package com.kbstar.kbsign.android.store.aton;

import android.content.Context;
import com.atoncorp.mobileauth.command.MobileAuth;
import com.atoncorp.mobileauth.constants.MobileAuthError;
import com.atoncorp.mobilesafekey.command.MobileSafeKey;
import com.atoncorp.mobilesafekey.constants.MobileSafeKeyError;
import com.atoncorp.secure.constants.MobileSafeBoxConstants;
import com.google.gson.Gson;
import com.kbstar.kbsign.android.AndroidKBsignException;
import com.kbstar.kbsign.android.store.KBCert;
import com.kbstar.kbsign.android.store.KBSignStore;
import com.kbstar.kbsign.android.store.KBSignStoreException;
import com.kbstar.kbsign.android.store.KBSignStoreFactory;
import com.kbstar.kbsign.android.store.KBSignStoreUtil;
import com.kbstar.kbsign.util.CryptoUtil;
import com.kbstar.kbsign.util.KBsignLogger;
import com.wizvera.wcrypto.WBase64Url;
import com.wizvera.wcrypto.WHex;
import com.wizvera.wcrypto.jose4j.jwk.EllipticCurveJsonWebKey;
import com.wizvera.wcrypto.jose4j.jwk.JsonWebKey;
import com.wizvera.wcrypto.jose4j.keys.EllipticCurves;
import com.wizvera.wcrypto.jose4j.lang.ByteUtil;
import com.wizvera.wcrypto.key.WEcdsaPublicKey;
import com.wizvera.wcrypto.key.WPublicKey;
import java.nio.charset.StandardCharsets;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: classes4.dex */
public class KBSignMSBoxStore implements KBSignStore {
    private final String LOG_TAG = "KBSignMSBoxStore";
    private final Context context;
    private final String deviceId;
    private final MobileSafeKey mobileSafeKey;

    public KBSignMSBoxStore(Context context, String str, String str2) throws AndroidKBsignException {
        mskInitialize(context, str, str2);
        this.context = context;
        this.deviceId = str;
        this.mobileSafeKey = MobileSafeKey.getInstance();
    }

    private KBSignMSBoxData loadData() {
        byte[] bytes;
        KBSignMSBoxResult kBSignMSBoxResult = new KBSignMSBoxResult(this.mobileSafeKey.restoreData(KBSignMSBoxConstant.DATA_ALIAS, "0", KBSignMSBoxConstant.DEFAULT_MASTER_PASSWORD));
        return (KBSignMSBoxData) new Gson().fromJson((!kBSignMSBoxResult.isSuccess().booleanValue() || (bytes = kBSignMSBoxResult.getBytes(MobileSafeBoxConstants.BUNDLE_EXTRA_RESULT_BYTE)) == null) ? "{}" : new String(bytes), KBSignMSBoxData.class);
    }

    private String makeMasterPassword() {
        return CryptoUtil.digestSHA256Base64Url(128, KBSignMSBoxConstant.DEFAULT_MASTER_PASSWORD + this.deviceId);
    }

    private void mskInitialize(Context context, String str, String str2) throws AndroidKBsignException {
        KBSignMSBoxResult kBSignMSBoxResult = new KBSignMSBoxResult(MobileAuth.getInstance().initialize(str2, str, context));
        if (kBSignMSBoxResult.isSuccess().booleanValue() || MobileAuthError.getByCode(kBSignMSBoxResult.getCode()) == MobileAuthError.COMMON_FAIL_ALREADY_INITIALIZE) {
            return;
        }
        if (MobileAuthError.getByCode(kBSignMSBoxResult.getCode()) != MobileAuthError.COMMON_FAIL_PERSO_DATA_DAMAGED && MobileAuthError.getByCode(kBSignMSBoxResult.getCode()) != MobileAuthError.COMMON_FAIL_PERSO_DATA_NOT_ACCESS) {
            throw new AndroidKBsignException(AndroidKBsignException.E_MSB_InitException, kBSignMSBoxResult.toMessage());
        }
        KBSignMSBoxResult kBSignMSBoxResult2 = new KBSignMSBoxResult(MobileAuth.getInstance().resetData());
        if (!kBSignMSBoxResult2.isSuccess().booleanValue()) {
            throw new AndroidKBsignException(AndroidKBsignException.E_MSB_InitException, kBSignMSBoxResult2.toMessage());
        }
        if (!new KBSignMSBoxResult(MobileAuth.getInstance().initialize(str2, str, context)).isSuccess().booleanValue()) {
            throw new AndroidKBsignException(AndroidKBsignException.E_MSB_InitException, kBSignMSBoxResult2.toMessage());
        }
    }

    private void removeCert() throws KBSignStoreException {
        this.mobileSafeKey.removeData(KBSignMSBoxConstant.DATA_ALIAS);
        KBSignMSBoxResult kBSignMSBoxResult = new KBSignMSBoxResult(this.mobileSafeKey.disuse(KBSignMSBoxConstant.KEY_ALIAS));
        if (!kBSignMSBoxResult.isSuccess().booleanValue() && MobileSafeKeyError.getByCode(kBSignMSBoxResult.getCode()) == MobileSafeKeyError.GET_INFO_NOT_EXIST_ISSUED_KEY && MobileSafeKeyError.getByCode(kBSignMSBoxResult.getCode()) == MobileSafeKeyError.PERSO_FAIL_NOT_EXIST_DATA) {
            throw new KBSignStoreException(kBSignMSBoxResult.toMessage());
        }
    }

    private void saveData(KBSignMSBoxData kBSignMSBoxData) throws KBSignStoreException {
        this.mobileSafeKey.removeData(KBSignMSBoxConstant.DATA_ALIAS);
        KBSignMSBoxResult kBSignMSBoxResult = new KBSignMSBoxResult(this.mobileSafeKey.saveData(KBSignMSBoxConstant.DATA_ALIAS, KBSignMSBoxConstant.DEFAULT_MASTER_PASSWORD, new Gson().toJson(kBSignMSBoxData).getBytes(StandardCharsets.UTF_8)));
        if (!kBSignMSBoxResult.isSuccess().booleanValue()) {
            throw new KBSignStoreException(kBSignMSBoxResult.toMessage());
        }
    }

    private byte[] sign(String str, String str2, String str3, byte[] bArr) throws KBSignStoreException {
        KBSignMSBoxResult kBSignMSBoxResult = new KBSignMSBoxResult(this.mobileSafeKey.signature(str, str2, str3, bArr));
        if (kBSignMSBoxResult.isSuccess().booleanValue()) {
            return kBSignMSBoxResult.getBytes("signature");
        }
        throw new KBSignStoreException(kBSignMSBoxResult.toMessage());
    }

    @Override // com.kbstar.kbsign.android.store.KBSignStore
    public void clear() throws KBSignStoreException {
        removeCert();
    }

    @Override // com.kbstar.kbsign.android.store.KBSignStore
    public void generateKeyPair() throws KBSignStoreException {
        this.mobileSafeKey.disuse(KBSignMSBoxConstant.GENERATE_KEY_ALIAS);
        KBSignMSBoxResult kBSignMSBoxResult = new KBSignMSBoxResult(this.mobileSafeKey.issue(KBSignMSBoxConstant.GENERATE_KEY_ALIAS, "SECP256R1", makeMasterPassword()));
        if (!kBSignMSBoxResult.isSuccess().booleanValue()) {
            throw new KBSignStoreException(KBSignStoreException.E_GeneralException, kBSignMSBoxResult.toMessage(), null);
        }
    }

    @Override // com.kbstar.kbsign.android.store.KBSignStore
    public WPublicKey getGeneratedPublicKey() throws KBSignStoreException {
        KBSignMSBoxResult kBSignMSBoxResult = new KBSignMSBoxResult(this.mobileSafeKey.getPublicKey(KBSignMSBoxConstant.GENERATE_KEY_ALIAS));
        if (!kBSignMSBoxResult.isSuccess().booleanValue()) {
            throw new KBSignStoreException(KBSignStoreException.E_GeneralException, kBSignMSBoxResult.toMessage(), null);
        }
        byte[] bytes = kBSignMSBoxResult.getBytes("publicKey");
        try {
            JSONObject jSONObject = new JSONObject();
            jSONObject.put(JsonWebKey.KEY_TYPE_PARAMETER, "EC");
            jSONObject.put(EllipticCurveJsonWebKey.CURVE_MEMBER_NAME, EllipticCurves.P_256);
            jSONObject.put(EllipticCurveJsonWebKey.X_MEMBER_NAME, WBase64Url.encode(ByteUtil.subArray(bytes, 0, 32)));
            jSONObject.put(EllipticCurveJsonWebKey.Y_MEMBER_NAME, WBase64Url.encode(ByteUtil.subArray(bytes, 32, 32)));
            return WEcdsaPublicKey.importJwk(jSONObject.toString());
        } catch (RuntimeException | JSONException e) {
            KBsignLogger.e(this.LOG_TAG, e.getMessage());
            throw new KBSignStoreException(String.format("공개키 가져오기 실패 : %s", e.getMessage()));
        }
    }

    @Override // com.kbstar.kbsign.android.store.KBSignStore
    public String getItem(String str) {
        return loadData().getItem(str);
    }

    @Override // com.kbstar.kbsign.android.store.KBSignStore
    public KBCert getKBCert() throws AndroidKBsignException {
        try {
            loadData();
            KBCert kBCert = loadData().getKBCert();
            if (kBCert != null) {
                kBCert.setAuthType(KBSignStoreUtil.getAuthType(this.context));
                kBCert.setStoreType(KBSignStoreFactory.StoreType.MSBOX);
            }
            return kBCert;
        } catch (KBSignStoreException unused) {
            return null;
        }
    }

    @Override // com.kbstar.kbsign.android.store.KBSignStore
    public KBSignStoreFactory.StoreType getStoreType() {
        return KBSignStoreFactory.StoreType.MSBOX;
    }

    @Override // com.kbstar.kbsign.android.store.KBSignStore
    public String[] itemNames() {
        return loadData().getItemNames();
    }

    @Override // com.kbstar.kbsign.android.store.KBSignStore
    public void removeItem(String str) throws KBSignStoreException {
        KBSignMSBoxData loadData = loadData();
        loadData.removeItem(str);
        saveData(loadData);
    }

    @Override // com.kbstar.kbsign.android.store.KBSignStore
    public void removeKBCert() throws KBSignStoreException {
        removeCert();
    }

    @Override // com.kbstar.kbsign.android.store.KBSignStore
    public void setItem(String str, String str2) throws KBSignStoreException {
        KBSignMSBoxData loadData = loadData();
        loadData.putItem(str, str2);
        saveData(loadData);
    }

    @Override // com.kbstar.kbsign.android.store.KBSignStore
    public void setKBCert(KBCert kBCert, byte[] bArr) throws KBSignStoreException {
        this.mobileSafeKey.disuse(KBSignMSBoxConstant.KEY_ALIAS);
        this.mobileSafeKey.renameAlias(KBSignMSBoxConstant.GENERATE_KEY_ALIAS, KBSignMSBoxConstant.KEY_ALIAS);
        this.mobileSafeKey.updateAccessKey(KBSignMSBoxConstant.KEY_ALIAS, true, "1", makeMasterPassword(), WHex.encode(bArr));
        KBSignMSBoxData kBSignMSBoxData = new KBSignMSBoxData();
        kBSignMSBoxData.setKBCert(kBCert);
        saveData(kBSignMSBoxData);
    }

    @Override // com.kbstar.kbsign.android.store.KBSignStore
    public byte[] sign(byte[] bArr, byte[] bArr2) throws KBSignStoreException {
        return sign(KBSignMSBoxConstant.KEY_ALIAS, "1", WHex.encode(bArr), bArr2);
    }

    @Override // com.kbstar.kbsign.android.store.KBSignStore
    public byte[] signWithGeneratedPrivateKey(byte[] bArr) throws KBSignStoreException {
        return sign(KBSignMSBoxConstant.GENERATE_KEY_ALIAS, "0", makeMasterPassword(), bArr);
    }
}
