package com.nets.nofsdk.o;

import android.content.Context;
import com.abl.nets.hcesdk.exception.DBNotInitialisedException;
import com.abl.nets.hcesdk.exception.SecureServiceProviderNotInitializedException;
import com.abl.nets.hcesdk.model.PublicKeySet;
import com.abl.nets.hcesdk.orm.DB;
import com.abl.nets.hcesdk.orm.SystemParam;
import com.abl.nets.hcesdk.orm.database.CardData;
import com.abl.nets.hcesdk.orm.database.NOFCardData;
import com.abl.nets.hcesdk.orm.database.TokenData;
import com.abl.netspay.api.NetspayService;
import java.security.SecureRandom;
import java.sql.SQLException;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
import java.util.Locale;
import java.util.concurrent.Callable;
import javax.crypto.Cipher;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.PBEKeySpec;
import javax.crypto.spec.SecretKeySpec;

/* loaded from: classes6.dex */
public class x {

    /* renamed from: a, reason: collision with root package name */
    public static final String f15644a = "com.nets.nofsdk.o.x";

    /* renamed from: b, reason: collision with root package name */
    public static SecureRandom f15645b = new SecureRandom();

    /* renamed from: c, reason: collision with root package name */
    public static t f15646c;

    /* loaded from: classes6.dex */
    public class a implements Callable<Boolean> {

        /* renamed from: a, reason: collision with root package name */
        public final /* synthetic */ boolean f15647a;

        /* renamed from: b, reason: collision with root package name */
        public final /* synthetic */ Object f15648b;

        /* renamed from: c, reason: collision with root package name */
        public final /* synthetic */ List f15649c;
        public final /* synthetic */ List d;

        public a(boolean z10, Object obj, List list, List list2) {
            this.f15647a = z10;
            this.f15648b = obj;
            this.f15649c = list;
            this.d = list2;
        }

        @Override // java.util.concurrent.Callable
        public Boolean call() throws Exception {
            if (!this.f15647a) {
                SystemParam.setSalt("");
                u.f15630b.put("DEK1_BACKUP", u.a("DEK1"));
                u.f15630b.put("DEK2_BACKUP", u.a("DEK2"));
                u.f15630b.invalidate("DEK1");
                u.f15630b.invalidate("DEK2");
                z.a(x.f15644a, "invalidated DEKs");
                x.c();
                x.b();
            }
            x.a("DEK1", this.f15648b);
            x.a("DEK2", this.f15648b);
            x.a("DEK1_BACKUP", this.f15648b);
            x.a("DEK2_BACKUP", this.f15648b);
            z.a(x.f15644a, "gotten new DEKs");
            SecureRandom secureRandom = new SecureRandom();
            for (int i = 0; i < this.f15649c.size(); i++) {
                CardData cardData = (CardData) this.f15649c.get(i);
                cardData.setEncryptedTLVs(x.c("DEK1", cardData.getEncryptedTLVs(), false));
                cardData.setTrack2DiscretionaryData(x.c("DEK1", cardData.getTrack2DiscretionaryData(), false));
                byte[] bArr = new byte[16];
                secureRandom.nextBytes(bArr);
                cardData.setSaltHex(y.a(bArr));
                cardData.setHashHex(x.a("DEK1", bArr));
                DB.getInstance().updateCardData(cardData);
            }
            z.a(x.f15644a, "done encrypt card data with DEK1");
            for (int i10 = 0; i10 < this.d.size(); i10++) {
                TokenData tokenData = (TokenData) this.d.get(i10);
                tokenData.setEncryptedTLVs(x.c("DEK2", tokenData.getEncryptedTLVs(), false));
                byte[] bArr2 = new byte[16];
                secureRandom.nextBytes(bArr2);
                tokenData.setSaltHex(y.a(bArr2));
                tokenData.setHashHex(x.a("DEK2", bArr2));
                DB.getInstance().updateTokenData(tokenData);
            }
            z.a(x.f15644a, "done encrypt LUKs with DEK2");
            SystemParam.setDateParameter(SystemParam.LAST_DB_ENCRYPT_DATE, new Date());
            return Boolean.TRUE;
        }
    }

    static {
        new HashMap();
        new HashMap();
    }

    public static String a(NOFCardData nOFCardData) throws DBNotInitialisedException, SQLException, SecureServiceProviderNotInitializedException {
        if (nOFCardData == null) {
            return null;
        }
        if (u.a("DEK1") == null) {
            a("DEK1", (Object) u.f15631c);
        }
        if (u.a("DEK1_BACKUP") == null) {
            a("DEK1_BACKUP", (Object) u.f15631c);
        }
        z.a();
        String issuerID = nOFCardData.getIssuerID();
        String encryptedTLVs = nOFCardData.getEncryptedTLVs();
        if (issuerID == null || issuerID.isEmpty()) {
            z.b(f15644a, "[decryptCardData] Null or empty issuer ID");
        }
        if (encryptedTLVs == null || encryptedTLVs.isEmpty()) {
            z.b(f15644a, "[decryptCardData] Null or empty cipher text");
        }
        String saltHex = nOFCardData.getSaltHex();
        String hashHex = nOFCardData.getHashHex();
        if (hashHex == null || saltHex == null) {
            return a(encryptedTLVs, "DEK1");
        }
        byte[] a10 = y.a(saltHex);
        String a11 = a("DEK1", a10);
        if (a11 != null && a11.toUpperCase(Locale.US).equalsIgnoreCase(hashHex)) {
            return a(encryptedTLVs, "DEK1");
        }
        String a12 = a("DEK1_BACKUP", a10);
        if (a12 == null || !a12.toUpperCase(Locale.US).equalsIgnoreCase(hashHex)) {
            return null;
        }
        return a(encryptedTLVs, "DEK1_BACKUP");
    }

    public static String a(TokenData tokenData) throws DBNotInitialisedException, SQLException, SecureServiceProviderNotInitializedException {
        if (tokenData == null) {
            return null;
        }
        if (u.a("DEK2") == null) {
            a("DEK2", (Object) u.f15631c);
        }
        if (u.a("DEK2_BACKUP") == null) {
            a("DEK2_BACKUP", (Object) u.f15631c);
        }
        String issuerID = tokenData.getIssuerID();
        String encryptedTLVs = tokenData.getEncryptedTLVs();
        if (issuerID == null || issuerID.isEmpty()) {
            z.b(f15644a, "[decryptCardData] Null or empty issuer ID");
        }
        if (encryptedTLVs == null || encryptedTLVs.isEmpty()) {
            z.b(f15644a, "[decryptCardData] Null or empty cipher text");
        }
        String saltHex = tokenData.getSaltHex();
        String hashHex = tokenData.getHashHex();
        if (hashHex == null || saltHex == null) {
            return a(encryptedTLVs, "DEK2");
        }
        byte[] a10 = y.a(saltHex);
        String a11 = a("DEK2", a10);
        if (a11 != null && a11.toUpperCase(Locale.US).equalsIgnoreCase(hashHex)) {
            return a(encryptedTLVs, "DEK2");
        }
        String a12 = a("DEK2_BACKUP", a10);
        if (a12 == null || !a12.toUpperCase(Locale.US).equalsIgnoreCase(a12)) {
            return null;
        }
        return a(encryptedTLVs, "DEK2_BACKUP");
    }

    public static String a(v vVar, String str, int i) {
        if (str == null) {
            try {
                z.b(f15644a, "[des3cipherCBC] Null cipherText");
            } catch (Exception e10) {
                z.b(f15644a, "error in crypto " + e10.getMessage());
                z.a(f15644a, e10);
                if (str == null) {
                    z.b(f15644a, "Null cipher text");
                }
                if (vVar == null) {
                    z.b(f15644a, "Null key object");
                } else if (vVar.f15636a == null) {
                    z.b(f15644a, "Null secret key");
                }
            }
        }
        if (i == 1) {
            return f15646c.encrypt(str, "DESede/CBC/NoPadding", vVar.f15636a, new byte[8]);
        }
        if (i == 2) {
            return f15646c.decrypt(str, "DESede/CBC/NoPadding", vVar.f15636a, new byte[8]);
        }
        return null;
    }

    public static String a(v vVar, String str, String str2) {
        v a10 = u.a(str);
        if (vVar == null) {
            z.b(f15644a, "[decryptAndReEncryptUsingDEK] null decryptkey");
            return null;
        }
        if (a10 == null) {
            z.b(f15644a, "[decryptAndReEncryptUsingDEK] null encryptKey");
            return null;
        }
        if (str2 == null) {
            z.b(f15644a, "[decryptWithKey1EncryptWithKey2] null cipherText");
        }
        return a(a10, a(vVar, str2, 2), 1);
    }

    public static String a(String str) throws DBNotInitialisedException, SecureServiceProviderNotInitializedException, SQLException {
        return a(str, "DEK1");
    }

    public static String a(String str, String str2) throws DBNotInitialisedException, SecureServiceProviderNotInitializedException, SQLException {
        String str3 = null;
        if (str != null && str2 != null) {
            Object obj = new Object();
            if (u.a("DEK1") == null) {
                a("DEK1", obj);
            }
            if (u.a("DEK1_BACKUP") == null) {
                a("DEK1_BACKUP", obj);
            }
            if (u.a("DEK2") == null) {
                a("DEK2", obj);
            }
            if (u.a("DEK2_BACKUP") == null) {
                a("DEK2_BACKUP", obj);
            }
            v a10 = u.a(str2);
            if (a10 != null) {
                String a11 = a(a10, str, 2);
                if (a11 == null) {
                    z.b(f15644a, "Null clear Text in decrypt Token Data");
                    return null;
                }
                String g = g(a11);
                try {
                    z.a();
                    str3 = f15646c.decryptWithWKB(g, new byte[16]);
                } catch (Exception e10) {
                    z.a(f15644a, e10);
                }
                z.b();
            }
        }
        return str3;
    }

    public static String a(String str, String str2, boolean z10) throws SQLException, DBNotInitialisedException {
        v a10 = u.a(str);
        if (!z10) {
            return a(a10, str2, 2);
        }
        String a11 = a(a10, str2, 2);
        if (a11 == null) {
            z.b(f15644a, "[des3cipherCBCRemovePadding] Failed to decrypt");
            return null;
        }
        if (str2.length() % 16 != 0) {
            z.b(f15644a, "[des3cipherCBCRemovePadding] Wrong length - not in blocks of 16");
            return null;
        }
        String substring = a11.substring(a11.length() - 16, a11.length());
        if (substring.toUpperCase(Locale.US).startsWith("80")) {
            return a11.substring(0, a11.length() - substring.length());
        }
        z.b(f15644a, "[des3cipherCBCRemovePadding] Does not contain 80 at the end : " + a11);
        return null;
    }

    public static String a(String str, byte[] bArr) {
        if (str == null || bArr == null) {
            return null;
        }
        try {
            v a10 = u.a(str);
            if (a10 != null) {
                return f15646c.sha256(y.a(bArr, y.b(a10.f15637b)));
            }
            return null;
        } catch (Exception e10) {
            z.a(f15644a, e10);
            return null;
        }
    }

    public static void a() throws SQLException, DBNotInitialisedException, SecureServiceProviderNotInitializedException {
        z.a();
        if (f15646c == null) {
            throw new SecureServiceProviderNotInitializedException();
        }
        if (u.a(SystemParam.KEK) != null) {
            z.a(f15644a, "KEK already in cache");
            return;
        }
        String kek = SystemParam.getKEK();
        if (kek != null) {
            z.a(f15644a, "found KEK but not in cache");
            try {
                SecretKey importKeyBytes = f15646c.importKeyBytes(t.ALGO_DESEDE, y.b(kek));
                v vVar = new v();
                vVar.a(importKeyBytes, f15646c);
                u.f15630b.put(SystemParam.KEK, vVar);
                return;
            } catch (Exception e10) {
                z.a(f15644a, e10);
            }
        }
        if (SystemParam.getSalt() == null) {
            z.a(f15644a, "Null salt");
        }
        if (f.h.f15533b.a() == null) {
            z.a(f15644a, "Null deviceid");
        }
        c();
    }

    public static void a(Context context) {
    }

    public static void a(PublicKeySet publicKeySet) {
    }

    public static void a(t tVar) {
        f15646c = tVar;
        d();
    }

    public static void a(String str, Object obj) throws DBNotInitialisedException, SQLException, SecureServiceProviderNotInitializedException {
        z.a(f15644a, "trying to enter method decryptKeyEncryptedByKEKToCache synchronized on " + obj);
        synchronized (obj) {
            z.a(f15644a, "in synchronized block on " + obj);
            String encryptedDEK1 = "DEK1".equalsIgnoreCase(str) ? SystemParam.getEncryptedDEK1() : "DEK2".equalsIgnoreCase(str) ? SystemParam.getEncryptedDEK2() : "DEK1_BACKUP".equalsIgnoreCase(str) ? SystemParam.getEncryptedDEK1Backup() : "DEK2_BACKUP".equalsIgnoreCase(str) ? SystemParam.getEncryptedDEK2Backup() : null;
            if (encryptedDEK1 == null) {
                z.b(f15644a, str + " is null !!! ");
                return;
            }
            v a10 = u.a(SystemParam.KEK);
            if (a10 == null) {
                try {
                    String a11 = y.a(NetspayService.getInstance().getContext(), "CONFIG_SECURITY_MANAGER", "KEY_WRAPPED_KEK", null);
                    if (a11 != null) {
                        v b10 = b(t.ALGO_DESEDE, y.b(a11));
                        u.f15630b.put(str, b(t.ALGO_DESEDE, y.b(g(a(b10, encryptedDEK1, 2)))));
                        try {
                            u.f15630b.put(SystemParam.KEK, b10);
                            SystemParam.setKEK(a11);
                            return;
                        } catch (Exception unused) {
                            a10 = b10;
                        }
                    }
                } catch (Exception unused2) {
                }
            }
            if (a10 == null) {
                try {
                    String kek = SystemParam.getKEK();
                    if (kek != null) {
                        v b11 = b(t.ALGO_DESEDE, y.b(kek));
                        try {
                            u.f15630b.put(str, b(t.ALGO_DESEDE, y.b(g(a(b11, encryptedDEK1, 2)))));
                            u.f15630b.put(SystemParam.KEK, b11);
                            return;
                        } catch (Exception unused3) {
                            a10 = b11;
                        }
                    }
                } catch (Exception unused4) {
                }
            }
            if (a10 == null) {
                a();
                a10 = u.a(SystemParam.KEK);
            }
            try {
                v vVar = new v();
                vVar.a(f15646c.importKeyBytes(t.ALGO_DESEDE, y.b(g(a(a10, encryptedDEK1, 2)))), f15646c);
                u.f15630b.put(str, vVar);
            } catch (Exception e10) {
                z.a(f15644a, e10);
            }
        }
    }

    public static boolean a(String str, String str2, String str3) {
        try {
            if (DB.getInstance().savePublicKey("ISS" + str, str2, str3)) {
                return true;
            }
            z.b(f15644a, "Failed to save issuer public key");
            return true;
        } catch (DBNotInitialisedException unused) {
            z.b(f15644a, "DB not initialisd when saving issuer public key");
            return false;
        }
    }

    public static v b(String str, byte[] bArr) throws Exception {
        if (bArr == null) {
            return null;
        }
        SecretKey importKeyBytes = f15646c.importKeyBytes(str, bArr);
        v vVar = new v();
        vVar.a(importKeyBytes, f15646c);
        return vVar;
    }

    public static String b(String str) {
        if (str == null || str.isEmpty()) {
            return null;
        }
        try {
            return f15646c.decryptWithWBKWithPadding(str, new byte[16], t.MODE_CBC, t.PADDING_NO);
        } catch (Exception e10) {
            z.a(f15644a, e10);
            return null;
        }
    }

    public static String b(String str, String str2) {
        byte[] b10 = y.b(str);
        byte[] b11 = y.b(str2);
        try {
            SecretKeySpec secretKeySpec = new SecretKeySpec(b10, "DES");
            Cipher cipher = Cipher.getInstance("DES/ECB/NoPadding");
            cipher.init(1, secretKeySpec);
            return y.a(cipher.doFinal(b11));
        } catch (Exception e10) {
            z.a(f15644a, e10);
            return null;
        }
    }

    public static String b(String str, String str2, boolean z10) {
        z.a(f15644a, "encryptKeyWithKeyEncryptionKey keyname:" + str + " using kekname:" + str2);
        try {
            return a(u.a(str2), f(y.a(f15646c.export(t.ALGO_DESEDE, u.a(str).f15636a))), 1);
        } catch (Exception e10) {
            if (!z10) {
                return null;
            }
            z.a(f15644a, e10);
            return null;
        }
    }

    public static void b() throws DBNotInitialisedException, SQLException {
        SystemParam.setEncryptedDEK1(d("DEK1"));
        SystemParam.setEncryptedDEK2(d("DEK2"));
        SystemParam.setEncryptedDEK1Backup(b("DEK1_BACKUP", SystemParam.KEK, false));
        SystemParam.setEncryptedDEK2Backup(b("DEK2_BACKUP", SystemParam.KEK, false));
    }

    public static void b(TokenData tokenData) {
        if (tokenData != null) {
            byte[] bArr = new byte[16];
            f15645b.nextBytes(bArr);
            tokenData.setSaltHex(y.a(bArr));
            tokenData.setHashHex(a("DEK2", bArr));
        }
    }

    public static String c(String str) {
        if (str == null || str.isEmpty()) {
            return null;
        }
        try {
            return f15646c.encryptWithWBK(str, new byte[16], t.MODE_CBC, t.PADDING_NO);
        } catch (Exception e10) {
            z.a(f15644a, e10);
            return null;
        }
    }

    public static String c(String str, String str2) {
        byte[] bArr = new byte[24];
        byte[] b10 = y.b(str);
        System.arraycopy(b10, 0, bArr, 0, 16);
        System.arraycopy(b10, 0, bArr, 16, 8);
        byte[] b11 = y.b(str2);
        try {
            SecretKeySpec secretKeySpec = new SecretKeySpec(bArr, t.ALGO_DESEDE);
            Cipher cipher = Cipher.getInstance("DESede/ECB/NoPadding");
            cipher.init(1, secretKeySpec);
            return y.a(cipher.doFinal(b11));
        } catch (Exception e10) {
            z.a(f15644a, e10);
            return null;
        }
    }

    public static String c(String str, String str2, boolean z10) throws SQLException, DBNotInitialisedException {
        v a10 = u.a(str);
        if (z10) {
            str2 = f(str2);
        }
        return a(a10, str2, 1);
    }

    public static void c() throws DBNotInitialisedException, SQLException {
        byte[] bArr;
        byte[] bArr2 = new byte[8];
        f15645b.nextBytes(bArr2);
        SystemParam.setSalt(y.a(bArr2));
        char[] charArray = f.h.f15533b.a().toCharArray();
        v vVar = new v();
        z.a(f15644a, "in get allstuff kek");
        try {
            bArr = SecretKeyFactory.getInstance("PBKDF2WithHmacSHA1").generateSecret(new PBEKeySpec(charArray, bArr2, 1000, 192)).getEncoded();
        } catch (Exception unused) {
            bArr = null;
        }
        try {
            z.a(f15644a, "after PBKDF 2");
            SecretKey sKBProtectedDESede = f15646c.getSKBProtectedDESede(bArr);
            SystemParam.setKEK(y.a(f15646c.export(t.ALGO_DESEDE, sKBProtectedDESede)));
            vVar.a(sKBProtectedDESede, f15646c);
        } catch (Exception e10) {
            z.a(f15644a, "exception in deriving the kek " + e10.getLocalizedMessage());
        }
        u.f15630b.put(SystemParam.KEK, vVar);
    }

    public static String d(String str) {
        z.a(f15644a, "IN generate dek encrypted by kek : " + str);
        if (u.a(str) == null) {
            byte[] bArr = new byte[16];
            f15645b.nextBytes(bArr);
            for (int i = 0; i < 16; i++) {
                byte b10 = bArr[i];
                bArr[i] = (byte) ((1 & (((b10 >> 7) ^ ((((((b10 >> 1) ^ (b10 >> 2)) ^ (b10 >> 3)) ^ (b10 >> 4)) ^ (b10 >> 5)) ^ (b10 >> 6))) ^ 1)) | (b10 & ay.j.f1632l));
            }
            v vVar = new v();
            try {
                vVar.a(f15646c.getSKBProtectedDESede(bArr), f15646c);
                u.f15630b.put(str, vVar);
                return b(str, SystemParam.KEK, true);
            } catch (Exception e10) {
                z.a(f15644a, e10);
            }
        }
        return null;
    }

    public static synchronized void d() {
        synchronized (x.class) {
            z.a(f15644a, "initializing SecurityManager");
            try {
                String salt = SystemParam.getSalt();
                if (salt == null || salt.isEmpty()) {
                    z.a(f15644a, "Salt not present");
                    byte[] bArr = new byte[8];
                    f15645b.nextBytes(bArr);
                    SystemParam.setSalt(y.a(bArr));
                    z.a(f15644a, "New Salt " + SystemParam.getSalt());
                    if (u.a(SystemParam.KEK) != null) {
                        z.a(f15644a, "found KEK going to invalidate");
                        u.f15630b.invalidate(SystemParam.KEK);
                    }
                    a();
                    SystemParam.setDateParameter(SystemParam.LAST_DB_ENCRYPT_DATE, new Date());
                    b();
                }
            } catch (Exception e10) {
                z.a(f15644a, e10);
            }
        }
    }

    /* JADX WARN: Removed duplicated region for block: B:10:0x005b  */
    /* JADX WARN: Removed duplicated region for block: B:151:0x0024  */
    /* JADX WARN: Removed duplicated region for block: B:5:0x001b  */
    /* JADX WARN: Removed duplicated region for block: B:8:0x005a A[RETURN] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static void e() throws com.abl.nets.hcesdk.exception.SecureServiceProviderNotInitializedException {
        /*
            Method dump skipped, instructions count: 689
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.nets.nofsdk.o.x.e():void");
    }

    public static boolean e(String str) {
        if (str == null) {
            z.b("SE0001", "decrypted data is null");
            return false;
        }
        if (str.length() - 16 >= 0) {
            return str.substring(str.length() - 16).toUpperCase(Locale.US).startsWith("80");
        }
        z.b("SE0001", "decrypted data incorrect length");
        return false;
    }

    public static String f(String str) {
        if (str.length() % 2 == 1) {
            return null;
        }
        String str2 = str + "80";
        while (str2.length() % 16 != 0) {
            str2 = str2 + "00";
        }
        return str2;
    }

    public static String g(String str) {
        if (str == null) {
            z.b(f15644a, "[removePadDataforDes3] data is null");
            return null;
        }
        String substring = str.substring(str.length() - 16, str.length());
        int lastIndexOf = substring.toUpperCase(Locale.US).lastIndexOf("80");
        if (lastIndexOf == -1) {
            z.b(f15644a, "[removePadDataforDes3] Does not contain 80 at the end : " + str);
            return null;
        }
        return str.substring(0, str.length() - 16) + substring.substring(0, lastIndexOf);
    }
}
