package com.samsung.android.authfw.pass.encryption;

import a0.e;
import android.text.TextUtils;
import com.samsung.android.authfw.common.analytics.SamsungAnalyticsLog;
import com.samsung.android.authfw.pass.PassInjection;
import com.samsung.android.authfw.pass.common.AuthenticatorType;
import com.samsung.android.authfw.pass.common.utils.Encoding;
import com.samsung.android.authfw.pass.logger.PSLog;
import com.samsung.android.authfw.pass.storage.KeyStorage;
import com.samsung.android.authfw.trustzone.TzApp;
import com.samsung.android.authfw.trustzone.tlv.TlvDeviceKeyHandle;
import com.samsung.android.authfw.trustzone.tlv.TlvEncryptCommand;
import com.samsung.android.authfw.trustzone.tlv.TlvEncryptResponse;
import com.samsung.android.authfw.trustzone.tlv.TlvGetNonceCommand;
import com.samsung.android.authfw.trustzone.tlv.TlvGetNonceResponse;
import com.samsung.android.authfw.trustzone.tlv.TlvNonce;
import com.samsung.android.authfw.trustzone.tlv.TlvPlainData;
import java.nio.ByteBuffer;
import java.nio.ByteOrder;
import java.nio.charset.StandardCharsets;
import java.security.SecureRandom;
import java.util.Arrays;
import q4.c;

/* loaded from: classes.dex */
public class Encryption {
    private static final String sTag = "Encryption";

    /* JADX WARN: Removed duplicated region for block: B:39:0x01be A[Catch: Exception -> 0x0035, TryCatch #0 {Exception -> 0x0035, blocks: (B:6:0x0020, B:7:0x0027, B:15:0x0068, B:18:0x0072, B:20:0x0079, B:24:0x0137, B:26:0x0141, B:28:0x0149, B:37:0x01a8, B:39:0x01be, B:42:0x01c3, B:44:0x01ce, B:46:0x01d6, B:48:0x01e5, B:50:0x01f8, B:51:0x0203, B:55:0x0200, B:58:0x020a, B:60:0x0214, B:63:0x0218, B:64:0x0220, B:66:0x0228, B:68:0x0233, B:72:0x024a, B:74:0x017a, B:75:0x0181, B:76:0x0182, B:78:0x0190, B:80:0x019f, B:81:0x0083, B:83:0x0089, B:85:0x0090, B:88:0x0094, B:91:0x00a0, B:93:0x00a6, B:95:0x00ac, B:98:0x00b0, B:100:0x00ba, B:103:0x00c6, B:105:0x00cc, B:107:0x00d2, B:109:0x00d9, B:113:0x00e1, B:115:0x00e4, B:116:0x00ec, B:118:0x00f5, B:120:0x00fb, B:122:0x0102, B:125:0x0107, B:127:0x0112, B:129:0x011a, B:131:0x0129, B:133:0x0131, B:134:0x0252, B:136:0x002b, B:139:0x0038, B:142:0x0042, B:145:0x004c), top: B:5:0x0020 }] */
    /* JADX WARN: Removed duplicated region for block: B:44:0x01ce A[Catch: Exception -> 0x0035, TryCatch #0 {Exception -> 0x0035, blocks: (B:6:0x0020, B:7:0x0027, B:15:0x0068, B:18:0x0072, B:20:0x0079, B:24:0x0137, B:26:0x0141, B:28:0x0149, B:37:0x01a8, B:39:0x01be, B:42:0x01c3, B:44:0x01ce, B:46:0x01d6, B:48:0x01e5, B:50:0x01f8, B:51:0x0203, B:55:0x0200, B:58:0x020a, B:60:0x0214, B:63:0x0218, B:64:0x0220, B:66:0x0228, B:68:0x0233, B:72:0x024a, B:74:0x017a, B:75:0x0181, B:76:0x0182, B:78:0x0190, B:80:0x019f, B:81:0x0083, B:83:0x0089, B:85:0x0090, B:88:0x0094, B:91:0x00a0, B:93:0x00a6, B:95:0x00ac, B:98:0x00b0, B:100:0x00ba, B:103:0x00c6, B:105:0x00cc, B:107:0x00d2, B:109:0x00d9, B:113:0x00e1, B:115:0x00e4, B:116:0x00ec, B:118:0x00f5, B:120:0x00fb, B:122:0x0102, B:125:0x0107, B:127:0x0112, B:129:0x011a, B:131:0x0129, B:133:0x0131, B:134:0x0252, B:136:0x002b, B:139:0x0038, B:142:0x0042, B:145:0x004c), top: B:5:0x0020 }] */
    /* JADX WARN: Removed duplicated region for block: B:46:0x01d6 A[Catch: Exception -> 0x0035, TryCatch #0 {Exception -> 0x0035, blocks: (B:6:0x0020, B:7:0x0027, B:15:0x0068, B:18:0x0072, B:20:0x0079, B:24:0x0137, B:26:0x0141, B:28:0x0149, B:37:0x01a8, B:39:0x01be, B:42:0x01c3, B:44:0x01ce, B:46:0x01d6, B:48:0x01e5, B:50:0x01f8, B:51:0x0203, B:55:0x0200, B:58:0x020a, B:60:0x0214, B:63:0x0218, B:64:0x0220, B:66:0x0228, B:68:0x0233, B:72:0x024a, B:74:0x017a, B:75:0x0181, B:76:0x0182, B:78:0x0190, B:80:0x019f, B:81:0x0083, B:83:0x0089, B:85:0x0090, B:88:0x0094, B:91:0x00a0, B:93:0x00a6, B:95:0x00ac, B:98:0x00b0, B:100:0x00ba, B:103:0x00c6, B:105:0x00cc, B:107:0x00d2, B:109:0x00d9, B:113:0x00e1, B:115:0x00e4, B:116:0x00ec, B:118:0x00f5, B:120:0x00fb, B:122:0x0102, B:125:0x0107, B:127:0x0112, B:129:0x011a, B:131:0x0129, B:133:0x0131, B:134:0x0252, B:136:0x002b, B:139:0x0038, B:142:0x0042, B:145:0x004c), top: B:5:0x0020 }] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static byte[] decrypt(int r17, byte[] r18, byte[] r19, java.lang.String r20, byte[] r21) {
        /*
            Method dump skipped, instructions count: 642
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.samsung.android.authfw.pass.encryption.Encryption.decrypt(int, byte[], byte[], java.lang.String, byte[]):byte[]");
    }

    public static byte[] encrypt(byte[] bArr) {
        String str = sTag;
        PSLog.i(str, "ec");
        PSLog.i(str, "ec start");
        if (bArr != null) {
            try {
                if (bArr.length != 0) {
                    byte[] encode = TlvEncryptCommand.newBuilder(TlvDeviceKeyHandle.newBuilder(Encoding.Base64Url.decode(KeyStorage.getDeviceKeyHandle())).build(), TlvPlainData.newBuilder(bArr).build()).build().encode();
                    if (encode != null && encode.length != 0) {
                        byte[] execSecurely = TzApp.getInstance().execSecurely(encode);
                        if (execSecurely.length == 0) {
                            PSLog.e(str, "failed to securely tz-execute");
                            return new byte[0];
                        }
                        TlvEncryptResponse tlvEncryptResponse = new TlvEncryptResponse(execSecurely);
                        short statusCode = tlvEncryptResponse.getTlvStatusCode().getStatusCode();
                        if (statusCode != 0) {
                            PSLog.e(str, "process failed : " + ((int) statusCode));
                            return new byte[0];
                        }
                        byte[] encryptedData = tlvEncryptResponse.getTlvEncryptedData().getEncryptedData();
                        if (encryptedData.length != 0) {
                            return (byte[]) encryptedData.clone();
                        }
                        PSLog.e(str, "final nonce failed");
                        return new byte[0];
                    }
                    PSLog.e(str, "getting command failed");
                    return new byte[0];
                }
            } catch (Exception e2) {
                e.z(e2, new StringBuilder("encrypt failed : "), sTag);
                return new byte[0];
            }
        }
        PSLog.e(str, "data is invalid");
        return new byte[0];
    }

    private static byte[] getFinalNonceByVerificationMethod(String str, byte[] bArr, c cVar) {
        str.getClass();
        char c3 = 65535;
        switch (str.hashCode()) {
            case -1928355213:
                if (str.equals(AuthenticatorType.ONLINE)) {
                    c3 = 0;
                    break;
                }
                break;
            case 79221:
                if (str.equals("PIN")) {
                    c3 = 1;
                    break;
                }
                break;
            case 2287667:
                if (str.equals("Iris")) {
                    c3 = 2;
                    break;
                }
                break;
            case 291934404:
                if (str.equals("Fingerprint")) {
                    c3 = 3;
                    break;
                }
                break;
        }
        switch (c3) {
            case 0:
                String str2 = sTag;
                PSLog.i(str2, "gno");
                String cryptoVerifyTokenOnline = KeyStorage.getCryptoVerifyTokenOnline();
                if (!TextUtils.isEmpty(cryptoVerifyTokenOnline)) {
                    return Encoding.hash(Encoding.Base64Url.decode(cryptoVerifyTokenOnline));
                }
                PSLog.e(str2, "not found cvto");
                return new byte[0];
            case 1:
                PSLog.i(sTag, "gnp");
                byte[] bArr2 = new byte[32];
                new SecureRandom().nextBytes(bArr2);
                return bArr2;
            case 2:
            case 3:
                byte[] copyOfRange = Arrays.copyOfRange("authnr".getBytes(StandardCharsets.UTF_8), 0, 64);
                byte[] bArr3 = new byte[copyOfRange.length + 44];
                ByteBuffer wrap = ByteBuffer.wrap(bArr3);
                wrap.order(ByteOrder.LITTLE_ENDIAN);
                wrap.putShort((short) 21249);
                wrap.putShort((short) (copyOfRange.length + 40));
                wrap.putShort((short) 21250);
                wrap.putShort((short) copyOfRange.length);
                wrap.put(copyOfRange);
                wrap.putShort((short) 1);
                wrap.putShort((short) bArr.length);
                wrap.put(bArr);
                if (!str.equals("Fingerprint")) {
                    PSLog.i(sTag, "gni");
                    return bArr3;
                }
                String str3 = sTag;
                PSLog.i(str3, "gnf");
                PSLog.d(str3, "sc start");
                if (cVar.f8623a.c(bArr)) {
                    return bArr;
                }
                PSLog.e(str3, "send request failed");
                return new byte[0];
            default:
                PSLog.e(sTag, "not supported method");
                return new byte[0];
        }
    }

    public static byte[] getNonce(byte[] bArr, String str) {
        c a3 = c.a(PassInjection.getAppContext());
        String str2 = sTag;
        PSLog.i(str2, "gn");
        PSLog.i(str2, "gn start");
        if (bArr != null) {
            try {
                if (bArr.length == 32) {
                    if (!str.equals("Fingerprint") && !str.equals("Iris") && !str.equals(AuthenticatorType.ONLINE) && !str.equals("PIN")) {
                        PSLog.e(str2, "verification method is wrong : ".concat(str));
                        return new byte[0];
                    }
                    byte[] encode = TlvGetNonceCommand.newBuilder(TlvNonce.newBuilder(bArr).build()).build().encode();
                    if (encode != null && encode.length != 0) {
                        byte[] execSecurely = TzApp.getInstance().execSecurely(encode);
                        if (execSecurely.length == 0) {
                            PSLog.e(str2, "failed to securely tz-execute");
                            return new byte[0];
                        }
                        TlvGetNonceResponse tlvGetNonceResponse = new TlvGetNonceResponse(execSecurely);
                        short statusCode = tlvGetNonceResponse.getTlvStatusCode().getStatusCode();
                        if (statusCode != 0) {
                            PSLog.e(str2, "process failed : " + ((int) statusCode));
                            return new byte[0];
                        }
                        byte[] nonce = tlvGetNonceResponse.getTlvNonce().getNonce();
                        if (nonce.length != 32) {
                            PSLog.e(str2, "final nonce failed");
                            return new byte[0];
                        }
                        byte[] finalNonceByVerificationMethod = getFinalNonceByVerificationMethod(str, nonce, a3);
                        return (finalNonceByVerificationMethod == null || finalNonceByVerificationMethod.length < 32) ? new byte[0] : (byte[]) finalNonceByVerificationMethod.clone();
                    }
                    PSLog.e(str2, "getting command failed");
                    return new byte[0];
                }
            } catch (Exception e2) {
                e.z(e2, new StringBuilder("getNonce failed : "), sTag);
                return new byte[0];
            }
        }
        PSLog.e(str2, "nonce is invalid");
        return new byte[0];
    }

    private static void sendSaEventLog(String str) {
        String str2;
        str.getClass();
        char c3 = 65535;
        switch (str.hashCode()) {
            case -308308885:
                if (str.equals("Fingerprint|Iris")) {
                    c3 = 0;
                    break;
                }
                break;
            case 2287667:
                if (str.equals("Iris")) {
                    c3 = 1;
                    break;
                }
                break;
            case 248147536:
                if (str.equals("Faceprint")) {
                    c3 = 2;
                    break;
                }
                break;
            case 291934404:
                if (str.equals("Fingerprint")) {
                    c3 = 3;
                    break;
                }
                break;
        }
        switch (c3) {
            case 0:
                str2 = SamsungAnalyticsLog.PartnerAuthenticationEvent.EVENT_ID_AUTOFILL_MULTI_BIOMETRIC_VERIFICATION_POPUP;
                break;
            case 1:
                str2 = SamsungAnalyticsLog.PartnerAuthenticationEvent.EVENT_ID_AUTOFILL_IRIS_VERIFICATION_POPUP;
                break;
            case 2:
                str2 = SamsungAnalyticsLog.PartnerAuthenticationEvent.EVENT_ID_AUTOFILL_FACEPRINT_VERIFICATION_POPUP;
                break;
            case 3:
                str2 = SamsungAnalyticsLog.PartnerAuthenticationEvent.EVENT_ID_AUTOFILL_FINGERPRINT_VERIFICATION_POPUP;
                break;
            default:
                PSLog.d(sTag, "unknown authnr type");
                return;
        }
        SamsungAnalyticsLog.insertEvent(str2);
    }
}
