package com.yessign.fido.cmp;

import com.yessign.fido.api.ApiErrors;
import com.yessign.fido.api.ApiException;
import com.yessign.fido.api.CertManager;
import com.yessign.fido.api.FidoConfigure;
import com.yessign.fido.api.yessignManager;
import com.yessign.fido.asn1.ASN1EncodableArray;
import com.yessign.fido.asn1.ASN1OutputStream;
import com.yessign.fido.asn1.DERBitString;
import com.yessign.fido.asn1.DERGeneralizedTime;
import com.yessign.fido.asn1.DERIA5String;
import com.yessign.fido.asn1.DERInteger;
import com.yessign.fido.asn1.DERNull;
import com.yessign.fido.asn1.DERObject;
import com.yessign.fido.asn1.DERObjectIdentifier;
import com.yessign.fido.asn1.DEROctetString;
import com.yessign.fido.asn1.DERSequence;
import com.yessign.fido.asn1.DERTaggedObject;
import com.yessign.fido.asn1.cmp.CMPCertificate;
import com.yessign.fido.asn1.cmp.CertRepMessage;
import com.yessign.fido.asn1.cmp.CertResponse;
import com.yessign.fido.asn1.cmp.ErrorMsgContent;
import com.yessign.fido.asn1.cmp.GenMsgContent;
import com.yessign.fido.asn1.cmp.GenRepContent;
import com.yessign.fido.asn1.cmp.InfoTypeAndValue;
import com.yessign.fido.asn1.cmp.PKIBody;
import com.yessign.fido.asn1.cmp.PKIConfirmContent;
import com.yessign.fido.asn1.cmp.PKIHeader;
import com.yessign.fido.asn1.cmp.PKIMessage;
import com.yessign.fido.asn1.cmp.PKIXObjectIdentifiers;
import com.yessign.fido.asn1.crmf.CertReqMessages;
import com.yessign.fido.asn1.x509.DigestInfo;
import com.yessign.fido.asn1.x509.GeneralName;
import com.yessign.fido.asn1.x509.RSAPublicKeyStructure;
import com.yessign.fido.asn1.x509.SubjectKeyIdentifier;
import com.yessign.fido.asn1.x509.X509Extensions;
import com.yessign.fido.certinfo.BasicConstants;
import com.yessign.fido.jce.provider.JCERSAPublicKey;
import com.yessign.fido.jce.provider.yessignProvider;
import com.yessign.fido.util.LogWriter;
import com.yessign.fido.util.TimeCheck;
import java.io.ByteArrayOutputStream;
import java.security.KeyFactory;
import java.security.MessageDigest;
import java.security.SecureRandom;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Date;
import java.util.StringTokenizer;
import javax.crypto.Cipher;
import javax.crypto.Mac;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: classes.dex */
public class CmpManager extends FidoConfigure {
    public static final int OPTION_ISSUE_SK = 1;
    public static final int OPTION_UPDATE_SK = 2;
    private String B;
    private String C;
    private String D;
    private byte[] F;
    private byte[] G;
    private byte[] H;

    /* renamed from: b, reason: collision with root package name */
    X509Certificate f3948b;

    /* renamed from: c, reason: collision with root package name */
    X509Certificate f3949c;

    /* renamed from: d, reason: collision with root package name */
    String f3950d;

    /* renamed from: e, reason: collision with root package name */
    int f3951e;

    /* renamed from: f, reason: collision with root package name */
    String f3952f;

    /* renamed from: g, reason: collision with root package name */
    String f3953g;

    /* renamed from: h, reason: collision with root package name */
    DERObjectIdentifier f3954h;

    /* renamed from: i, reason: collision with root package name */
    CertManager f3955i;

    /* renamed from: j, reason: collision with root package name */
    CertManager f3956j;

    /* renamed from: k, reason: collision with root package name */
    int f3957k;

    /* renamed from: m, reason: collision with root package name */
    byte[] f3959m;

    /* renamed from: n, reason: collision with root package name */
    byte[] f3960n;

    /* renamed from: o, reason: collision with root package name */
    byte[] f3961o;
    private final int p = BasicConstants.OTHERCA_CERT_USE4;

    /* renamed from: q, reason: collision with root package name */
    private final String f3962q = "key_size";

    /* renamed from: r, reason: collision with root package name */
    private final String f3963r = "user_notice";

    /* renamed from: s, reason: collision with root package name */
    private final String f3964s = "km_key_gen";

    /* renamed from: t, reason: collision with root package name */
    private final String f3965t = "signature_algorithm";

    /* renamed from: u, reason: collision with root package name */
    private final String f3966u = "aaaaabbbbb";

    /* renamed from: v, reason: collision with root package name */
    private final String f3967v = "UPDATE";

    /* renamed from: w, reason: collision with root package name */
    private final String f3968w = "language=korean";

    /* renamed from: x, reason: collision with root package name */
    private final String f3969x = "language=english";

    /* renamed from: y, reason: collision with root package name */
    private final String f3970y = "DESMAC/Zero";

    /* renamed from: z, reason: collision with root package name */
    private final String f3971z = "DES";
    private int A = 1;
    private String E = "language=korean";

    /* renamed from: l, reason: collision with root package name */
    int f3958l = BasicConstants.OTHERCA_CERT_USE4;

    /* JADX WARN: Removed duplicated region for block: B:12:0x0257  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private com.yessign.fido.asn1.crmf.CertReqMsg a(int r12) throws java.lang.Exception {
        /*
            Method dump skipped, instructions count: 612
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.yessign.fido.cmp.CmpManager.a(int):com.yessign.fido.asn1.crmf.CertReqMsg");
    }

    private void a(byte[] bArr) throws Exception {
        PKIMessage pKIMessage = PKIMessage.getInstance(DERObject.getInstance(bArr));
        if (pKIMessage.getBody().getTagNo() == 23) {
            ErrorMsgContent errorMsgContent = ErrorMsgContent.getInstance(pKIMessage.getBody().getBody());
            this.f3957k = errorMsgContent.getPKIStatusInfo().getStatus().intValue();
            throw new CmpException("GenP error : ".concat(new String(errorMsgContent.getPKIStatusInfo().getStatusString().getStringAt(0).getString())));
        }
        GenRepContent genRepContent = GenRepContent.getInstance(pKIMessage.getBody().getBody());
        InfoTypeAndValue infoValueAt = genRepContent.getInfoValueAt(0);
        if (infoValueAt == null || infoValueAt.getInfoValue() == null) {
            throw new CmpException("get CA certificate failed");
        }
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        ASN1OutputStream aSN1OutputStream = new ASN1OutputStream(byteArrayOutputStream);
        aSN1OutputStream.writeObject(infoValueAt.getInfoValue().getDERObject());
        this.f3948b = yessignManager.generateCert(byteArrayOutputStream.toByteArray());
        aSN1OutputStream.close();
        byteArrayOutputStream.close();
        InfoTypeAndValue infoValueAt2 = genRepContent.getInfoValueAt(1);
        if (infoValueAt2 == null || infoValueAt2.getInfoValue() == null) {
            throw new CmpException("get km server certificate failed");
        }
        ByteArrayOutputStream byteArrayOutputStream2 = new ByteArrayOutputStream();
        ASN1OutputStream aSN1OutputStream2 = new ASN1OutputStream(byteArrayOutputStream2);
        aSN1OutputStream2.writeObject(infoValueAt2.getInfoValue().getDERObject());
        this.f3949c = yessignManager.generateCert(byteArrayOutputStream2.toByteArray());
        aSN1OutputStream2.close();
        byteArrayOutputStream2.close();
        if (pKIMessage.getHeader().getFreeText() == null) {
            throw new CmpException("Header does not exist FreeText field");
        }
        String string = pKIMessage.getHeader().getFreeText().getStringAt(0).getString();
        if (LogWriter._DEBUG) {
            LogWriter.writeLog("GenP freeText : " + string);
            LogWriter.writeLog("GenP freeText : ".concat(new String(string.getBytes("euc-kr"), "UTF-8")));
        }
        if (string == null || string.length() == 0) {
            return;
        }
        StringTokenizer stringTokenizer = new StringTokenizer(string, "$");
        while (stringTokenizer.hasMoreTokens()) {
            try {
                String trim = stringTokenizer.nextToken().trim();
                if (trim.startsWith("key_size")) {
                    StringTokenizer stringTokenizer2 = new StringTokenizer(trim, "=");
                    stringTokenizer2.nextToken();
                    this.f3951e = Integer.parseInt(stringTokenizer2.nextToken().trim());
                } else if (trim.startsWith("user_notice")) {
                    StringTokenizer stringTokenizer3 = new StringTokenizer(trim, "=");
                    stringTokenizer3.nextToken();
                    this.f3950d = stringTokenizer3.nextToken().trim();
                } else if (trim.startsWith("km_key_gen")) {
                    StringTokenizer stringTokenizer4 = new StringTokenizer(trim, "=");
                    stringTokenizer4.nextToken();
                    this.f3952f = stringTokenizer4.nextToken().trim();
                } else if (trim.startsWith("signature_algorithm")) {
                    StringTokenizer stringTokenizer5 = new StringTokenizer(trim, "=");
                    stringTokenizer5.nextToken();
                    this.f3953g = stringTokenizer5.nextToken().trim();
                }
            } catch (Exception unused) {
            }
        }
        this.f3954h = yessignManager.SHA256_ALG_OID;
    }

    private byte[] a() throws Exception {
        this.D = " ";
        if (this.A == 2) {
            this.D = "UPDATE";
        }
        PKIHeader pKIHeader = new PKIHeader(1, this.D, this.E, this.B.getBytes());
        ASN1EncodableArray aSN1EncodableArray = new ASN1EncodableArray();
        aSN1EncodableArray.add(new InfoTypeAndValue(PKIXObjectIdentifiers.caProtEncCert, null));
        return new PKIMessage(pKIHeader, new PKIBody(new GenMsgContent(new DERSequence(aSN1EncodableArray)).getDERObject(), 21), null, null).getDERObject().getEncoded();
    }

    private byte[] b() throws Exception {
        TimeCheck timeCheck;
        if (this.f3951e != 2048) {
            throw new CmpException("not support key length : " + this.f3951e);
        }
        ASN1EncodableArray aSN1EncodableArray = new ASN1EncodableArray();
        if (LogWriter._DEBUG) {
            timeCheck = new TimeCheck();
            timeCheck.setTime();
        } else {
            timeCheck = null;
        }
        try {
            KeyFactory keyFactory = KeyFactory.getInstance(yessignManager.ASYM_KEY_STR, yessignProvider.PROVIDER);
            MessageDigest messageDigest = MessageDigest.getInstance(yessignManager.SHA1_ALG_OID.getAlgName(), yessignProvider.PROVIDER);
            JCERSAPublicKey jCERSAPublicKey = (JCERSAPublicKey) keyFactory.generatePublic(this.f3530a.generateKeyPair());
            this.f3959m = messageDigest.digest(new RSAPublicKeyStructure(jCERSAPublicKey.getModulus(), jCERSAPublicKey.getPublicExponent()).getDERObject().getEncoded());
            this.f3955i.setSignPubKey(jCERSAPublicKey);
            this.f3955i.clearSignPriKey();
            if (LogWriter._DEBUG) {
                LogWriter.writeLog("[Time] Issue sign key(" + this.f3951e + "bits) pair generate is " + timeCheck.getTime() + " milli seconds");
            }
            if (this.f3949c == null) {
                throw new CmpException("not setting CA certificate to encipherment");
            }
            aSN1EncodableArray.add(a(0));
            ASN1EncodableArray aSN1EncodableArray2 = new ASN1EncodableArray();
            aSN1EncodableArray2.add(new DERInteger(1));
            this.D = " ";
            aSN1EncodableArray2.add(new GeneralName(new DERIA5String(" "), 1));
            aSN1EncodableArray2.add(new GeneralName(new DERIA5String(this.E), 1));
            aSN1EncodableArray2.add(new DERTaggedObject(0, new DERGeneralizedTime(new Date())));
            aSN1EncodableArray2.add(new DERTaggedObject(2, new DEROctetString(this.B.getBytes())));
            this.F = new byte[128];
            new SecureRandom().nextBytes(this.F);
            aSN1EncodableArray2.add(new DERTaggedObject(5, new DEROctetString(this.F)));
            PKIHeader pKIHeader = PKIHeader.getInstance(new DERSequence(aSN1EncodableArray2));
            PKIBody pKIBody = new PKIBody(CertReqMessages.getInstance(new DERSequence(aSN1EncodableArray)).getDERObject(), 0);
            return new PKIMessage(pKIHeader, pKIBody, new DERBitString(b(new PKIMessage(pKIHeader, pKIBody, null, null).getDERObject().getEncoded())), null).getDERObject().getEncoded();
        } catch (Exception e2) {
            throw new ApiException(ApiErrors.E_TOKEN_FAIL_GENERATE_KEYPAIR, e2);
        }
    }

    private byte[] b(byte[] bArr) throws Exception {
        MessageDigest messageDigest = MessageDigest.getInstance(yessignManager.SHA1_ALG_OID.getAlgName(), yessignProvider.PROVIDER);
        byte[] digest = messageDigest.digest(("aaaaabbbbb" + this.C).getBytes());
        messageDigest.reset();
        byte[] digest2 = messageDigest.digest(digest);
        byte[] bArr2 = new byte[8];
        if (digest2.length < 8) {
            throw new CmpException("fail to create MAC Key");
        }
        System.arraycopy(digest2, 0, bArr2, 0, 8);
        Mac mac = Mac.getInstance("DESMAC/Zero", yessignProvider.PROVIDER);
        mac.init(new SecretKeySpec(bArr2, "DES"));
        return mac.doFinal(bArr);
    }

    private byte[] c() throws Exception {
        TimeCheck timeCheck;
        if (this.f3951e != 2048) {
            throw new CmpException("not support key length : " + this.f3951e);
        }
        ASN1EncodableArray aSN1EncodableArray = new ASN1EncodableArray();
        if (LogWriter._DEBUG) {
            timeCheck = new TimeCheck();
            timeCheck.setTime();
        } else {
            timeCheck = null;
        }
        try {
            KeyFactory keyFactory = KeyFactory.getInstance(yessignManager.ASYM_KEY_STR, yessignProvider.PROVIDER);
            MessageDigest messageDigest = MessageDigest.getInstance(yessignManager.SHA1_ALG_OID.getAlgName(), yessignProvider.PROVIDER);
            JCERSAPublicKey jCERSAPublicKey = (JCERSAPublicKey) keyFactory.generatePublic(this.f3530a.generateKeyPair());
            this.f3959m = messageDigest.digest(new RSAPublicKeyStructure(jCERSAPublicKey.getModulus(), jCERSAPublicKey.getPublicExponent()).getDERObject().getEncoded());
            this.f3955i.setSignPubKey(jCERSAPublicKey);
            this.f3955i.clearSignPriKey();
            if (LogWriter._DEBUG) {
                LogWriter.writeLog("[Time] Update sign key(" + this.f3951e + "bits) pair generate is " + timeCheck.getTime() + " milli seconds");
            }
            aSN1EncodableArray.add(a(2));
            ASN1EncodableArray aSN1EncodableArray2 = new ASN1EncodableArray();
            aSN1EncodableArray2.add(new DERInteger(1));
            this.D = "UPDATE";
            aSN1EncodableArray2.add(new GeneralName(new DERIA5String("UPDATE"), 1));
            aSN1EncodableArray2.add(new GeneralName(new DERIA5String(this.E), 1));
            aSN1EncodableArray2.add(new DERTaggedObject(0, new DERGeneralizedTime(new Date())));
            this.F = new byte[128];
            new SecureRandom().nextBytes(this.F);
            aSN1EncodableArray2.add(new DERTaggedObject(5, new DEROctetString(this.F)));
            PKIHeader pKIHeader = PKIHeader.getInstance(new DERSequence(aSN1EncodableArray2));
            PKIBody pKIBody = new PKIBody(CertReqMessages.getInstance(new DERSequence(aSN1EncodableArray)).getDERObject(), 7);
            return new PKIMessage(pKIHeader, pKIBody, new DERBitString(this.f3530a.sign(this.f3960n, new PKIMessage(pKIHeader, pKIBody, null, null).getDERObject().getEncoded())), null).getDERObject().getEncoded();
        } catch (Exception e2) {
            throw new ApiException(ApiErrors.E_TOKEN_FAIL_GENERATE_KEYPAIR, e2);
        }
    }

    private byte[] d() throws Exception {
        ASN1EncodableArray aSN1EncodableArray = new ASN1EncodableArray();
        aSN1EncodableArray.add(new DERInteger(1));
        this.D = " ";
        aSN1EncodableArray.add(new GeneralName(new DERIA5String(" "), 1));
        aSN1EncodableArray.add(new GeneralName(new DERIA5String(this.E), 1));
        aSN1EncodableArray.add(new DERTaggedObject(0, new DERGeneralizedTime(new Date())));
        aSN1EncodableArray.add(new DERTaggedObject(2, new DEROctetString(this.B.getBytes())));
        aSN1EncodableArray.add(new DERTaggedObject(5, new DEROctetString(this.F)));
        aSN1EncodableArray.add(new DERTaggedObject(6, new DEROctetString(this.G)));
        PKIHeader pKIHeader = PKIHeader.getInstance(new DERSequence(aSN1EncodableArray));
        PKIBody pKIBody = new PKIBody(PKIConfirmContent.getInstance(new DERNull()).getDERObject(), 19);
        PKIMessage pKIMessage = new PKIMessage(pKIHeader, pKIBody, null, null);
        return new PKIMessage(pKIHeader, pKIBody, new DERBitString(this.A == 1 ? b(pKIMessage.getDERObject().getEncoded()) : this.f3530a.sign(this.f3960n, pKIMessage.getDERObject().getEncoded())), null).getDERObject().getEncoded();
    }

    public void cleanKey() {
        CertManager certManager = this.f3955i;
        if (certManager != null) {
            certManager.clearAll();
            this.f3955i = null;
        }
        if (this.H != null) {
            this.H = null;
        }
        if (this.f3961o != null) {
            this.f3961o = null;
        }
    }

    public byte[] finishCertIssue(byte[] bArr) throws ApiException {
        try {
            PKIMessage pKIMessage = PKIMessage.getInstance(DERObject.getInstance(bArr));
            if (pKIMessage.getBody().getTagNo() == 23) {
                ErrorMsgContent errorMsgContent = ErrorMsgContent.getInstance(pKIMessage.getBody().getBody());
                this.f3957k = errorMsgContent.getPKIStatusInfo().getStatus().intValue();
                throw new CmpException("IP error : ".concat(new String(errorMsgContent.getPKIStatusInfo().getStatusString().getStringAt(0).getString())));
            }
            CertRepMessage certRepMessage = CertRepMessage.getInstance(pKIMessage.getBody().getBody());
            CertResponse[] response = certRepMessage.getResponse();
            if (response == null || response.length <= 0) {
                throw new CmpException("IP error : not exist response array");
            }
            if (response[0].getStatus().getStatus().intValue() != 0) {
                this.f3957k = response[0].getStatus().getStatus().intValue();
                throw new CmpException("IP error : ".concat(new String(response[0].getStatus().getStatusString().getStringAt(0).getString())));
            }
            DERBitString protection = pKIMessage.getProtection();
            if (protection == null || certRepMessage.getCaPubs() == null) {
                throw new CmpException("IP error : not exist protection");
            }
            ASN1EncodableArray aSN1EncodableArray = new ASN1EncodableArray();
            aSN1EncodableArray.add(pKIMessage.getHeader());
            aSN1EncodableArray.add(pKIMessage.getBody());
            byte[] encoded = new DERSequence(aSN1EncodableArray).getEncoded();
            byte[] bytes = protection.getBytes();
            MessageDigest messageDigest = MessageDigest.getInstance(yessignManager.SHA1_ALG_OID.getAlgName(), yessignProvider.PROVIDER);
            byte[] digest = messageDigest.digest(("aaaaabbbbb" + this.C).getBytes());
            messageDigest.reset();
            byte[] digest2 = messageDigest.digest(digest);
            byte[] bArr2 = new byte[8];
            if (digest2.length < 8) {
                throw new CmpException("fail to create MAC Key");
            }
            System.arraycopy(digest2, 0, bArr2, 0, 8);
            Mac mac = Mac.getInstance("DESMAC/Zero", yessignProvider.PROVIDER);
            mac.init(new SecretKeySpec(bArr2, "DES"));
            byte[] doFinal = mac.doFinal(encoded);
            if (!(doFinal.length != bytes.length ? false : Arrays.equals(doFinal, bytes))) {
                throw new CmpException("IP error : protection value is not same");
            }
            if (pKIMessage.getHeader().getSenderNonce() == null || pKIMessage.getHeader().getRecipNonce() == null) {
                throw new CmpException("IP error : Nonce value does not exist");
            }
            if (!Arrays.equals(pKIMessage.getHeader().getRecipNonce().getOctets(), this.F)) {
                throw new CmpException("IP error : RecipNonce value is not same");
            }
            this.G = pKIMessage.getHeader().getSenderNonce().getOctets();
            CMPCertificate[] caPubs = certRepMessage.getCaPubs();
            if (caPubs == null || caPubs.length == 0) {
                throw new CmpException("IP error : caPubs does not exist");
            }
            ASN1EncodableArray aSN1EncodableArray2 = new ASN1EncodableArray();
            for (CMPCertificate cMPCertificate : caPubs) {
                aSN1EncodableArray2.add(cMPCertificate);
            }
            this.f3961o = new DERSequence(aSN1EncodableArray2).getEncoded();
            if (response[0].getCertifiedKeyPair() == null || response[0].getCertifiedKeyPair().getCertOrEncCert().getCertificate() == null) {
                throw new CmpException("IP error : sign certificate does not exist");
            }
            this.f3955i.setSignCert(response[0].getCertifiedKeyPair().getCertOrEncCert().getCertificate().getDERObject().getEncoded());
            return d();
        } catch (ApiException e2) {
            throw e2;
        } catch (Exception e10) {
            if (LogWriter._DEBUG) {
                LogWriter.writeLog("[CMP Api Exeption]");
                LogWriter.writeLog("- errorCode : 0x" + Integer.toHexString(ApiErrors.E_CMP_ISSUE_FAIL));
                LogWriter.writeLog(e10);
            }
            throw new ApiException(ApiErrors.E_CMP_ISSUE_FAIL, e10);
        }
    }

    public byte[] finishCertUpdate(byte[] bArr) throws ApiException {
        try {
            PKIMessage pKIMessage = PKIMessage.getInstance(DERObject.getInstance(bArr));
            if (pKIMessage.getBody().getTagNo() == 23) {
                ErrorMsgContent errorMsgContent = ErrorMsgContent.getInstance(pKIMessage.getBody().getBody());
                this.f3957k = errorMsgContent.getPKIStatusInfo().getStatus().intValue();
                throw new CmpException("KUP error : ".concat(new String(errorMsgContent.getPKIStatusInfo().getStatusString().getStringAt(0).getString())));
            }
            CertRepMessage certRepMessage = CertRepMessage.getInstance(pKIMessage.getBody().getBody());
            CertResponse[] response = certRepMessage.getResponse();
            if (response[0].getStatus().getStatus().intValue() != 0) {
                this.f3957k = response[0].getStatus().getStatus().intValue();
                throw new CmpException("KUP error : ".concat(new String(response[0].getStatus().getStatusString().getStringAt(0).getString())));
            }
            DERBitString protection = pKIMessage.getProtection();
            if (protection == null || certRepMessage.getCaPubs() == null) {
                throw new CmpException("KUP error : protection does not exist");
            }
            ASN1EncodableArray aSN1EncodableArray = new ASN1EncodableArray();
            aSN1EncodableArray.add(pKIMessage.getHeader());
            aSN1EncodableArray.add(pKIMessage.getBody());
            byte[] encoded = new DERSequence(aSN1EncodableArray).getEncoded();
            byte[] bytes = protection.getBytes();
            Cipher cipher = Cipher.getInstance(yessignManager.ASYM_ALG_OID.getAlgName(), yessignProvider.PROVIDER);
            cipher.init(2, this.f3948b.getPublicKey());
            byte[] doFinal = cipher.doFinal(bytes);
            if (doFinal == null) {
                throw new CmpException("KUP error : fail to decipherment protection CA public key");
            }
            DigestInfo digestInfo = DigestInfo.getInstance(DERObject.getInstance(doFinal));
            byte[] digest = digestInfo.getDigest();
            byte[] digest2 = MessageDigest.getInstance(digestInfo.getAlgorithmId().getObjectId().getAlgName(), yessignProvider.PROVIDER).digest(encoded);
            if (digest2 == null) {
                throw new CmpException("KUP error : fail to create hash for verify protection");
            }
            if (digest.length != digest2.length) {
                throw new CmpException("KUP error : created hash is not same length protection hash to verify");
            }
            if (!Arrays.equals(digest, digest2)) {
                throw new CmpException("KUP error : created hash is not same protection hash to verify");
            }
            if (pKIMessage.getHeader().getSenderNonce() == null || pKIMessage.getHeader().getRecipNonce() == null) {
                throw new CmpException("KUP error : Nonce value does not exist");
            }
            if (!Arrays.equals(pKIMessage.getHeader().getRecipNonce().getOctets(), this.F)) {
                throw new CmpException("KUP error : RecipNonce value is not same");
            }
            this.G = pKIMessage.getHeader().getSenderNonce().getOctets();
            CMPCertificate[] caPubs = certRepMessage.getCaPubs();
            if (caPubs == null || caPubs.length == 0) {
                throw new CmpException("KUP error : caPubs does not exist");
            }
            ASN1EncodableArray aSN1EncodableArray2 = new ASN1EncodableArray();
            for (CMPCertificate cMPCertificate : caPubs) {
                aSN1EncodableArray2.add(cMPCertificate);
            }
            this.f3961o = new DERSequence(aSN1EncodableArray2).getEncoded();
            if (response[0].getCertifiedKeyPair() == null || response[0].getCertifiedKeyPair().getCertOrEncCert().getCertificate() == null) {
                throw new CmpException("KUP error : sign certificate does not exist");
            }
            this.f3955i.setSignCert(response[0].getCertifiedKeyPair().getCertOrEncCert().getCertificate().getDERObject().getEncoded());
            return d();
        } catch (ApiException e2) {
            throw e2;
        } catch (Exception e10) {
            if (LogWriter._DEBUG) {
                LogWriter.writeLog("[CMP Api Exeption]");
                LogWriter.writeLog("- errorCode : 0x" + Integer.toHexString(ApiErrors.E_CMP_UPDATE_FAIL));
                LogWriter.writeLog(e10);
            }
            throw new ApiException(ApiErrors.E_CMP_UPDATE_FAIL, e10);
        }
    }

    public byte[] getCaPubs() {
        return this.f3961o;
    }

    public X509Certificate getCert() {
        return this.f3955i.getSignCert();
    }

    public byte[] getVidRandom() {
        return this.H;
    }

    /* JADX WARN: Removed duplicated region for block: B:18:0x0050  */
    /* JADX WARN: Removed duplicated region for block: B:21:? A[RETURN, SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public void init() throws com.yessign.fido.api.ApiException {
        /*
            r4 = this;
            java.lang.String r0 = "- errorCode : 0x"
            java.lang.String r1 = "[CMP Api Exeption]"
            boolean r2 = com.yessign.fido.util.LogWriter._DEBUG     // Catch: com.yessign.fido.api.yessignGEnvException -> Le com.yessign.fido.api.yessignException -> L10
            if (r2 == 0) goto L13
            java.lang.String r2 = "start setDefaultConfigure()..."
            com.yessign.fido.util.LogWriter.writeLog(r2)     // Catch: com.yessign.fido.api.yessignGEnvException -> Le com.yessign.fido.api.yessignException -> L10
            goto L13
        Le:
            r4 = move-exception
            goto L64
        L10:
            r4 = move-exception
            goto L89
        L13:
            boolean r2 = com.yessign.fido.api.FidoConfigure.isSet     // Catch: com.yessign.fido.api.yessignGEnvException -> Le com.yessign.fido.api.yessignException -> L10
            if (r2 == 0) goto L21
            boolean r2 = com.yessign.fido.util.LogWriter._DEBUG     // Catch: com.yessign.fido.api.yessignGEnvException -> Le com.yessign.fido.api.yessignException -> L10
            if (r2 == 0) goto L2e
            java.lang.String r2 = "setDefaultConfigure() is complete already and out routine"
        L1d:
            com.yessign.fido.util.LogWriter.writeLog(r2)     // Catch: com.yessign.fido.api.yessignGEnvException -> Le com.yessign.fido.api.yessignException -> L10
            goto L2e
        L21:
            com.yessign.fido.api.yessignManager.init()     // Catch: com.yessign.fido.api.yessignGEnvException -> Le com.yessign.fido.api.yessignException -> L10
            r2 = 1
            com.yessign.fido.api.FidoConfigure.isSet = r2     // Catch: com.yessign.fido.api.yessignGEnvException -> Le com.yessign.fido.api.yessignException -> L10
            boolean r2 = com.yessign.fido.util.LogWriter._DEBUG     // Catch: com.yessign.fido.api.yessignGEnvException -> Le com.yessign.fido.api.yessignException -> L10
            if (r2 == 0) goto L2e
            java.lang.String r2 = "end setDefaultConfigure()..."
            goto L1d
        L2e:
            java.util.Locale r0 = java.util.Locale.getDefault()
            java.util.Locale r1 = java.util.Locale.KOREA
            boolean r1 = r0.equals(r1)
            java.lang.String r2 = "language=korean"
            if (r1 == 0) goto L3f
        L3c:
            r4.E = r2
            goto L4c
        L3f:
            java.util.Locale r1 = java.util.Locale.KOREAN
            boolean r0 = r0.equals(r1)
            if (r0 == 0) goto L48
            goto L3c
        L48:
            java.lang.String r0 = "language=english"
            r4.E = r0
        L4c:
            boolean r0 = com.yessign.fido.util.LogWriter._DEBUG
            if (r0 == 0) goto L63
            java.lang.StringBuilder r0 = new java.lang.StringBuilder
            java.lang.String r1 = "[CMP init] set language : "
            r0.<init>(r1)
            java.lang.String r4 = r4.E
            r0.append(r4)
            java.lang.String r4 = r0.toString()
            com.yessign.fido.util.LogWriter.writeLog(r4)
        L63:
            return
        L64:
            boolean r2 = com.yessign.fido.util.LogWriter._DEBUG
            r3 = 12294(0x3006, float:1.7228E-41)
            if (r2 == 0) goto L83
            com.yessign.fido.util.LogWriter.writeLog(r1)
            java.lang.StringBuilder r1 = new java.lang.StringBuilder
            r1.<init>(r0)
            java.lang.String r0 = java.lang.Integer.toHexString(r3)
            r1.append(r0)
            java.lang.String r0 = r1.toString()
            com.yessign.fido.util.LogWriter.writeLog(r0)
            com.yessign.fido.util.LogWriter.writeLog(r4)
        L83:
            com.yessign.fido.api.ApiException r0 = new com.yessign.fido.api.ApiException
            r0.<init>(r3, r4)
            throw r0
        L89:
            boolean r2 = com.yessign.fido.util.LogWriter._DEBUG
            r3 = 12289(0x3001, float:1.722E-41)
            if (r2 == 0) goto La8
            com.yessign.fido.util.LogWriter.writeLog(r1)
            java.lang.StringBuilder r1 = new java.lang.StringBuilder
            r1.<init>(r0)
            java.lang.String r0 = java.lang.Integer.toHexString(r3)
            r1.append(r0)
            java.lang.String r0 = r1.toString()
            com.yessign.fido.util.LogWriter.writeLog(r0)
            com.yessign.fido.util.LogWriter.writeLog(r4)
        La8:
            com.yessign.fido.api.ApiException r0 = new com.yessign.fido.api.ApiException
            r0.<init>(r3, r4)
            throw r0
        */
        throw new UnsupportedOperationException("Method not decompiled: com.yessign.fido.cmp.CmpManager.init():void");
    }

    public byte[] initCertIssue(String str, String str2) throws ApiException {
        this.f3955i = new CertManager();
        this.A = 1;
        if (str == null) {
            str = "";
        }
        if (str2 == null) {
            str2 = "";
        }
        String trim = str.trim();
        String trim2 = str2.trim();
        this.B = trim;
        this.C = trim2;
        try {
            return a();
        } catch (ApiException e2) {
            throw e2;
        } catch (Exception e10) {
            if (LogWriter._DEBUG) {
                LogWriter.writeLog("[CMP Api Exeption]");
                LogWriter.writeLog("- errorCode : 0x" + Integer.toHexString(ApiErrors.E_CMP_ISSUE_FAIL));
                LogWriter.writeLog(e10);
            }
            throw new ApiException(ApiErrors.E_CMP_ISSUE_FAIL, e10);
        }
    }

    public byte[] initCertUpdate(X509Certificate x509Certificate) throws ApiException {
        this.f3955i = new CertManager();
        CertManager certManager = new CertManager();
        this.f3956j = certManager;
        this.A = 2;
        try {
            certManager.setSignCert(x509Certificate);
            this.f3960n = SubjectKeyIdentifier.getInstance(yessignManager.getX509ExtObject(x509Certificate, X509Extensions.SubjectKeyIdentifier.getId())).getKeyIdentifier();
            this.B = this.f3956j.getSignCert().getSerialNumber().toString();
            this.C = "";
            try {
                return a();
            } catch (ApiException e2) {
                throw e2;
            } catch (Exception e10) {
                if (LogWriter._DEBUG) {
                    LogWriter.writeLog("[CMP Api Exeption]");
                    LogWriter.writeLog("- errorCode : 0x" + Integer.toHexString(ApiErrors.E_CMP_UPDATE_FAIL));
                    LogWriter.writeLog(e10);
                }
                throw new ApiException(ApiErrors.E_CMP_UPDATE_FAIL, e10);
            }
        } catch (Exception e11) {
            if (LogWriter._DEBUG) {
                LogWriter.writeLog("[CMP Api Exeption]");
                LogWriter.writeLog("- errorCode : 0x" + Integer.toHexString(ApiErrors.E_CERT_READ_USERCERT));
                LogWriter.writeLog(e11);
            }
            throw new ApiException(ApiErrors.E_CERT_READ_USERCERT, e11);
        }
    }

    public byte[] requestCertIssue(byte[] bArr) throws ApiException {
        try {
            a(bArr);
            return b();
        } catch (ApiException e2) {
            throw e2;
        } catch (Exception e10) {
            if (LogWriter._DEBUG) {
                LogWriter.writeLog("[CMP Api Exeption]");
                LogWriter.writeLog("- errorCode : 0x" + Integer.toHexString(ApiErrors.E_CMP_ISSUE_FAIL));
                LogWriter.writeLog(e10);
            }
            throw new ApiException(ApiErrors.E_CMP_ISSUE_FAIL, e10);
        }
    }

    public byte[] requestCertUpdate(byte[] bArr) throws ApiException {
        try {
            a(bArr);
            return c();
        } catch (ApiException e2) {
            throw e2;
        } catch (Exception e10) {
            if (LogWriter._DEBUG) {
                LogWriter.writeLog("[CMP Api Exeption]");
                LogWriter.writeLog("- errorCode : 0x" + Integer.toHexString(ApiErrors.E_CMP_UPDATE_FAIL));
                LogWriter.writeLog(e10);
            }
            throw new ApiException(ApiErrors.E_CMP_UPDATE_FAIL, e10);
        }
    }

    public void setTokenKeySize(int i2) {
        if (i2 != 2048) {
            throw new IllegalArgumentException("The token key size is incorrect.");
        }
        this.f3958l = i2;
    }
}
