package com.theminesec.MineHades.KMS;

import com.theminesec.MineHades.Crypto.MineSecKey2;
import com.theminesec.MineHades.Exceptions.MhdRuntimeException;
import com.theminesec.MineHades.MhdErrorCode;
import com.theminesec.MineHades.MhdResult;
import com.theminesec.minehadescore.KMS.CPoCKeyLoaderV2;
import com.theminesec.minehadescore.KMS.KeyPrinter;
import com.theminesec.minehadescore.KMS.MineSecBlockKeyUtils;
import com.theminesec.minehadescore.KMS.MineSecDukptKeyUtils;
import com.theminesec.minehadescore.KMS.MineSecRSAKeyUtils;
import com.theminesec.minehadescore.Security.Storage.AlgorithmEnum;
import com.theminesec.minehadescore.Security.Storage.DataKey;
import com.theminesec.minehadescore.Security.Storage.DataStorage;
import com.theminesec.minehadescore.Security.Storage.KeyTypeEnum;
import com.theminesec.minehadescore.Security.Storage.KeyUsageEnum;
import com.theminesec.minehadescore.Utils.BytesUtils;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: classes3.dex */
public class MineSecKeyStore {
    private MhdResult<byte[]> CipherAes(String str, int i, int i2, byte[] bArr, byte[] bArr2) {
        DataKey.KeyDataV3 readBlockKey = DataStorage.INSTANCE.readBlockKey(str);
        if (readBlockKey == null) {
            throw new MhdRuntimeException(MhdErrorCode.MHD_STORAGE_ERR_KEY_NOTFOUND.getCode(), "key is not found in SDK");
        }
        if (readBlockKey.getAlgorithm() != AlgorithmEnum.ALG_AES) {
            throw new MhdRuntimeException(MhdErrorCode.MHD_KMS_KEY_TYPE_ERROR.getCode(), "the key is not an AES key. its algorithm is " + readBlockKey.getAlgorithm().name());
        }
        int i3 = i == 1 ? 1 : 2;
        byte[] aesEcbCipher = i2 == 1 ? MineSecBlockKeyUtils.INSTANCE.aesEcbCipher(readBlockKey, bArr, i3) : null;
        if (i2 == 2) {
            aesEcbCipher = MineSecBlockKeyUtils.INSTANCE.aesCbcCipher(readBlockKey, bArr2, bArr, i3);
        }
        if (i2 == 3) {
            aesEcbCipher = MineSecBlockKeyUtils.INSTANCE.aesGcmCipher(readBlockKey, bArr2, bArr, i3);
        }
        return new MhdResult<>(0, "success", aesEcbCipher);
    }

    private MhdResult<Boolean> LoadDukptIKTR31(String str, String str2, String str3) {
        DataStorage.INSTANCE.writeKey(str, CPoCKeyLoaderV2.INSTANCE.LoadKeyBlockByTR31(str3, str2, str));
        return new MhdResult<>(0, "success", true);
    }

    private MhdResult<Boolean> LoadDukptIKWithRSA(String str, byte[] bArr, String str2, String str3, int i, int i2) {
        AlgorithmEnum algorithmEnum;
        try {
            if (BytesUtils.fromString(str3).length != 8) {
                throw new IllegalArgumentException("Key Id must be 8 bytes");
            }
            if (bArr == null || bArr.length == 0) {
                throw new IllegalArgumentException("encode key invalid");
            }
            if (str == null || str.isEmpty()) {
                throw new IllegalArgumentException("keyAlias is empty");
            }
            if (i == 3 || i == 4 || i == 5) {
                algorithmEnum = AlgorithmEnum.ALG_AES;
            } else {
                if (i != 1 && i != 2) {
                    return new MhdResult<>(MhdErrorCode.MHD_SDK_INVALID_PARAMETER.getCode(), "only AES/TDES Key is supported", false);
                }
                algorithmEnum = AlgorithmEnum.ALG_TDES;
            }
            DataStorage.INSTANCE.writeKey(str, CPoCKeyLoaderV2.INSTANCE.loadDukptIpekWithRSA(str, bArr, str2, str3, algorithmEnum, KeyUsageEnum.KU_DUKPT_IPEK_KEY, i2));
            return new MhdResult<>(0, "success", true);
        } catch (IllegalArgumentException e) {
            return new MhdResult<>(MhdErrorCode.MHD_SDK_INVALID_PARAMETER.getCode(), e.getMessage(), false);
        }
    }

    private MhdResult<Boolean> LoadSecretKey(int i, String str, byte[] bArr, String str2, String str3, int i2, int i3) {
        AlgorithmEnum algorithmEnum;
        AlgorithmEnum algorithmEnum2 = AlgorithmEnum.ALG_AES;
        if (bArr != null) {
            try {
                if (bArr.length != 0) {
                    if (str == null || str.isEmpty()) {
                        throw new IllegalArgumentException("keyAlias is empty");
                    }
                    if (str2 == null || str2.isEmpty()) {
                        throw new IllegalArgumentException("wrappingKeyAlias is empty");
                    }
                    if (i2 == 3 || i2 == 4 || i2 == 5) {
                        algorithmEnum = AlgorithmEnum.ALG_AES;
                    } else {
                        if (i2 != 1 && i2 != 2) {
                            return new MhdResult<>(MhdErrorCode.MHD_SDK_INVALID_PARAMETER.getCode(), "only AES/TDES Key is supported", false);
                        }
                        algorithmEnum = AlgorithmEnum.ALG_TDES;
                    }
                    return (i3 < 1 || i3 > 10) ? new MhdResult<>(MhdErrorCode.MHD_SDK_INVALID_PARAMETER.getCode(), "Incorrect Key Usage", false) : (i == 1 || i == 3) ? LoadSecretKeyWithRSA(str, bArr, str2, str3, algorithmEnum, i3, i) : new MhdResult<>(MhdErrorCode.MHD_SDK_INVALID_PARAMETER.getCode(), "Unknown Wrapping Method", false);
                }
            } catch (IllegalArgumentException e) {
                return new MhdResult<>(MhdErrorCode.MHD_SDK_INVALID_PARAMETER.getCode(), e.getMessage(), false);
            }
        }
        throw new IllegalArgumentException("encode key invalid");
    }

    private MhdResult<Boolean> LoadSecretKeyWithRSA(String str, byte[] bArr, String str2, String str3, AlgorithmEnum algorithmEnum, int i, int i2) {
        DataStorage.INSTANCE.writeKey(str, CPoCKeyLoaderV2.INSTANCE.LoadSecretKeyWithRSA(str, bArr, str2, str3, algorithmEnum, KeyUsageEnum.INSTANCE.MsKeyPropertiesToKeyUsageEnum(i), i2));
        return new MhdResult<>(0, "success", true);
    }

    private MhdResult<Boolean> LoadsKey(MsWrappedSecretKeyEntry msWrappedSecretKeyEntry) {
        String keyAlias = msWrappedSecretKeyEntry.getKeyAlias();
        String wrappingKeyAlias = msWrappedSecretKeyEntry.getWrappingKeyAlias();
        byte[] encodedKey = msWrappedSecretKeyEntry.getEncodedKey();
        int wrappingMethod = msWrappedSecretKeyEntry.getWrappingMethod();
        String keyId = msWrappedSecretKeyEntry.getKeyId();
        int keyType = msWrappedSecretKeyEntry.getKeyType();
        int keyUsage = msWrappedSecretKeyEntry.getKeyUsage();
        return keyUsage == 10 ? LoadDukptIK(wrappingMethod, keyAlias, encodedKey, wrappingKeyAlias, keyId, keyType) : LoadSecretKey(wrappingMethod, keyAlias, encodedKey, wrappingKeyAlias, keyId, keyType, keyUsage);
    }

    private MineSecKey2 generateMineSecKey(String str) throws JSONException {
        MineSecKey2 mineSecKey2 = new MineSecKey2();
        JSONObject jSONObject = new JSONObject(str);
        mineSecKey2.setKeyAlias(jSONObject.getString("key_alias"));
        mineSecKey2.setKsn(jSONObject.optString("key_id", ""));
        mineSecKey2.setKeyType(jSONObject.getInt("key_type"));
        mineSecKey2.setKeyUsage(jSONObject.getInt("key_usage"));
        mineSecKey2.setKeyHash(jSONObject.getString("key_check_value").substring(0, 16));
        mineSecKey2.setIkCounter(jSONObject.optInt("key_counter", 0));
        return mineSecKey2;
    }

    /* JADX WARN: Code restructure failed: missing block: B:43:0x0080, code lost:
    
        if ((r12.length % 16) == 0) goto L46;
     */
    /* JADX WARN: Code restructure failed: missing block: B:45:0x008f, code lost:
    
        return new com.theminesec.MineHades.MhdResult<>(com.theminesec.MineHades.MhdErrorCode.MHD_SDK_INVALID_PARAMETER.getCode(), "input length is not padded to times of 16", null);
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public com.theminesec.MineHades.MhdResult<byte[]> AesCipher(com.theminesec.MineHades.Crypto.MineSecKey2 r9, int r10, int r11, byte[] r12, byte[] r13) {
        /*
            Method dump skipped, instructions count: 232
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.theminesec.MineHades.KMS.MineSecKeyStore.AesCipher(com.theminesec.MineHades.Crypto.MineSecKey2, int, int, byte[], byte[]):com.theminesec.MineHades.MhdResult");
    }

    public MhdResult<Boolean> DeleteKey(MineSecKey2 mineSecKey2) {
        CPoCKeyLoaderV2.INSTANCE.deleteKey(mineSecKey2.getKeyAlias());
        return new MhdResult<>(0, "success", true);
    }

    public MhdResult<MineSecKey2> DeriveKey(MsKeyGenParameter msKeyGenParameter) {
        if (!(msKeyGenParameter instanceof DukptKeyGenParameter)) {
            return new MhdResult<>(MhdErrorCode.MHD_SDK_JNI_CLASS_EXCEPTION.getCode(), "Key Generation Parameter is not supported", null);
        }
        DukptKeyGenParameter dukptKeyGenParameter = (DukptKeyGenParameter) msKeyGenParameter;
        DataKey.KeyDataV3 DeriveWorkingKeys = CPoCKeyLoaderV2.INSTANCE.DeriveWorkingKeys(dukptKeyGenParameter.getKeyAlias(), dukptKeyGenParameter.getIkKeyAlias(), KeyUsageEnum.INSTANCE.MsKeyPropertiesToKeyUsageEnum(dukptKeyGenParameter.getKeyUsage()), KeyTypeEnum.INSTANCE.fromMsKeyProperties(dukptKeyGenParameter.getKeyType()), dukptKeyGenParameter.isCounterUpdate());
        KeyPrinter.INSTANCE.printKey(DeriveWorkingKeys);
        return new MhdResult<>(0, "success", DeriveWorkingKeys.toMineSecKey2());
    }

    public MhdResult<Boolean> LoadDukptIK(int i, String str, byte[] bArr, String str2, String str3, int i2) {
        return (i == 1 || i == 3) ? LoadDukptIKWithRSA(str, bArr, str2, str3, i2, i) : i == 2 ? LoadDukptIKTR31(str, str2, new String(bArr)) : new MhdResult<>(MhdErrorCode.MHD_SDK_INVALID_PARAMETER.getCode(), "Unknown Wrapping Method", false);
    }

    public MhdResult<Boolean> LoadKey(MsWrappedKeyEntry msWrappedKeyEntry) {
        return msWrappedKeyEntry instanceof MsWrappedSecretKeyEntry ? LoadsKey((MsWrappedSecretKeyEntry) msWrappedKeyEntry) : new MhdResult<>(MhdErrorCode.MHD_SDK_INVALID_PARAMETER.getCode(), "Instance Must be MsWrappedKeyEntry", false);
    }

    public MhdResult<MineSecKey2> ReadKey(String str) {
        DataKey readKey = DataStorage.INSTANCE.readKey(str);
        if (readKey != null) {
            return readKey.isIpek() ? new MhdResult<>(0, "success", MineSecDukptKeyUtils.INSTANCE.getV4DukptKeyBlock(readKey).toMineSecKey2()) : readKey.getAlgorithm() == AlgorithmEnum.ALG_RSA ? new MhdResult<>(0, "success", MineSecRSAKeyUtils.INSTANCE.transferRsaKeyBlock(readKey).toMineSecKey2()) : new MhdResult<>(0, "success", MineSecBlockKeyUtils.INSTANCE.transferBlockKey(readKey).toMineSecKey2());
        }
        return new MhdResult<>(MhdErrorCode.MHD_STORAGE_ERR_KEY_NOTFOUND.getCode(), str + "does not exist", null);
    }

    public MhdResult<MineSecKey2> UpdateIkTxnCounter(MineSecKey2 mineSecKey2) {
        return mineSecKey2.getKeyUsage() != 10 ? new MhdResult<>(MhdErrorCode.MHD_SDK_INVALID_PARAMETER.getCode(), "Not a IK Key", null) : new MhdResult<>(0, "success", CPoCKeyLoaderV2.INSTANCE.UpdateInitalKeyCounter(mineSecKey2.getKeyAlias()).toMineSecKey2());
    }
}
