package com.dream.magic.fido.authenticator.local.kfido;

import android.content.Context;
import com.dream.magic.fido.authenticator.common.auth.command.KCertificateCmd;
import com.dream.magic.fido.uaf.protocol.kfido.KCertificate;
import com.dream.magic.fido.uaf.util.Base64URLHelper;
import com.dreamsecurity.jcaos.exception.AlgorithmException;
import com.dreamsecurity.jcaos.exception.ConfirmPasswordException;
import com.dreamsecurity.jcaos.exception.NoSuchModeException;
import com.dreamsecurity.jcaos.exception.ParsingException;
import com.dreamsecurity.jcaos.pkcs.PKCS8;
import com.dreamsecurity.jcaos.pkcs.PKCS8PrivateKeyInfo;
import com.dreamsecurity.jcaos.x509.X509Certificate;
import com.secureland.smartmedic.SmartMedicUpdater;
import java.io.File;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import javax.crypto.NoSuchPaddingException;

/* loaded from: classes.dex */
public class KCertInfo {
    public static final short KCERT_ERROR_CONVERT_CERT = 1002;
    public static final short KCERT_ERROR_NOT_EXIST_CERT = 1001;
    public static final short KCERT_ERROR_UNKWON_VALUE = 9999;
    public static final short KCERT_ERROR_VERIFY_BIO = 1004;
    public static final short KCERT_ERROR_VERIFY_PW = 1003;
    public static final short KCERT_SUCCESS = 0;
    private Context mContext;
    private final String INVAILD_PASSWORD = "private key decoding failed. please check password.";
    private byte[] baSignCert = null;
    private byte[] baSignPri = null;
    private byte[] baKmCert = null;
    private byte[] baKmPri = null;
    private short kCertDeliType = 0;
    private KRegCert kReg = null;

    public KCertInfo(Context context) {
        this.mContext = null;
        this.mContext = context;
    }

    private boolean checkFile(String str) {
        try {
            return new File(str).isFile();
        } catch (Exception e) {
            e.printStackTrace();
            return false;
        }
    }

    private X509Certificate getKmCert() {
        try {
            byte[] bArr = this.baKmCert;
            if (bArr != null) {
                return X509Certificate.getInstance(bArr);
            }
            return null;
        } catch (IOException e) {
            e.printStackTrace();
            return null;
        }
    }

    private short setBinaryCertPair(KCertificateCmd kCertificateCmd) {
        this.baSignCert = kCertificateCmd.getSignCert();
        this.baSignPri = kCertificateCmd.getSignPri();
        this.baKmCert = kCertificateCmd.getKmCert();
        this.baKmPri = kCertificateCmd.getKmPri();
        return (short) 0;
    }

    private short setPathCertPair(String str) {
        if (str.endsWith(SmartMedicUpdater.c)) {
            str = str.substring(0, str.length() - 1);
        }
        try {
            String str2 = str + "/signCert.der";
            String str3 = str + "/signPri.key";
            String str4 = str + "/kmCert.der";
            String str5 = str + "/kmPri.key";
            if (checkFile(str2) && checkFile(str3)) {
                this.baSignCert = KCertUtil.readBytes(str2);
                this.baSignPri = KCertUtil.readBytes(str3);
                if (!checkFile(str4) || !checkFile(str5)) {
                    return (short) 0;
                }
                this.baKmCert = KCertUtil.readBytes(str4);
                this.baKmPri = KCertUtil.readBytes(str5);
                return (short) 0;
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
        return KCERT_ERROR_NOT_EXIST_CERT;
    }

    public X509Certificate getKCertSignCert(KCertificate kCertificate) throws IOException {
        byte[] signCert = getSignCert(kCertificate);
        if (signCert != null) {
            return X509Certificate.getInstance(signCert);
        }
        return null;
    }

    public KRegCert getKRegCert() {
        return this.kReg;
    }

    public X509Certificate getSignCert() {
        try {
            byte[] bArr = this.baSignCert;
            if (bArr != null) {
                return X509Certificate.getInstance(bArr);
            }
            return null;
        } catch (IOException e) {
            e.printStackTrace();
            return null;
        }
    }

    public byte[] getSignCert(KCertificate kCertificate) throws IOException {
        short deliveryType = kCertificate.getDeliveryType();
        if (deliveryType != 1) {
            if (deliveryType != 2) {
                return null;
            }
            return Base64URLHelper.decode(kCertificate.getSignCert());
        }
        String certPath = kCertificate.getCertPath();
        if (certPath.endsWith(SmartMedicUpdater.c)) {
            certPath = certPath.substring(0, certPath.length() - 1);
        }
        String str = certPath + "/signCert.der";
        if (checkFile(str)) {
            return KCertUtil.readBytes(str);
        }
        return null;
    }

    public short parseKCertInfo(KCertificateCmd kCertificateCmd) {
        short deliveryType = kCertificateCmd.getDeliveryType();
        this.kCertDeliType = deliveryType;
        if (deliveryType == 1) {
            return setPathCertPair(new String(kCertificateCmd.getCertPath()));
        }
        if (deliveryType != 2) {
            return (short) 0;
        }
        return setBinaryCertPair(kCertificateCmd);
    }

    public void setAuth_SignCert(byte[] bArr) {
        this.baSignCert = bArr;
    }

    public byte[] setBioSerectKey(byte[] bArr, byte[] bArr2) {
        return new KCertUtil(this.mContext).getBioSecretKey(bArr, bArr2);
    }

    public void setEncPriKey(byte[] bArr, byte[] bArr2, PrivateKey privateKey, byte[] bArr3) throws Exception {
        KCertUtil kCertUtil = new KCertUtil(this.mContext);
        if (this.kReg == null) {
            com.dream.magic.fido.authenticator.common.auth.utility.b.a(KCertInfo.class.getName(), "Reg관련 재 생성!!! 값을 빼오기위해서만 사용");
            this.kReg = new KRegCert();
        }
        byte[] secretPriKey = kCertUtil.getSecretPriKey(bArr, privateKey, bArr3);
        if (secretPriKey == null) {
            throw new Exception("Error BIO PrivateKey Encrypt");
        }
        byte[] bArr4 = null;
        if (bArr2 != null && (bArr4 = kCertUtil.getSecretPriKey(bArr2, privateKey, bArr3)) == null) {
            throw new Exception("Error PW PrivateKey Encrypt");
        }
        this.kReg.setEncKeys(secretPriKey, bArr4);
    }

    public short verfiySignPriKey(byte[] bArr) {
        try {
            if (this.kReg == null) {
                com.dream.magic.fido.authenticator.common.auth.utility.b.a(KCertInfo.class.getName(), "Reg관련 최초 생성");
                this.kReg = new KRegCert();
            }
            PKCS8PrivateKeyInfo decrypt = new PKCS8(bArr).decrypt(this.baSignPri);
            this.kReg.setSGCertPair(getSignCert(), decrypt, getKmCert());
            return (short) 0;
        } catch (AlgorithmException | NoSuchModeException | ParsingException | IOException | InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | NoSuchProviderException | NoSuchPaddingException unused) {
            return KCERT_ERROR_NOT_EXIST_CERT;
        } catch (ConfirmPasswordException unused2) {
            return KCERT_ERROR_VERIFY_PW;
        }
    }
}
