package com.tencent.d.a;

import android.annotation.SuppressLint;
import android.content.Context;
import android.os.Build;
import android.util.Base64;
import com.tencent.d.a.c.c;
import com.tencent.d.a.c.d;
import com.tencent.d.a.c.e;
import com.tencent.d.a.c.f;
import com.tencent.d.a.c.g;
import com.tencent.d.a.c.h;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.Provider;
import java.security.Security;
import java.security.Signature;
import java.security.UnrecoverableEntryException;
import org.xwalk.core.XWalkAppVersion;

/* loaded from: classes2.dex */
public final class a implements com.tencent.d.a.c.a {
    private static boolean yoC = false;

    public static e ZF(String str) {
        e eVar;
        if (f.nx(str)) {
            c.e("Soter.SoterCore", "soter: auth key name is null or nil. abort.", new Object[0]);
            return new e(1, "no authKeyName");
        }
        if (!crF()) {
            c.e("Soter.SoterCore", "soter: not support soter", new Object[0]);
            return new e(2);
        }
        try {
            if (crI()) {
                KeyStore.getInstance("AndroidKeyStore").load(null);
                KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "SoterKeyStore");
                try {
                    keyPairGenerator.initialize(com.tencent.d.a.b.a.ZL(str + String.format(".addcounter.auto_signed_when_get_pubkey(%s).secmsg_and_counter_signed_when_sign", d.crO().ypi)).L(XWalkAppVersion.XWALK_APK_HASH_ALGORITHM).crN().M("PSS").crM());
                    long nanoTime = System.nanoTime();
                    keyPairGenerator.generateKeyPair();
                    c.i("Soter.SoterCore", "soter: generate successfully, cost: %d ms", Long.valueOf(f.fw(nanoTime)));
                    eVar = new e(0);
                } catch (Exception e2) {
                    c.e("Soter.SoterCore", "soter: cause exception. maybe reflection exception: " + e2.toString(), new Object[0]);
                    eVar = new e(5, e2.toString());
                }
            } else {
                eVar = new e(3, "app secure key not exist");
            }
            return eVar;
        } catch (Exception e3) {
            c.e("Soter.SoterCore", "soter: generate auth key failed: " + e3.toString(), new Object[0]);
            return new e(5, e3.toString());
        }
    }

    public static boolean ZG(String str) {
        if (f.nx(str)) {
            c.e("Soter.SoterCore", "soter: authkey name not correct", new Object[0]);
            return false;
        }
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            return keyStore.getCertificate(str) != null;
        } catch (Exception e2) {
            c.e("Soter.SoterCore", "soter: hasAppGlobalSecureKey exception: " + e2.toString(), new Object[0]);
            return false;
        }
    }

    public static boolean ZH(String str) {
        c.i("Soter.SoterCore", String.format("soter: checking key valid: auth key name: %s, autoDelIfNotValid: %b ", str, true), new Object[0]);
        if (f.nx(str)) {
            c.e("Soter.SoterCore", "soter: checking key valid: authkey name not correct", new Object[0]);
            return false;
        }
        try {
            ZK(str);
            c.i("Soter.SoterCore", "soter: key valid", new Object[0]);
            return true;
        } catch (InvalidKeyException e2) {
            c.e("Soter.SoterCore", "soter: key invalid.", new Object[0]);
            bn(str, false);
            return false;
        } catch (UnrecoverableEntryException e3) {
            c.e("Soter.SoterCore", "soter: key invalid.", new Object[0]);
            bn(str, false);
            return false;
        } catch (Exception e4) {
            c.e("Soter.SoterCore", "soter: occurs other exceptions: %s", e4.toString());
            c.a("Soter.SoterCore", e4, "soter: occurs other exceptions");
            return false;
        }
    }

    public static g ZI(String str) {
        g gVar = null;
        if (f.nx(str)) {
            c.e("Soter.SoterCore", "soter: auth key name is null or nil. abort.", new Object[0]);
        } else if (crF()) {
            try {
                KeyStore keyStore = KeyStore.getInstance("SoterKeyStore");
                keyStore.load(null);
                try {
                    Key key = keyStore.getKey(str, "from_soter_ui".toCharArray());
                    if (key != null) {
                        gVar = bJ(key.getEncoded());
                    } else {
                        c.e("Soter.SoterCore", "soter: key can not be retrieved", new Object[0]);
                    }
                } catch (ClassCastException e2) {
                    c.e("Soter.SoterCore", "soter: cast error: " + e2.toString(), new Object[0]);
                }
            } catch (Exception e3) {
                c.a("Soter.SoterCore", e3, "soter: error in get auth key model");
            }
        } else {
            c.e("Soter.SoterCore", "soter: not support soter AndroidKeyStore", new Object[0]);
        }
        return gVar;
    }

    public static Signature ZJ(String str) {
        if (f.nx(str)) {
            c.e("Soter.SoterCore", "soter: auth key name is null or nil. abort.", new Object[0]);
            return null;
        }
        if (!crF()) {
            c.e("Soter.SoterCore", "soter: not support soterAndroidKeyStore", new Object[0]);
            return null;
        }
        try {
            return ZK(str);
        } catch (InvalidKeyException e2) {
            c.e("Soter.SoterCore", "soter: key invalid. Advice remove the key", new Object[0]);
            return null;
        } catch (UnrecoverableEntryException e3) {
            c.e("Soter.SoterCore", "soter: key invalid. Advice remove the key", new Object[0]);
            return null;
        } catch (Exception e4) {
            c.e("Soter.SoterCore", "soter: exception when getSignatureResult: " + e4.toString(), new Object[0]);
            c.a("Soter.SoterCore", e4, "soter: exception when getSignatureResult");
            return null;
        }
    }

    private static Signature ZK(String str) {
        if (f.nx(str)) {
            c.e("Soter.SoterCore", "soter: auth key name is null or nil. abort.", new Object[0]);
            return null;
        }
        Signature signature = Signature.getInstance("SHA256withRSA/PSS", "AndroidKeyStoreBCWorkaround");
        KeyStore keyStore = KeyStore.getInstance("SoterKeyStore");
        keyStore.load(null);
        KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry(str, null);
        if (privateKeyEntry != null) {
            signature.initSign(privateKeyEntry.getPrivateKey());
            return signature;
        }
        c.e("Soter.SoterCore", "soter: entry not exists", new Object[0]);
        return null;
    }

    public static h bH(byte[] bArr) {
        h hVar = null;
        if (bArr == null || bArr.length <= 0) {
            c.e("Soter.SoterCore", "origin is null or nil. abort", new Object[0]);
        } else if (bArr.length < 4) {
            c.e("Soter.SoterCore", "soter: length not correct 1", new Object[0]);
        } else {
            byte[] bArr2 = new byte[4];
            System.arraycopy(bArr, 0, bArr2, 0, 4);
            int bI = bI(bArr2);
            c.d("Soter", "parsed raw length: " + bI, new Object[0]);
            byte[] bArr3 = new byte[bI];
            if (bArr.length <= bI + 4) {
                c.e("Soter.SoterCore", "soter: length not correct 2", new Object[0]);
            } else {
                System.arraycopy(bArr, 4, bArr3, 0, bI);
                hVar = h.ZM(new String(bArr3));
                int length = bArr.length - (bI + 4);
                c.d("Soter.SoterCore", "soter: signature length: " + length, new Object[0]);
                byte[] bArr4 = new byte[length];
                System.arraycopy(bArr, bI + 4, bArr4, 0, length);
                if (hVar != null) {
                    hVar.signature = Base64.encodeToString(bArr4, 2);
                }
            }
        }
        return hVar;
    }

    private static int bI(byte[] bArr) {
        int i = 0;
        for (int i2 = 0; i2 < 4; i2++) {
            i += (bArr[i2] & 255) << (i2 * 8);
        }
        return i;
    }

    private static g bJ(byte[] bArr) {
        if (bArr == null) {
            c.e("Soter.SoterCore", "soter: raw data is null", new Object[0]);
            return null;
        }
        if (bArr.length < 4) {
            c.e("Soter.SoterCore", "soter: raw data length smaller than RAW_LENGTH_PREFIX", new Object[0]);
        }
        byte[] bArr2 = new byte[4];
        System.arraycopy(bArr, 0, bArr2, 0, 4);
        int bI = bI(bArr2);
        c.d("Soter.SoterCore", "soter: parsed raw length: " + bI, new Object[0]);
        byte[] bArr3 = new byte[bI];
        if (bArr.length <= bI + 4) {
            c.e("Soter.SoterCore", "length not correct 2", new Object[0]);
            return null;
        }
        System.arraycopy(bArr, 4, bArr3, 0, bI);
        String str = new String(bArr3);
        c.d("Soter.SoterCore", "soter: to convert json: " + str, new Object[0]);
        g gVar = new g(str, "");
        int length = bArr.length - (bI + 4);
        c.d("Soter.SoterCore", "soter: signature length: " + length, new Object[0]);
        byte[] bArr4 = new byte[length];
        System.arraycopy(bArr, bI + 4, bArr4, 0, length);
        gVar.signature = Base64.encodeToString(bArr4, 2);
        return gVar;
    }

    public static e bn(String str, boolean z) {
        if (f.nx(str)) {
            c.e("Soter.SoterCore", "soter: auth key name is null or nil. abort.", new Object[0]);
            return new e(1, "no authKeyName");
        }
        c.i("Soter.SoterCore", "soter: start remove key: " + str, new Object[0]);
        if (!crF()) {
            c.e("Soter.SoterCore", "soter: not support soter", new Object[0]);
            return new e(2);
        }
        try {
            KeyStore keyStore = KeyStore.getInstance("SoterKeyStore");
            keyStore.load(null);
            keyStore.deleteEntry(str);
            if (z) {
                c.i("Soter.SoterCore", "soter: auto delete ask", new Object[0]);
                if (crI()) {
                    crH();
                }
            }
            return new e(0);
        } catch (Exception e2) {
            c.e("Soter.SoterCore", "soter: removeAuthKey " + e2.toString(), new Object[0]);
            return new e(6, e2.toString());
        }
    }

    public static boolean crF() {
        if (!yoC) {
            setUp();
        }
        Provider[] providers = Security.getProviders();
        if (providers == null) {
            c.e("Soter.SoterCore", "soter: no provider supported", new Object[0]);
            return false;
        }
        for (Provider provider : providers) {
            if ("SoterKeyStore".equals(provider.getName())) {
                c.i("Soter.SoterCore", "soter: found soter provider", new Object[0]);
                return true;
            }
        }
        c.i("Soter.SoterCore", "soter: soter provider not found", new Object[0]);
        return false;
    }

    public static e crG() {
        c.i("Soter.SoterCore", "soter: start generate ask", new Object[0]);
        if (!crF()) {
            c.e("Soter.SoterCore", "soter: not support soter", new Object[0]);
            return new e(2);
        }
        try {
            KeyStore.getInstance("AndroidKeyStore").load(null);
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "SoterKeyStore");
            keyPairGenerator.initialize(com.tencent.d.a.b.a.ZL(d.crO().ypi + ".addcounter.auto_signed_when_get_pubkey_attk").L(XWalkAppVersion.XWALK_APK_HASH_ALGORITHM).M("PSS").crM());
            long nanoTime = System.nanoTime();
            keyPairGenerator.generateKeyPair();
            c.i("Soter.SoterCore", "soter: generate successfully. cost: %d ms", Long.valueOf(f.fw(nanoTime)));
            return new e(0);
        } catch (Exception e2) {
            c.e("Soter.SoterCore", "soter: generateAppGlobalSecureKey " + e2.toString(), new Object[0]);
            c.a("Soter.SoterCore", e2, "soter: generateAppGlobalSecureKey error");
            return new e(4, e2.toString());
        }
    }

    public static e crH() {
        c.i("Soter.SoterCore", "soter: start remove app global secure key", new Object[0]);
        if (!crF()) {
            c.e("Soter.SoterCore", "soter: not support soter", new Object[0]);
            return new e(2);
        }
        try {
            KeyStore keyStore = KeyStore.getInstance("SoterKeyStore");
            keyStore.load(null);
            keyStore.deleteEntry(d.crO().ypi);
            return new e(0);
        } catch (Exception e2) {
            c.e("Soter.SoterCore", "soter: removeAppGlobalSecureKey " + e2.toString(), new Object[0]);
            return new e(5, e2.toString());
        }
    }

    public static boolean crI() {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            return keyStore.getCertificate(d.crO().ypi) != null;
        } catch (Exception e2) {
            c.e("Soter.SoterCore", "soter: hasAppGlobalSecureKey exception: " + e2.toString(), new Object[0]);
            return false;
        }
    }

    public static g crJ() {
        g gVar = null;
        c.i("Soter.SoterCore", "soter: start get app global secure key pub", new Object[0]);
        if (crF()) {
            try {
                KeyStore keyStore = KeyStore.getInstance("SoterKeyStore");
                keyStore.load(null);
                try {
                    Key key = keyStore.getKey(d.crO().ypi, "from_soter_ui".toCharArray());
                    if (key != null) {
                        gVar = bJ(key.getEncoded());
                    } else {
                        c.e("Soter.SoterCore", "soter: key can not be retrieved", new Object[0]);
                    }
                } catch (ClassCastException e2) {
                    c.e("Soter.SoterCore", "soter: cast error: " + e2.toString(), new Object[0]);
                }
            } catch (Exception e3) {
                c.a("Soter.SoterCore", e3, "soter: error when get ask");
            }
        } else {
            c.e("Soter.SoterCore", "soter: not support soter", new Object[0]);
        }
        return gVar;
    }

    public static String crK() {
        StringBuilder sb = new StringBuilder();
        sb.append("<deviceinfo>");
        sb.append("<MANUFACTURER name=\"");
        sb.append(Build.MANUFACTURER);
        sb.append("\">");
        sb.append("<MODEL name=\"");
        sb.append(Build.MODEL);
        sb.append("\">");
        sb.append("<VERSION_RELEASE name=\"");
        sb.append(Build.VERSION.RELEASE);
        sb.append("\">");
        sb.append("<VERSION_INCREMENTAL name=\"");
        sb.append(Build.VERSION.INCREMENTAL);
        sb.append("\">");
        sb.append("<DISPLAY name=\"");
        sb.append(Build.DISPLAY);
        sb.append("\">");
        sb.append("</DISPLAY></VERSION_INCREMENTAL></VERSION_RELEASE></MODEL></MANUFACTURER></deviceinfo>");
        c.d("Soter.SoterCore", "soter: getFingerprint  " + sb.toString(), new Object[0]);
        return sb.toString();
    }

    public static boolean hM(Context context) {
        return com.tencent.d.a.a.a.hP(context).isHardwareDetected();
    }

    public static boolean hN(Context context) {
        return com.tencent.d.a.a.a.hP(context).hasEnrolledFingerprints();
    }

    public static boolean hO(Context context) {
        return (com.tencent.d.a.a.c.hX(context) || com.tencent.d.a.a.c.hW(context)) ? false : true;
    }

    @SuppressLint({"PrivateApi"})
    public static void setUp() {
        try {
            Method method = Class.forName("android.security.keystore.SoterKeyStoreProvider").getMethod("install", new Class[0]);
            method.setAccessible(true);
            method.invoke(null, new Object[0]);
        } catch (IllegalAccessException e2) {
            c.i("Soter.SoterCore", "soter: cannot access", new Object[0]);
        } catch (InvocationTargetException e3) {
            c.i("Soter.SoterCore", "soter: InvocationTargetException", new Object[0]);
        } catch (NoSuchMethodException e4) {
            c.i("Soter.SoterCore", "soter: function not found", new Object[0]);
        } catch (ClassNotFoundException e5) {
            c.i("Soter.SoterCore", "soter: no SoterProvider found", new Object[0]);
        } finally {
            yoC = true;
        }
    }
}
