package com.ifaa.kmfp.km;

import android.os.Build;
import android.security.keystore.KeyGenParameterSpec;
import android.security.keystore.KeyInfo;
import android.security.keystore.KeyPermanentlyInvalidatedException;
import android.util.Base64;
import com.alibaba.wireless.security.SecExceptionCode;
import com.google.android.gms.stats.CodePackage;
import com.iap.ac.android.container.constant.H5ErrorCode;
import com.ifaa.core.env.logger.Logger;
import com.ifaa.core.env.utils.CryptoUtil;
import com.ifaa.core.env.utils.StringUtil;
import com.ifaa.core.framework.applet.IApplet;
import com.ifaa.core.framework.applet.ResultWrapper;
import com.ifaa.core.framework.trace.FlowTracer;
import com.ifaa.core.protocol.model.AppletInfo;
import com.ifaa.core.protocol.model.AppletType;
import com.ifaa.kmfp.km.processor.JNIInterface;
import java.io.ByteArrayInputStream;
import java.nio.charset.Charset;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.interfaces.ECPublicKey;
import java.security.spec.ECGenParameterSpec;
import java.security.spec.RSAKeyGenParameterSpec;
import java.util.Arrays;
import javax.crypto.KeyGenerator;

/* loaded from: classes10.dex */
public class KeyMasterApplet implements IApplet, AppletError {

    /* renamed from: a, reason: collision with root package name */
    public static boolean f65570a = true;

    /* renamed from: b, reason: collision with root package name */
    public static final String f65571b = "KeyMasterApplet";

    /* renamed from: a, reason: collision with other field name */
    public AppletInfo f26479a;

    /* renamed from: a, reason: collision with other field name */
    public KeyMasterInfo f26480a;

    /* renamed from: a, reason: collision with other field name */
    public KmDeviceIdHelper f26481a;

    /* renamed from: a, reason: collision with other field name */
    public String f26482a;

    /* renamed from: a, reason: collision with other field name */
    public KeyStore f26483a;

    /* renamed from: a, reason: collision with other field name */
    public Signature f26484a;

    static {
        "0123456789AB".getBytes();
    }

    public KeyMasterApplet() {
        m9324a();
    }

    public static boolean b() {
        return false;
    }

    @Override // com.ifaa.core.framework.applet.IApplet
    public int a() {
        if (b()) {
            return 5;
        }
        KeyMasterInfo m9322a = m9322a();
        if (m9322a.f65572a == 1 && m9322a.f65573b == 1) {
            return 6;
        }
        return m9322a.f65573b == 2 ? 7 : 5;
    }

    @Override // com.ifaa.core.framework.applet.IApplet
    public int a(int i2, String str, String str2) {
        try {
            Key key = this.f26483a.getKey(m9323a(str, str2), null);
            if (!(key instanceof PrivateKey)) {
                return H5ErrorCode.HTTP_CONFLICT;
            }
            if (i2 == 1) {
                this.f26484a = Signature.getInstance("SHA256withECDSA");
            } else if (i2 == 2) {
                this.f26484a = Signature.getInstance("SHA256withRSA");
            }
            this.f26484a.initSign((PrivateKey) key);
            if (KmErrorTest.f65578c) {
                throw new TestRuntimeException("Mock Test");
            }
            return 413;
        } catch (KeyPermanentlyInvalidatedException e2) {
            e2.printStackTrace();
            return 405;
        } catch (Exception e3) {
            FlowTracer.a().a(403, "initSignature", e3);
            e3.printStackTrace();
            return 491;
        }
    }

    @Override // com.ifaa.core.framework.applet.IApplet
    public int a(String str, String str2) {
        return (StringUtil.a(str) || mo9298a(str, str2)) ? 2 : 0;
    }

    @Override // com.ifaa.core.framework.applet.IApplet
    /* renamed from: a */
    public ResultWrapper mo9293a() {
        return new ResultWrapper(this.f26484a);
    }

    @Override // com.ifaa.core.framework.applet.IApplet
    /* renamed from: a */
    public ResultWrapper mo9294a(String str, String str2) {
        Certificate[] certificateArr = null;
        if (b()) {
            return new ResultWrapper((Object) null);
        }
        try {
            certificateArr = this.f26483a.getCertificateChain(m9323a(str, str2));
            X509Certificate[] x509CertificateArr = new X509Certificate[certificateArr.length];
            for (int i2 = 0; i2 < certificateArr.length; i2++) {
                x509CertificateArr[i2] = (X509Certificate) certificateArr[i2];
            }
        } catch (Exception e2) {
            FlowTracer.a().a(H5ErrorCode.HTTP_LENGTH_REQUIRED, "getCertificateChain", e2);
            e2.printStackTrace();
        }
        if (KmErrorTest.f65583h) {
            throw new TestRuntimeException("Mock Test");
        }
        return new ResultWrapper(certificateArr);
    }

    @Override // com.ifaa.core.framework.applet.IApplet
    /* renamed from: a */
    public AppletInfo mo9295a() {
        AppletInfo appletInfo = this.f26479a;
        if (appletInfo != null) {
            return appletInfo;
        }
        if (mo9297a()) {
            AppletInfo appletInfo2 = new AppletInfo();
            appletInfo2.appletVersion = c();
            appletInfo2.deviceId = mo9296a();
            appletInfo2.aaid = getAaid();
            appletInfo2.appletType = m9325b();
            this.f26479a = appletInfo2;
        }
        return this.f26479a;
    }

    /* renamed from: a, reason: collision with other method in class */
    public final KeyMasterInfo m9322a() {
        KeyMasterInfo keyMasterInfo = this.f26480a;
        if (keyMasterInfo != null) {
            return keyMasterInfo;
        }
        KeyMasterInfo keyMasterInfo2 = new KeyMasterInfo();
        try {
            Certificate[] certificateArr = (Certificate[]) mo9294a("km_test_key", "default").f65521a;
            if (certificateArr == null) {
                keyMasterInfo2.f65572a = 3;
            } else {
                Certificate certificate = certificateArr[certificateArr.length - 1];
                int length = certificateArr.length - 1;
                while (length >= 0) {
                    X509Certificate x509Certificate = (X509Certificate) certificateArr[length];
                    x509Certificate.checkValidity();
                    x509Certificate.verify(certificate.getPublicKey());
                    length--;
                    certificate = x509Certificate;
                }
                if (Arrays.equals(((X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream("-----BEGIN CERTIFICATE-----\nMIIFYDCCA0igAwIBAgIJAOj6GWMU0voYMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNVBAUTEGY5MjAwOWU4NTNiNmIwNDUwHhcNMTYwNTI2MTYyODUyWhcNMjYwNTI0MTYyODUyWjAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MIICIjANBgkqhkiG9w0BAQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdSSxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggjnar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGqC4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQoVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+OJtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/EgsTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRiigHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+MRPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9EaDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5UmAGMCAwEAAaOBpjCBozAdBgNVHQ4EFgQUNmHhAHyIBQlRi0RsR/8aTMnqTxIwHwYDVR0jBBgwFoAUNmHhAHyIBQlRi0RsR/8aTMnqTxIwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAYYwQAYDVR0fBDkwNzA1oDOgMYYvaHR0cHM6Ly9hbmRyb2lkLmdvb2dsZWFwaXMuY29tL2F0dGVzdGF0aW9uL2NybC8wDQYJKoZIhvcNAQELBQADggIBACDIw41L3KlXG0aMiS//cqrG+EShHUGo8HNsw30W1kJtjn6UBwRM6jnmiwfBPb8VA91chb2vssAtX2zbTvqBJ9+LBPGCdw/E53Rbf86qhxKaiAHOjpvAy5Y3m00mqC0w/Zwvju1twb4vhLaJ5NkUJYsUS7rmJKHHBnETLi8GFqiEsqTWpG/6ibYCv7rYDBJDcR9W62BW9jfIoBQcxUCUJouMPH25lLNcDc1ssqvC2v7iUgI9LeoM1sNovqPmQUiG9rHli1vXxzCyaMTjwftkJLkf6724DFhuKug2jITV0QkXvaJWF4nUaHOTNA4uJU9WDvZLI1j83A+/xnAJUucIv/zGJ1AMH2boHqF8CY16LpsYgBt6tKxxWH00XcyDCdW2KlBCeqbQPcsFmWyWugxdcekhYsAWyoSf818NUsZdBWBaR/OukXrNLfkQ79IyZohZbvabO/X+MVT3rriAoKc8oE2Uws6DF+60PV7/WIPjNvXySdqspImSN78mflxDqwLqRBYkA3I75qppLGG9rp7UCdRjxMl8ZDBld+7yvHVgt1cVzJx9xnyGCC23UaicMDSXYrB4I4WHXPGjxhZuCuPBLTdOLU8YRvMYdEvYebWHMpvwGCF6bAx3JBpIeOQ1wDB5y0USicV3YgYGmi+NZfhA4URSh77Yd6uuJOJENRaNVTzk\n-----END CERTIFICATE-----".getBytes(Charset.forName("UTF-8"))))).getTBSCertificate(), ((X509Certificate) certificateArr[certificateArr.length - 1]).getTBSCertificate())) {
                    keyMasterInfo2.f65572a = 1;
                } else {
                    keyMasterInfo2.f65572a = 2;
                }
            }
            PrivateKey privateKey = ((KeyStore.PrivateKeyEntry) this.f26483a.getEntry(m9323a("km_test_key", "default"), null)).getPrivateKey();
            KeyInfo keyInfo = (KeyInfo) KeyFactory.getInstance(privateKey.getAlgorithm(), "AndroidKeyStore").getKeySpec(privateKey, KeyInfo.class);
            if (keyInfo == null || !keyInfo.isInsideSecureHardware()) {
                keyMasterInfo2.f65573b = 2;
            } else {
                keyMasterInfo2.f65573b = 1;
            }
        } catch (Exception e2) {
            FlowTracer.a().a(H5ErrorCode.HTTP_LENGTH_REQUIRED, "getKeyMasterInfo", e2);
            e2.printStackTrace();
        }
        this.f26480a = keyMasterInfo2;
        return this.f26480a;
    }

    @Override // com.ifaa.core.framework.applet.IApplet
    /* renamed from: a */
    public String mo9296a() {
        return this.f26481a.a();
    }

    /* renamed from: a, reason: collision with other method in class */
    public final String m9323a(String str, String str2) {
        if (StringUtil.a(str2)) {
            return str;
        }
        return str + "_" + str2;
    }

    /* renamed from: a, reason: collision with other method in class */
    public final void m9324a() {
        try {
            this.f26483a = KeyStore.getInstance("AndroidKeyStore");
            this.f26483a.load(null);
            if (!mo9298a("km_test_key", "default")) {
                c("km_test_key", "default", "challenge".getBytes());
            }
            this.f26481a = new KmDeviceIdHelper(this);
            if (KmErrorTest.f65576a) {
                throw new TestRuntimeException("Mock Test");
            }
        } catch (Exception e2) {
            FlowTracer.a().a(401, f65571b, e2);
            e2.printStackTrace();
        }
    }

    @Override // com.ifaa.core.framework.applet.IApplet
    /* renamed from: a */
    public boolean mo9297a() {
        if (Build.VERSION.SDK_INT < 23) {
            return false;
        }
        return mo9298a("km_test_key", "default");
    }

    @Override // com.ifaa.core.framework.applet.IApplet
    public boolean a(int i2, String str, String str2, byte[] bArr) {
        return a(i2, str, str2, bArr, f65570a);
    }

    public boolean a(int i2, String str, String str2, byte[] bArr, boolean z) {
        if (i2 == 1) {
            int i3 = Build.VERSION.SDK_INT;
            if (i3 == 23) {
                return a(str, str2, bArr, z);
            }
            if (i3 >= 24) {
                return b(str, str2, bArr, z) || a(str, str2, bArr, z);
            }
        } else if (i2 == 2) {
            int i4 = Build.VERSION.SDK_INT;
            if (i4 == 23) {
                return a(str, str2, bArr);
            }
            if (i4 >= 24) {
                return b(str, str2, bArr) || a(str, str2, bArr);
            }
        } else if (i2 == 3) {
            return c(str, str2);
        }
        return false;
    }

    @Override // com.ifaa.core.framework.applet.IApplet
    /* renamed from: a */
    public boolean mo9298a(String str, String str2) {
        try {
            String m9323a = m9323a(str, str2);
            this.f26483a.load(null);
            if (KmErrorTest.f65580e) {
                throw new TestRuntimeException("Mock Test");
            }
            return this.f26483a.containsAlias(m9323a);
        } catch (Exception e2) {
            FlowTracer.a().a(SecExceptionCode.SEC_ERROR_DYN_ENC_DECRYPT_MISMATCH_KEY_DATA, "isKeyContains", e2);
            e2.printStackTrace();
            return false;
        }
    }

    public final boolean a(String str, String str2, byte[] bArr) {
        try {
            String m9323a = m9323a(str, str2);
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
            keyPairGenerator.initialize(new KeyGenParameterSpec.Builder(m9323a, 15).setAlgorithmParameterSpec(new RSAKeyGenParameterSpec(2048, RSAKeyGenParameterSpec.F4)).setSignaturePaddings("PKCS1").setEncryptionPaddings("PKCS1Padding").setDigests("SHA-256").setKeySize(2048).build());
            return keyPairGenerator.generateKeyPair() != null;
        } catch (Exception e2) {
            FlowTracer.a().a(404, "_generateRsaKeyPairV_M", e2);
            e2.printStackTrace();
            return false;
        }
    }

    public final boolean a(String str, String str2, byte[] bArr, boolean z) {
        KeyPair keyPair = null;
        try {
            String m9323a = m9323a(str, str2);
            Logger.a(f65571b, "generateKey alias:" + m9323a + ":challenge" + Base64.encode(bArr, 8));
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC", "AndroidKeyStore");
            keyPairGenerator.initialize(new KeyGenParameterSpec.Builder(m9323a, 12).setDigests("SHA-256", "SHA-512").setAlgorithmParameterSpec(new ECGenParameterSpec("prime256v1")).setUserAuthenticationRequired(z).build());
            keyPair = keyPairGenerator.generateKeyPair();
            int hashCode = keyPair.getPublic().hashCode();
            Logger.a(f65571b, "getPublicKey of " + m9323a + " hashCode:" + hashCode);
        } catch (Exception e2) {
            FlowTracer.a().a(404, "_generateKeyPairV_M", e2);
            e2.printStackTrace();
        }
        if (KmErrorTest.f65579d) {
            throw new TestRuntimeException("Mock Test");
        }
        return keyPair != null;
    }

    @Override // com.ifaa.core.framework.applet.IApplet
    public byte[] a(byte[] bArr) {
        try {
            this.f26484a.update(bArr);
            byte[] sign = this.f26484a.sign();
            if (KmErrorTest.f65577b) {
                throw new TestRuntimeException("Mock Test");
            }
            return sign;
        } catch (Exception e2) {
            FlowTracer.a().a(402, "sign", e2);
            e2.printStackTrace();
            return null;
        }
    }

    /* renamed from: b, reason: collision with other method in class */
    public int m9325b() {
        return AppletType.IFAA_KM;
    }

    @Override // com.ifaa.core.framework.applet.IApplet
    public ResultWrapper b(String str, String str2) {
        try {
            String m9323a = m9323a(str, str2);
            this.f26483a.load(null);
            if (StringUtil.a(m9323a)) {
                return null;
            }
            KeyStore.Entry entry = this.f26483a.getEntry(m9323a, null);
            if (KmErrorTest.f65582g) {
                throw new TestRuntimeException("Mock Test");
            }
            if (entry == null) {
                return null;
            }
            PublicKey publicKey = ((KeyStore.PrivateKeyEntry) entry).getCertificate().getPublicKey();
            publicKey.hashCode();
            return new ResultWrapper(publicKey);
        } catch (Exception e2) {
            FlowTracer.a().a(H5ErrorCode.HTTP_GONE, "getPublicKey", e2);
            e2.printStackTrace();
            return new ResultWrapper((Object) null);
        }
    }

    @Override // com.ifaa.core.framework.applet.IApplet
    /* renamed from: b */
    public boolean mo9299b(String str, String str2) {
        try {
            String m9323a = m9323a(str, str2);
            Logger.a(f65571b, "deleteKey alias:" + m9323a);
            this.f26483a.load(null);
            this.f26483a.deleteEntry(m9323a);
            if (KmErrorTest.f65581f) {
                throw new TestRuntimeException("Mock Test");
            }
            return true;
        } catch (Exception e2) {
            FlowTracer.a().a(408, "deleteKeyPair", e2);
            e2.printStackTrace();
            return false;
        }
    }

    public final boolean b(String str, String str2, byte[] bArr) {
        try {
            String m9323a = m9323a(str, str2);
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
            keyPairGenerator.initialize(new KeyGenParameterSpec.Builder(m9323a, 15).setAlgorithmParameterSpec(new RSAKeyGenParameterSpec(2048, RSAKeyGenParameterSpec.F4)).setSignaturePaddings("PKCS1").setEncryptionPaddings("PKCS1Padding").setAttestationChallenge(bArr).setDigests("SHA-256").setKeySize(2048).build());
            return keyPairGenerator.generateKeyPair() != null;
        } catch (Exception e2) {
            FlowTracer.a().a(404, "_generateRsaKeyPairV_N", e2);
            e2.printStackTrace();
            return false;
        }
    }

    public final boolean b(String str, String str2, byte[] bArr, boolean z) {
        KeyPair keyPair = null;
        try {
            String m9323a = m9323a(str, str2);
            Logger.a(f65571b, "_generateKeyPairV_N:alias:" + m9323a + ":challenge: " + Base64.encodeToString(bArr, 8));
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC", "AndroidKeyStore");
            keyPairGenerator.initialize(new KeyGenParameterSpec.Builder(m9323a, 12).setDigests("SHA-256", "SHA-512").setAlgorithmParameterSpec(new ECGenParameterSpec("prime256v1")).setAttestationChallenge(bArr).setUserAuthenticationRequired(z).build());
            keyPair = keyPairGenerator.generateKeyPair();
            Logger.b(f65571b, "getPublicKey of " + m9323a + " hashCode:" + CryptoUtil.a((ECPublicKey) keyPair.getPublic()));
        } catch (Exception e2) {
            FlowTracer.a().a(404, "_generateKeyPairV_N", e2);
            e2.printStackTrace();
        }
        if (KmErrorTest.f65579d) {
            throw new TestRuntimeException("Mock Test");
        }
        return keyPair != null;
    }

    public int c() {
        return 1;
    }

    public final boolean c(String str, String str2) {
        try {
            String m9323a = m9323a(str, str2);
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", "AndroidKeyStore");
            this.f26483a.load(null);
            KeyGenParameterSpec.Builder builder = new KeyGenParameterSpec.Builder(m9323a, 3);
            builder.setBlockModes(CodePackage.GCM);
            builder.setEncryptionPaddings("NoPadding");
            builder.setRandomizedEncryptionRequired(false);
            keyGenerator.init(builder.build());
            keyGenerator.generateKey();
            if (KmErrorTest.f65579d) {
                throw new TestRuntimeException("Mock Test");
            }
            return true;
        } catch (Exception e2) {
            e2.printStackTrace();
            return false;
        }
    }

    public final boolean c(String str, String str2, byte[] bArr) {
        int i2 = Build.VERSION.SDK_INT;
        if (i2 == 23) {
            return a(str, str2, bArr, false);
        }
        if (i2 >= 24) {
            return b(str, str2, bArr, false) || a(str, str2, bArr, false);
        }
        return false;
    }

    @Override // com.ifaa.core.framework.applet.IApplet
    public String getAaid() {
        String str = this.f26482a;
        if (str != null) {
            return str;
        }
        this.f26482a = JNIInterface.getAaid();
        return this.f26482a;
    }
}
