package com.samsung.android.authfw.pass.Operation.Cmp;

import com.samsung.android.authfw.pass.authentication.partner.CertificationToken;
import com.samsung.android.authfw.pass.common.utils.Encoding;
import com.samsung.android.authfw.pass.logger.PSLog;
import com.samsung.android.authfw.trustzone.TzApp;
import com.samsung.android.authfw.trustzone.tlv.TlvAuthVerifyToken;
import com.samsung.android.authfw.trustzone.tlv.TlvKeyType;
import com.samsung.android.authfw.trustzone.tlv.TlvNonce;
import com.samsung.android.authfw.trustzone.tlv.TlvPlainData;
import com.samsung.android.authfw.trustzone.tlv.TlvUnwrapNwDataCommand;
import com.samsung.android.authfw.trustzone.tlv.TlvUnwrapNwDataResponse;
import com.samsung.android.authfw.trustzone.tlv.TlvWrapNwDataCommand;
import com.samsung.android.authfw.trustzone.tlv.TlvWrapNwDataResponse;
import com.samsung.android.authfw.trustzone.tlv.TlvWrappedData;
import java.nio.charset.StandardCharsets;

/* loaded from: classes.dex */
public class Crypto {
    public static final byte[] CERT_RANDOM_KEY = "certRandom".getBytes(StandardCharsets.UTF_8);
    private static final String TAG = "Crypto";

    private static byte[] taOperationFail(String str) {
        String str2 = TAG;
        PSLog.e(str2, str);
        PSLog.e(str2, "TA operation fail");
        return new byte[0];
    }

    public static synchronized byte[] unwrapNwData(byte[] bArr, byte[] bArr2, int i2, CertificationToken certificationToken) {
        synchronized (Crypto.class) {
            if (bArr != null) {
                if (bArr.length != 0) {
                    PSLog.i(TAG, "und");
                    if (certificationToken == null) {
                        return taOperationFail("certificationToken is null");
                    }
                    byte[] hash = Encoding.hash((certificationToken.getSamsungEventId() + certificationToken.getSvcEventId()).getBytes(StandardCharsets.UTF_8));
                    if (hash == null) {
                        return taOperationFail("nonce is null");
                    }
                    byte[] fidoAuthVerifyToken = certificationToken.getFidoAuthVerifyToken();
                    if (fidoAuthVerifyToken == null || fidoAuthVerifyToken.length == 0) {
                        return taOperationFail("avt is null");
                    }
                    try {
                        byte[] encode = TlvUnwrapNwDataCommand.newBuilder(TlvWrappedData.newBuilder(bArr).build(), TlvKeyType.newBuilder(bArr2).build(), TlvNonce.newBuilder(hash).build(), TlvAuthVerifyToken.newBuilder(fidoAuthVerifyToken).build()).build().encode();
                        if (encode != null && encode.length != 0) {
                            byte[] execSecurely = TzApp.getInstance().execSecurely(encode);
                            if (execSecurely.length == 0) {
                                return taOperationFail("failed to securely tz-execute");
                            }
                            TlvUnwrapNwDataResponse tlvUnwrapNwDataResponse = new TlvUnwrapNwDataResponse(execSecurely);
                            short statusCode = tlvUnwrapNwDataResponse.getTlvStatusCode().getStatusCode();
                            if (statusCode != 0) {
                                return taOperationFail("process failed : " + ((int) statusCode));
                            }
                            byte[] plainData = tlvUnwrapNwDataResponse.getTlvPlainData().getPlainData();
                            if (plainData == null || plainData.length == 0) {
                                plainData = taOperationFail("plain value error");
                            }
                            return plainData;
                        }
                        return taOperationFail("getting command failed");
                    } catch (Exception e2) {
                        return taOperationFail("getR value failed : " + e2.getMessage());
                    }
                }
            }
            return taOperationFail("planData error");
        }
    }

    public static synchronized byte[] wrapNwData(byte[] bArr, byte[] bArr2, int i2, CertificationToken certificationToken) {
        synchronized (Crypto.class) {
            if (bArr != null) {
                if (bArr.length != 0) {
                    String str = TAG;
                    PSLog.i(str, "wnd");
                    if (certificationToken == null) {
                        PSLog.e(str, "certificationToken is null");
                        return new byte[0];
                    }
                    byte[] hash = Encoding.hash((certificationToken.getSamsungEventId() + certificationToken.getSvcEventId()).getBytes(StandardCharsets.UTF_8));
                    if (hash == null) {
                        PSLog.e(str, "nonce is null");
                        return new byte[0];
                    }
                    byte[] fidoAuthVerifyToken = certificationToken.getFidoAuthVerifyToken();
                    if (fidoAuthVerifyToken == null || fidoAuthVerifyToken.length == 0) {
                        PSLog.e(str, "avt is null");
                        return new byte[0];
                    }
                    try {
                        byte[] encode = TlvWrapNwDataCommand.newBuilder(TlvPlainData.newBuilder(bArr).build(), TlvKeyType.newBuilder(bArr2).build(), TlvNonce.newBuilder(hash).build(), TlvAuthVerifyToken.newBuilder(fidoAuthVerifyToken).build()).build().encode();
                        if (encode != null && encode.length != 0) {
                            byte[] execSecurely = TzApp.getInstance().execSecurely(encode);
                            if (execSecurely.length == 0) {
                                return taOperationFail("failed to securely tz-execute");
                            }
                            TlvWrapNwDataResponse tlvWrapNwDataResponse = new TlvWrapNwDataResponse(execSecurely);
                            short statusCode = tlvWrapNwDataResponse.getTlvStatusCode().getStatusCode();
                            if (statusCode != 0) {
                                return taOperationFail("process failed : " + ((int) statusCode));
                            }
                            byte[] wrappedData = tlvWrapNwDataResponse.getTlvWrappedData().getWrappedData();
                            if (wrappedData.length != 0) {
                                return wrappedData;
                            }
                            return taOperationFail("encrypted value error");
                        }
                        return taOperationFail("getting command failed");
                    } catch (Exception e2) {
                        return taOperationFail("getR value failed : " + e2.getMessage());
                    }
                }
            }
            PSLog.e(TAG, "planData error");
            return new byte[0];
        }
    }
}
