package y1;

import android.content.Context;
import android.os.Build;
import android.security.keystore.KeyGenParameterSpec;
import c2.e;
import c2.h;
import c2.i;
import java.io.File;
import java.io.IOException;
import java.nio.charset.StandardCharsets;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.UnrecoverableEntryException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.security.spec.ECGenParameterSpec;
import java.security.spec.InvalidKeySpecException;
import java.util.Calendar;
import java.util.List;
import java.util.concurrent.locks.ReadWriteLock;
import java.util.concurrent.locks.ReentrantReadWriteLock;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import org.json.JSONException;
import q1.g;

/* compiled from: CryptoKeyStore.java */
/* loaded from: classes.dex */
public class c {

    /* renamed from: a, reason: collision with root package name */
    public static final ReadWriteLock f9921a = new ReentrantReadWriteLock();

    public static SecretKey c(final Context context, String str, final String str2) {
        return d(str, new Runnable() { // from class: y1.b
            @Override // java.lang.Runnable
            public final void run() {
                c.j(str2, context);
            }
        });
    }

    public static SecretKey d(String str, Runnable runnable) {
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null);
        if (keyStore.containsAlias(str)) {
            return ((KeyStore.SecretKeyEntry) keyStore.getEntry(str, null)).getSecretKey();
        }
        if (runnable != null) {
            runnable.run();
        }
        KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", "AndroidKeyStore");
        keyGenerator.init(new KeyGenParameterSpec.Builder(str, 3).setBlockModes("CTR", "GCM").setEncryptionPaddings("NoPadding").setKeySize(256).build());
        return keyGenerator.generateKey();
    }

    public static SecretKey e(final Context context, String str, final String str2) {
        try {
            return d(str, new Runnable() { // from class: y1.a
                @Override // java.lang.Runnable
                public final void run() {
                    c.k(str2, context);
                }
            });
        } catch (IOException | InvalidAlgorithmParameterException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | UnrecoverableEntryException | CertificateException e9) {
            i.b("CryptoKeyStore", "createOrGetSecretKeyToSP error. " + e9);
            throw new KeyStoreException(e9);
        }
    }

    public static void f(Context context, String str) {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            if (keyStore.containsAlias(str)) {
                i.a("CryptoKeyStore", "deleteEcKeyPair key pair is recorded in the android keystore, delete now, alias = " + str);
                keyStore.deleteEntry(str);
                return;
            }
            File c9 = e.c(e.a("eckeypairstore", str), context);
            if (c9.exists()) {
                i.a("CryptoKeyStore", "deleteEcKeyPair key pair is recorded in the private directory, delete now, alias = " + str);
                c9.delete();
            }
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e9) {
            throw new g1.c(e9);
        }
    }

    public static void g(String str) {
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null);
        if (keyStore.containsAlias(str)) {
            keyStore.deleteEntry(str);
        }
    }

    public static KeyPair h(Context context, z1.a aVar) {
        try {
            String b9 = aVar.b();
            int i9 = 64;
            if ((aVar.c() & 64) != 0 && Build.VERSION.SDK_INT <= 30) {
                KeyPair e9 = h.e(aVar.d());
                String d9 = d.d(b9, e9, aVar.a());
                SecretKey c9 = c(context, "pki_sdk_ecKeyPairGen_key", "eckeypairstore");
                if (c9 == null) {
                    throw new KeyStoreException("SecretKey generation error, unable to read ec key pair list.");
                }
                q1.d b10 = h1.a.b(new g.c().j(g.b.f8663f).m(c9).k(d9.getBytes(StandardCharsets.UTF_8)).h());
                if (!e.e(d.a(b10.a(), b10.b()), e.a("eckeypairstore", b9), false, context, f9921a)) {
                    throw new IOException("Failed to save key information to file");
                }
                KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
                keyStore.load(null);
                if (keyStore.containsAlias(b9)) {
                    keyStore.deleteEntry(b9);
                }
                i.a("CryptoKeyStore", "generateEcKeyPair generate success(encrypted storage solution), alias = " + b9);
                return e9;
            }
            if ((aVar.c() & 64) == 0 || (aVar.c() & 4) == 0) {
                if ((aVar.c() & 64) == 0) {
                    i9 = 4;
                } else if (Build.VERSION.SDK_INT < 31) {
                    throw new KeyStoreException("The minimum required API level is 31 for PURPOSE_AGREE_KEY.");
                }
            } else {
                if (Build.VERSION.SDK_INT < 31) {
                    throw new KeyStoreException("The minimum required API level is 31 for PURPOSE_AGREE_KEY.");
                }
                i9 = 68;
            }
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC", "AndroidKeyStore");
            KeyGenParameterSpec.Builder digests = new KeyGenParameterSpec.Builder(aVar.b(), i9).setAlgorithmParameterSpec(new ECGenParameterSpec(aVar.d())).setDigests("NONE", "SHA-1", "SHA-224", "SHA-256", "SHA-384", "SHA-512");
            if (aVar.a() != null) {
                digests.setCertificateNotAfter(aVar.a());
            }
            keyPairGenerator.initialize(digests.build());
            File c10 = e.c(e.a("eckeypairstore", b9), context);
            if (c10.exists()) {
                c10.delete();
            }
            i.a("CryptoKeyStore", "generateEcKeyPair generate success(android keystore solution), alias = " + b9);
            return keyPairGenerator.generateKeyPair();
        } catch (IOException | InvalidAlgorithmParameterException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | UnrecoverableEntryException | CertificateException | JSONException | r1.c e10) {
            throw new g1.c(e10);
        }
    }

    public static KeyPair i(Context context, String str) {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            if (keyStore.containsAlias(str)) {
                i.a("CryptoKeyStore", "getEcKeyPair key pair is recorded in the android keystore, alias = " + str);
                X509Certificate x509Certificate = (X509Certificate) keyStore.getCertificate(str);
                if (!x509Certificate.getNotAfter().before(Calendar.getInstance().getTime())) {
                    return new KeyPair(x509Certificate.getPublicKey(), (PrivateKey) keyStore.getKey(str, null));
                }
                i.a("CryptoKeyStore", "getEcKeyPair certificate has expired and has been deleted, alias = " + str);
                keyStore.deleteEntry(str);
                return null;
            }
            File c9 = e.c(e.a("eckeypairstore", str), context);
            if (c9.exists()) {
                i.a("CryptoKeyStore", "getEcKeyPair key pair is recorded in the private directory, alias = " + str);
                z1.b l9 = l(context, str);
                if (l9 != null) {
                    if (!l9.b()) {
                        return l9.a();
                    }
                    i.a("CryptoKeyStore", "getEcKeyPair key pair has expired and has been deleted, alias = " + str);
                    c9.delete();
                    return null;
                }
            }
            return null;
        } catch (IOException | InvalidAlgorithmParameterException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | UnrecoverableEntryException | CertificateException | InvalidKeySpecException | JSONException | r1.c e9) {
            throw new g1.c(e9);
        }
    }

    public static /* synthetic */ void j(String str, Context context) {
        if (str != null) {
            File c9 = e.c(e.a(str), context);
            if (c9.exists()) {
                c9.delete();
            }
        }
    }

    public static /* synthetic */ void k(String str, Context context) {
        if (str != null) {
            e.b(context, str);
        }
    }

    public static z1.b l(Context context, String str) {
        List<String> d9;
        z1.b c9;
        SecretKey c10 = c(context, "pki_sdk_ecKeyPairGen_key", "eckeypairstore");
        if (c10 == null) {
            throw new KeyStoreException("SecretKey generation error, unable to read key pair list.");
        }
        File c11 = e.c(e.a("eckeypairstore", str), context);
        if (c11.exists() && (d9 = e.d(c11, f9921a)) != null) {
            for (String str2 : d9) {
                q1.d b9 = d.b(str2);
                if (b9 != null && (c9 = d.c(new String(h1.a.a(new g.c().k(b9.a()).m(c10).l(b9.b()).h()), StandardCharsets.UTF_8))) != null) {
                    c9.c(str2);
                    return c9;
                }
            }
        }
        return null;
    }
}
