package cn.com.cfca.sdk.hke.util;

import android.content.Context;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.security.keystore.KeyInfo;
import android.util.Base64;
import com.ali.user.mobile.rpc.safe.AES;
import com.netease.mobidroid.c.g;
import com.taobao.android.tlog.protocol.utils.RSAUtils;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.spec.ECGenParameterSpec;
import java.util.Calendar;
import java.util.Date;
import javax.security.auth.x500.X500Principal;
import mtopsdk.mtop.cache.domain.ApiCacheDo;

/* loaded from: classes.dex */
public class d {

    /* renamed from: a, reason: collision with root package name */
    private static final String f1259a = d.class.getSimpleName();
    private Context b;
    private KeyStore c;
    private KeyPairGenerator d;
    private KeyPairGenerator e;

    public d(Context context) {
        this.b = context;
        if (d()) {
            try {
                this.c = KeyStore.getInstance(AES.ANDROID_KEYSTORE);
                this.c.load(null);
                this.d = KeyPairGenerator.getInstance(RSAUtils.KEY_ALGORITHM, AES.ANDROID_KEYSTORE);
                if (e()) {
                    this.e = KeyPairGenerator.getInstance("EC", AES.ANDROID_KEYSTORE);
                }
            } catch (Exception e) {
                cn.com.cfca.sdk.hke.util.a.b.a(f1259a, "KeyStoreException failed:", e.getLocalizedMessage());
            }
        }
    }

    private boolean d() {
        return Build.VERSION.SDK_INT >= 18;
    }

    private boolean e() {
        return Build.VERSION.SDK_INT >= 23;
    }

    /* JADX WARN: Unsupported multi-entry loop pattern (BACK_EDGE: B:9:0x002b -> B:3:0x0044). Please report as a decompilation issue!!! */
    private PrivateKey f() {
        PrivateKey privateKey;
        if (e()) {
            try {
                if (this.c.getCertificate("CFCA_HKE_SE_KEY_STORE") != null) {
                    privateKey = (PrivateKey) this.c.getKey("CFCA_HKE_SE_KEY_STORE", null);
                } else {
                    KeyPair h = h();
                    if (h != null) {
                        privateKey = h.getPrivate();
                    }
                }
            } catch (Exception e) {
                cn.com.cfca.sdk.hke.util.a.b.a(f1259a, "SEPubKey failed: " + e.getLocalizedMessage(), e);
            }
            return privateKey;
        }
        privateKey = null;
        return privateKey;
    }

    private KeyPair g() {
        if (!d()) {
            return null;
        }
        Date date = new Date();
        Calendar calendar = Calendar.getInstance();
        calendar.clear();
        calendar.setTime(date);
        calendar.add(1, 20);
        try {
            this.d.initialize(new KeyPairGeneratorSpec.Builder(this.b).setAlias("CFCA_HKE_KEY_STORE").setSubject(new X500Principal("CN=CFCA Acquisition, O=CFCA, C=CN")).setSerialNumber(BigInteger.ONE).setStartDate(date).setEndDate(calendar.getTime()).build());
            return this.d.generateKeyPair();
        } catch (InvalidAlgorithmParameterException e) {
            cn.com.cfca.sdk.hke.util.a.b.b(f1259a, "CreateRSAKeyPairs failed: " + e.getLocalizedMessage());
            return null;
        }
    }

    private KeyPair h() {
        if (e()) {
            try {
                this.e.initialize(new KeyGenParameterSpec.Builder("CFCA_HKE_SE_KEY_STORE", 12).setDigests("SHA-1", g.f3725a, ApiCacheDo.CacheKeyType.NONE).setAlgorithmParameterSpec(new ECGenParameterSpec("secp256r1")).build());
                return this.e.generateKeyPair();
            } catch (InvalidAlgorithmParameterException e) {
                cn.com.cfca.sdk.hke.util.a.b.b(f1259a, "CreateECCKeyPairs failed: " + e.getLocalizedMessage());
            }
        }
        return null;
    }

    public String a() {
        String str = "";
        if (d()) {
            try {
                Certificate certificate = this.c.getCertificate("CFCA_HKE_KEY_STORE");
                if (certificate != null) {
                    str = Base64.encodeToString(certificate.getPublicKey().getEncoded(), 2);
                } else {
                    KeyPair g = g();
                    if (g != null) {
                        str = Base64.encodeToString(g.getPublic().getEncoded(), 2);
                    }
                }
            } catch (Exception e) {
                cn.com.cfca.sdk.hke.util.a.b.b(f1259a, "KeySotrePubKey failed: " + e.getLocalizedMessage());
            }
        }
        return str;
    }

    public String b() {
        String str = "";
        if (e()) {
            try {
                Certificate certificate = this.c.getCertificate("CFCA_HKE_SE_KEY_STORE");
                if (certificate != null) {
                    str = Base64.encodeToString(certificate.getPublicKey().getEncoded(), 2);
                } else {
                    KeyPair h = h();
                    if (h != null) {
                        str = Base64.encodeToString(h.getPublic().getEncoded(), 2);
                    }
                }
            } catch (Exception e) {
                cn.com.cfca.sdk.hke.util.a.b.a(f1259a, "SEPubKey failed: " + e.getLocalizedMessage(), e);
            }
        }
        return str;
    }

    public boolean c() {
        PrivateKey f;
        if (e() && (f = f()) != null) {
            try {
                return ((KeyInfo) KeyFactory.getInstance(f.getAlgorithm(), AES.ANDROID_KEYSTORE).getKeySpec(f, KeyInfo.class)).isInsideSecureHardware();
            } catch (Exception e) {
                return false;
            }
        }
        return false;
    }
}
