package com.amazon.identity.auth.device;

import android.annotation.TargetApi;
import android.security.keystore.KeyGenParameterSpec;
import com.amazon.avod.secondscreen.matter.sender.selection.commissioning.dac.KeyUtils$$ExternalSyntheticApiModelOutline3;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.UnrecoverableKeyException;
import javax.security.auth.x500.X500Principal;

/* compiled from: DCP */
@TargetApi(23)
/* loaded from: classes6.dex */
public final class f6 {

    /* renamed from: b, reason: collision with root package name */
    private static f6 f1157b;

    /* renamed from: a, reason: collision with root package name */
    private final KeyStore f1158a;

    private f6() throws Exception {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            this.f1158a = keyStore;
            keyStore.load(null);
        } catch (Exception e2) {
            v6.a("LocalDataStorageV2RSAKeyPairManager", "Encountered error creating LocalDataStorageV2EncryptionKeyCryptoManager", e2, "LocalDataStorageV2RSAKeyPairManager:InitializationFailed:".concat(e2.getClass().getSimpleName()));
            throw e2;
        }
    }

    public static synchronized f6 b() throws Exception {
        f6 f6Var;
        synchronized (f6.class) {
            try {
                if (f1157b == null) {
                    v6.b("LocalDataStorageV2RSAKeyPairManager", "Generating LocalDataStorageV2RSAKeyPairManager instance");
                    f1157b = new f6();
                }
                f6Var = f1157b;
            } catch (Throwable th) {
                throw th;
            }
        }
        return f6Var;
    }

    public final void a() throws KeyStoreException, NoSuchProviderException, NoSuchAlgorithmException, InvalidAlgorithmParameterException {
        KeyGenParameterSpec.Builder certificateSubject;
        KeyGenParameterSpec.Builder certificateSerialNumber;
        KeyGenParameterSpec.Builder keySize;
        KeyGenParameterSpec.Builder digests;
        KeyGenParameterSpec.Builder encryptionPaddings;
        KeyGenParameterSpec build;
        v6.b("LocalDataStorageV2RSAKeyPairManager", "Generating RSA key pair", "LocalDataStorageV2RSAKeyPairManager:GenerateRSAKeyPairIfAbsentInvoked");
        KeyStore keyStore = this.f1158a;
        if (keyStore == null) {
            v6.a("LocalDataStorageV2RSAKeyPairManager", "Keystore is null! This should not happen!", "LocalDataStorageV2RSAKeyPairManager:NullKeyStore");
            return;
        }
        if (keyStore.containsAlias("IDENTITY_V2_STORAGE_KEYSTORE_ALIAS")) {
            v6.b("LocalDataStorageV2RSAKeyPairManager", "RSA key pair already exists, fast returning", "LocalDataStorageV2RSAKeyPairManager:RSAKeyPairAlreadyExists");
            return;
        }
        certificateSubject = KeyUtils$$ExternalSyntheticApiModelOutline3.m("IDENTITY_V2_STORAGE_KEYSTORE_ALIAS", 3).setCertificateSubject(new X500Principal("CN=IDENTITY_V2_STORAGE_KEYSTORE_ALIAS"));
        certificateSerialNumber = certificateSubject.setCertificateSerialNumber(BigInteger.TEN);
        keySize = certificateSerialNumber.setKeySize(2048);
        digests = keySize.setDigests("SHA-256", "SHA-512");
        encryptionPaddings = digests.setEncryptionPaddings("OAEPPadding");
        build = encryptionPaddings.build();
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
            keyPairGenerator.initialize(build);
            keyPairGenerator.generateKeyPair();
            v6.b("LocalDataStorageV2RSAKeyPairManager", "Successfully generated RSA Key pair", "LocalDataStorageV2RSAKeyPairManager:SuccessfulRSAKeyPairGeneration");
        } catch (InvalidAlgorithmParameterException | NoSuchAlgorithmException | NoSuchProviderException e2) {
            v6.a(String.format("Generating RSA key pair failed with %s, retrying once", e2.getClass().getSimpleName()), e2);
            KeyPairGenerator keyPairGenerator2 = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
            keyPairGenerator2.initialize(build);
            keyPairGenerator2.generateKeyPair();
            v6.b("LocalDataStorageV2RSAKeyPairManager", "Successfully retried key pair generation", "LocalDataStorageV2RSAKeyPairManager:SuccessfulRSAKeyPairGenerationRetry");
        }
        v6.b("LocalDataStorageV2RSAKeyPairManager", "Completed RSA Key pair generation successfully", "LocalDataStorageV2RSAKeyPairManager:OverallSuccessfulRSAKeyPairGeneration");
    }

    public final boolean a(String str) {
        try {
            if (this.f1158a.containsAlias("IDENTITY_V2_STORAGE_KEYSTORE_ALIAS") || str == null) {
                return false;
            }
            return str.startsWith("AES-ECB+");
        } catch (KeyStoreException unused) {
            return false;
        }
    }

    public final PrivateKey c() throws UnrecoverableKeyException, KeyStoreException, NoSuchAlgorithmException {
        return (PrivateKey) this.f1158a.getKey("IDENTITY_V2_STORAGE_KEYSTORE_ALIAS", null);
    }

    public final PublicKey d() throws KeyStoreException {
        return this.f1158a.getCertificate("IDENTITY_V2_STORAGE_KEYSTORE_ALIAS").getPublicKey();
    }
}
