package com.kbstar.kbsign.android.store;

import com.kbstar.kbsign.android.BerryInfo;
import com.kbstar.kbsign.android.store.KBSignStoreFactory;
import com.kbstar.kbsign.factory.BerryFactory;
import com.kbstar.kbsign.jwt.Berry;
import com.kbstar.kbsign.jwt.InvalidPINsignException;
import com.kbstar.kbsign.util.KBsignLogger;
import com.wizvera.wcrypto.WBase64;
import com.wizvera.wcrypto.WCipher;
import com.wizvera.wcrypto.WCryptoException;
import com.wizvera.wcrypto.WKeyException;
import com.wizvera.wcrypto.WMessageDigest;
import com.wizvera.wcrypto.jose4j.json.JsonUtil;
import com.wizvera.wcrypto.jose4j.lang.JoseException;
import com.wizvera.wcrypto.key.WAESKey;
import java.util.Arrays;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import kotlinx.serialization.json.internal.JsonReaderKt;

/* loaded from: classes4.dex */
public class KBCert extends BerryInfo {
    private final Berry berry;
    private String cert;
    private String encBerry;
    private String secData;
    private KBSignStoreFactory.StoreType storeType;
    private String svidRandom;
    private String vidRandom;
    private static String LOG_TAG = "libKBSign >> KBCert";
    private static String BERRY = "berry";
    private static String VIDRANDOM = "vidr";
    private static String SVIDRANDOM = "svidr";
    private static String SECUREDATA = "secd";

    public KBCert(String str) throws KBSignStoreException {
        this.secData = "";
        this.vidRandom = "";
        this.svidRandom = "";
        this.cert = "";
        this.encBerry = "";
        this.storeType = KBSignStoreFactory.StoreType.UNKNOWN;
        try {
            Map<String, Object> parseJson = JsonUtil.parseJson(str);
            String str2 = (String) parseJson.get(BERRY);
            Berry create = BerryFactory.create(str2);
            setVidRandom((String) parseJson.get(VIDRANDOM));
            setSvidRandom((String) parseJson.get(SVIDRANDOM));
            setSecData((String) parseJson.get(SECUREDATA));
            this.berry = create;
            this.cert = str;
            this.encBerry = str2;
        } catch (InvalidPINsignException | JoseException e) {
            KBsignLogger.e(LOG_TAG, e.getMessage());
            throw new KBSignStoreException(KBSignStoreException.E_InvalidBerry, e.getMessage(), e);
        }
    }

    public KBCert(String str, String str2, String str3) throws KBSignStoreException {
        this.secData = "";
        this.vidRandom = "";
        this.svidRandom = "";
        this.cert = "";
        this.encBerry = "";
        this.storeType = KBSignStoreFactory.StoreType.UNKNOWN;
        try {
            this.berry = BerryFactory.create(str);
            this.encBerry = str;
            setVidRandom(str2);
            setSvidRandom(str3);
            KBsignLogger.d(LOG_TAG, String.format("KBCert >> berry : %s, vid = %s, svid = %s ", str, str2, str3));
        } catch (InvalidPINsignException e) {
            throw new KBSignStoreException(KBSignStoreException.E_InvalidBerry, e.getMessage(), e);
        }
    }

    private void setSecData(String str) {
        if (str == null) {
            str = "";
        }
        this.secData = str;
    }

    private void setSvidRandom(String str) {
        if (str == null) {
            str = "";
        }
        this.svidRandom = str.equalsIgnoreCase(JsonReaderKt.NULL) ? "" : str;
    }

    private void setVidRandom(String str) {
        if (str == null) {
            str = "";
        }
        this.vidRandom = str.equalsIgnoreCase(JsonReaderKt.NULL) ? "" : str;
    }

    public String decryptAndSetSecureData(String str, byte[] bArr) {
        if (str == null) {
            str = "";
        }
        try {
            byte[] digest = WMessageDigest.sha256().digest(bArr);
            String str2 = new String(WCipher.aes().secretKey(WAESKey.importRaw(digest)).iv(Arrays.copyOfRange(WMessageDigest.sha256().digest(digest), 0, 16)).decrypt(WBase64.decode(str)));
            Map<String, Object> parseJson = JsonUtil.parseJson(str2);
            setVidRandom((String) parseJson.get(VIDRANDOM));
            setSvidRandom((String) parseJson.get(SVIDRANDOM));
            return str2;
        } catch (WCryptoException | WKeyException | JoseException unused) {
            KBsignLogger.d(LOG_TAG, String.format("Secure Data decrypt fail ", new Object[0]));
            setVidRandom("");
            setSvidRandom("");
            return "";
        }
    }

    public String encSecureData(byte[] bArr) {
        try {
            byte[] digest = WMessageDigest.sha256().digest(bArr);
            byte[] copyOfRange = Arrays.copyOfRange(WMessageDigest.sha256().digest(digest), 0, 16);
            HashMap hashMap = new HashMap();
            hashMap.put(VIDRANDOM, this.vidRandom);
            hashMap.put(SVIDRANDOM, this.svidRandom);
            return WBase64.encode(WCipher.aes().secretKey(WAESKey.importRaw(digest)).iv(copyOfRange).encrypt(JsonUtil.toJson(hashMap).getBytes()));
        } catch (WCryptoException | WKeyException e) {
            KBsignLogger.e(LOG_TAG, e.getMessage());
            return "";
        }
    }

    @Override // com.kbstar.kbsign.android.BerryInfo
    public String getAlias() {
        return this.berry.getAlias();
    }

    @Override // com.kbstar.kbsign.android.BerryInfo
    public Berry getBerry() {
        return this.berry;
    }

    public String getCert() {
        return this.cert;
    }

    public String getDecryptedSecureData(byte[] bArr) {
        return decryptAndSetSecureData(this.secData, bArr);
    }

    public String getEncoded() {
        Berry berry;
        if (this.encBerry.isEmpty() && (berry = this.berry) != null) {
            this.encBerry = berry.getEncoded();
        }
        HashMap hashMap = new HashMap();
        hashMap.put(BERRY, this.encBerry);
        return JsonUtil.toJson(hashMap);
    }

    public String getEncoded(byte[] bArr) {
        Berry berry;
        if (this.encBerry.isEmpty() && (berry = this.berry) != null) {
            this.encBerry = berry.getEncoded();
        }
        String encSecureData = encSecureData(bArr);
        HashMap hashMap = new HashMap();
        hashMap.put(BERRY, this.encBerry);
        hashMap.put(SECUREDATA, encSecureData);
        return JsonUtil.toJson(hashMap);
    }

    @Override // com.kbstar.kbsign.android.BerryInfo
    public String getEncodedBerry() {
        return this.berry.getEncoded();
    }

    public String getEncryptedSecureData(byte[] bArr) {
        return encSecureData(bArr);
    }

    @Override // com.kbstar.kbsign.android.BerryInfo
    public Date getExpirationTime() {
        return this.berry.getExpirationTime();
    }

    @Override // com.kbstar.kbsign.android.BerryInfo
    public Date getIssuedAt() {
        return this.berry.getIssuedAt();
    }

    @Override // com.kbstar.kbsign.android.BerryInfo
    public String getIssuer() {
        return this.berry.getIssuer();
    }

    @Override // com.kbstar.kbsign.android.BerryInfo
    public Date getNotBefore() {
        return this.berry.getNotBefore();
    }

    @Override // com.kbstar.kbsign.android.BerryInfo
    public String getPolicyOID() {
        return this.berry.getPolicyOID();
    }

    @Override // com.kbstar.kbsign.android.BerryInfo
    public List<String> getPolicyOIDs() {
        return this.berry.getPolicyOIDs();
    }

    @Override // com.kbstar.kbsign.android.BerryInfo
    public String getProfile() {
        return this.berry.getProfile();
    }

    @Override // com.kbstar.kbsign.android.BerryInfo
    public String getSerialNumber() {
        return this.berry.getSerialNumber();
    }

    @Override // com.kbstar.kbsign.android.BerryInfo
    public KBSignStoreFactory.StoreType getStoretype() {
        return this.storeType;
    }

    @Override // com.kbstar.kbsign.android.BerryInfo
    public String getSubject() {
        return this.berry.getSubject();
    }

    public String getSvidRandom() {
        return this.svidRandom;
    }

    @Override // com.kbstar.kbsign.android.BerryInfo
    public String getUid() {
        return this.berry.getUid();
    }

    public String getVidRandom() {
        return this.vidRandom;
    }

    public void setStoreType(KBSignStoreFactory.StoreType storeType) {
        this.storeType = storeType;
    }
}
