package mn;

import android.content.Context;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import androidx.annotation.NonNull;
import androidx.annotation.Nullable;
import c.a;
import com.locuslabs.sdk.llprivate.ConstantsKt;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.UnrecoverableEntryException;
import java.security.cert.CertificateException;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.ECGenParameterSpec;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.X509EncodedKeySpec;
import java.util.Date;
import java.util.UUID;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKey;
import mq.c;
import mq.e;
import org.jose4j.jwk.EllipticCurveJsonWebKey;
import org.jose4j.jwk.RsaJsonWebKey;
import org.jose4j.keys.AesKey;

/* compiled from: KSHelper.java */
/* loaded from: classes6.dex */
public final class a {

    /* renamed from: a, reason: collision with root package name */
    private static final c f36809a = e.k(a.class);

    /* renamed from: b, reason: collision with root package name */
    public static final /* synthetic */ int f36810b = 0;

    @NonNull
    public static KeyPair a(String str) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException, InvalidKeyException {
        Date date = new Date();
        Date date2 = new Date(date.getTime() + 788400000000L);
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(EllipticCurveJsonWebKey.KEY_TYPE, "AndroidKeyStore");
        keyPairGenerator.initialize(new KeyGenParameterSpec.Builder(str, 12).setAlgorithmParameterSpec(new ECGenParameterSpec("secp256r1")).setDigests("SHA-256").setCertificateSerialNumber(new BigInteger(64, new SecureRandom())).setCertificateNotBefore(date).setCertificateNotAfter(date2).build());
        KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
        Signature.getInstance("SHA256withECDSA").initSign(generateKeyPair.getPrivate());
        return generateKeyPair;
    }

    public static PrivateKey b(Context context) {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null, null);
            a.C0074a c0074a = c.a.I;
            String n10 = c0074a.getInstance(context).n();
            if (!keyStore.containsAlias(n10)) {
                f36809a.info("flow=[KEYSTORE] message=\"EC key alias doesn't exists\"");
                n10 = UUID.randomUUID().toString();
                a(n10);
                c0074a.getInstance(context).k(n10);
            }
            return (PrivateKey) keyStore.getKey(n10, null);
        } catch (IOException | InvalidAlgorithmParameterException | InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | UnrecoverableEntryException | CertificateException e10) {
            f36809a.error(String.format("flow=[KEYSTORE] message=\"Cannot get EC private key, error=%s\"", e10));
            return null;
        }
    }

    public static void c() {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            keyStore.deleteEntry("PingIDKey4New");
            f36809a.info("flow=[CONVERGENCE] message=\"v1 keyPair deleted from keystore\"");
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e10) {
            f36809a.error("flow=[CONVERGENCE] message=\"error clearing keystore entry v1 keyPair: " + e10.getMessage() + ConstantsKt.JSON_DQ);
        }
    }

    public static KeyPair d(String str) throws NoSuchAlgorithmException, InvalidAlgorithmParameterException, NoSuchProviderException {
        Date date = new Date();
        Date date2 = new Date(date.getTime() + 788400000000L);
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(RsaJsonWebKey.KEY_TYPE, "AndroidKeyStore");
        keyPairGenerator.initialize(new KeyGenParameterSpec.Builder(str, 15).setKeySize(2048).setDigests("SHA-256").setEncryptionPaddings("PKCS1Padding").setSignaturePaddings("PKCS1").setCertificateSerialNumber(new BigInteger(64, new SecureRandom())).setCertificateNotBefore(date).setCertificateNotAfter(date2).build());
        return keyPairGenerator.generateKeyPair();
    }

    @Nullable
    public static PublicKey e(Context context) {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null, null);
            a.C0074a c0074a = c.a.I;
            String n10 = c0074a.getInstance(context).n();
            if (!keyStore.containsAlias(n10)) {
                f36809a.info("flow=[KEYSTORE] message=\"EC alias doesn't exist\"");
                n10 = UUID.randomUUID().toString();
                a(n10);
                if (!c0074a.getInstance(context).D()) {
                    c0074a.getInstance(context).F();
                }
                c0074a.getInstance(context).k(n10);
            }
            return keyStore.getCertificate(n10).getPublicKey();
        } catch (IOException | InvalidAlgorithmParameterException | InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | CertificateException e10) {
            f36809a.error(String.format("flow=[KEYSTORE] message=\"Cannot get EC publicKey, error=%s\"", e10));
            return null;
        }
    }

    @Nullable
    public static SecretKey f() {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            if (!keyStore.containsAlias("P14CKeyAES")) {
                KeyGenerator keyGenerator = KeyGenerator.getInstance(AesKey.ALGORITHM, "AndroidKeyStore");
                keyGenerator.init(new KeyGenParameterSpec.Builder("P14CKeyAES", 3).setBlockModes("GCM").setEncryptionPaddings("NoPadding").setKeySize(256).build());
                keyGenerator.generateKey();
                f36809a.info("flow=[KEYSTORE] message=\"GCM encryption key generated\"");
            }
            return ((KeyStore.SecretKeyEntry) keyStore.getEntry("P14CKeyAES", null)).getSecretKey();
        } catch (IOException e10) {
            e = e10;
            f36809a.error(String.format("flow=[KEYSTORE] message=\"Cannot initialize KeyStore, error=%s\"", e));
            return null;
        } catch (InvalidAlgorithmParameterException e11) {
            e = e11;
            f36809a.error(String.format("flow=[KEYSTORE] message=\"Cannot generate key, error=%s\"", e));
            return null;
        } catch (KeyStoreException e12) {
            e = e12;
            f36809a.error(String.format("flow=[KEYSTORE] message=\"Cannot initialize KeyStore, error=%s\"", e));
            return null;
        } catch (NoSuchAlgorithmException e13) {
            e = e13;
            f36809a.error(String.format("flow=[KEYSTORE] message=\"Cannot initialize KeyStore, error=%s\"", e));
            return null;
        } catch (NoSuchProviderException e14) {
            e = e14;
            f36809a.error(String.format("flow=[KEYSTORE] message=\"Cannot generate key, error=%s\"", e));
            return null;
        } catch (UnrecoverableEntryException e15) {
            e = e15;
            f36809a.error(String.format("flow=[KEYSTORE] message=\"Cannot generate key, error=%s\"", e));
            return null;
        } catch (CertificateException e16) {
            e = e16;
            f36809a.error(String.format("flow=[KEYSTORE] message=\"Cannot initialize KeyStore, error=%s\"", e));
            return null;
        }
    }

    @Nullable
    public static String g(Context context) {
        try {
            return Base64.encodeToString(((X509EncodedKeySpec) KeyFactory.getInstance(EllipticCurveJsonWebKey.KEY_TYPE).getKeySpec(e(context), X509EncodedKeySpec.class)).getEncoded(), 2);
        } catch (NoSuchAlgorithmException | InvalidKeySpecException e10) {
            f36809a.error(String.format("flow=[KEYSTORE] message=\"Cannot stringify public key EC, error=%s\"", e10));
            return null;
        }
    }

    @Nullable
    public static Key h() {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            try {
                if (!keyStore.containsAlias("PingIDKey4New")) {
                    f36809a.error("flow=[CONVERGENCE] message=\"the v1 encryption alias doesn't exist in default keystore\"");
                    return null;
                }
                KeyStore.Entry entry = keyStore.getEntry("PingIDKey4New", null);
                if (entry instanceof KeyStore.SecretKeyEntry) {
                    return ((KeyStore.SecretKeyEntry) entry).getSecretKey();
                }
                if (entry instanceof KeyStore.PrivateKeyEntry) {
                    return ((KeyStore.PrivateKeyEntry) entry).getPrivateKey();
                }
                return null;
            } catch (KeyStoreException e10) {
                f36809a.error("flow=[CONVERGENCE] message=\"error loading keystore while fetching v1 encryption key: " + e10.getMessage() + ConstantsKt.JSON_DQ);
                return null;
            } catch (NoSuchAlgorithmException e11) {
                e = e11;
                f36809a.error("flow=[CONVERGENCE] message=\"error loading keystore entry while fetching v1 encryption key: " + e.getMessage() + ConstantsKt.JSON_DQ);
                return null;
            } catch (UnrecoverableEntryException e12) {
                e = e12;
                f36809a.error("flow=[CONVERGENCE] message=\"error loading keystore entry while fetching v1 encryption key: " + e.getMessage() + ConstantsKt.JSON_DQ);
                return null;
            }
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e13) {
            f36809a.error("flow=[CONVERGENCE] message=\"error loading keystore: " + e13.getMessage() + ConstantsKt.JSON_DQ);
            return null;
        }
    }

    public static void i(String str) {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            keyStore.deleteEntry(str);
            f36809a.info(String.format("flow=[KEYSTORE] message=\"keyPair with alias %s deleted from keystore\"", str));
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e10) {
            f36809a.error("flow=[CONVERGENCE] message=\"error clearing keystore entry: " + e10.getMessage() + ConstantsKt.JSON_DQ);
        }
    }

    @Nullable
    public static String j(Context context) {
        try {
            return Base64.encodeToString(((X509EncodedKeySpec) KeyFactory.getInstance(RsaJsonWebKey.KEY_TYPE).getKeySpec(m(context), X509EncodedKeySpec.class)).getEncoded(), 2);
        } catch (NoSuchAlgorithmException | InvalidKeySpecException e10) {
            f36809a.error(String.format("flow=[KEYSTORE] message=\"Cannot stringify public key RSA, error=%s\"", e10));
            return null;
        }
    }

    @Nullable
    public static PrivateKey k() {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry("PingIDKey4PrivateKey", null);
            if (privateKeyEntry == null) {
                return null;
            }
            return privateKeyEntry.getPrivateKey();
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableEntryException | CertificateException e10) {
            f36809a.error("flow=[CONVERGENCE] message=\"" + e10.getMessage() + ConstantsKt.JSON_DQ);
            return null;
        }
    }

    @Nullable
    public static PrivateKey l(Context context) {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null, null);
            a.C0074a c0074a = c.a.I;
            String p10 = c0074a.getInstance(context).p();
            if (!keyStore.containsAlias(p10)) {
                f36809a.info("flow=[KEYSTORE] message=\"RSA key alias doesn't exists\"");
                p10 = UUID.randomUUID().toString();
                d(p10);
                c0074a.getInstance(context).m(p10);
            }
            return (PrivateKey) keyStore.getKey(p10, null);
        } catch (IOException | InvalidAlgorithmParameterException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | UnrecoverableEntryException | CertificateException e10) {
            f36809a.error(String.format("flow=[KEYSTORE] message=\"Cannot get RSA private key, error=%s\"", e10));
            return null;
        }
    }

    @Nullable
    private static RSAPublicKey m(Context context) {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null, null);
            a.C0074a c0074a = c.a.I;
            String p10 = c0074a.getInstance(context).p();
            if (!keyStore.containsAlias(p10)) {
                f36809a.info("flow=[KEYSTORE] message=\"RSA alias doesn't exists\"");
                p10 = UUID.randomUUID().toString();
                d(p10);
                c0074a.getInstance(context).m(p10);
            }
            return (RSAPublicKey) keyStore.getCertificate(p10).getPublicKey();
        } catch (IOException | InvalidAlgorithmParameterException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | CertificateException e10) {
            f36809a.error(String.format("flow=[KEYSTORE] message=\"Cannot get RSA public key, error=%s\"", e10));
            return null;
        }
    }
}
