package com.samsung.android.spayfw.cncc;

import android.content.Context;
import android.os.Build;
import android.spay.CertInfo;
import com.samsung.android.service.DeviceRootKeyService.DeviceRootKeyServiceManager;
import com.samsung.android.service.DeviceRootKeyService.Tlv;
import com.samsung.android.spayfw.b.c;
import com.samsung.android.spayfw.cncc.CNCCTAController;
import com.samsung.android.spaytzsvc.api.TAController;
import java.io.File;
import java.io.IOException;
import java.util.List;
import org.bouncycastle.asn1.ASN1EncodableVector;
import org.bouncycastle.asn1.DERBitString;
import org.bouncycastle.asn1.DERObjectIdentifier;
import org.bouncycastle.asn1.DERSequence;
import org.bouncycastle.asn1.DERSet;
import org.bouncycastle.asn1.DERUTF8String;

/* loaded from: classes.dex */
public class SpayDRKManager {
    private static final String DEVCERTS_FOLDER = "devicecerts";
    public static final String SKMM_TA_ID;
    private static final String TAG = "SpayDRKManager";
    private static DeviceRootKeyServiceManager gDeviceRootKeyServiceManager;
    private static int mErrorFlag;
    private static boolean mIsInitialized;
    private static boolean mIsSupported;
    private boolean bUseCNCC = true;
    private TAController mCardTAController;
    private String mCardTAName;
    private List<CertFileInfo> mCertFileNames;
    private String mRootDir;
    private String mSKMMServiceName;
    private String mcardNetworkrName;
    private static final boolean DEBUG = TAController.DEBUG;
    private static final boolean bQC = Build.BOARD.matches("(?i)(msm[a-z0-9]*)|(sdm[a-z0-9]*)");
    private static final boolean bMTK = Build.BOARD.matches("(?i)mt[a-z0-9]*");

    /* loaded from: classes.dex */
    public static class CertFileInfo {
        public static final int CERT_USAGE_ENCRYPTION = 1;
        public static final int CERT_USAGE_SIGNING = 2;
        String mCertFile;
        int mUsageType;

        public CertFileInfo(String str, int i) {
            this.mCertFile = str;
            this.mUsageType = i;
        }
    }

    /* loaded from: classes.dex */
    public enum ErrorFlag {
        E_UNSUPPORTED_OS,
        E_NO_DRKSVC,
        E_INACTIVE_DRKSVC,
        E_NO_DRK;

        private int flag = 1 << ordinal();

        ErrorFlag() {
        }
    }

    static {
        SKMM_TA_ID = bQC ? "skm" : bMTK ? "00000000-0000-0000-0000-000000534B4D" : "ffffffff00000000000000000000000d";
        mIsSupported = false;
        mIsInitialized = false;
        gDeviceRootKeyServiceManager = null;
        mErrorFlag = 0;
    }

    private Tlv createSPaySpecificTlv(DeviceRootKeyServiceManager deviceRootKeyServiceManager, int i) {
        Tlv tlv = new Tlv();
        try {
            tlv.setTlv(5, new DERBitString(i == 1 ? 112 : 192).getEncoded());
            tlv.setTlv(4, getSubjectTlv(this.mSKMMServiceName, deviceRootKeyServiceManager.getDeviceRootKeyUID(1)));
            return tlv;
        } catch (Exception e) {
            c.e(TAG, "Error constructing TLV for createServiceKeySession api : " + e.toString());
            e.printStackTrace();
            return null;
        }
    }

    private boolean createServiceKey(String str, int i) {
        try {
            DeviceRootKeyServiceManager dRKService = getDRKService(this.mCardTAController.getContext());
            if (!isSupported(this.mCardTAController.getContext())) {
                c.e(TAG, "Error: isDRKExist failed");
                return false;
            }
            if (this.bUseCNCC) {
                CNCCTAController.getInstance().doManagedLoad();
            }
            c.d(TAG, "createServiceKey " + str);
            byte[] createServiceKeySession = dRKService.createServiceKeySession(this.mSKMMServiceName, 1, createSPaySpecificTlv(dRKService, i));
            if (createServiceKeySession == null) {
                c.e(TAG, "Error: createServiceKeySession failed");
                return false;
            }
            c.i(TAG, "createServiceKey: done");
            byte[] rewrapCertForActualPayService = rewrapCertForActualPayService(createServiceKeySession);
            if (rewrapCertForActualPayService == null) {
                c.e(TAG, "Error: rewrapCertForActualPayService failed");
                return false;
            }
            c.i(TAG, "rewrapCertForActualPayService: done");
            if (!com.samsung.android.spaytzsvc.api.Utils.writeFile(rewrapCertForActualPayService, str)) {
                c.e(TAG, "Error: Write File failed");
                return false;
            }
            if (dRKService.releaseServiceKeySession() != 0) {
                c.e(TAG, "Error: releaseServiceKeySession failed");
            }
            return true;
        } catch (Exception e) {
            e.printStackTrace();
            return false;
        }
    }

    private static synchronized DeviceRootKeyServiceManager getDRKService(Context context) {
        DeviceRootKeyServiceManager deviceRootKeyServiceManager;
        synchronized (SpayDRKManager.class) {
            if (gDeviceRootKeyServiceManager == null) {
                gDeviceRootKeyServiceManager = new DeviceRootKeyServiceManager(context);
            }
            deviceRootKeyServiceManager = gDeviceRootKeyServiceManager;
        }
        return deviceRootKeyServiceManager;
    }

    public static String getDeviceRootKeyUID(Context context) {
        if (isSupported(context)) {
            return getDRKService(context).getDeviceRootKeyUID(1);
        }
        c.e(TAG, "Error: isDRKExist failed");
        return null;
    }

    private static String getErrorStatus() {
        return mErrorFlag == 0 ? "E0000" : "E" + Integer.toBinaryString(mErrorFlag);
    }

    private DERSet getSubectDerSet(String str, String str2) {
        ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
        aSN1EncodableVector.add(new DERObjectIdentifier(str));
        aSN1EncodableVector.add(new DERUTF8String(str2));
        return new DERSet(new DERSequence(aSN1EncodableVector));
    }

    private byte[] getSubjectTlv(String str, String str2) {
        try {
            ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
            aSN1EncodableVector.add(getSubectDerSet("2.5.4.3", "Samsung Corporation"));
            aSN1EncodableVector.add(getSubectDerSet("2.5.4.6", "KR"));
            aSN1EncodableVector.add(getSubectDerSet("2.5.4.7", "Suwon city"));
            aSN1EncodableVector.add(getSubectDerSet("2.5.4.11", "Samsung Mobile"));
            aSN1EncodableVector.add(getSubectDerSet("0.9.2342.19200300.100.1.25", "samsung.com"));
            String str3 = str2 != null ? str2 : "Unknown UID";
            if (str != null) {
                str3 = str3 + ":" + str.toUpperCase();
            }
            aSN1EncodableVector.add(getSubectDerSet("2.5.4.45", str3));
            return new DERSequence(aSN1EncodableVector).getEncoded();
        } catch (IOException e) {
            e.printStackTrace();
            return null;
        }
    }

    private static final boolean isAndroidM() {
        if (Build.VERSION.SDK_INT <= 22) {
            return false;
        }
        c.d(TAG, "You are using Android Version " + Build.VERSION.SDK_INT);
        return true;
    }

    private static final boolean isDRKServiceAvail() {
        try {
            Class.forName("com.samsung.android.service.DeviceRootKeyService.DeviceRootKeyServiceManager");
            c.d(TAG, "DeviceRootKeyServiceManager is available");
            return true;
        } catch (ClassNotFoundException e) {
            c.d(TAG, "DeviceRootKeyServiceManager is not available");
            return false;
        }
    }

    public static boolean isSupported(Context context) {
        if (mIsInitialized) {
            c.d(TAG, "mIsSupported = " + mIsSupported);
            if (!mIsSupported) {
                c.e(TAG, "mErrorFlag = " + getErrorStatus());
            }
            return mIsSupported;
        }
        if (!isAndroidM()) {
            c.e(TAG, "DRK Service is not available");
            mIsSupported = false;
            mIsInitialized = true;
            setErrorFlag(ErrorFlag.E_UNSUPPORTED_OS);
            return false;
        }
        if (!isDRKServiceAvail()) {
            c.e(TAG, "DeviceRootKeyServiceManager is not available");
            mIsSupported = false;
            mIsInitialized = true;
            setErrorFlag(ErrorFlag.E_NO_DRKSVC);
            return false;
        }
        DeviceRootKeyServiceManager dRKService = getDRKService(context);
        if (!dRKService.isAliveDeviceRootKeyService()) {
            c.e(TAG, "Error: isAliveDeviceRootKeyService failed");
            mIsSupported = false;
            mIsInitialized = true;
            setErrorFlag(ErrorFlag.E_INACTIVE_DRKSVC);
            return false;
        }
        if (dRKService.isExistDeviceRootKey(1)) {
            mIsSupported = true;
            mIsInitialized = true;
            return true;
        }
        c.e(TAG, "Error: isDRKExist failed");
        mIsSupported = false;
        mIsInitialized = true;
        setErrorFlag(ErrorFlag.E_NO_DRK);
        return false;
    }

    private byte[] rewrapCertForActualPayService(byte[] bArr) {
        byte[] bArr2;
        try {
            if (this.bUseCNCC) {
                bArr2 = CNCCTAController.getInstance().processData(null, bArr, CNCCTAController.DataType.DATATYPE_CERTIFICATE, CNCCTAController.ProcessingOption.OPTION_UNWRAP_FROM_SRCTA_AND_WRAP_FOR_DESTTA, SKMM_TA_ID, this.mCardTAName);
                if (bArr2 == null) {
                    c.e(TAG, "Error : rewrappedCert = mCNCCTAController.processData == null");
                    return null;
                }
            } else {
                bArr2 = bArr;
            }
            if (TAController.isChipSetQC()) {
                bArr2 = this.mCardTAController.decapsulateAndWrap(bArr2);
            }
        } catch (Exception e) {
            e.printStackTrace();
            bArr2 = null;
        }
        return bArr2;
    }

    private static void setErrorFlag(ErrorFlag errorFlag) {
        mErrorFlag |= errorFlag.flag;
    }

    public boolean generateDeviceCertificates() {
        synchronized (SpayDRKManager.class) {
            c.d(TAG, "generateDeviceCertificates");
            for (int i = 0; i < this.mCertFileNames.size(); i++) {
                String str = this.mRootDir + "/" + this.mCertFileNames.get(i).mCertFile;
                if (new File(str).exists()) {
                    c.d(TAG, "Certificate File " + str + " exists. No need to generate");
                } else {
                    c.d(TAG, "Certificate File " + str + " do not exist. Lets create it");
                    if (!createServiceKey(str, this.mCertFileNames.get(i).mUsageType)) {
                        c.e(TAG, "Error: createServiceKey failed");
                        return false;
                    }
                }
            }
            return true;
        }
    }

    public String getCertFilePath(String str) {
        return this.mRootDir + "/" + str;
    }

    public CertInfo getCertInfo() {
        try {
            if (!generateDeviceCertificates()) {
                c.e(TAG, "generateDeviceCertificates() failed");
                return null;
            }
            if (DEBUG) {
                c.d(TAG, "TAController::Certificate Files exist. Lets fetch them");
            }
            c.d(TAG, "TAController::Certificate Files exist. Lets fetch them");
            CertInfo certInfo = new CertInfo();
            int i = 0;
            while (true) {
                int i2 = i;
                if (i2 >= this.mCertFileNames.size()) {
                    return certInfo;
                }
                certInfo.mCerts.put(this.mCertFileNames.get(i2).mCertFile, com.samsung.android.spaytzsvc.api.Utils.readFile(this.mRootDir + "/" + this.mCertFileNames.get(i2).mCertFile));
                c.d(TAG, "put certs " + this.mCertFileNames.get(i2).mCertFile);
                i = i2 + 1;
            }
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    public void init(TAController tAController, String str, String str2, String str3, List<CertFileInfo> list) {
        this.bUseCNCC = str == null;
        if (str == null) {
            str = CNCCDeviceCert.CNCC_SERVICE_NAME;
        }
        this.mSKMMServiceName = str;
        this.mcardNetworkrName = str2;
        this.mCardTAName = str3;
        this.mCertFileNames = list;
        this.mCardTAController = tAController;
        this.mRootDir = tAController.getContext().getFilesDir() + "/" + DEVCERTS_FOLDER + "/" + this.mcardNetworkrName;
    }
}
