package com.allawn.cryptography.security.keystore;

import android.content.Context;
import android.os.Build;
import android.security.keystore.KeyGenParameterSpec;
import com.allawn.cryptography.entity.h;
import com.allawn.cryptography.util.e;
import com.allawn.cryptography.util.f;
import com.allawn.cryptography.util.i;
import com.allawn.cryptography.util.j;
import java.io.File;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.UnrecoverableEntryException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.security.spec.ECGenParameterSpec;
import java.security.spec.InvalidKeySpecException;
import java.util.Calendar;
import java.util.List;
import java.util.concurrent.locks.ReadWriteLock;
import java.util.concurrent.locks.ReentrantReadWriteLock;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import org.json.JSONException;

/* loaded from: classes.dex */
public class c {

    /* renamed from: a, reason: collision with root package name */
    private static final String f19830a = "CryptoKeyStore";

    /* renamed from: b, reason: collision with root package name */
    private static final ReadWriteLock f19831b = new ReentrantReadWriteLock();

    /* renamed from: c, reason: collision with root package name */
    private static final String f19832c = "AndroidKeyStore";

    /* renamed from: d, reason: collision with root package name */
    private static final String f19833d = "pki_sdk_ecKeyPairGen_key";

    /* renamed from: e, reason: collision with root package name */
    private static final String f19834e = "eckeypairstore";

    public static SecretKey c(final Context context, String str, final String str2) throws InvalidAlgorithmParameterException, UnrecoverableEntryException, CertificateException, KeyStoreException, IOException, NoSuchAlgorithmException, NoSuchProviderException {
        return d(str, new Runnable() { // from class: com.allawn.cryptography.security.keystore.b
            @Override // java.lang.Runnable
            public final void run() {
                c.j(str2, context);
            }
        });
    }

    private static SecretKey d(String str, Runnable runnable) throws KeyStoreException, CertificateException, IOException, NoSuchAlgorithmException, UnrecoverableEntryException, NoSuchProviderException, InvalidAlgorithmParameterException {
        KeyStore keyStore = KeyStore.getInstance(f19832c);
        keyStore.load(null);
        if (keyStore.containsAlias(str)) {
            return ((KeyStore.SecretKeyEntry) keyStore.getEntry(str, null)).getSecretKey();
        }
        if (runnable != null) {
            runnable.run();
        }
        KeyGenerator keyGenerator = KeyGenerator.getInstance(i.f20038a, f19832c);
        keyGenerator.init(new KeyGenParameterSpec.Builder(str, 3).setBlockModes("CTR", "GCM").setEncryptionPaddings("NoPadding").setKeySize(256).build());
        return keyGenerator.generateKey();
    }

    public static SecretKey e(final Context context, String str, final String str2) throws KeyStoreException {
        try {
            return d(str, new Runnable() { // from class: com.allawn.cryptography.security.keystore.a
                @Override // java.lang.Runnable
                public final void run() {
                    c.k(str2, context);
                }
            });
        } catch (IOException | InvalidAlgorithmParameterException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | UnrecoverableEntryException | CertificateException e7) {
            j.b(f19830a, "createOrGetSecretKeyToSP error. " + e7);
            throw new KeyStoreException(e7);
        }
    }

    public static void f(Context context, String str) throws com.allawn.cryptography.d {
        try {
            KeyStore keyStore = KeyStore.getInstance(f19832c);
            keyStore.load(null);
            if (keyStore.containsAlias(str)) {
                j.a(f19830a, "deleteEcKeyPair key pair is recorded in the android keystore, delete now, alias = " + str);
                keyStore.deleteEntry(str);
                return;
            }
            File c7 = f.c(f.a(f19834e, str), context);
            if (c7.exists()) {
                j.a(f19830a, "deleteEcKeyPair key pair is recorded in the private directory, delete now, alias = " + str);
                c7.delete();
            }
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e7) {
            throw new com.allawn.cryptography.d(e7);
        }
    }

    public static void g(String str) throws KeyStoreException, CertificateException, IOException, NoSuchAlgorithmException {
        KeyStore keyStore = KeyStore.getInstance(f19832c);
        keyStore.load(null);
        if (keyStore.containsAlias(str)) {
            keyStore.deleteEntry(str);
        }
    }

    public static KeyPair h(Context context, com.allawn.cryptography.security.keystore.entity.a aVar) throws com.allawn.cryptography.d {
        try {
            String b7 = aVar.b();
            int i7 = 64;
            if ((aVar.c() & 64) != 0 && Build.VERSION.SDK_INT <= 30) {
                KeyPair g7 = i.g(aVar.d());
                String d7 = d.d(b7, g7, aVar.a());
                SecretKey c7 = c(context, f19833d, f19834e);
                if (c7 == null) {
                    throw new KeyStoreException("SecretKey generation error, unable to read ec key pair list.");
                }
                com.allawn.cryptography.entity.d c8 = com.allawn.cryptography.algorithm.a.c(new h.c().k(h.b.f19498p).p(c7).m(d7.getBytes(StandardCharsets.UTF_8)).h());
                if (!f.f(d.a(c8.a(), c8.b()), f.a(f19834e, b7), false, context, f19831b)) {
                    throw new IOException("Failed to save key information to file");
                }
                KeyStore keyStore = KeyStore.getInstance(f19832c);
                keyStore.load(null);
                if (keyStore.containsAlias(b7)) {
                    keyStore.deleteEntry(b7);
                }
                j.a(f19830a, "generateEcKeyPair generate success(encrypted storage solution), alias = " + b7);
                return g7;
            }
            if ((aVar.c() & 64) == 0 || (aVar.c() & 4) == 0) {
                if ((aVar.c() & 64) == 0) {
                    i7 = 4;
                } else if (Build.VERSION.SDK_INT < 31) {
                    throw new KeyStoreException("The minimum required API level is 31 for PURPOSE_AGREE_KEY.");
                }
            } else {
                if (Build.VERSION.SDK_INT < 31) {
                    throw new KeyStoreException("The minimum required API level is 31 for PURPOSE_AGREE_KEY.");
                }
                i7 = 68;
            }
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(i.f20040c, f19832c);
            KeyGenParameterSpec.Builder digests = new KeyGenParameterSpec.Builder(aVar.b(), i7).setAlgorithmParameterSpec(new ECGenParameterSpec(aVar.d())).setDigests("NONE", "SHA-1", "SHA-224", e.b.D, e.b.E, e.b.F);
            if (aVar.a() != null) {
                digests.setCertificateNotAfter(aVar.a());
            }
            keyPairGenerator.initialize(digests.build());
            File c9 = f.c(f.a(f19834e, b7), context);
            if (c9.exists()) {
                c9.delete();
            }
            j.a(f19830a, "generateEcKeyPair generate success(android keystore solution), alias = " + b7);
            return keyPairGenerator.generateKeyPair();
        } catch (IOException | InvalidAlgorithmParameterException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | UnrecoverableEntryException | CertificateException | m1.d | JSONException e7) {
            throw new com.allawn.cryptography.d(e7);
        }
    }

    public static KeyPair i(Context context, String str) throws com.allawn.cryptography.d {
        try {
            KeyStore keyStore = KeyStore.getInstance(f19832c);
            keyStore.load(null);
            if (keyStore.containsAlias(str)) {
                j.a(f19830a, "getEcKeyPair key pair is recorded in the android keystore, alias = " + str);
                X509Certificate x509Certificate = (X509Certificate) keyStore.getCertificate(str);
                if (!x509Certificate.getNotAfter().before(Calendar.getInstance().getTime())) {
                    return new KeyPair(x509Certificate.getPublicKey(), (PrivateKey) keyStore.getKey(str, null));
                }
                j.a(f19830a, "getEcKeyPair certificate has expired and has been deleted, alias = " + str);
                keyStore.deleteEntry(str);
                return null;
            }
            File c7 = f.c(f.a(f19834e, str), context);
            if (c7.exists()) {
                j.a(f19830a, "getEcKeyPair key pair is recorded in the private directory, alias = " + str);
                com.allawn.cryptography.security.keystore.entity.c l7 = l(context, str);
                if (l7 != null) {
                    if (!l7.e()) {
                        return l7.d();
                    }
                    j.a(f19830a, "getEcKeyPair key pair has expired and has been deleted, alias = " + str);
                    c7.delete();
                    return null;
                }
            }
            return null;
        } catch (IOException | InvalidAlgorithmParameterException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | UnrecoverableEntryException | CertificateException | InvalidKeySpecException | m1.d | JSONException e7) {
            throw new com.allawn.cryptography.d(e7);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static /* synthetic */ void j(String str, Context context) {
        if (str != null) {
            File c7 = f.c(f.a(str), context);
            if (c7.exists()) {
                c7.delete();
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static /* synthetic */ void k(String str, Context context) {
        if (str != null) {
            f.b(context, str);
        }
    }

    private static com.allawn.cryptography.security.keystore.entity.c l(Context context, String str) throws CertificateException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, KeyStoreException, NoSuchProviderException, UnrecoverableEntryException, JSONException, m1.d, InvalidKeySpecException, IOException, com.allawn.cryptography.d {
        List<String> e7;
        com.allawn.cryptography.security.keystore.entity.c c7;
        SecretKey c8 = c(context, f19833d, f19834e);
        if (c8 == null) {
            throw new KeyStoreException("SecretKey generation error, unable to read key pair list.");
        }
        File c9 = f.c(f.a(f19834e, str), context);
        if (c9.exists() && (e7 = f.e(c9, f19831b)) != null) {
            for (String str2 : e7) {
                com.allawn.cryptography.entity.d b7 = d.b(str2);
                if (b7 != null && (c7 = d.c(new String(com.allawn.cryptography.algorithm.a.b(new h.c().m(b7.a()).p(c8).n(b7.b()).h()), StandardCharsets.UTF_8))) != null) {
                    c7.f(str2);
                    return c7;
                }
            }
        }
        return null;
    }
}
