package com.samsung.android.kmxservice.sdk.e2ee.kmx;

import android.net.Uri;
import android.os.Build;
import android.os.Bundle;
import androidx.annotation.Nullable;
import com.samsung.android.kmxservice.sdk.e2ee.common.KmxErrorHandler;
import com.samsung.android.kmxservice.sdk.e2ee.common.KmxSdk;
import com.samsung.android.kmxservice.sdk.e2ee.data.KMX_CMD;
import com.samsung.android.kmxservice.sdk.e2ee.data.KMX_CONSTANT;
import com.samsung.android.kmxservice.sdk.e2ee.data.KmxCertChainData;
import com.samsung.android.kmxservice.sdk.e2ee.data.KmxDBAdapter;
import com.samsung.android.kmxservice.sdk.e2ee.manager.AccessManagement;
import com.samsung.android.kmxservice.sdk.e2ee.manager.KeyHandler;
import com.samsung.android.kmxservice.sdk.e2ee.manager.ServiceKeyManagement;
import com.samsung.android.kmxservice.sdk.util.AndroidKeystoreHelper;
import com.samsung.android.kmxservice.sdk.util.KmxLogger;
import com.samsung.android.kmxservice.sdk.util.SksAttestation;
import java.io.Serializable;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import java.util.Map;

/* loaded from: classes3.dex */
class KmxServiceKeyManagementImpl implements ServiceKeyManagement {
    private static final String TAG = "ServiceKeyManagementImpl";
    private final AccessManagement accessManagement;
    private final KeyHandler keyHandler;
    private final KmxDBAdapter kmxDBAdapter;
    private final SksAttestation sksAttestation;
    private String mCurServiceId = null;
    private boolean misAllowed = false;
    private final Object lock = new Object();

    public KmxServiceKeyManagementImpl(SksAttestation sksAttestation, KmxDBAdapter kmxDBAdapter, AccessManagement accessManagement, KeyHandler keyHandler) {
        this.sksAttestation = sksAttestation;
        this.kmxDBAdapter = kmxDBAdapter;
        this.accessManagement = accessManagement;
        this.keyHandler = keyHandler;
    }

    private Map<String, String> createServiceKey(List<String> list) {
        Bundle bundle = new Bundle();
        bundle.putStringArrayList(KMX_CONSTANT.KMX_SERVICE_ID_LIST, new ArrayList<>(list));
        Bundle call = KmxSdk.getContext().getContentResolver().call(Uri.parse(KMX_CONSTANT.KMX_E2EE_URI), KMX_CMD.KMX_CREATE_SERVICE_KEY, (String) null, bundle);
        if (call != null) {
            KmxErrorHandler.throwIfNotSuccess("22|Service Key generation failure :", call.getInt(KMX_CONSTANT.KMX_ERROR_CODE));
            Serializable serializable = call.getSerializable(KMX_CONSTANT.KMX_SERVICE_KEY_ID_LIST);
            if (serializable instanceof Map) {
                return (Map) serializable;
            }
        }
        KmxLogger.e(TAG, "[createServiceKey] Fail to create service key");
        return null;
    }

    private Map<String, byte[]> exportServiceKey(List<String> list, @Nullable X509Certificate[] x509CertificateArr, @Nullable byte[] bArr) {
        ArrayList<String> arrayList = new ArrayList<>();
        for (String str : list) {
            Bundle bundle = new Bundle();
            bundle.putString(KMX_CONSTANT.KMX_FABRIC_ID, KmxSdk.getGuid());
            bundle.putString(KMX_CONSTANT.KMX_SERVICE_ID, str);
            Bundle call = KmxSdk.getContext().getContentResolver().call(Uri.parse(KMX_CONSTANT.KMX_E2EE_URI), KMX_CMD.KMX_GET_SERVICE_KEY_ID, (String) null, bundle);
            if (call == null) {
                KmxLogger.e(TAG, "[exportServiceKey] Fail to get service key id");
                return null;
            }
            String string = call.getString(KMX_CONSTANT.KMX_SERVICE_KEY_ID);
            if (string != null) {
                arrayList.add(string);
            }
        }
        return exportServiceKeyInternal(arrayList, x509CertificateArr, bArr);
    }

    private Map<String, byte[]> exportServiceKeyInternal(ArrayList<String> arrayList, @Nullable X509Certificate[] x509CertificateArr, @Nullable byte[] bArr) {
        String str;
        int i;
        if (arrayList == null || arrayList.size() == 0) {
            str = "20|exportServiceKey input is null or empty :" + arrayList;
            i = 4;
        } else {
            Bundle bundle = new Bundle();
            bundle.putStringArrayList(KMX_CONSTANT.KMX_SERVICE_KEY_ID_LIST, arrayList);
            if (x509CertificateArr != null) {
                bundle.putSerializable(KMX_CONSTANT.KMX_CERT_CHAIN, new KmxCertChainData(x509CertificateArr));
                if (bArr != null) {
                    KmxLogger.i(TAG, "exportServiceKey challenge is used");
                    bundle.putByteArray(KMX_CONSTANT.KMX_CHALLENGE, bArr);
                }
            }
            KmxLogger.i(TAG, "[ExportServiceKey] : " + arrayList.size());
            Bundle call = KmxSdk.getContext().getContentResolver().call(Uri.parse(KMX_CONSTANT.KMX_E2EE_URI), KMX_CMD.KMX_EXPORT_SERVICE_KEY, (String) null, bundle);
            if (call == null) {
                str = "20-0|Fail to export serviceKey";
                i = 1;
            } else {
                i = call.getInt(KMX_CONSTANT.KMX_ERROR_CODE);
                if (i == 0) {
                    Serializable serializable = call.getSerializable(KMX_CONSTANT.KMX_SERVICE_KEY_LIST);
                    if (serializable instanceof Map) {
                        return (Map) serializable;
                    }
                    return null;
                }
                str = "20-1|Fail to export serviceKey";
            }
        }
        KmxErrorHandler.throwIfNotSuccess(str, i);
        return null;
    }

    private Map<String, String> importServiceKeyInternal(Map<String, byte[]> map, Map<String, String> map2) {
        Bundle bundle = new Bundle();
        bundle.putSerializable(KMX_CONSTANT.KMX_SERVICE_KEY_LIST, new HashMap(map));
        bundle.putSerializable(KMX_CONSTANT.KMX_SERVICE_ID_LIST, new HashMap(map2));
        Bundle call = KmxSdk.getContext().getContentResolver().call(Uri.parse(KMX_CONSTANT.KMX_E2EE_URI), KMX_CMD.KMX_IMPORT_SERVICE_KEY, (String) null, bundle);
        if (call == null) {
            KmxLogger.e(TAG, "[importServiceKeyInternal] Fail import service key");
            return null;
        }
        Serializable serializable = call.getSerializable(KMX_CONSTANT.KMX_SERVICE_KEY_ID_LIST);
        if (serializable instanceof HashMap) {
            for (Map.Entry entry : ((HashMap) serializable).entrySet()) {
                KmxDBAdapter kmxDBAdapter = this.kmxDBAdapter;
                if (kmxDBAdapter != null) {
                    kmxDBAdapter.insertServiceKeyId(KmxSdk.getGuid(), (String) entry.getKey(), (String) entry.getValue());
                }
            }
        }
        if (serializable instanceof Map) {
            return (Map) serializable;
        }
        KmxErrorHandler.throwIfNotSuccess("16|Fail to import ServiceKey", call.getInt(KMX_CONSTANT.KMX_ERROR_CODE));
        return null;
    }

    @Override // com.samsung.android.kmxservice.sdk.e2ee.manager.ServiceKeyManagement
    public String createServiceKey(String str) {
        KmxLogger.i(TAG, "[createServiceKey] : " + str);
        ArrayList arrayList = new ArrayList();
        arrayList.add(str);
        Map<String, String> createServiceKey = createServiceKey(arrayList);
        if (createServiceKey != null) {
            return createServiceKey.get(str);
        }
        KmxErrorHandler.throwIfNotSuccess("21|Fail to create service Key :" + str, 103);
        return null;
    }

    @Override // com.samsung.android.kmxservice.sdk.e2ee.manager.ServiceKeyManagement
    public byte[] exportServiceKey(String str, @Nullable X509Certificate[] x509CertificateArr, @Nullable byte[] bArr) {
        KmxLogger.i(TAG, "[exportServiceKey] : " + str);
        ArrayList arrayList = new ArrayList();
        arrayList.add(str);
        Map<String, byte[]> exportServiceKey = exportServiceKey(arrayList, x509CertificateArr, bArr);
        if (exportServiceKey != null) {
            return exportServiceKey.get(str);
        }
        KmxLogger.e(TAG, "exportServiceKey Fail. ServiceKey is NULL");
        return null;
    }

    @Override // com.samsung.android.kmxservice.sdk.e2ee.manager.ServiceKeyManagement
    public byte[] getChallenge() {
        KmxLogger.i(TAG, "[getChallenge]");
        Bundle call = KmxSdk.getContext().getContentResolver().call(Uri.parse(KMX_CONSTANT.KMX_E2EE_URI), KMX_CMD.KMX_GET_CHALLENGE, (String) null, (Bundle) null);
        if (call == null) {
            KmxLogger.e(TAG, "[getChallenge] Fail to get challenge.");
            return null;
        }
        byte[] byteArray = call.getByteArray(KMX_CONSTANT.KMX_CHALLENGE);
        if (byteArray != null) {
            return byteArray;
        }
        KmxErrorHandler.throwIfNotSuccess("34|Fail to get challenge.", 203);
        return null;
    }

    @Override // com.samsung.android.kmxservice.sdk.e2ee.manager.ServiceKeyManagement
    public String getServiceKeyId(String str) {
        KmxLogger.i(TAG, "[getServiceKeyId] : " + str);
        synchronized (this.lock) {
            String str2 = null;
            if (!str.equals(this.mCurServiceId) || !this.misAllowed) {
                boolean isAllowPackage = this.accessManagement.isAllowPackage(str);
                this.misAllowed = isAllowPackage;
                if (!isAllowPackage) {
                    KmxErrorHandler.throwIfNotSuccess("17-1|Fail to get serviceKeyId. Invalid package", 404);
                    return null;
                }
                this.mCurServiceId = str;
            }
            Bundle bundle = new Bundle();
            bundle.putString(KMX_CONSTANT.KMX_SERVICE_ID, str);
            bundle.putString(KMX_CONSTANT.KMX_FABRIC_ID, KmxSdk.getGuid());
            Bundle call = KmxSdk.getContext().getContentResolver().call(Uri.parse(KMX_CONSTANT.KMX_E2EE_URI), KMX_CMD.KMX_GET_SERVICE_KEY_ID, (String) null, bundle);
            if (call == null) {
                KmxLogger.e(TAG, "[getServiceKeyId] Fail get service key id");
                return null;
            }
            String string = call.getString(KMX_CONSTANT.KMX_SERVICE_KEY_ID);
            if (string == null || string.isEmpty()) {
                KmxLogger.e(TAG, "getServiceKeyId failed. The service key doesn't seem to exist.");
            } else if (AndroidKeystoreHelper.getKey(string) == null) {
                byte[] byteArray = call.getByteArray(KMX_CONSTANT.KMX_CHALLENGE);
                if (byteArray == null) {
                    KmxLogger.e(TAG, "getServiceKeyId failed. challenge is null");
                    KmxErrorHandler.throwIfNotSuccess("17-2|Fail to get serviceKeyId. challenge is null", 406);
                    return null;
                }
                byte[] exportServiceKey = exportServiceKey(str, this.sksAttestation.getWrapKey(SksAttestation.WRAPPING_KEY, byteArray), byteArray);
                if (exportServiceKey == null) {
                    KmxLogger.e(TAG, "getServiceKeyId failed. wrappedServiceKey is null");
                    KmxErrorHandler.throwIfNotSuccess("17-2-1|Fail to get serviceKeyId. wrappedServiceKey is null", 102);
                } else if (AndroidKeystoreHelper.secureKeyImport(string, SksAttestation.WRAPPING_KEY, exportServiceKey)) {
                    str2 = string;
                } else {
                    KmxLogger.e(TAG, "17-3|Fail secure key import for ".concat(str));
                    KmxErrorHandler.throwIfNotSuccess("17-3|Fail to get serviceKeyId. Fail secure key import", 101);
                }
                this.sksAttestation.removeKey(SksAttestation.WRAPPING_KEY);
            } else {
                KmxLogger.i(TAG, "Found service key in aks for ".concat(str));
                str2 = string;
            }
            return str2;
        }
    }

    @Override // com.samsung.android.kmxservice.sdk.e2ee.manager.ServiceKeyManagement
    public X509Certificate[] getWrapKey(String str) {
        KmxLogger.e(TAG, "NotSupport, getWrapKey. KMX");
        return null;
    }

    @Override // com.samsung.android.kmxservice.sdk.e2ee.manager.ServiceKeyManagement
    public String importServiceKey(String str, String str2, byte[] bArr) {
        KmxLogger.i(TAG, "[importServiceKey] : " + str);
        KmxErrorHandler.throwIfNull(bArr, "14|Input Error : serviceKeyList is empty", 4);
        HashMap hashMap = new HashMap();
        hashMap.put(str2, bArr);
        HashMap hashMap2 = new HashMap();
        hashMap2.put(str2, str);
        Map<String, String> importServiceKeyInternal = importServiceKeyInternal(hashMap, hashMap2);
        KmxErrorHandler.throwIfNull(importServiceKeyInternal, "14 | Fail to import ServiceKey", 101);
        if (importServiceKeyInternal == null) {
            return null;
        }
        KmxErrorHandler.throwIfNull(importServiceKeyInternal.get(str), "14-1 | Fail to import ServiceKey :" + str, 101);
        return str2;
    }

    @Override // com.samsung.android.kmxservice.sdk.e2ee.manager.ServiceKeyManagement
    public void initialize() {
        this.mCurServiceId = null;
        this.misAllowed = false;
    }

    @Override // com.samsung.android.kmxservice.sdk.e2ee.manager.ServiceKeyManagement
    public boolean removeServiceKey(String str) {
        KmxLogger.i(TAG, "[removeServiceKey] : " + str);
        if (str == null) {
            KmxErrorHandler.throwIfNotSuccess("28|Input Error : ServiceId cannot be null when remove key", 4);
            return false;
        }
        String serviceKeyId = getServiceKeyId(str);
        if (serviceKeyId == null) {
            KmxLogger.e(TAG, "28-1|removeServiceKey is failed. Key does not exist");
            return false;
        }
        if (Build.VERSION.SDK_INT >= 28) {
            AndroidKeystoreHelper.removeKey(serviceKeyId);
            return this.keyHandler.removeKey(str, 1);
        }
        KmxLogger.e(TAG, "28-2|removeServiceKey is failed. Unsupported device");
        return false;
    }

    @Override // com.samsung.android.kmxservice.sdk.e2ee.manager.ServiceKeyManagement
    public void removeWrapKey(String str) {
        KmxLogger.e(TAG, "NotSupport, removeWrapKey. KMX");
    }
}
