package com.atoncorp.mobilesafekey.command;

import android.content.Context;
import android.text.TextUtils;
import com.atoncorp.mobileauth.command.MobileAuth;
import com.atoncorp.mobilesafekey.constants.MobileSafeKeyError;
import com.atoncorp.mobilesafekey.secure.AtonPKCS7;
import com.atoncorp.secure.constants.MobileSafeBoxConstants;
import com.atoncorp.secure.map.MAPClient;
import com.atoncorp.secure.tlv.AtonTLV;
import com.atoncorp.secure.util.ByteUtils;
import java.nio.charset.Charset;
import java.security.MessageDigest;
import java.security.SecureRandom;
import java.text.SimpleDateFormat;
import java.util.Arrays;
import java.util.Calendar;
import java.util.Date;
import java.util.TimeZone;
import javax.crypto.Cipher;
import javax.crypto.Mac;
import javax.crypto.spec.IvParameterSpec;
import javax.crypto.spec.SecretKeySpec;
import org.json.JSONArray;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: classes2.dex */
public class a {
    protected static final String ACCESS_KEY_ERROR_COUNT_PREFIX = "EC9";
    protected static final int CERT_EXPIRED_DATE = 1;
    protected static final int CERT_FAIL_DATE = -1;
    protected static final int CERT_INVALID_DATE = 2;
    protected static final int CERT_VALID_DATE = 0;
    protected static final int DATAALIAS_MAX_LENGTH = 40;
    protected static final int DEFAULT_OUTLENGTH = 5120;
    protected static final boolean HMACKEY_LENGTH_32 = true;
    protected static final int KEYALIAS_MAX_LENGTH = 40;
    protected static final int KEYALIAS_SYNC_LENGTH = 12;
    protected static final String MASTER_KEY_ERROR_COUNT_PREFIX = "EC8";
    protected static final int MOBILE_AUTH_COMMAND_ID = 0;
    protected static final int MOBILE_OTP_COMMAND_ID = 1;
    protected static final int MOBILE_PKI_COMMAND_ID = 2;
    protected static final int MOBILE_SAFEKEY_COMMAND_ID = 3;
    protected static final String SIGN_TIME_FORMAT = "^[0-9]{12}$";
    protected static final int SIGN_TIME_LENGTH = 12;
    private static final String TAG = "a";
    protected static AtonPKCS7 mAtonPKCS7;
    protected static AtonTLV mAtonTlv;
    protected static Context mContext;
    protected boolean IS_USE_ATONTLV = false;
    protected boolean useATtlv = false;
    protected boolean useCN = false;
    protected static final String SUCCESS_CODE = MobileSafeKeyError.COMMON_SUCCESS.getCode();
    protected static final String SUCCESS_MSG = MobileSafeKeyError.COMMON_SUCCESS.getMsg();
    protected static final byte[] encrypted = {0, 1};
    protected static final byte[] forKey = {0, 1};
    protected static final byte[] acKeyIndex = {0, 1, 2, 3, 4};
    protected static final byte[] paddingIndex = {0, 1, 2, 3};
    protected static final byte[] dummy_byte_32 = {0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
    protected static MAPClient mMapClient = null;
    protected static MobileAuth mMobileAuth = null;
    protected static boolean useValidMaxTime = true;
    protected static int validMaxTime = 5;
    protected static String encString = null;
    protected static com.atoncorp.mobilesafekey.secure.a atonAES256 = null;
    private static JSONObject atonJsonData = null;

    public static boolean bHmackeyLength32() {
        return true;
    }

    private String getPKCS7CNs(byte[] bArr) {
        return this.IS_USE_ATONTLV ? mAtonTlv.getPKCS7CNs(bArr) : mAtonPKCS7.getPKCS7CNs(bArr);
    }

    private String getPKCS7ValidDates(byte[] bArr) {
        return this.IS_USE_ATONTLV ? mAtonTlv.getPKCS7ValidDates(bArr) : mAtonPKCS7.getPKCS7ValidDates(bArr);
    }

    public boolean checkUTCDateTime(String str) {
        try {
            SimpleDateFormat simpleDateFormat = new SimpleDateFormat("yyMMddHHmmss");
            simpleDateFormat.setLenient(false);
            simpleDateFormat.parse(str);
            return true;
        } catch (Exception e) {
            e.printStackTrace();
            return false;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public int checkValidDate(JSONObject jSONObject) {
        String optString = jSONObject.optString("not_before");
        String optString2 = jSONObject.optString("not_after");
        if (TextUtils.isEmpty(optString) || TextUtils.isEmpty(optString2)) {
            return -1;
        }
        String utcDateTime = getUtcDateTime();
        if (optString.compareTo(utcDateTime) <= 0) {
            return optString2.compareTo(utcDateTime) >= 0 ? 0 : 1;
        }
        return 2;
    }

    protected boolean compareValidDate(JSONObject jSONObject) {
        String optString = jSONObject.optString("not_before");
        String optString2 = jSONObject.optString("not_after");
        if (optString == null || optString2 == null) {
            return false;
        }
        String utcDateTime = getUtcDateTime();
        return optString.compareTo(utcDateTime) <= 0 && optString2.compareTo(utcDateTime) >= 0;
    }

    protected boolean compareValidTime(String str) {
        return str != null && str.compareTo(getCurrentTime()) >= 0;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public final MAPClient connect() {
        MAPClient connect = MobileAuth.getConnect();
        mMapClient = connect;
        return connect;
    }

    protected byte[] decryptAESMessage(byte[] bArr, String str) {
        byte[] bArr2 = new byte[16];
        Arrays.fill(bArr2, (byte) 0);
        try {
            IvParameterSpec ivParameterSpec = new IvParameterSpec(bArr2);
            SecretKeySpec secretKeySpec = new SecretKeySpec(bArr, "AES");
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
            cipher.init(2, secretKeySpec, ivParameterSpec);
            return cipher.doFinal(ByteUtils.HexStringToBytes(str));
        } catch (Exception e) {
            throw e;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public byte[] decryptAESMessage(byte[] bArr, byte[] bArr2) {
        byte[] bArr3 = new byte[16];
        Arrays.fill(bArr3, (byte) 0);
        try {
            IvParameterSpec ivParameterSpec = new IvParameterSpec(bArr3);
            SecretKeySpec secretKeySpec = new SecretKeySpec(bArr, "AES");
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
            cipher.init(2, secretKeySpec, ivParameterSpec);
            return cipher.doFinal(bArr2);
        } catch (Exception e) {
            throw e;
        }
    }

    protected void disconnect() {
        MAPClient mAPClient = mMapClient;
        if (mAPClient != null) {
            mAPClient.Disconnect();
            mMapClient = null;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public byte[] encryptAESMessage(byte[] bArr, byte[] bArr2) {
        byte[] bArr3 = new byte[16];
        Arrays.fill(bArr3, (byte) 0);
        try {
            IvParameterSpec ivParameterSpec = new IvParameterSpec(bArr3);
            SecretKeySpec secretKeySpec = new SecretKeySpec(bArr, "AES");
            Cipher cipher = Cipher.getInstance("AES/CBC/PKCS5Padding");
            cipher.init(1, secretKeySpec, ivParameterSpec);
            return cipher.doFinal(bArr2);
        } catch (Exception e) {
            throw e;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public byte getACKeyIndex(int i) {
        return acKeyIndex[i];
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public JSONObject getCNs(byte[] bArr) {
        try {
            return new JSONObject(getPKCS7CNs(bArr));
        } catch (JSONException unused) {
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    /* JADX WARN: Can't wrap try/catch for region: R(10:6|(2:8|(2:10|(8:12|13|14|15|17|18|19|20)))|25|13|14|15|17|18|19|20) */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public org.json.JSONObject getCertValidDates(byte[] r5) {
        /*
            r4 = this;
            boolean r0 = r4.IS_USE_ATONTLV
            if (r0 == 0) goto L9
            org.json.JSONObject r5 = r4.getValidDates(r5)
            return r5
        L9:
            com.atoncorp.secure.tlv.bertlv.BerTlvParser r0 = new com.atoncorp.secure.tlv.bertlv.BerTlvParser
            r0.<init>()
            com.atoncorp.secure.tlv.bertlv.BerTlv r5 = r0.parseConstructed(r5)
            java.util.List r5 = r5.getValues()
            int r0 = r5.size()
            java.lang.String r1 = ""
            if (r0 <= 0) goto L5d
            r0 = 0
            java.lang.Object r5 = r5.get(r0)
            com.atoncorp.secure.tlv.bertlv.BerTlv r5 = (com.atoncorp.secure.tlv.bertlv.BerTlv) r5
            java.util.List r5 = r5.getValues()
            int r2 = r5.size()
            r3 = 4
            if (r2 <= r3) goto L5d
            java.lang.Object r5 = r5.get(r3)
            com.atoncorp.secure.tlv.bertlv.BerTlv r5 = (com.atoncorp.secure.tlv.bertlv.BerTlv) r5
            com.atoncorp.secure.tlv.bertlv.BerTag r2 = new com.atoncorp.secure.tlv.bertlv.BerTag
            r3 = 23
            r2.<init>(r3)
            java.util.List r5 = r5.findAll(r2)
            int r2 = r5.size()
            r3 = 1
            if (r2 <= r3) goto L5d
            java.lang.Object r0 = r5.get(r0)
            com.atoncorp.secure.tlv.bertlv.BerTlv r0 = (com.atoncorp.secure.tlv.bertlv.BerTlv) r0
            java.lang.String r1 = r0.getTextValue()
            java.lang.Object r5 = r5.get(r3)
            com.atoncorp.secure.tlv.bertlv.BerTlv r5 = (com.atoncorp.secure.tlv.bertlv.BerTlv) r5
            java.lang.String r5 = r5.getTextValue()
            goto L5e
        L5d:
            r5 = r1
        L5e:
            r0 = 0
            org.json.JSONObject r2 = new org.json.JSONObject     // Catch: org.json.JSONException -> L71
            r2.<init>()     // Catch: org.json.JSONException -> L71
            java.lang.String r0 = "not_before"
            r2.put(r0, r1)     // Catch: org.json.JSONException -> L70
            java.lang.String r0 = "not_after"
            r2.put(r0, r5)     // Catch: org.json.JSONException -> L70
        L70:
            r0 = r2
        L71:
            return r0
        */
        throw new UnsupportedOperationException("Method not decompiled: com.atoncorp.mobilesafekey.command.a.getCertValidDates(byte[]):org.json.JSONObject");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Context getContext() {
        MobileAuth mobileAuth = MobileAuth.getInstance();
        mMobileAuth = mobileAuth;
        return mobileAuth.getContext();
    }

    protected String getCurrentTime() {
        Calendar calendar = Calendar.getInstance();
        calendar.setTime(new Date());
        return new SimpleDateFormat("yyMMddHHmmss").format(calendar.getTime());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getCurrentUtcDateTime() {
        SimpleDateFormat simpleDateFormat = new SimpleDateFormat("yyMMddHHmmss");
        simpleDateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));
        return simpleDateFormat.format(new Date());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public JSONObject getDataList(String str) {
        JSONObject jSONObject = new JSONObject();
        JSONArray jSONArray = new JSONArray();
        for (String str2 : str.split(",")) {
            try {
                jSONArray.put(String.valueOf(str2));
            } catch (JSONException e) {
                e.printStackTrace();
            }
        }
        jSONObject.put(MobileSafeBoxConstants.BUNDLE_EXTRA_DATAALIAS, jSONArray);
        return jSONObject;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getDeviceID() {
        MobileAuth mobileAuth = MobileAuth.getInstance();
        mMobileAuth = mobileAuth;
        return mobileAuth.getDeviceID();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public byte getEncrypted(boolean z) {
        return encrypted[!z ? (char) 0 : (char) 1];
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public byte getForKey(boolean z) {
        return forKey[!z ? (char) 0 : (char) 1];
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public byte[] getHmacKey(String str, String str2) {
        byte[] bArr = new byte[16];
        Arrays.fill(bArr, (byte) 0);
        try {
            Mac mac = Mac.getInstance("HmacSHA256");
            mac.init(new SecretKeySpec(str.getBytes(), "HmacSHA256"));
            System.arraycopy(mac.doFinal(str2.getBytes()), 16, bArr, 0, 16);
            return bArr;
        } catch (Exception e) {
            throw e;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public byte[] getHmacKey32(String str, String str2) {
        byte[] bArr = new byte[32];
        Arrays.fill(bArr, (byte) 0);
        try {
            Mac mac = Mac.getInstance("HmacSHA256");
            mac.init(new SecretKeySpec(str.getBytes(), "HmacSHA256"));
            System.arraycopy(mac.doFinal(str2.getBytes()), 0, bArr, 0, 32);
            return bArr;
        } catch (Exception e) {
            throw e;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getMakeLoginContent(String str, String str2) {
        JSONObject jSONObject = new JSONObject();
        try {
            jSONObject.put("content", str);
            jSONObject.put(MobileSafeBoxConstants.BUNDLE_EXTRA_REDUCED_PUBLIC_KEY, str2);
        } catch (JSONException e) {
            e.printStackTrace();
        }
        return jSONObject.toString();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public byte getPadding(int i) {
        return paddingIndex[i];
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getResultErrorCode(String str) {
        return MobileSafeKeyError.getByCode(str).getCode();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getResultErrorMsg(String str) {
        return MobileSafeKeyError.getByCode(str).getMsg();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getResultInvalidErrorCode(String str) {
        if (str.startsWith(MASTER_KEY_ERROR_COUNT_PREFIX) || str.startsWith(ACCESS_KEY_ERROR_COUNT_PREFIX)) {
            return (str.startsWith(MASTER_KEY_ERROR_COUNT_PREFIX) ? MobileSafeKeyError.ACCESS_SET_FAIL_INVALID_MASTER_KEY : MobileSafeKeyError.ACCESS_SET_FAIL_INVALID_ACCESS_KEY).getCode();
        }
        return str;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getResultInvalidErrorCount(String str) {
        return (str.startsWith(MASTER_KEY_ERROR_COUNT_PREFIX) || str.startsWith(ACCESS_KEY_ERROR_COUNT_PREFIX)) ? str.substring(str.length() - 1) : "";
    }

    protected String getSignSimpleAccessKey(String str, String str2) {
        com.atoncorp.mobilesafekey.secure.a aVar;
        String jSONObject;
        try {
            if (!TextUtils.isEmpty(str2)) {
                JSONObject jSONObject2 = new JSONObject();
                jSONObject2.put("timeStamp", getValidTime());
                jSONObject2.put("accessKey", str2);
                atonAES256 = new com.atoncorp.mobilesafekey.secure.a();
                if (com.atoncorp.mobilesafekey.secure.a.c(str)) {
                    com.atoncorp.mobilesafekey.secure.a.d(str);
                }
                com.atoncorp.mobilesafekey.secure.a.a(str);
                encString = atonAES256.b(str, jSONObject2.toString());
                return str2;
            }
            if (encString != null && atonAES256 != null && com.atoncorp.mobilesafekey.secure.a.c(str)) {
                JSONObject jSONObject3 = new JSONObject(atonAES256.a(str, encString));
                String optString = jSONObject3.optString("timeStamp");
                String optString2 = jSONObject3.optString("accessKey");
                if (!useValidMaxTime) {
                    jSONObject3.put("timeStamp", getValidTime());
                    aVar = atonAES256;
                    jSONObject = jSONObject3.toString();
                } else if (compareValidTime(optString)) {
                    jSONObject3.put("timeStamp", getValidTime());
                    aVar = atonAES256;
                    jSONObject = jSONObject3.toString();
                }
                encString = aVar.b(str, jSONObject);
                return optString2;
            }
            encString = null;
            atonAES256 = null;
            return str2;
        } catch (Exception e) {
            e.printStackTrace();
            return str2;
        }
    }

    protected String getSimpleAccessKey(String str, String str2) {
        try {
            if (!TextUtils.isEmpty(str2)) {
                atonJsonData = new JSONObject();
                atonAES256 = new com.atoncorp.mobilesafekey.secure.a();
                if (com.atoncorp.mobilesafekey.secure.a.c(str)) {
                    com.atoncorp.mobilesafekey.secure.a.d(str);
                }
                com.atoncorp.mobilesafekey.secure.a.a(str);
                String b = atonAES256.b(str, str2);
                atonJsonData.put("timeStamp", getValidTime());
                atonJsonData.put("accessKey", b);
                return str2;
            }
            JSONObject jSONObject = atonJsonData;
            if (jSONObject == null || atonAES256 == null) {
                return str2;
            }
            String optString = jSONObject.optString("timeStamp");
            String optString2 = atonJsonData.optString("accessKey");
            if (!compareValidTime(optString)) {
                atonJsonData = null;
                atonAES256 = null;
                return str2;
            }
            if (com.atoncorp.mobilesafekey.secure.a.c(str)) {
                String a2 = atonAES256.a(str, optString2);
                atonJsonData.put("timeStamp", getValidTime());
                return a2;
            }
            atonJsonData = null;
            atonAES256 = null;
            return str2;
        } catch (Exception e) {
            e.printStackTrace();
            return str2;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public byte[] getSymKey(String str, byte[] bArr) {
        boolean z = TextUtils.equals(str, MobileSafeBoxConstants.KEY_TYPE_AES128);
        if (bArr == null) {
            SecureRandom secureRandom = new SecureRandom();
            byte[] bArr2 = z ? new byte[16] : new byte[32];
            secureRandom.nextBytes(bArr2);
            return bArr2;
        }
        if (z) {
            byte[] bArr3 = new byte[16];
            System.arraycopy(bArr, 0, bArr3, 0, 16);
            return bArr3;
        }
        byte[] bArr4 = new byte[32];
        System.arraycopy(bArr, 0, bArr4, 0, 32);
        return bArr4;
    }

    protected String getUtcDateTime() {
        SimpleDateFormat simpleDateFormat = new SimpleDateFormat("yyMMddHHmmss'Z'");
        simpleDateFormat.setTimeZone(TimeZone.getTimeZone("UTC"));
        return simpleDateFormat.format(new Date());
    }

    protected JSONObject getValidDates(byte[] bArr) {
        try {
            return new JSONObject(getPKCS7ValidDates(bArr));
        } catch (JSONException unused) {
            return null;
        }
    }

    protected String getValidTime() {
        Calendar calendar = Calendar.getInstance();
        calendar.setTime(new Date());
        calendar.add(12, validMaxTime);
        return new SimpleDateFormat("yyMMddHHmmss").format(calendar.getTime());
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public String getValue(byte[] bArr, Charset charset) {
        return new String(bArr, charset);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public byte[] sha256Hash(byte[] bArr) {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("SHA-256");
            messageDigest.update(bArr);
            return messageDigest.digest();
        } catch (Exception unused) {
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public byte[] trasmitAPI(int i, byte[] bArr) {
        return mMapClient.Execute(i, bArr, DEFAULT_OUTLENGTH);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public byte[] trasmitAPI(byte[] bArr) {
        return mMapClient.Execute(3, bArr, DEFAULT_OUTLENGTH);
    }
}
