m2805 = dc.m2805(-1514521097);
        LogUtil.d(m2805, dc.m2804(1832520161));
        try {
            Signature signature = Signature.getInstance("SHA1withRSA", b.d());
            signature.initSign(b.c());
            signature.update(bArr);
            bArr2 = signature.sign();
        } catch (InvalidKeyException | NoSuchAlgorithmException | NoSuchProviderException | SignatureException e) {
            e.printStackTrace();
            bArr2 = null;
        }
        LogUtil.d(m2805, dc.m2797(-495652595));
        return bArr2;
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public static void signInputAsync(final byte[] bArr, final ResultListener<byte[]> resultListener) {
        c.execute(new Runnable() { // from class: xn0
            /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
            @Override // java.lang.Runnable
            public final void run() {
                TEEUtils.b(bArr, resultListener);
            }
        });
    }

    /* JADX WARN: Unreachable blocks removed: 1, instructions: 1 */
    public static boolean verifySignature(byte[] bArr, byte[] bArr2) {
        String m2805 = dc.m2805(-1514521097);
        LogUtil.d(m2805, dc.m2798(-457297141));
        boolean z = false;
        try {
            X509Certificate[] signInCertificateChain = getSignInCertificateChain();
            if (signInCertificateChain != null && signInCertificateChain.length != 0) {
                PublicKey publicKey = signInCertificateChain[0].getPublicKey();
                Signature signature = Signature.getInstance("SHA1withRSA", b.d());
                signature.initVerify(publicKey);
                signature.update(bArr);
                z = signature.verify(bArr2);
            }
        } catch (InvalidKeyException | NoSuchAlgorithmException | NoSuchProviderException | SignatureException e) {
            e.printStackTrace();
        }
        LogUtil.d(m2805, "verifySignature() end  result : " + z);
        return z;
    }
}
