package com.kakao.talk.kakaopay.util;

import android.content.Context;
import android.content.DialogInterface;
import android.content.Intent;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.text.TextUtils;
import android.util.Base64;
import androidx.fragment.app.FragmentActivity;
import com.iap.ac.android.lb.a;
import com.iap.ac.android.lb.j;
import com.kakao.talk.R;
import com.kakao.talk.kakaopay.cert.KakaoPayCert;
import com.kakao.talk.kakaopay.home.KakaoPayPref;
import com.kakao.talk.log.noncrash.PayNonCrashException;
import com.kakao.talk.reporter.CrashReporter;
import com.kakao.talk.widget.dialog.ConfirmDialog;
import com.kakao.talk.widget.dialog.ToastUtil;
import com.kakaopay.shared.password.nfilter.PayNFilterUtils;
import com.nimbusds.jose.util.Base64URL;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.math.BigInteger;
import java.security.Key;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.interfaces.ECPrivateKey;
import java.security.interfaces.ECPublicKey;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Calendar;
import java.util.Locale;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes4.dex */
public class KpCertUtil {
    public static String a = "yyyy/MM/dd, HH:mm:ss";

    /* loaded from: classes4.dex */
    public enum PASSWORD_CHECK_RESULT {
        NOT_EXIST_KEY,
        WRONG_PASSWORD,
        SUCCESS,
        FAIL
    }

    public static String A() {
        return KakaoPayPref.E().v();
    }

    public static void B(final FragmentActivity fragmentActivity) {
        PayDialogUtils.l(fragmentActivity, fragmentActivity.getString(R.string.pay_cert_register_exit), R.string.pay_cert_stop, R.string.pay_cert_keep_going, new DialogInterface.OnClickListener() { // from class: com.kakao.talk.kakaopay.util.KpCertUtil.1
            @Override // android.content.DialogInterface.OnClickListener
            public void onClick(DialogInterface dialogInterface, int i) {
                if (-1 == i) {
                    FragmentActivity.this.finish();
                }
            }
        });
    }

    public static void C(FragmentActivity fragmentActivity, DialogInterface.OnClickListener onClickListener) {
        ConfirmDialog.with(fragmentActivity).message(R.string.pay_cert_register_exit).setCancelable(false).setPositiveButton(R.string.pay_cert_stop, onClickListener).setNegativeButton(R.string.pay_cert_keep_going).show();
    }

    public static void D() {
        d();
        KakaoPayPref.E().z0();
        KakaoPayPref.E().A0();
        KakaoPayPref.E().y0();
        K();
    }

    public static void E() {
        KakaoPayPref.E().E0();
        KakaoPayPref.E().C0();
        KakaoPayPref.E().D0();
        KakaoPayPref.E().B0();
        KakaoPayPref.E().x0();
        D();
    }

    public static void F(String str) {
        KakaoPayPref.E().b1(str);
    }

    public static void G(String str, String str2) {
        Kinsight.e().i(TextUtils.concat("TAG_CERT_UTIL", str).toString(), str2);
    }

    public static String H(byte[] bArr) {
        try {
            return Base64URL.m106encode(MessageDigest.getInstance("SHA-256").digest(bArr)).toString();
        } catch (NoSuchAlgorithmException e) {
            G("_GET_SHA256_ENCODING", "SHA256_ENCODING_FAIL");
            CrashReporter.e.l(e);
            return null;
        }
    }

    public static String I(byte[] bArr, byte[] bArr2) {
        byte[] bArr3 = new byte[bArr.length + bArr2.length];
        System.arraycopy(bArr, 0, bArr3, 0, bArr.length);
        System.arraycopy(bArr2, 0, bArr3, bArr.length, bArr2.length);
        String H = H(bArr3);
        b(bArr3);
        return H;
    }

    public static void J() {
        KakaoPayPref E = KakaoPayPref.E();
        E.k1(KpDateUtils.b(System.currentTimeMillis(), a));
        E.l1(E.G() + 1);
    }

    public static void K() {
        KakaoPayPref.E().o1(KpDateUtils.b(System.currentTimeMillis(), a));
    }

    public static void L() {
        KakaoPayPref E = KakaoPayPref.E();
        E.n1(KpDateUtils.b(System.currentTimeMillis(), a));
        E.m1(E.H() + 1);
    }

    public static void a(FragmentActivity fragmentActivity) {
        if (fragmentActivity == null) {
            return;
        }
        fragmentActivity.getWindow().addFlags(8192);
    }

    public static void b(byte[] bArr) {
        Arrays.fill(bArr, (byte) 0);
    }

    public static void c(FragmentActivity fragmentActivity) {
        if (fragmentActivity == null) {
            return;
        }
        fragmentActivity.getWindow().clearFlags(8192);
    }

    public static boolean d() {
        return e("KakaoPayCertFidoNFace");
    }

    public static boolean e(String str) {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            if (!keyStore.containsAlias(str)) {
                return false;
            }
            keyStore.deleteEntry(str);
            return true;
        } catch (Exception e) {
            e.printStackTrace();
            G("_DO_PW_ENCRYPTION", "KEYSTORE_FAILED_TO_DELETE");
            CrashReporter.e.l(e);
            return false;
        }
    }

    public static byte[] f(String str) {
        return h(str, "KakaoPayCertFidoNFace");
    }

    public static byte[] g(String str) {
        return h(str, "KakaoPayCertPassword");
    }

    public static synchronized byte[] h(String str, String str2) {
        synchronized (KpCertUtil.class) {
            if (j.B(str)) {
                return null;
            }
            try {
                KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
                keyStore.load(null);
                Key key = keyStore.getKey(str2, null);
                if (key == null) {
                    String str3 = "entry is null, alias:" + str2;
                    return null;
                }
                Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
                cipher.init(2, key);
                CipherInputStream cipherInputStream = new CipherInputStream(new ByteArrayInputStream(Base64.decode(str, 0)), cipher);
                ArrayList arrayList = new ArrayList();
                while (true) {
                    int read = cipherInputStream.read();
                    if (read == -1) {
                        break;
                    }
                    arrayList.add(Byte.valueOf((byte) read));
                }
                int size = arrayList.size();
                byte[] bArr = new byte[size];
                for (int i = 0; i < size; i++) {
                    bArr[i] = ((Byte) arrayList.get(i)).byteValue();
                }
                return bArr;
            } catch (Exception e) {
                e.printStackTrace();
                G("_DO_PW_DECRYPTION", "DO_PASSWORD_DECRYPTION_FAIL");
                CrashReporter.e.l(e);
                return null;
            }
        }
    }

    public static String i(byte[] bArr) {
        return k(bArr, "KakaoPayCertFidoNFace");
    }

    public static String j(byte[] bArr) {
        return k(bArr, "KakaoPayCertPassword");
    }

    public static synchronized String k(byte[] bArr, String str) {
        synchronized (KpCertUtil.class) {
            try {
                KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
                keyStore.load(null);
                KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry(str, null);
                if (privateKeyEntry == null) {
                    String str2 = "entry is null, alias:" + str;
                    return null;
                }
                Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding");
                cipher.init(1, privateKeyEntry.getCertificate().getPublicKey());
                ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
                CipherOutputStream cipherOutputStream = new CipherOutputStream(byteArrayOutputStream, cipher);
                cipherOutputStream.write(bArr);
                cipherOutputStream.close();
                return Base64.encodeToString(byteArrayOutputStream.toByteArray(), 0);
            } catch (Exception e) {
                e.printStackTrace();
                G("_DO_PW_ENCRYPTION", "DO_PASSWORD_ENCRYPTION_FAIL");
                CrashReporter.e.l(e);
                return null;
            }
        }
    }

    public static boolean l(Context context) {
        return n(context, "KakaoPayCertFidoNFace");
    }

    public static boolean m(Context context) {
        return n(context, "KakaoPayCertPassword");
    }

    public static synchronized boolean n(Context context, String str) {
        synchronized (KpCertUtil.class) {
            try {
                KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
                keyStore.load(null);
                if (keyStore.containsAlias(str)) {
                    keyStore.deleteEntry(str);
                }
                if (Build.VERSION.SDK_INT >= 23) {
                    KeyGenParameterSpec build = new KeyGenParameterSpec.Builder(str, 3).setDigests("SHA-256", "SHA-512").setEncryptionPaddings("PKCS1Padding").build();
                    KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
                    keyPairGenerator.initialize(build);
                    keyPairGenerator.generateKeyPair();
                } else {
                    Calendar calendar = Calendar.getInstance();
                    Calendar calendar2 = Calendar.getInstance();
                    calendar2.add(1, 99);
                    KeyPairGeneratorSpec build2 = new KeyPairGeneratorSpec.Builder(context).setAlias(str).setSubject(new X500Principal("CN=KakaoPay, O=KakaoCorp, C=SouthKorea")).setSerialNumber(BigInteger.TEN).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime()).build();
                    KeyPairGenerator keyPairGenerator2 = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
                    keyPairGenerator2.initialize(build2);
                    keyPairGenerator2.generateKeyPair();
                }
            } catch (Exception e) {
                e.printStackTrace();
                CrashReporter.e.l(e);
                context.startActivity(new Intent("com.android.credentials.UNLOCK"));
                ToastUtil.show(context.getString(R.string.pay_cert_register_retry));
                G("_GENERATE_KEYS", "GENERATE_KEYS_FAIL");
                return false;
            }
        }
        return true;
    }

    public static String o() {
        KakaoPayPref E = KakaoPayPref.E();
        String I = E.I();
        int H = E.H();
        String F = E.F();
        int G = E.G();
        return String.format(Locale.US, "S:%s, %d, F:%s, %d, R: %s", I, Integer.valueOf(H), F, Integer.valueOf(G), E.J());
    }

    public static PASSWORD_CHECK_RESULT p(String str) {
        byte[] x;
        try {
            x = KakaoPayPref.E().x();
        } catch (Exception e) {
            Kinsight.k("개인키_로드_실패", e.getMessage());
            CrashReporter.e.l(e);
        }
        if (a.k(x)) {
            G("_GET_FIDO_PASSWORD_STATUS", "PRIVATE_KEY_IS_NULL");
            return PASSWORD_CHECK_RESULT.NOT_EXIST_KEY;
        }
        byte[] y = KakaoPayPref.E().y();
        if (a.k(y)) {
            G("_GET_FIDO_PASSWORD_STATUS", "SALT_IS_EMPTY");
            return PASSWORD_CHECK_RESULT.NOT_EXIST_KEY;
        }
        byte[] w = KakaoPayPref.E().w();
        if (a.k(w)) {
            G("_GET_FIDO_PASSWORD_STATUS", "IV_IS_EMPTY");
            return PASSWORD_CHECK_RESULT.NOT_EXIST_KEY;
        }
        byte[] a2 = KakaoPayCert.i().a(H(str.getBytes()), x, y, w);
        if (a.k(a2)) {
            CrashReporter.e.l(PayNonCrashException.newInstance(o()));
            return PASSWORD_CHECK_RESULT.FAIL;
        }
        if (KakaoPayCert.i().n(a2)) {
            return PASSWORD_CHECK_RESULT.SUCCESS;
        }
        return PASSWORD_CHECK_RESULT.WRONG_PASSWORD;
    }

    public static KpLocalCertUtils q() {
        String v = KakaoPayPref.E().v();
        if (TextUtils.isEmpty(v)) {
            return new KpLocalCertUtils(null);
        }
        try {
            return new KpLocalCertUtils(KakaoPayCert.x(v));
        } catch (Exception e) {
            e.printStackTrace();
            CrashReporter.e.l(e);
            return new KpLocalCertUtils(null);
        }
    }

    public static PASSWORD_CHECK_RESULT r(String str, String str2) {
        byte[] A;
        try {
            A = KakaoPayPref.E().A();
        } catch (Exception e) {
            Kinsight.k("개인키_로드_실패", e.getMessage());
            CrashReporter.e.l(e);
        }
        if (a.k(A)) {
            G("_GET_PASSWORD_VALID_STATUS", "PRIVATE_KEY_IS_NULL");
            return PASSWORD_CHECK_RESULT.NOT_EXIST_KEY;
        }
        byte[] B = KakaoPayPref.E().B();
        if (a.k(B)) {
            G("_GET_PASSWORD_VALID_STATUS", "SALT_IS_EMPTY");
            return PASSWORD_CHECK_RESULT.NOT_EXIST_KEY;
        }
        byte[] z = KakaoPayPref.E().z();
        if (a.k(z)) {
            G("_GET_PASSWORD_VALID_STATUS", "IV_IS_EMPTY");
            return PASSWORD_CHECK_RESULT.NOT_EXIST_KEY;
        }
        byte[] s = s(str);
        if (a.k(s)) {
            G("_GET_PASSWORD_VALID_STATUS", "PLAIN_PASSWORD_IS_EMPTY");
        } else {
            String I = I(s, str2.getBytes());
            b(s);
            if (KakaoPayCert.i().n(KakaoPayCert.i().a(I, A, B, z))) {
                return PASSWORD_CHECK_RESULT.SUCCESS;
            }
        }
        return PASSWORD_CHECK_RESULT.WRONG_PASSWORD;
    }

    public static byte[] s(String str) {
        if (TextUtils.isEmpty(str)) {
            return null;
        }
        return PayNFilterUtils.getPlainPassword(str);
    }

    public static ECPublicKey t() {
        String v = KakaoPayPref.E().v();
        if (TextUtils.isEmpty(v)) {
            return null;
        }
        return (ECPublicKey) KakaoPayCert.x(v).getPublicKey();
    }

    public static String u(String str, byte[] bArr) {
        byte[] s = s(str);
        String I = I(bArr, s);
        b(s);
        return I;
    }

    public static boolean v() {
        try {
            return KakaoPayPref.E().x() != null;
        } catch (Exception e) {
            G("_HAS_CERT_FACE_N_FIDO_PKEY", "HAS_NO_CERT_FACE_N_FIDO_PKEY");
            CrashReporter.e.l(e);
            return false;
        }
    }

    public static boolean w() {
        try {
            return KakaoPayPref.E().A() != null;
        } catch (Exception e) {
            G("_HAS_CERT_PASSWORD_PKEY", "HAS_NO_CERT_FACE_N_FIDO_PKEY");
            CrashReporter.e.l(e);
            return false;
        }
    }

    public static boolean x(Context context, String str, byte[] bArr) {
        try {
            KakaoPayCert i = KakaoPayCert.i();
            String str2 = "passphares:" + str;
            KakaoPayCert.EncryptedData c = i.c(H(str.getBytes()), i.k().getEncoded(), bArr);
            if (c == null || !l(context)) {
                return false;
            }
            KakaoPayPref E = KakaoPayPref.E();
            if (!E.d1(c.d())) {
                return false;
            }
            E.e1(c.f());
            E.c1(c.e());
            L();
            return true;
        } catch (Exception e) {
            Kinsight.k("개인키_저장_실패", e.getMessage());
            CrashReporter.e.l(e);
            J();
            return false;
        }
    }

    public static boolean y(Context context, String str, String str2, byte[] bArr) {
        return z(context, KakaoPayCert.i().k(), str, str2, bArr);
    }

    public static boolean z(Context context, ECPrivateKey eCPrivateKey, String str, String str2, byte[] bArr) {
        byte[] s = s(str);
        try {
            if (a.k(s)) {
                G("_IS_OK_SAVE_KEYS", "PLAIN_PASSWORD_IS_EMPTY");
                return false;
            }
            String str3 = "passphares:" + str2;
            KakaoPayCert.EncryptedData c = KakaoPayCert.i().c(I(s, str2.getBytes()), eCPrivateKey.getEncoded(), bArr);
            if (c == null) {
                return false;
            }
            if (!m(context)) {
                return false;
            }
            KakaoPayPref E = KakaoPayPref.E();
            if (!E.g1(c.d())) {
                return false;
            }
            E.h1(c.f());
            E.f1(c.e());
            b(s);
            D();
            return true;
        } catch (Exception e) {
            Kinsight.k("개인키_저장_실패", e.getMessage());
            CrashReporter.e.l(e);
            return false;
        } finally {
            b(s);
        }
    }
}
