package com.kakao.talk.kakaopay.e;

import android.annotation.TargetApi;
import android.content.DialogInterface;
import android.security.keystore.KeyGenParameterSpec;
import android.support.v4.app.FragmentActivity;
import android.text.TextUtils;
import android.util.Base64;
import com.kakao.talk.R;
import com.kakao.talk.kakaopay.cert.b;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyFactory;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.CertificateException;
import java.security.interfaces.ECPrivateKey;
import java.security.spec.MGF1ParameterSpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.Arrays;
import javax.crypto.Cipher;
import javax.crypto.spec.OAEPParameterSpec;
import javax.crypto.spec.PSource;

/* compiled from: KpCertUtil.java */
/* loaded from: classes2.dex */
public final class h {

    /* compiled from: KpCertUtil.java */
    /* loaded from: classes2.dex */
    public enum a {
        NOT_EXIST_KEY,
        WRONG_PASSWORD,
        SUCCESS,
        FAIL
    }

    public static a a(String str, String str2) {
        byte[] i2;
        try {
            i2 = com.kakao.talk.kakaopay.home.a.a().i("privateKey");
        } catch (Exception e2) {
            e.c("개인키_로드_실패", e2.getMessage());
        }
        if (org.apache.commons.b.a.a(i2)) {
            b("_GET_PASSWORD_VALID_STATUS", "PRIVATE_KEY_IS_NULL");
            return a.NOT_EXIST_KEY;
        }
        byte[] i3 = com.kakao.talk.kakaopay.home.a.a().i("salt");
        if (org.apache.commons.b.a.a(i3)) {
            b("_GET_PASSWORD_VALID_STATUS", "SALT_IS_EMPTY");
            return a.NOT_EXIST_KEY;
        }
        byte[] i4 = com.kakao.talk.kakaopay.home.a.a().i("iv");
        if (org.apache.commons.b.a.a(i4)) {
            b("_GET_PASSWORD_VALID_STATUS", "IV_IS_EMPTY");
            return a.NOT_EXIST_KEY;
        }
        byte[] a2 = a(str);
        if (org.apache.commons.b.a.a(a2)) {
            b("_GET_PASSWORD_VALID_STATUS", "PLAIN_PASSWORD_IS_EMPTY");
        } else {
            new StringBuilder("plainPassword: ").append(a2);
            String a3 = a(a2, str2.getBytes());
            Arrays.fill(a2, (byte) 0);
            com.kakao.talk.kakaopay.cert.b.a();
            if (com.kakao.talk.kakaopay.cert.b.a().a(com.kakao.talk.kakaopay.cert.b.a(a3, i2, i3, i4))) {
                return a.SUCCESS;
            }
        }
        return a.WRONG_PASSWORD;
    }

    public static String a(String str, byte[] bArr) {
        byte[] a2 = a(str);
        String a3 = a(bArr, a2);
        Arrays.fill(a2, (byte) 0);
        return a3;
    }

    private static String a(byte[] bArr) {
        try {
            return com.e.a.d.c.b(MessageDigest.getInstance(com.kakao.talk.e.j.Ez + "-256").digest(bArr)).toString();
        } catch (NoSuchAlgorithmException e2) {
            b("_GET_SHA256_ENCODING", "SHA256_ENCODING_FAIL");
            return null;
        }
    }

    private static String a(byte[] bArr, byte[] bArr2) {
        byte[] bArr3 = new byte[bArr.length + bArr2.length];
        System.arraycopy(bArr, 0, bArr3, 0, bArr.length);
        System.arraycopy(bArr2, 0, bArr3, bArr.length, bArr2.length);
        String a2 = a(bArr3);
        Arrays.fill(bArr3, (byte) 0);
        return a2;
    }

    public static void a() {
        com.kakao.talk.kakaopay.home.a.a().d("privateKey");
        com.kakao.talk.kakaopay.home.a.a().d("publicKey");
        com.kakao.talk.kakaopay.home.a.a().d("salt");
        com.kakao.talk.kakaopay.home.a.a().d("iv");
        com.kakao.talk.kakaopay.home.a.a().d("certificate");
        com.kakao.talk.kakaopay.home.a.a().d("fido_private_key");
        com.kakao.talk.kakaopay.home.a.a().d("fido_salt");
        com.kakao.talk.kakaopay.home.a.a().d("fido_iv");
    }

    public static void a(final FragmentActivity fragmentActivity) {
        p.a(fragmentActivity, fragmentActivity.getString(R.string.pay_cert_register_exit), R.string.pay_cert_stop, R.string.pay_cert_keep_going, new DialogInterface.OnClickListener() { // from class: com.kakao.talk.kakaopay.e.h.1
            @Override // android.content.DialogInterface.OnClickListener
            public final void onClick(DialogInterface dialogInterface, int i2) {
                if (-1 == i2) {
                    FragmentActivity.this.finish();
                }
            }
        });
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v0 */
    /* JADX WARN: Type inference failed for: r0v1 */
    /* JADX WARN: Type inference failed for: r0v3, types: [boolean] */
    /* JADX WARN: Type inference failed for: r0v4 */
    /* JADX WARN: Type inference failed for: r0v5 */
    /* JADX WARN: Type inference failed for: r0v6 */
    /* JADX WARN: Type inference failed for: r0v9 */
    /* JADX WARN: Unsupported multi-entry loop pattern (BACK_EDGE: B:20:0x007d -> B:7:0x0038). Please report as a decompilation issue!!! */
    public static boolean a(ECPrivateKey eCPrivateKey, String str, String str2, byte[] bArr) {
        byte b2 = 0;
        b2 = 0;
        b2 = 0;
        new StringBuilder("isOkSaveKeys encryptedPassword:").append(str).append(" passphrase:").append(str2).append(" salt:").append(bArr);
        byte[] a2 = a(str);
        try {
            if (org.apache.commons.b.a.a(a2)) {
                b("_IS_OK_SAVE_KEYS", "PLAIN_PASSWORD_IS_EMPTY");
            } else {
                b.a a3 = com.kakao.talk.kakaopay.cert.b.a().a(a(a2, str2.getBytes()), eCPrivateKey.getEncoded(), bArr);
                com.kakao.talk.kakaopay.home.a a4 = com.kakao.talk.kakaopay.home.a.a();
                a4.a("privateKey", a3.f19610c);
                a4.a("salt", a3.f19608a);
                a4.a("iv", a3.f19609b);
                Arrays.fill(a2, (byte) 0);
                Arrays.fill(a2, (byte) 0);
                b2 = 1;
            }
        } catch (Exception e2) {
            e.c("개인키_저장_실패", e2.getMessage());
        } finally {
            Arrays.fill(a2, b2);
        }
        return b2;
    }

    public static byte[] a(String str) {
        if (TextUtils.isEmpty(str)) {
            return null;
        }
        com.nshc.nfilter.c.g.a();
        return com.nshc.nfilter.c.g.a(str);
    }

    public static j b() {
        String c2 = com.kakao.talk.kakaopay.home.a.a().c("certificate");
        if (TextUtils.isEmpty(c2)) {
            return new j(null);
        }
        try {
            return new j(com.kakao.talk.kakaopay.cert.b.b(c2));
        } catch (Exception e2) {
            return new j(null);
        }
    }

    private static String b(byte[] bArr) {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            PublicKey publicKey = keyStore.getCertificate("KakaoPayCert").getPublicKey();
            PublicKey generatePublic = KeyFactory.getInstance(publicKey.getAlgorithm()).generatePublic(new X509EncodedKeySpec(publicKey.getEncoded()));
            OAEPParameterSpec oAEPParameterSpec = new OAEPParameterSpec("SHA-256", "MGF1", new MGF1ParameterSpec("SHA-1"), PSource.PSpecified.DEFAULT);
            Cipher cipher = Cipher.getInstance("RSA/ECB/OAEPWithSHA-256AndMGF1Padding");
            cipher.init(1, generatePublic, oAEPParameterSpec);
            return Base64.encodeToString(cipher.doFinal(bArr), 2);
        } catch (Exception e2) {
            e2.printStackTrace();
            b("_DO_ENCRYPTION", "DO_ENCRYPTION_FAIL");
            return null;
        }
    }

    public static void b(FragmentActivity fragmentActivity) {
        fragmentActivity.getWindow().addFlags(8192);
    }

    public static void b(String str) {
        if ("UNREGISTERED".equalsIgnoreCase(str) || "UUID_CHANGED".equalsIgnoreCase(str) || "DEREGISTERED".equalsIgnoreCase(str)) {
            com.kakao.talk.kakaopay.home.a.a().d("fido_private_key");
        }
    }

    private static void b(String str, String str2) {
        e.a();
        e.b(TextUtils.concat("TAG_CERT_UTIL", str).toString(), str2);
    }

    public static boolean b(String str, byte[] bArr) {
        try {
            com.kakao.talk.kakaopay.cert.b a2 = com.kakao.talk.kakaopay.cert.b.a();
            b.a a3 = a2.a(a(str.getBytes()), a2.f19607c.getEncoded(), bArr);
            d();
            com.kakao.talk.kakaopay.home.a a4 = com.kakao.talk.kakaopay.home.a.a();
            byte[] bArr2 = a3.f19610c;
            String b2 = b(bArr2);
            a4.a("fido_private_key", b2);
            Object[] objArr = {"fido_private_key", Integer.valueOf(bArr2.length), b2};
            a4.a("fido_salt", a3.f19608a);
            a4.a("fido_iv", a3.f19609b);
            return true;
        } catch (Exception e2) {
            e.c("개인키_저장_실패", e2.getMessage());
            return false;
        }
    }

    public static void c(String str) {
        com.kakao.talk.kakaopay.home.a.a().a("certificate", str);
    }

    public static boolean c() {
        try {
            return com.kakao.talk.kakaopay.home.a.a().f() != null;
        } catch (Exception e2) {
            b("_HAS_CERT_FIDO", "HAS_CERT_FIDO_FAIL");
            return false;
        }
    }

    @TargetApi(23)
    private static boolean d() {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            if (keyStore.containsAlias("KakaoPayCert")) {
                keyStore.deleteEntry("KakaoPayCert");
            }
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
            keyPairGenerator.initialize(new KeyGenParameterSpec.Builder("KakaoPayCert", 2).setDigests("SHA-256", "SHA-512").setEncryptionPaddings("OAEPPadding").build());
            keyPairGenerator.generateKeyPair();
            return true;
        } catch (IOException e2) {
            e2.printStackTrace();
            b("_GENERATE_KEYS", "GENERATE_KEYS_FAIL");
            return false;
        } catch (InvalidAlgorithmParameterException e3) {
            e3.printStackTrace();
            b("_GENERATE_KEYS", "GENERATE_KEYS_FAIL");
            return false;
        } catch (KeyStoreException e4) {
            e4.printStackTrace();
            b("_GENERATE_KEYS", "GENERATE_KEYS_FAIL");
            return false;
        } catch (NoSuchAlgorithmException e5) {
            e5.printStackTrace();
            b("_GENERATE_KEYS", "GENERATE_KEYS_FAIL");
            return false;
        } catch (NoSuchProviderException e6) {
            e6.printStackTrace();
            b("_GENERATE_KEYS", "GENERATE_KEYS_FAIL");
            return false;
        } catch (CertificateException e7) {
            e7.printStackTrace();
            b("_GENERATE_KEYS", "GENERATE_KEYS_FAIL");
            return false;
        }
    }

    public static byte[] d(String str) {
        if (org.apache.commons.b.i.a((CharSequence) str)) {
            return null;
        }
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            PrivateKey privateKey = (PrivateKey) keyStore.getKey("KakaoPayCert", null);
            OAEPParameterSpec oAEPParameterSpec = new OAEPParameterSpec("SHA-256", "MGF1", new MGF1ParameterSpec("SHA-1"), PSource.PSpecified.DEFAULT);
            Cipher cipher = Cipher.getInstance("RSA/ECB/OAEPWithSHA-256AndMGF1Padding");
            cipher.init(2, privateKey, oAEPParameterSpec);
            return cipher.doFinal(Base64.decode(str, 2));
        } catch (Exception e2) {
            e2.printStackTrace();
            b("_DO_DECRYPTION", "DO_DECRYPTION_FAIL");
            return null;
        }
    }

    /* JADX WARN: Code restructure failed: missing block: B:18:0x0019, code lost:
    
        r0 = com.kakao.talk.kakaopay.e.h.a.f19762b;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static com.kakao.talk.kakaopay.e.h.a e(java.lang.String r4) {
        /*
            com.kakao.talk.kakaopay.home.a r0 = com.kakao.talk.kakaopay.home.a.a()     // Catch: java.lang.Exception -> L70
            byte[] r0 = r0.f()     // Catch: java.lang.Exception -> L70
            boolean r1 = org.apache.commons.b.a.a(r0)     // Catch: java.lang.Exception -> L70
            if (r1 == 0) goto L1a
            java.lang.String r0 = "_GET_FIDO_PASSWORD_STATUS"
            java.lang.String r1 = "PRIVATE_KEY_IS_NULL"
            b(r0, r1)     // Catch: java.lang.Exception -> L70
            com.kakao.talk.kakaopay.e.h$a r0 = com.kakao.talk.kakaopay.e.h.a.NOT_EXIST_KEY     // Catch: java.lang.Exception -> L70
        L19:
            return r0
        L1a:
            com.kakao.talk.kakaopay.home.a r1 = com.kakao.talk.kakaopay.home.a.a()     // Catch: java.lang.Exception -> L70
            java.lang.String r2 = "fido_salt"
            byte[] r1 = r1.i(r2)     // Catch: java.lang.Exception -> L70
            boolean r2 = org.apache.commons.b.a.a(r1)     // Catch: java.lang.Exception -> L70
            if (r2 == 0) goto L37
            java.lang.String r0 = "_GET_FIDO_PASSWORD_STATUS"
            java.lang.String r1 = "SALT_IS_EMPTY"
            b(r0, r1)     // Catch: java.lang.Exception -> L70
            com.kakao.talk.kakaopay.e.h$a r0 = com.kakao.talk.kakaopay.e.h.a.NOT_EXIST_KEY     // Catch: java.lang.Exception -> L70
            goto L19
        L37:
            com.kakao.talk.kakaopay.home.a r2 = com.kakao.talk.kakaopay.home.a.a()     // Catch: java.lang.Exception -> L70
            java.lang.String r3 = "fido_iv"
            byte[] r2 = r2.i(r3)     // Catch: java.lang.Exception -> L70
            boolean r3 = org.apache.commons.b.a.a(r2)     // Catch: java.lang.Exception -> L70
            if (r3 == 0) goto L54
            java.lang.String r0 = "_GET_FIDO_PASSWORD_STATUS"
            java.lang.String r1 = "IV_IS_EMPTY"
            b(r0, r1)     // Catch: java.lang.Exception -> L70
            com.kakao.talk.kakaopay.e.h$a r0 = com.kakao.talk.kakaopay.e.h.a.NOT_EXIST_KEY     // Catch: java.lang.Exception -> L70
            goto L19
        L54:
            byte[] r3 = r4.getBytes()     // Catch: java.lang.Exception -> L70
            java.lang.String r3 = a(r3)     // Catch: java.lang.Exception -> L70
            com.kakao.talk.kakaopay.cert.b.a()     // Catch: java.lang.Exception -> L70
            byte[] r0 = com.kakao.talk.kakaopay.cert.b.a(r3, r0, r1, r2)     // Catch: java.lang.Exception -> L70
            com.kakao.talk.kakaopay.cert.b r1 = com.kakao.talk.kakaopay.cert.b.a()     // Catch: java.lang.Exception -> L70
            boolean r0 = r1.a(r0)     // Catch: java.lang.Exception -> L70
            if (r0 == 0) goto L7b
            com.kakao.talk.kakaopay.e.h$a r0 = com.kakao.talk.kakaopay.e.h.a.SUCCESS     // Catch: java.lang.Exception -> L70
            goto L19
        L70:
            r0 = move-exception
            java.lang.String r1 = "개인키_로드_실패"
            java.lang.String r0 = r0.getMessage()
            com.kakao.talk.kakaopay.e.e.c(r1, r0)
        L7b:
            com.kakao.talk.kakaopay.e.h$a r0 = com.kakao.talk.kakaopay.e.h.a.WRONG_PASSWORD
            goto L19
        */
        throw new UnsupportedOperationException("Method not decompiled: com.kakao.talk.kakaopay.e.h.e(java.lang.String):com.kakao.talk.kakaopay.e.h$a");
    }
}
