package g.a.a;

import android.annotation.SuppressLint;
import android.content.Context;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import androidx.annotation.RequiresApi;
import com.google.firebase.analytics.FirebaseAnalytics;
import java.io.StringWriter;
import java.math.BigInteger;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.security.spec.AlgorithmParameterSpec;
import java.util.GregorianCalendar;
import java.util.List;
import javax.security.auth.x500.X500Principal;
import l.c0.j;
import l.i;
import l.i0.d.m;
import l.i0.d.n;
import l.k;
import l.o0.d;
import l.o0.s;
import l.o0.v;
import n.b.f.b.i.p;
import n.b.g.j.b.c;
import n.b.g.j.b.e;

/* loaded from: classes3.dex */
public final class a {
    public static final a a = new a();
    private static final i b;

    /* renamed from: c, reason: collision with root package name */
    private static final i f7724c;

    /* renamed from: g.a.a.a$a, reason: collision with other inner class name */
    /* loaded from: classes3.dex */
    static final class C0611a extends n implements l.i0.c.a<KeyStore> {
        public static final C0611a b = new C0611a();

        C0611a() {
            super(0);
        }

        @Override // l.i0.c.a
        /* renamed from: a, reason: merged with bridge method [inline-methods] */
        public final KeyStore invoke() {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            return keyStore;
        }
    }

    /* loaded from: classes3.dex */
    static final class b extends n implements l.i0.c.a<Signature> {
        public static final b b = new b();

        b() {
            super(0);
        }

        @Override // l.i0.c.a
        /* renamed from: a, reason: merged with bridge method [inline-methods] */
        public final Signature invoke() {
            return Signature.getInstance(Build.VERSION.SDK_INT >= 23 ? "SHA256withECDSA" : com.facebook.internal.k0.b.SIGNATURE_ALGORITHM_SHA256);
        }
    }

    static {
        i b2;
        i b3;
        b2 = k.b(C0611a.b);
        b = b2;
        b3 = k.b(b.b);
        f7724c = b3;
    }

    private a() {
    }

    private final String[] a(Certificate[] certificateArr) {
        String L0;
        int length = certificateArr.length;
        X509Certificate[] x509CertificateArr = new X509Certificate[length];
        int length2 = certificateArr.length;
        String[] strArr = new String[length2];
        for (int i2 = 0; i2 < length; i2++) {
            Certificate certificate = certificateArr[i2];
            x509CertificateArr[i2] = certificate instanceof X509Certificate ? (X509Certificate) certificate : null;
        }
        for (int i3 = 0; i3 < length2; i3++) {
            StringWriter stringWriter = new StringWriter();
            e eVar = new e(stringWriter);
            eVar.b(new c("CERTIFICATE", certificateArr[i3].getEncoded()));
            eVar.flush();
            eVar.close();
            String stringWriter2 = stringWriter.toString();
            m.f(stringWriter2, "writer.toString()");
            L0 = v.L0(stringWriter2, 1);
            strArr[i3] = L0;
        }
        return strArr;
    }

    private final KeyPair b(Context context, String str, boolean z, GregorianCalendar gregorianCalendar, boolean z2) {
        KeyPairGenerator keyPairGenerator;
        AlgorithmParameterSpec build;
        GregorianCalendar gregorianCalendar2 = new GregorianCalendar();
        if (gregorianCalendar == null) {
            gregorianCalendar = new GregorianCalendar();
            gregorianCalendar.add(1, 10);
        }
        if (Build.VERSION.SDK_INT >= 23) {
            keyPairGenerator = KeyPairGenerator.getInstance("EC", "AndroidKeyStore");
            m.f(keyPairGenerator, "{\n                KeyPai…D_KEYSTORE)\n            }");
        } else {
            keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
            m.f(keyPairGenerator, "{\n                KeyPai…D_KEYSTORE)\n            }");
        }
        if (Build.VERSION.SDK_INT >= 23) {
            KeyGenParameterSpec.Builder builder = new KeyGenParameterSpec.Builder(str, 4);
            builder.setCertificateSubject(new X500Principal("CN=" + str));
            builder.setDigests(p.SHA_256);
            builder.setCertificateNotBefore(gregorianCalendar2.getTime());
            builder.setCertificateNotAfter(gregorianCalendar.getTime());
            if (Build.VERSION.SDK_INT >= 24 && !z) {
                String date = gregorianCalendar2.getTime().toString();
                m.f(date, "startDate.time.toString()");
                byte[] bytes = date.getBytes(d.UTF_8);
                m.f(bytes, "this as java.lang.String).getBytes(charset)");
                builder.setAttestationChallenge(bytes);
            }
            builder.setUserAuthenticationRequired(z2);
            if (z2) {
                a.k(builder, 30);
            }
            if (a.j(context)) {
                builder.setIsStrongBoxBacked(true);
            }
            if (a.i(context)) {
                builder.setDevicePropertiesAttestationIncluded(true);
            }
            build = builder.build();
            m.f(build, "{\n            //We are c…)\n            }\n        }");
        } else {
            KeyPairGeneratorSpec.Builder builder2 = new KeyPairGeneratorSpec.Builder(context);
            builder2.setAlias(str);
            builder2.setSubject(new X500Principal("CN=" + str));
            builder2.setSerialNumber(BigInteger.ONE);
            builder2.setStartDate(gregorianCalendar2.getTime());
            builder2.setEndDate(gregorianCalendar.getTime());
            build = builder2.build();
            m.f(build, "{\n            KeyPairGen…)\n            }\n        }");
        }
        keyPairGenerator.initialize(build);
        return keyPairGenerator.genKeyPair();
    }

    public static final String[] c(Context context, String str) {
        String[] strArr;
        List r;
        m.g(context, "context");
        m.g(str, "alias");
        KeyPair f2 = f(a, context, str, null, 4, null);
        if (f2 == null || f2.getPublic() == null) {
            return null;
        }
        Certificate[] certificateChain = a.g().getCertificateChain(str);
        if (certificateChain != null) {
            m.f(certificateChain, "getCertificateChain(alias)");
            r = j.r(a.a(certificateChain));
            Object[] array = r.toArray(new String[0]);
            m.e(array, "null cannot be cast to non-null type kotlin.Array<T of kotlin.collections.ArraysKt__ArraysJVMKt.toTypedArray>");
            strArr = (String[]) array;
        } else {
            strArr = null;
        }
        if (strArr == null) {
            return null;
        }
        return strArr;
    }

    static /* synthetic */ KeyPair d(a aVar, Context context, String str, boolean z, GregorianCalendar gregorianCalendar, boolean z2, int i2, Object obj) {
        return aVar.b(context, str, z, gregorianCalendar, (i2 & 16) != 0 ? false : z2);
    }

    private final KeyPair e(Context context, String str, GregorianCalendar gregorianCalendar) {
        try {
            return d(this, context, str, false, gregorianCalendar, false, 16, null);
        } catch (Exception unused) {
            FirebaseAnalytics.getInstance(context).c("ka_kp_gen_with_att_fail", "true");
            try {
                return d(this, context, str, true, gregorianCalendar, false, 16, null);
            } catch (Exception e) {
                m(context, e);
                return null;
            }
        }
    }

    static /* synthetic */ KeyPair f(a aVar, Context context, String str, GregorianCalendar gregorianCalendar, int i2, Object obj) {
        if ((i2 & 4) != 0) {
            gregorianCalendar = null;
        }
        return aVar.e(context, str, gregorianCalendar);
    }

    private final Signature h() {
        Object value = f7724c.getValue();
        m.f(value, "<get-signature>(...)");
        return (Signature) value;
    }

    private final boolean i(Context context) {
        return Build.VERSION.SDK_INT >= 31 && context.getPackageManager().hasSystemFeature("android.software.device_id_attestation");
    }

    private final boolean j(Context context) {
        return Build.VERSION.SDK_INT >= 28 && context.getPackageManager().hasSystemFeature("android.hardware.strongbox_keystore");
    }

    @RequiresApi(23)
    @SuppressLint({"WrongConstant"})
    private final void k(KeyGenParameterSpec.Builder builder, int i2) {
        if (Build.VERSION.SDK_INT >= 30) {
            builder.setUserAuthenticationParameters(i2, 2);
        } else {
            builder.setUserAuthenticationValidityDurationSeconds(i2);
        }
    }

    public static final String l(byte[] bArr, String str) {
        String y;
        m.g(bArr, "dataToSign");
        m.g(str, "alias");
        Key key = a.g().getKey(str, null);
        PrivateKey privateKey = key instanceof PrivateKey ? (PrivateKey) key : null;
        if (privateKey != null) {
            Signature h2 = a.h();
            h2.initSign(privateKey);
            h2.update(bArr);
            byte[] sign = h2.sign();
            if (sign != null) {
                String encodeToString = Base64.encodeToString(sign, 0);
                m.f(encodeToString, "encodedResult");
                y = s.y(encodeToString, "\n", "", false, 4, null);
                return y;
            }
        }
        return null;
    }

    private final void m(Context context, Exception exc) {
        int d;
        FirebaseAnalytics.getInstance(context).c("ka_kp_generation_failed", "true");
        FirebaseAnalytics.getInstance(context).c("ka_kp_gen_exception", exc.getClass().toString());
        String localizedMessage = exc.getLocalizedMessage();
        if (localizedMessage != null) {
            d = l.l0.j.d(localizedMessage.length(), 36);
            String substring = localizedMessage.substring(0, d);
            m.f(substring, "this as java.lang.String…ing(startIndex, endIndex)");
            FirebaseAnalytics.getInstance(context).c("ka_kp_gen_exception_msg", substring);
        }
    }

    public final KeyStore g() {
        Object value = b.getValue();
        m.f(value, "<get-androidKeyStore>(...)");
        return (KeyStore) value;
    }
}
