package com.trustonic.components.thpagent.agent;

import android.content.Context;
import android.util.Base64;
import com.trustedlogic.pcd.util.asn1.BERDecoder;
import com.trustedlogic.pcd.util.asn1.BERDecodingException;
import com.trustedlogic.pcd.util.asn1.universaltags.ObjectIdentifier;
import com.trustonic.asn1types.gp.UnblockSDRequest;
import com.trustonic.asn1types.gp.securitycontainer.getsddefresp.GetSdDefRespSecurityContainer;
import com.trustonic.asn1types.gp.securitycontainer.personalization.StoreDataCmdsSecurityContainer;
import com.trustonic.asn1types.trustonic.PersonalizationBundle;
import com.trustonic.asn1types.trustonic.TABundle;
import com.trustonic.components.thpagent.api.tamanager.KnownParameterIds;
import com.trustonic.components.thpagent.api.tamanager.KnownPayloadIds;
import com.trustonic.components.thpagent.api.tamanager.TAManager;
import com.trustonic.components.thpagent.exception.NotPermittedException;
import com.trustonic.components.thpagent.exception.SDKException;
import com.trustonic.utils.ASN1Utils;
import com.trustonic.utils.HexUtils;
import java.io.IOError;
import java.io.IOException;
import java.io.InputStream;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes.dex */
public class DefaultTAManager implements TAManager {
    private TABundle bundle;
    private final Configuration configuration;
    private final Context ctx;
    private byte[] decryptedEncryptionKey;
    private final Logger log;

    DefaultTAManager(TABundle tABundle, Configuration configuration, Context context) {
        this(configuration, context);
        this.bundle = tABundle;
    }

    DefaultTAManager(Configuration configuration, Context context) {
        this.configuration = configuration;
        this.log = new Logger(configuration.getLogLevel(), "DEFAULT_TA_MANAGER", configuration.getUseCase());
        this.ctx = context;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public DefaultTAManager(InputStream inputStream, Configuration configuration, Context context) throws IOException {
        this(configuration, context);
        try {
            this.log.debug("parsing bundle", new Object[0]);
            this.bundle = (TABundle) new BERDecoder(inputStream).readObject(TABundle.class);
            this.log.debug("bundle parsed", new Object[0]);
        } catch (BERDecodingException e) {
            throw e;
        } catch (IOException e2) {
            throw new IOError(e2);
        }
    }

    private void addPayload(List<byte[]> list, ObjectIdentifier objectIdentifier) {
        if (objectIdentifier != null) {
            byte[] valueOctets = objectIdentifier.getValueOctets();
            if (valueOctets.length > 1) {
                list.add(valueOctets);
            }
        }
    }

    private byte[] getDecryptedEncryptionKey(Map<String, String> map) throws SDKException, IOException, NotPermittedException {
        return new OnlineHelper(new OnlineParameters(ASN1Utils.buildUnblockRequest((GetSdDefRespSecurityContainer) ASN1Utils.decodeASN1(Base64.decode(map.get(KnownParameterIds.UNBLOCK_REQ_PAYLOAD), 0), GetSdDefRespSecurityContainer.class)), Long.valueOf(map.get(KnownParameterIds.BUNDLED_TA_VERSION)), HexUtils.toHexString(Base64.decode(map.get(KnownParameterIds.TA_UUID), 0)), map.containsKey("ENCRYPTED_DECRYPTION_KEY") ? map.get("ENCRYPTED_DECRYPTION_KEY") : null), this.ctx, this.configuration, OnlineUseCases.DECRYPTION_KEY).setHttpsCertificates(this.configuration.getServerCA()).getSymmetricKey();
    }

    private List<byte[]> getPersonalizationData(Map<String, String> map) throws SDKException, NotPermittedException, IOException {
        GetSdDefRespSecurityContainer getSdDefRespSecurityContainer = (GetSdDefRespSecurityContainer) ASN1Utils.decodeASN1(Base64.decode(map.get(KnownParameterIds.PERSONALIZATION_REQ_PAYLOAD), 0), GetSdDefRespSecurityContainer.class);
        this.log.trace("getting suid from Get SD Def command response", new Object[0]);
        String valueOctetsAsHexString = getSdDefRespSecurityContainer.getContainerContent().getCmdRespPayload().getGetSdDefCmdRespSecurityDomain().getEmbeddedSecurityContainer().getSecurityContainer().getContainerContent().getCommandResponse().getCryptoData().getUnblockSDResponseCryptoData().getSuid().getValueOctetsAsHexString();
        this.log.trace("suid from Get SD Def command response:" + valueOctetsAsHexString, new Object[0]);
        this.log.trace("getting L2 UUID from Get SD Def command response", new Object[0]);
        String valueOctetsAsHexString2 = getSdDefRespSecurityContainer.getContainerContent().getCmdRespPayload().getGetSdDefCmdRespSecurityDomain().getEmbeddedSecurityContainer().getSecurityContainer().getContainerContent().getCommandResponse().getCryptoData().getUnblockSDResponseCryptoData().getSdUUID().getValueOctetsAsHexString();
        this.log.trace("L2 UUID from SD Def command response:" + valueOctetsAsHexString2, new Object[0]);
        OnlineHelper httpsCertificates = new OnlineHelper(new OnlineParameters(Base64.decode(map.get(KnownParameterIds.PERSONALIZATION_REQ_PAYLOAD), 0), valueOctetsAsHexString, valueOctetsAsHexString2, HexUtils.toHexString(Base64.decode(map.get(KnownParameterIds.TA_UUID), 0)), null), this.ctx, this.configuration, OnlineUseCases.PERSONALIZATION).setHttpsCertificates(this.configuration.getServerCA());
        this.log.info("going online to retrieve personalization commands from TAM server", new Object[0]);
        byte[] command = httpsCertificates.getCommand();
        this.log.info("Received Personalization commands from TAM server", new Object[0]);
        this.log.trace("deserializing personalization commands into a PersonalizationBundle instance", new Object[0]);
        PersonalizationBundle personalizationBundle = (PersonalizationBundle) ASN1Utils.decodeASN1(command, PersonalizationBundle.class);
        this.log.trace("deserialization successful", new Object[0]);
        ArrayList arrayList = new ArrayList(personalizationBundle.getPackagedPersoCommands().size());
        Iterator<StoreDataCmdsSecurityContainer> it = personalizationBundle.getPackagedPersoCommands().iterator();
        while (it.hasNext()) {
            arrayList.add(it.next().toByteArray());
        }
        return arrayList;
    }

    private byte[] getUnblockL2SD(Map<String, String> map) throws SDKException, NotPermittedException, IOException {
        UnblockSDRequest buildUnblockRequest = ASN1Utils.buildUnblockRequest((GetSdDefRespSecurityContainer) ASN1Utils.decodeASN1(Base64.decode(map.get(KnownParameterIds.UNBLOCK_REQ_PAYLOAD), 2), GetSdDefRespSecurityContainer.class));
        String str = map.containsKey("ENCRYPTED_DECRYPTION_KEY") ? map.get("ENCRYPTED_DECRYPTION_KEY") : null;
        OnlineParameters onlineParameters = new OnlineParameters(buildUnblockRequest, Long.valueOf(map.get(KnownParameterIds.BUNDLED_TA_VERSION)), HexUtils.toHexString(Base64.decode(map.get(KnownParameterIds.TA_UUID), 0)), str);
        this.log.trace("remote unblock parameters:\n%s", onlineParameters);
        if (str == null) {
            return ASN1Utils.extractUnblockCommandFromSet(new OnlineHelper(onlineParameters, this.ctx, this.configuration, OnlineUseCases.ENROLLMENT).setHttpsCertificates(this.configuration.getServerCA()).getCommand(), this.log);
        }
        EncryptedTAUnblockCommands unblockAndSymmetricKey = new OnlineHelper(onlineParameters, this.ctx, this.configuration, OnlineUseCases.ENROLLMENT_AND_DECRYPTION_KEY).setHttpsCertificates(this.configuration.getServerCA()).getUnblockAndSymmetricKey();
        byte[] unblockSD = unblockAndSymmetricKey.getUnblockSD();
        this.decryptedEncryptionKey = unblockAndSymmetricKey.getSymmetricKeyStoreData();
        return unblockSD;
    }

    @Override // com.trustonic.components.thpagent.api.tamanager.TAManager
    public List<byte[]> getPayload(String str, Map<String, String> map) throws Exception {
        if (this.bundle == null || KnownPayloadIds.GET_TEE_DEFINITION.equals(str)) {
            return null;
        }
        ArrayList arrayList = new ArrayList(1);
        if (KnownPayloadIds.GET_L1_SD_DEFINITION.equals(str)) {
            arrayList.add(this.bundle.getL1SDDefinition().getValueOctets());
        } else if (KnownPayloadIds.GET_L2_SD_DEFINITION.equals(str)) {
            arrayList.add(this.bundle.getL2SDDefinition().getValueOctets());
        } else if (KnownPayloadIds.GET_TA_DEFINITION.equals(str)) {
            arrayList.add(this.bundle.getTaDefinition().getValueOctets());
        } else if (KnownPayloadIds.GET_TA_VERSION.equals(str)) {
            arrayList.add(this.bundle.getTaVersion().getValueOctets());
        } else if (KnownPayloadIds.INSTALL_L1_SD.equals(str)) {
            arrayList.add(this.bundle.getL1InstallSD().getValueOctets());
        } else if (KnownPayloadIds.INSTALL_L2_SD.equals(str)) {
            arrayList.add(this.bundle.getL2InstallSD().getValueOctets());
        } else if (KnownPayloadIds.INSTALL_TA.equals(str)) {
            arrayList.add(this.bundle.getInstallTA().getValueOctets());
        } else if (KnownPayloadIds.LOCK_TA.equals(str)) {
            arrayList.add(this.bundle.getLockTA().getValueOctets());
        } else {
            if (KnownPayloadIds.PERSONALIZATION_DATA.equals(str)) {
                return getPersonalizationData(map);
            }
            if (KnownPayloadIds.UNBLOCK_L2_SD.equals(str)) {
                arrayList.add(getUnblockL2SD(map));
            } else if (KnownPayloadIds.UNINSTALL_TA.equals(str)) {
                arrayList.add(this.bundle.getUninstallTA().getValueOctets());
            } else if (KnownPayloadIds.UPDATE_TA.equals(str)) {
                arrayList.add(this.bundle.getUpdateTA().getValueOctets());
            } else if ("ENCRYPTED_DECRYPTION_KEY".equals(str)) {
                byte[] valueOctets = this.bundle.getEncryptedDecryptionKey().getValueOctets();
                if (valueOctets.length != 512) {
                    return null;
                }
                arrayList.add(valueOctets);
            } else if (KnownPayloadIds.DECRYPTED_DECRYPTION_KEY.equals(str)) {
                byte[] bArr = this.decryptedEncryptionKey;
                if (bArr == null) {
                    this.decryptedEncryptionKey = getDecryptedEncryptionKey(map);
                    arrayList.add(this.decryptedEncryptionKey);
                } else {
                    arrayList.add(bArr);
                }
            } else if (KnownPayloadIds.STORE_PERSO_KEY.equals(str)) {
                addPayload(arrayList, this.bundle.getStorePersoKey());
            }
        }
        return arrayList;
    }
}
