package com.samsung.android.authfw.pass.Operation.Cmp;

import a0.e;
import android.content.Context;
import android.text.TextUtils;
import b1.d1;
import com.samsung.android.authfw.common.utils.CryptoUtil;
import com.samsung.android.authfw.pass.PassInjection;
import com.samsung.android.authfw.pass.common.AuthenticatorType;
import com.samsung.android.authfw.pass.common.args.JsonHelper;
import com.samsung.android.authfw.pass.common.utils.Encoding;
import com.samsung.android.authfw.pass.logger.PSLog;
import com.samsung.android.authfw.pass.storage.KeyStorage;
import com.yessign.fido.certinfo.BasicConstants;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import q4.c;
import ua.f;
import ua.g;
import ua.j;
import ua.k;
import ua.o;
import va.a;

/* loaded from: classes.dex */
public class BaseUtil {
    private static final String TAG = "BaseUtil";

    /* loaded from: classes.dex */
    public static final class AuthenticatorOid {
        public static final String Faceprint = "1.2.410.200004.1.101.3";
        public static final String Fingerprint = "1.2.410.200004.1.101.2";
        public static final String Iris = "1.2.410.200004.1.101.6";

        private AuthenticatorOid() {
        }
    }

    /* loaded from: classes.dex */
    public static class LatestSubjectDN {
        String Face;
        String Fingerprint;
        String Iris;

        private LatestSubjectDN() {
            this.Fingerprint = null;
            this.Iris = null;
            this.Face = null;
        }

        public /* synthetic */ LatestSubjectDN(int i2) {
            this();
        }

        public String toJson() {
            return JsonHelper.getGson().g(this);
        }
    }

    private static void clearAllLatestSubjectDNs() {
        PSLog.d(TAG, "clearAllLatestSubjectDNs");
        String[] strArr = {"Fingerprint", "Iris", "Faceprint"};
        for (int i2 = 0; i2 < 3; i2++) {
            String key4LatestSubjectDN = getKey4LatestSubjectDN(strArr[i2]);
            if (key4LatestSubjectDN != null) {
                KeyStorage.remove(key4LatestSubjectDN);
            }
        }
    }

    private static void clearLatestSubjectDN(String str, String str2) {
        String key4LatestSubjectDN;
        if (str2 == null || (key4LatestSubjectDN = getKey4LatestSubjectDN(str2)) == null || !KeyStorage.get(key4LatestSubjectDN).equals(str)) {
            return;
        }
        KeyStorage.remove(key4LatestSubjectDN);
    }

    public static boolean deleteAllCertificate() {
        PSLog.d(TAG, "dac");
        c a3 = c.a(PassInjection.getAppContext());
        boolean r10 = a3.f8623a.r(getCertificateBasePath());
        if (r10) {
            clearAllLatestSubjectDNs();
        }
        return r10;
    }

    public static synchronized boolean deleteCertificate(Context context, byte[] bArr, byte[] bArr2) {
        synchronized (BaseUtil.class) {
            if (bArr != null) {
                if (bArr.length != 0) {
                    byte[] magicCode = getMagicCode(bArr);
                    if (magicCode != null && magicCode.length > 0 && !Arrays.equals(magicCode, bArr2)) {
                        PSLog.e(TAG, "magic code is not matched");
                        return false;
                    }
                    String certificatePath = getCertificatePath(bArr);
                    if (certificatePath != null && certificatePath.length() != 0) {
                        String certificateSubjectDN = getCertificateSubjectDN(bArr);
                        String authnrTypeBySubjectDN = certificateSubjectDN == null ? null : getAuthnrTypeBySubjectDN(certificateSubjectDN);
                        PSLog.d(TAG, "certPath:".concat(certificatePath));
                        boolean r10 = c.a(PassInjection.getAppContext()).f8623a.r(certificatePath);
                        if (r10 && certificateSubjectDN != null) {
                            clearLatestSubjectDN(certificateSubjectDN, authnrTypeBySubjectDN);
                        }
                        return r10;
                    }
                    PSLog.e(TAG, "cert path is null");
                    return false;
                }
            }
            PSLog.e(TAG, "cert is null");
            return false;
        }
    }

    private static String getAuthenticatorType(String str) {
        str.getClass();
        char c3 = 65535;
        switch (str.hashCode()) {
            case 1036560225:
                if (str.equals(AuthenticatorOid.Fingerprint)) {
                    c3 = 0;
                    break;
                }
                break;
            case 1036560226:
                if (str.equals(AuthenticatorOid.Faceprint)) {
                    c3 = 1;
                    break;
                }
                break;
            case 1036560229:
                if (str.equals(AuthenticatorOid.Iris)) {
                    c3 = 2;
                    break;
                }
                break;
        }
        switch (c3) {
            case 0:
                return "Fingerprint";
            case 1:
                return "Faceprint";
            case 2:
                return "Iris";
            default:
                return "None";
        }
    }

    public static String getAuthenticatorType(byte[] bArr) {
        if (bArr == null || bArr.length == 0) {
            PSLog.e(TAG, "cert is null");
            return null;
        }
        a n2 = a.n(bArr);
        if (n2 != null) {
            return getAuthenticatorType(n2.f9842a.f10017a.f9588a);
        }
        PSLog.e(TAG, "get encinfo fail");
        return null;
    }

    private static String getAuthnrTypeBySubjectDN(String str) {
        List<String> certificates = getCertificates();
        if (certificates == null || certificates.size() == 0) {
            PSLog.d(TAG, "there are no certificates");
            return null;
        }
        Iterator<String> it = certificates.iterator();
        while (it.hasNext()) {
            String[] split = it.next().split(":");
            try {
            } catch (CertificateException unused) {
                PSLog.w(TAG, "Certificate exception");
            }
            if (str.equals(getLowerCaseDnName(((X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(Encoding.Base64.decode(split[0])))).getSubjectDN().getName()))) {
                return split[2];
            }
            continue;
        }
        return null;
    }

    public static int getCaCode(byte[] bArr) {
        String caName;
        String certificateSubjectDN = getCertificateSubjectDN(bArr);
        if (certificateSubjectDN == null || (caName = getCaName(certificateSubjectDN)) == null) {
            return 0;
        }
        char c3 = 65535;
        switch (caName.hashCode()) {
            case -1808398071:
                if (caName.equals("NCASign")) {
                    c3 = 0;
                    break;
                }
                break;
            case -1538125535:
                if (caName.equals("TradeSign")) {
                    c3 = 1;
                    break;
                }
                break;
            case -1279924956:
                if (caName.equals(BasicConstants.YESSIGN_CA_NAME)) {
                    c3 = 2;
                    break;
                }
                break;
            case 2306620:
                if (caName.equals("KICA")) {
                    c3 = 3;
                    break;
                }
                break;
        }
        switch (c3) {
            case 0:
                return 8;
            case 1:
                return 16;
            case 2:
                return 32;
            case 3:
                return 1;
            default:
                return 0;
        }
    }

    private static String getCaName(String str) {
        if (str == null || str.length() == 0) {
            PSLog.e(TAG, "dnName is null");
            return null;
        }
        Locale locale = Locale.KOREA;
        return str.toLowerCase(locale).indexOf("o=kica") > -1 ? "KICA" : str.toLowerCase(locale).indexOf("o=crosscert") > -1 ? "CrossCert" : str.toLowerCase(locale).indexOf("o=ncasign") > -1 ? "NCASign" : str.toLowerCase(locale).indexOf("o=signkorea") > -1 ? "SignKorea" : str.toLowerCase(locale).indexOf("o=tradesign") > -1 ? "TradeSign" : str.toLowerCase(locale).indexOf("o=yessign") > -1 ? BasicConstants.YESSIGN_CA_NAME : "test";
    }

    private static String getCertificateBasePath() {
        return e.k(PassInjection.getSamsungExperience().getSystemProperties().getUserId(), "NPKI/user", "/");
    }

    private static String getCertificatePath(byte[] bArr) {
        String certificateSubjectDN = getCertificateSubjectDN(bArr);
        if (certificateSubjectDN == null) {
            return null;
        }
        return getCertificateBasePath() + getCaName(certificateSubjectDN) + "/USER/" + certificateSubjectDN + "/";
    }

    public static String getCertificateSubjectDN(byte[] bArr) {
        if (bArr == null || bArr.length == 0) {
            PSLog.e(TAG, "cert is null");
            return null;
        }
        X509Certificate x509Certificate = CryptoUtil.toX509Certificate(bArr);
        if (x509Certificate != null) {
            return getLowerCaseDnName(x509Certificate.getSubjectDN().getName());
        }
        PSLog.e(TAG, "cert is null");
        return null;
    }

    public static List<String> getCertificates() {
        String str = TAG;
        PSLog.d(str, "gc");
        ArrayList j10 = c.a(PassInjection.getAppContext()).f8623a.j(getCertificateBasePath(), "signCert.der");
        ArrayList j11 = c.a(PassInjection.getAppContext()).f8623a.j(getCertificateBasePath(), "CaPubs");
        ArrayList j12 = c.a(PassInjection.getAppContext()).f8623a.j(getCertificateBasePath(), "signPri.key");
        ArrayList arrayList = new ArrayList();
        if (j10 == null || j11 == null || j12 == null) {
            return new ArrayList();
        }
        if (j10.size() != j11.size() && j10.size() != j12.size()) {
            PSLog.e(str, "size error");
            return new ArrayList();
        }
        for (int i2 = 0; i2 < j10.size(); i2++) {
            arrayList.add(((String) j10.get(i2)) + ":" + ((String) j11.get(i2)) + ":" + getAuthenticatorType(Encoding.Base64.decode((String) j12.get(i2))));
        }
        return arrayList;
    }

    private static String getKey4LatestSubjectDN(String str) {
        return "certificate_latest_subject_dn_for_user" + PassInjection.getSamsungExperience().getSystemProperties().getUserId() + "_by_" + str;
    }

    public static String getLatestSubjectDN(Context context) {
        LatestSubjectDN latestSubjectDN = new LatestSubjectDN(0);
        String key4LatestSubjectDN = getKey4LatestSubjectDN("Fingerprint");
        if (key4LatestSubjectDN != null) {
            latestSubjectDN.Fingerprint = KeyStorage.get(key4LatestSubjectDN);
        }
        String key4LatestSubjectDN2 = getKey4LatestSubjectDN("Iris");
        if (key4LatestSubjectDN2 != null) {
            latestSubjectDN.Iris = KeyStorage.get(key4LatestSubjectDN2);
        }
        String key4LatestSubjectDN3 = getKey4LatestSubjectDN("Faceprint");
        if (key4LatestSubjectDN3 != null) {
            latestSubjectDN.Face = KeyStorage.get(key4LatestSubjectDN3);
        }
        return latestSubjectDN.toJson();
    }

    private static String getLowerCaseDnName(String str) {
        if (str != null && str.length() != 0) {
            return str.replace("CN=", "cn=").replace("OU=", "ou=").replace("O=", "o=").replace("C=", "c=").replace("L=", "l=").replace("ST=", "st=");
        }
        PSLog.e(TAG, "dnName is null");
        return null;
    }

    public static byte[] getMagicCode(byte[] bArr) {
        if (bArr == null || bArr.length == 0) {
            PSLog.e(TAG, "cert is null");
            return null;
        }
        String certificatePath = getCertificatePath(bArr);
        if (certificatePath == null || certificatePath.length() == 0) {
            PSLog.e(TAG, "cert path is null");
            return null;
        }
        ArrayList j10 = c.a(PassInjection.getAppContext()).f8623a.j(certificatePath, "magicCode");
        if (j10 == null || j10.size() < 1) {
            PSLog.w(TAG, "mcn");
            return null;
        }
        String str = (String) j10.get(0);
        if (str != null && str.length() != 0) {
            return Encoding.Base64.decode(str);
        }
        PSLog.w(TAG, "mcn.");
        return null;
    }

    /* JADX WARN: Type inference failed for: r1v5, types: [ua.h, va.a, java.lang.Object] */
    private static byte[] getP8EncryptedPrivateKeyInfo(byte[] bArr, String str) {
        wa.a aVar;
        if (bArr == null || bArr.length == 0) {
            PSLog.e(TAG, "wrapped private key is null");
            return null;
        }
        if (str == null || str.length() == 0) {
            PSLog.e(TAG, "authenticator type is null");
            return null;
        }
        char c3 = 65535;
        switch (str.hashCode()) {
            case 2287667:
                if (str.equals("Iris")) {
                    c3 = 0;
                    break;
                }
                break;
            case 248147536:
                if (str.equals("Faceprint")) {
                    c3 = 1;
                    break;
                }
                break;
            case 291934404:
                if (str.equals("Fingerprint")) {
                    c3 = 2;
                    break;
                }
                break;
        }
        switch (c3) {
            case 0:
                aVar = new wa.a(new j(AuthenticatorOid.Iris));
                break;
            case 1:
                aVar = new wa.a(new j(AuthenticatorOid.Faceprint));
                break;
            case 2:
                aVar = new wa.a(new j(AuthenticatorOid.Fingerprint));
                break;
            default:
                PSLog.e(TAG, "identifier error");
                return null;
        }
        try {
            ?? obj = new Object();
            obj.f9842a = aVar;
            obj.f9843b = new k(bArr);
            return obj.l();
        } catch (IOException unused) {
            PSLog.e(TAG, "private key info encrypt error");
            return null;
        }
    }

    public static byte[] getRawPublicKey(byte[] bArr) {
        X509Certificate x509Certificate = CryptoUtil.toX509Certificate(bArr);
        if (x509Certificate == null) {
            PSLog.e(TAG, "cert is null");
            return new byte[0];
        }
        try {
            o oVar = (o) new f(new ByteArrayInputStream(x509Certificate.getPublicKey().getEncoded())).f();
            if (oVar == null) {
                PSLog.e(TAG, "get seq error");
                return new byte[0];
            }
            ua.a aVar = (ua.a) oVar.v(1);
            if (aVar == null) {
                PSLog.e(TAG, "get bitstring error");
                return new byte[0];
            }
            if (aVar.f9551b != 0) {
                throw new IllegalStateException("attempt to get non-octet aligned data from BIT STRING");
            }
            o oVar2 = (o) new f(new ByteArrayInputStream(d1.n(aVar.f9550a))).f();
            if (oVar2 == null) {
                PSLog.e(TAG, "get pubseq error");
                return new byte[0];
            }
            g gVar = (g) oVar2.v(0);
            g gVar2 = (g) oVar2.v(1);
            if (gVar != null && gVar2 != null) {
                byte[] byteArray = gVar.u().toByteArray();
                byte[] byteArray2 = gVar2.u().toByteArray();
                if (byteArray.length % 2 != 0 && byteArray[0] == 0) {
                    byteArray = Arrays.copyOfRange(byteArray, 1, byteArray.length);
                }
                byte[] bArr2 = new byte[byteArray.length + byteArray2.length];
                System.arraycopy(byteArray, 0, bArr2, 0, byteArray.length);
                System.arraycopy(byteArray2, 0, bArr2, byteArray.length, byteArray2.length);
                return bArr2;
            }
            PSLog.e(TAG, "modulusInteger or exponentInteger is null");
            return new byte[0];
        } catch (Exception e2) {
            e.z(e2, new StringBuilder("exception. "), TAG);
            return null;
        }
    }

    public static BaseTeePrivateKey getWrappedPrivateKey(byte[] bArr) {
        if (bArr == null || bArr.length == 0) {
            PSLog.e(TAG, "cert is null");
            return null;
        }
        String certificatePath = getCertificatePath(bArr);
        if (certificatePath == null || certificatePath.length() == 0) {
            PSLog.e(TAG, "cert path is null");
            return null;
        }
        ArrayList j10 = c.a(PassInjection.getAppContext()).f8623a.j(certificatePath, "signPri.key");
        if (j10 != null && j10.size() >= 1) {
            return new BaseTeePrivateKey(getWrappedPrivateKeyFromP8(Encoding.Base64.decode((String) j10.get(0))));
        }
        PSLog.e(TAG, "sign priv is null");
        return null;
    }

    private static byte[] getWrappedPrivateKeyFromP8(byte[] bArr) {
        if (bArr != null && bArr.length != 0) {
            return a.n(bArr).f9843b.v();
        }
        PSLog.e(TAG, "p8 encrypted private key info is null");
        return null;
    }

    public static byte[] getWrappedRValue(byte[] bArr) {
        if (bArr == null || bArr.length == 0) {
            PSLog.e(TAG, "cert is null");
            return null;
        }
        String certificatePath = getCertificatePath(bArr);
        if (certificatePath == null || certificatePath.length() == 0) {
            PSLog.e(TAG, "cert path is null");
            return null;
        }
        ArrayList j10 = c.a(PassInjection.getAppContext()).f8623a.j(certificatePath, "wrappedRandom");
        if (j10 != null && j10.size() >= 1) {
            return Encoding.Base64.decode((String) j10.get(0));
        }
        PSLog.e(TAG, "wrapped random is null");
        return null;
    }

    public static synchronized boolean saveCertificate(byte[] bArr, byte[] bArr2, byte[] bArr3, byte[] bArr4, int i2, byte[] bArr5) {
        synchronized (BaseUtil.class) {
            String str = TAG;
            PSLog.d(str, "sc");
            if (bArr != null && bArr.length != 0) {
                if (bArr2 != null && bArr2.length != 0) {
                    if (bArr3 != null && bArr3.length != 0) {
                        if (bArr4 != null && bArr4.length != 0) {
                            String stringValueOf = AuthenticatorType.stringValueOf(i2);
                            if (TextUtils.isEmpty(stringValueOf)) {
                                PSLog.e(str, "authenticatorType is null");
                                return false;
                            }
                            byte[] p8EncryptedPrivateKeyInfo = getP8EncryptedPrivateKeyInfo(bArr2, stringValueOf);
                            String certificatePath = getCertificatePath(bArr);
                            if (certificatePath != null && certificatePath.length() != 0) {
                                c a3 = c.a(PassInjection.getAppContext());
                                a3.f8623a.o(certificatePath.concat("signCert.der"), bArr);
                                c a9 = c.a(PassInjection.getAppContext());
                                a9.f8623a.o(certificatePath.concat("signPri.key"), p8EncryptedPrivateKeyInfo);
                                c a10 = c.a(PassInjection.getAppContext());
                                a10.f8623a.o(certificatePath.concat("wrappedRandom"), bArr3);
                                c a11 = c.a(PassInjection.getAppContext());
                                a11.f8623a.o(certificatePath.concat("CaPubs"), bArr4);
                                if (bArr5 == null || bArr5.length <= 0) {
                                    PSLog.w(str, "mcn");
                                } else {
                                    c a12 = c.a(PassInjection.getAppContext());
                                    a12.f8623a.o(certificatePath.concat("magicCode"), bArr5);
                                }
                                return true;
                            }
                            PSLog.e(str, "cert path is null");
                            return false;
                        }
                        PSLog.e(str, "caPubs is null");
                        return false;
                    }
                    PSLog.e(str, "random is null");
                    return false;
                }
                PSLog.e(str, "wrappedPrivate is null");
                return false;
            }
            PSLog.e(str, "cert is null");
            return false;
        }
    }

    public static void setLatestSubjectDN(String str) {
        String authnrTypeBySubjectDN;
        String key4LatestSubjectDN;
        if (str == null || (authnrTypeBySubjectDN = getAuthnrTypeBySubjectDN(str)) == null || (key4LatestSubjectDN = getKey4LatestSubjectDN(authnrTypeBySubjectDN)) == null) {
            return;
        }
        KeyStorage.set(key4LatestSubjectDN, str);
    }
}
