package com.kica.android.kfido.asm;

import android.content.Context;
import android.os.Bundle;
import com.kica.android.fido.uaf.auth.assertion.AuthAssertion;
import com.kica.android.fido.uaf.auth.common.AuthException;
import com.kica.android.fido.uaf.auth.common.Tags;
import com.kica.android.fido.uaf.auth.crypto.CryptoHelper;
import com.kica.android.fido.uaf.util.ByteHelper;
import com.kica.android.kfido.authenticator.crypto.AndroidKeyStore;
import com.kica.android.kfido.authenticator.db.AuthDBHelper;
import com.sg.openews.api.exception.SGCryptoException;
import com.sg.openews.api.exception.SGPkcs7Exception;
import com.sg.openews.api.key.impl.NPKICertificate;
import com.sg.openews.api.key.impl.NPKIPrivateKey;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import javax.crypto.SecretKey;

/* loaded from: classes3.dex */
public final class A {

    /* renamed from: a, reason: collision with root package name */
    private static byte[] f21097a;

    /* renamed from: b, reason: collision with root package name */
    private X509Certificate f21098b = null;

    /* renamed from: c, reason: collision with root package name */
    private String f21099c = null;

    /* renamed from: d, reason: collision with root package name */
    private ArrayList<String> f21100d = null;

    private B a(byte[] bArr, byte[][] bArr2, byte[] bArr3) {
        int length = bArr2.length;
        ArrayList arrayList = new ArrayList();
        ArrayList arrayList2 = new ArrayList();
        int i6 = 0;
        for (int i7 = 0; i7 < length; i7++) {
            try {
                H a6 = H.a(bArr, bArr2[i7]);
                if (Arrays.equals(a6.b(), bArr3)) {
                    arrayList.add(a6);
                    arrayList2.add(new I(a6.c(), bArr2[i7]));
                    i6++;
                }
            } catch (AuthException unused) {
                return null;
            }
        }
        H[] hArr = new H[i6];
        arrayList.toArray(hArr);
        I[] iArr = new I[i6];
        arrayList2.toArray(iArr);
        B b6 = new B(this, (byte) 0);
        b6.a(hArr);
        b6.a(iArr);
        return b6;
    }

    private static w a(v vVar, AuthDBHelper authDBHelper, com.kica.android.kfido.authenticator.db.b bVar, H h6, byte[] bArr) {
        String str;
        w wVar = new w();
        com.kica.android.kfido.authenticator.db.c keyInfo = authDBHelper.getKeyInfo(bVar.getAAID(), h6.a());
        if (keyInfo == null) {
            str = "KeyInfo가 조회되지 않음";
        } else {
            AuthAssertion authAssertion = new AuthAssertion();
            authAssertion.setAAID(bVar.getAAID());
            authAssertion.setAuthenticatorVersion(Short.valueOf(bVar.getAuthenticatorVersion()));
            if (vVar.f() == null) {
                authAssertion.setAuthenticationMode(Byte.valueOf(Tags.Value_User_Explicitly_Verified));
                authAssertion.setTrContentHash(null);
            } else {
                authAssertion.setAuthenticationMode(Byte.valueOf(Tags.Value_User_Explicitly_Confirm_Tranaction_Content));
                try {
                    byte[] hashWithSHA256 = CryptoHelper.hashWithSHA256(vVar.f());
                    f21097a = hashWithSHA256;
                    authAssertion.setTrContentHash(hashWithSHA256);
                } catch (AuthException unused) {
                    str = "트랜잭션 해시에 실패함";
                }
            }
            authAssertion.setSignatureAlgAndEncoding(Short.valueOf(bVar.getAuthenticationAlg()));
            byte[] bArr2 = new byte[20];
            try {
                CryptoHelper.generateRandom(bArr2);
                authAssertion.setAuthnrNonce(bArr2);
                authAssertion.setFinalChallenge(vVar.c());
                authAssertion.setKeyId(h6.a());
                authAssertion.setSignCounter(Integer.valueOf(keyInfo.d()));
                try {
                    byte[] encode_SignedData = authAssertion.encode_SignedData();
                    if (f21097a == null) {
                        f21097a = encode_SignedData;
                    }
                    short authenticationAlg = bVar.getAuthenticationAlg();
                    authAssertion.setSignature(CryptoHelper.sign(CryptoHelper.getPrivateKeyfromBytes(bArr, authenticationAlg), encode_SignedData, authenticationAlg));
                    wVar.a((short) 0);
                    wVar.a(authAssertion);
                    keyInfo.a(keyInfo.d() + 1);
                    if (authDBHelper.updateKeyInfo(keyInfo)) {
                        return wVar;
                    }
                    str = "서명 카운터 정보를 DB에 갱신하는데 실패함 : " + keyInfo.toString();
                } catch (Exception unused2) {
                    str = "서명 생성에 실패함";
                }
            } catch (AuthException unused3) {
                str = "Nonce 생성에 실패함";
            }
        }
        m.c("KICA_AUTH", str);
        wVar.a((short) 1);
        return wVar;
    }

    private static byte[] a(Context context, String str, com.kica.android.kfido.authenticator.db.b bVar) throws Exception {
        AndroidKeyStore androidKeyStore = new AndroidKeyStore(context);
        m.a("KICA_AUTH", "=====================[PRE_REG_UPPER]복호화 시작==========================");
        byte[] decryptEncryptedKeyData_M = androidKeyStore.decryptEncryptedKeyData_M(androidKeyStore.getHWAuthKey_M(str), bVar.getWrapKey(), str);
        m.a("KICA_AUTH", "=====================[PRE_REG_UPPER]복호화 끝==========================");
        m.a("KICA_AUTH", "[PreProcess] 6.0 Android Key Store를 이용하여 복호");
        return decryptEncryptedKeyData_M;
    }

    private byte[] a(NPKICertificate nPKICertificate, NPKIPrivateKey nPKIPrivateKey, byte[] bArr) {
        byte[] bArr2;
        com.kica.android.kfido.authenticator.kfido.e eVar = new com.kica.android.kfido.authenticator.kfido.e();
        try {
            m.a("KICA_AUTH", ">>Create Signed Data for sending to Server");
            bArr2 = eVar.a(nPKICertificate, nPKIPrivateKey, bArr);
        } catch (SGCryptoException | SGPkcs7Exception e6) {
            e6.printStackTrace();
            bArr2 = null;
        }
        if (this.f21099c == null || this.f21098b == null) {
            return bArr2;
        }
        try {
            m.a("KICA_AUTH", ">>Add a unsignedData in SignedData");
            byte[] random = nPKIPrivateKey.getRandom();
            SecretKey a6 = com.kica.android.kfido.authenticator.kfido.e.a(this.f21099c);
            byte[] a7 = com.kica.android.kfido.authenticator.kfido.e.a(a6, random);
            byte[] a8 = com.kica.android.kfido.authenticator.kfido.e.a(this.f21098b, a6);
            ArrayList arrayList = new ArrayList();
            arrayList.add(new com.kica.android.kfido.asm.db.c("1.2.410.2004.5.2.10.1", a7));
            arrayList.add(new com.kica.android.kfido.asm.db.c("1.2.410.2004.5.2.10.2", a8));
            return eVar.a(bArr2, com.kica.android.kfido.authenticator.kfido.e.a((ArrayList<com.kica.android.kfido.asm.db.c>) arrayList));
        } catch (Exception e7) {
            e7.printStackTrace();
            m.c("KICA_AUTH", "UnsigendAttribute 생성 실패");
            return bArr2;
        }
    }

    private static byte[] a(short s6) {
        w wVar = new w();
        wVar.a(s6);
        try {
            return wVar.a();
        } catch (AuthException unused) {
            return null;
        }
    }

    public final Bundle a(Context context, byte[] bArr) throws Exception {
        m.a("KICA_AUTH", "Auth_Sign 요청 메시지: " + ByteHelper.byteArrayToHexString(bArr));
        Bundle bundle = new Bundle();
        byte[] bArr2 = null;
        try {
            v a6 = v.a(bArr);
            com.kica.android.kfido.authenticator.db.b authenticator = AuthDBHelper.getInstance(context).getAuthenticator(a6.b().byteValue());
            if (AndroidKeyStore.isHWSupported()) {
                String str = new String(authenticator.getAAID());
                if (AndroidKeyStore.isAndroid6()) {
                    try {
                        bArr2 = a(context, str, authenticator);
                    } catch (Exception e6) {
                        e6.printStackTrace();
                        m.a("KICA_AUTH", "========Catch 1) 삭제");
                        com.kica.android.kfido.asm.util.a.b(context);
                        throw new AuthException(e6.getMessage());
                    }
                }
            } else {
                bArr2 = authenticator.getWrapKey();
            }
            if (bArr2 != null) {
                bundle.putByteArray("signKey_baWrapKey", bArr2);
            }
            byte[] i6 = a6.i();
            if (i6 != null) {
                bundle.putByteArray("regKey_KCertCMD", i6);
            }
            return bundle;
        } catch (AuthException unused) {
            m.c("KICA_AUTH", "Auth_Sign 응답 메시지(명령어 디코딩에 실패함): " + ByteHelper.byteArrayToHexString(a((short) 1)));
            return null;
        }
    }

    public final ArrayList<String> a() {
        return this.f21100d;
    }

    /* JADX WARN: Removed duplicated region for block: B:47:0x016e  */
    /* JADX WARN: Removed duplicated region for block: B:57:0x01ab A[Catch: SGCryptoException -> 0x01d1, SGCryptoException | SGPkcs7Exception -> 0x01d3, TryCatch #9 {SGCryptoException | SGPkcs7Exception -> 0x01d3, blocks: (B:55:0x01a5, B:57:0x01ab, B:59:0x01b7), top: B:54:0x01a5 }] */
    /* JADX WARN: Removed duplicated region for block: B:71:0x01e3 A[Catch: Exception -> 0x020a, TryCatch #4 {Exception -> 0x020a, blocks: (B:69:0x01dd, B:71:0x01e3, B:73:0x01ef, B:75:0x01f3, B:76:0x01fa), top: B:68:0x01dd }] */
    /* JADX WARN: Removed duplicated region for block: B:83:0x0210  */
    /* JADX WARN: Removed duplicated region for block: B:94:0x0242  */
    /* JADX WARN: Removed duplicated region for block: B:97:0x024a  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public final byte[] a(android.content.Context r17, byte[] r18, boolean r19, byte[] r20, boolean r21, com.sg.openews.api.key.impl.NPKICertificate r22) throws java.lang.Exception {
        /*
            Method dump skipped, instructions count: 683
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.kica.android.kfido.asm.A.a(android.content.Context, byte[], boolean, byte[], boolean, com.sg.openews.api.key.impl.NPKICertificate):byte[]");
    }
}
