package cn.com.cfca.sdk.hke.util;

import android.content.Context;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.security.keystore.KeyInfo;
import android.text.TextUtils;
import android.util.Base64;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.cert.Certificate;
import java.security.spec.ECGenParameterSpec;
import java.security.spec.RSAKeyGenParameterSpec;
import java.util.Calendar;
import java.util.Date;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes.dex */
public class f {

    /* renamed from: c, reason: collision with root package name */
    public static final Class<?> f9828c = f.class;

    /* renamed from: a, reason: collision with root package name */
    public KeyStore f9829a;

    /* renamed from: b, reason: collision with root package name */
    public KeyPairGenerator f9830b;

    /* renamed from: d, reason: collision with root package name */
    public Context f9831d;

    /* renamed from: e, reason: collision with root package name */
    public KeyPairGenerator f9832e;

    public f(Context context) {
        this.f9831d = context;
        if (e()) {
            try {
                KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
                this.f9829a = keyStore;
                keyStore.load(null);
                this.f9832e = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
                if (f()) {
                    this.f9830b = KeyPairGenerator.getInstance("EC", "AndroidKeyStore");
                }
            } catch (Exception e2) {
                cn.com.cfca.sdk.hke.util.a.b.a(f9828c, "KeyStoreException failed:", e2.getLocalizedMessage());
            }
        }
    }

    private PrivateKey a(String str) {
        if (f()) {
            try {
                if (this.f9829a.getCertificate(str) != null) {
                    return (PrivateKey) this.f9829a.getKey(str, null);
                }
                KeyPair b2 = b(str);
                if (b2 != null) {
                    return b2.getPrivate();
                }
            } catch (Exception e2) {
                cn.com.cfca.sdk.hke.util.a.b.a(f9828c, "SEPubKey failed: " + e2.getLocalizedMessage(), e2);
            }
        }
        return null;
    }

    private KeyPair b(String str) {
        if (!f()) {
            return null;
        }
        try {
            this.f9830b.initialize(new KeyGenParameterSpec.Builder(str, 15).setDigests("SHA-1", "SHA-256", "NONE").setAlgorithmParameterSpec(new ECGenParameterSpec("secp256r1")).build());
            return this.f9830b.generateKeyPair();
        } catch (InvalidAlgorithmParameterException e2) {
            cn.com.cfca.sdk.hke.util.a.b.a(f9828c, "createEccKeyPair failed: " + e2.getLocalizedMessage(), e2);
            return null;
        }
    }

    public static boolean e() {
        return Build.VERSION.SDK_INT >= 18;
    }

    public static boolean f() {
        return Build.VERSION.SDK_INT >= 23;
    }

    private KeyPair g() {
        if (e()) {
            Date date = new Date();
            Calendar calendar = Calendar.getInstance();
            calendar.clear();
            calendar.setTime(date);
            calendar.add(1, 20);
            try {
                KeyPairGeneratorSpec.Builder endDate = new KeyPairGeneratorSpec.Builder(this.f9831d).setAlias("CFCA_HKE_KEY_STORE").setSubject(new X500Principal("CN=CFCA Acquisition, O=CFCA, C=CN")).setSerialNumber(BigInteger.ONE).setStartDate(date).setEndDate(calendar.getTime());
                if (Build.VERSION.SDK_INT >= 19) {
                    endDate.setAlgorithmParameterSpec(new RSAKeyGenParameterSpec(1024, RSAKeyGenParameterSpec.F4));
                }
                this.f9832e.initialize(endDate.build());
                return this.f9832e.generateKeyPair();
            } catch (InvalidAlgorithmParameterException e2) {
                cn.com.cfca.sdk.hke.util.a.b.a(f9828c, "createRsaKeyPair failed: " + e2.getLocalizedMessage(), e2);
            }
        }
        return null;
    }

    public final String a() {
        String str = "";
        if (e()) {
            try {
                Certificate certificate = this.f9829a.getCertificate("CFCA_HKE_KEY_STORE");
                if (certificate != null) {
                    str = Base64.encodeToString(certificate.getPublicKey().getEncoded(), 2);
                } else {
                    if (!TextUtils.isEmpty(c())) {
                        return "";
                    }
                    KeyPair g2 = g();
                    if (g2 != null) {
                        str = Base64.encodeToString(g2.getPublic().getEncoded(), 2);
                    }
                }
            } catch (Exception e2) {
                cn.com.cfca.sdk.hke.util.a.b.a(f9828c, "KeySotrePubKey failed: " + e2.getLocalizedMessage(), e2);
            }
        }
        return str;
    }

    public final byte[] a(byte[] bArr) {
        if (f()) {
            try {
                PrivateKey a2 = a("CFCA_HKE_STRONG_SE_KEY_STORE");
                if (a2 == null) {
                    return null;
                }
                Signature signature = Signature.getInstance("SHA256withECDSA");
                signature.initSign(a2);
                signature.update(bArr);
                return signature.sign();
            } catch (GeneralSecurityException e2) {
                cn.com.cfca.sdk.hke.util.a.b.a(f9828c, "strongSign failed" + e2.getLocalizedMessage(), e2);
                try {
                    this.f9829a.deleteEntry("CFCA_HKE_STRONG_SE_KEY_STORE");
                } catch (KeyStoreException e3) {
                    cn.com.cfca.sdk.hke.util.a.b.a(f9828c, "deleteEntry failed" + e3.getLocalizedMessage(), e3);
                }
            } catch (Exception e4) {
                cn.com.cfca.sdk.hke.util.a.b.a(f9828c, "strongSign failed" + e4.getLocalizedMessage(), e4);
            }
        }
        return null;
    }

    public final String b() {
        String str = "";
        if (f()) {
            try {
                Certificate certificate = this.f9829a.getCertificate("CFCA_HKE_SE_KEY_STORE");
                if (certificate != null) {
                    str = Base64.encodeToString(certificate.getPublicKey().getEncoded(), 2);
                } else {
                    KeyPair b2 = b("CFCA_HKE_SE_KEY_STORE");
                    if (b2 != null) {
                        str = Base64.encodeToString(b2.getPublic().getEncoded(), 2);
                    }
                }
            } catch (Exception e2) {
                cn.com.cfca.sdk.hke.util.a.b.a(f9828c, "SEPubKey failed: " + e2.getLocalizedMessage(), e2);
            }
        }
        return str;
    }

    public final String c() {
        String str = "";
        if (f()) {
            try {
                Certificate certificate = this.f9829a.getCertificate("CFCA_HKE_STRONG_SE_KEY_STORE");
                if (certificate != null) {
                    str = Base64.encodeToString(certificate.getPublicKey().getEncoded(), 2);
                } else {
                    KeyPair b2 = b("CFCA_HKE_STRONG_SE_KEY_STORE");
                    if (b2 != null) {
                        str = Base64.encodeToString(b2.getPublic().getEncoded(), 2);
                    }
                }
            } catch (Exception e2) {
                cn.com.cfca.sdk.hke.util.a.b.a(f9828c, "SEPubKey failed: " + e2.getLocalizedMessage(), e2);
            }
        }
        return str;
    }

    public final boolean d() {
        PrivateKey a2;
        if (!f() || (a2 = a("CFCA_HKE_SE_KEY_STORE")) == null) {
            return false;
        }
        try {
            return ((KeyInfo) KeyFactory.getInstance(a2.getAlgorithm(), "AndroidKeyStore").getKeySpec(a2, KeyInfo.class)).isInsideSecureHardware();
        } catch (Exception e2) {
            cn.com.cfca.sdk.hke.util.a.b.a(f9828c, "GetKeyInfo failed: " + e2.getLocalizedMessage(), e2);
            return false;
        }
    }
}
