package com.scl.rdservice.ecsclient.b;

import android.app.Activity;
import android.content.Context;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import com.scl.rdservice.ecsclient.c.c;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Signature;
import java.security.SignatureException;
import java.security.UnrecoverableEntryException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import java.util.Collections;
import java.util.Date;
import javax.security.auth.x500.X500Principal;
import org.bouncycastle.pqc.jcajce.spec.McElieceCCA2KeyGenParameterSpec;

/* loaded from: classes.dex */
public class a {

    /* renamed from: b, reason: collision with root package name */
    private static a f4672b;

    /* renamed from: c, reason: collision with root package name */
    private KeyPair f4674c;
    private com.scl.rdservice.ecsclient.c.d d;
    private d e;

    /* renamed from: a, reason: collision with root package name */
    private final String f4673a = "AndroidKeyStore";
    private String f = null;

    private a() {
    }

    public static final synchronized a a(com.scl.rdservice.ecsclient.c.d dVar, Activity activity) {
        synchronized (a.class) {
            synchronized (a.class) {
                if (f4672b != null) {
                    return f4672b;
                }
                a aVar = new a();
                f4672b = aVar;
                aVar.d = dVar;
                aVar.e = d.a(activity);
                f4672b.a(activity);
                return f4672b;
            }
        }
    }

    private void a(Activity activity) {
        KeyStore.PrivateKeyEntry privateKeyEntry;
        Certificate certificate;
        try {
            c(activity);
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            if (this.f == null || c.c(activity, this.f) == null || (privateKeyEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry(c.c(activity, this.f), null)) == null || (certificate = privateKeyEntry.getCertificate()) == null) {
                return;
            }
            certificate.getPublicKey();
            this.f4674c = new KeyPair(certificate.getPublicKey(), privateKeyEntry.getPrivateKey());
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableEntryException | CertificateException e) {
            e.getCause();
            com.scl.rdservice.ecsclient.h.c.a("CryptoService:setKeyPair:Catch Exception: Error" + e.getMessage());
        }
    }

    private byte[] b(byte[] bArr, Context context) {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry(c.c(context, this.f), null);
            if (privateKeyEntry != null) {
                Signature signature = Signature.getInstance("SHA256withRSA");
                signature.initSign(privateKeyEntry.getPrivateKey());
                signature.update(bArr);
                return signature.sign();
            }
        } catch (IOException | InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | SignatureException | UnrecoverableEntryException | CertificateException e) {
            com.scl.rdservice.ecsclient.h.c.a("CryptoService:signData:Catch Exception: Error" + e.getMessage());
            e.getCause();
        }
        return null;
    }

    private void c(Context context) {
        try {
            this.f = null;
            this.f = com.scl.rdservice.ecsclient.c.b.a().b(this.d, context);
        } catch (Exception e) {
            com.scl.rdservice.ecsclient.h.c.a("CryptoService:setSerialNumber:Catch Exception: Error" + e.getMessage());
            this.d.d(c.a.COMMUNICATION_ERROR);
        }
    }

    private byte[] c(byte[] bArr, Context context) {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry(c.c(context, this.f), null);
            if (privateKeyEntry != null) {
                Signature signature = Signature.getInstance("SHA256withRSA");
                signature.initSign(privateKeyEntry.getPrivateKey());
                signature.update(bArr);
                return signature.sign();
            }
        } catch (IOException | InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | SignatureException | UnrecoverableEntryException | CertificateException e) {
            com.scl.rdservice.ecsclient.h.c.a("CryptoService:signDataD:Catch Exception: Error" + e.getMessage());
            e.getCause();
        }
        return null;
    }

    private KeyPair d(Context context, String str) {
        if (Build.VERSION.SDK_INT >= 23) {
            try {
                KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
                KeyGenParameterSpec.Builder builder = new KeyGenParameterSpec.Builder(str, 4);
                builder.setDigests(McElieceCCA2KeyGenParameterSpec.SHA256).setKeySize(2048).setSignaturePaddings("PKCS1").setCertificateSerialNumber(BigInteger.valueOf(1337L)).setCertificateNotBefore(new Date(System.currentTimeMillis())).setCertificateNotAfter(new Date(System.currentTimeMillis() + 86400000));
                keyPairGenerator.initialize(builder.build());
                return keyPairGenerator.generateKeyPair();
            } catch (InvalidAlgorithmParameterException | NoSuchAlgorithmException | NoSuchProviderException e) {
                com.scl.rdservice.ecsclient.h.c.a("CryptoService:generateKeyStore:1:Catch Exception: Error" + e.getMessage());
                e.getCause();
            }
        } else if (Build.VERSION.SDK_INT >= 18 && Build.VERSION.SDK_INT < 23) {
            try {
                KeyPairGenerator keyPairGenerator2 = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
                KeyPairGeneratorSpec.Builder builder2 = new KeyPairGeneratorSpec.Builder(context);
                builder2.setAlias(str).setSubject(new X500Principal("CN=rd_device")).setSerialNumber(BigInteger.valueOf(1337L)).setStartDate(new Date(System.currentTimeMillis())).setEndDate(new Date(System.currentTimeMillis() + 86400000));
                if (Build.VERSION.SDK_INT >= 19) {
                    builder2.setKeySize(2048);
                }
                keyPairGenerator2.initialize(builder2.build());
                return keyPairGenerator2.generateKeyPair();
            } catch (InvalidAlgorithmParameterException | NoSuchAlgorithmException | NoSuchProviderException e2) {
                com.scl.rdservice.ecsclient.h.c.a("CryptoService:generateKeyStore:2:Catch Exception: Error" + e2.getMessage());
            }
        }
        return null;
    }

    private X509Certificate e(Context context, String str) {
        Certificate certificate;
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry(str, null);
            if (privateKeyEntry != null && (certificate = privateKeyEntry.getCertificate()) != null) {
                return (X509Certificate) certificate;
            }
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableEntryException | CertificateException e) {
            com.scl.rdservice.ecsclient.h.c.a("CryptoService:getDeviceCert:Catch Exception: Error" + e.getMessage());
            e.getCause();
        }
        return null;
    }

    public KeyPair a(Context context, String str) {
        Certificate certificate;
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry(str, null);
            if (privateKeyEntry != null && (certificate = privateKeyEntry.getCertificate()) != null) {
                certificate.getPublicKey();
                return new KeyPair(certificate.getPublicKey(), privateKeyEntry.getPrivateKey());
            }
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableEntryException | CertificateException e) {
            e.getCause();
            com.scl.rdservice.ecsclient.h.c.a("CryptoService:getAliasKeyPair:Catch Exception: Error" + e.getMessage());
        }
        return null;
    }

    public KeyPair a(Context context, String str, b bVar) {
        c(context);
        KeyPair d = d(context, str);
        if (d != null) {
            return d;
        }
        bVar.a("Error in Registration");
        return null;
    }

    public KeyPair a(String str, String str2) {
        KeyStore.PrivateKeyEntry privateKeyEntry;
        Certificate certificate;
        try {
            this.f = str2;
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            if (this.f != null && (privateKeyEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry(str, null)) != null && (certificate = privateKeyEntry.getCertificate()) != null) {
                certificate.getPublicKey();
                return new KeyPair(certificate.getPublicKey(), privateKeyEntry.getPrivateKey());
            }
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableEntryException | CertificateException e) {
            com.scl.rdservice.ecsclient.h.c.a("CryptoService:getLastKeyPairForConnectedDevice:Catch Exception: Error" + e.getMessage());
            e.getCause();
        }
        return null;
    }

    public void a() {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            for (String str : Collections.list(keyStore.aliases())) {
                if (keyStore.containsAlias(str)) {
                    keyStore.deleteEntry(str);
                }
            }
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            e.getCause();
            com.scl.rdservice.ecsclient.h.c.a("CryptoService:deleteAllKeystore:Catch Exception: Error" + e.getMessage());
        }
    }

    public boolean a(Context context) {
        Certificate certificate;
        String b2;
        try {
            c(context);
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableEntryException | CertificateException e) {
            e.getCause();
            com.scl.rdservice.ecsclient.h.c.a("CryptoService:checkAlreadyRegisteredDeviceCertificate:Catch Exception: Error" + e.getMessage());
        }
        if (this.f == null) {
            return false;
        }
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null);
        KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry(c.c(context, this.f), null);
        if (privateKeyEntry != null && (certificate = privateKeyEntry.getCertificate()) != null && (b2 = c.b(context, this.f)) != null) {
            if (((X509Certificate) certificate).getSubjectX500Principal().getName().contains(b2)) {
                return true;
            }
        }
        return false;
    }

    public boolean a(Context context, Certificate certificate, String str, String str2) {
        try {
            if (((X509Certificate) certificate).getSubjectX500Principal().getName().contains(str)) {
                KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
                keyStore.load(null);
                if (((KeyStore.PrivateKeyEntry) keyStore.getEntry(str2, null)) != null) {
                    keyStore.setKeyEntry(str2, a(context, str2).getPrivate(), null, new Certificate[]{certificate});
                    if (e(context, str2).equals(certificate)) {
                        return true;
                    }
                }
            }
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableEntryException | CertificateException e) {
            com.scl.rdservice.ecsclient.h.c.a("CryptoService:replaceCertificates:Catch Exception: Error" + e.getMessage());
            e.getCause();
        }
        return false;
    }

    public boolean a(String str) {
        if (str == null) {
            return false;
        }
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            if (((KeyStore.PrivateKeyEntry) keyStore.getEntry(str, null)) == null) {
                return false;
            }
            keyStore.deleteEntry(str);
            return !keyStore.containsAlias(str);
        } catch (IOException | NullPointerException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableEntryException | CertificateException e) {
            e.getCause();
            com.scl.rdservice.ecsclient.h.c.a("CryptoService:deleteKeystoreEntry:Catch Exception: Error" + e.getMessage());
            return false;
        }
    }

    public byte[] a(String str, KeyPair keyPair) {
        try {
            Signature signature = Signature.getInstance("SHA256withRSA");
            signature.initSign(keyPair.getPrivate());
            signature.update(str.getBytes());
            return signature.sign();
        } catch (InvalidKeyException | NoSuchAlgorithmException | SignatureException e) {
            com.scl.rdservice.ecsclient.h.c.a("CryptoService:signDataWithPrivateKey:Catch Exception: Error" + e.getMessage());
            e.getCause();
            return null;
        }
    }

    public final byte[] a(byte[] bArr, Context context) {
        c(context);
        if (this.e.a() || this.f == null) {
            return null;
        }
        if (!a(context)) {
            throw new SecurityException("Device not registered");
        }
        if (e(context, c.c(context, this.f)) == null) {
            return null;
        }
        if (Build.VERSION.SDK_INT >= 23) {
            return b(bArr, context);
        }
        if (Build.VERSION.SDK_INT >= 18) {
            return c(bArr, context);
        }
        return null;
    }

    public KeyPair b(Context context, String str, b bVar) {
        KeyPair d = d(context, str);
        if (d != null) {
            return d;
        }
        bVar.a("Error in Rotation");
        return null;
    }

    public X509Certificate b(Context context) {
        Certificate certificate;
        c(context);
        if (this.f != null && a(context)) {
            try {
                KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
                keyStore.load(null);
                KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry(c.c(context, this.f), null);
                if (privateKeyEntry != null && (certificate = privateKeyEntry.getCertificate()) != null) {
                    return (X509Certificate) certificate;
                }
            } catch (IOException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableEntryException | CertificateException e) {
                e.getCause();
                com.scl.rdservice.ecsclient.h.c.a("CryptoService:getDeviceCertificate:Catch Exception: Error" + e.getMessage());
            }
        }
        return null;
    }

    public void b(Context context, String str) {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            for (Object obj : Collections.list(keyStore.aliases())) {
                if (obj.toString().contains(str) && c.c(context, str) == null) {
                    a(obj.toString());
                }
            }
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            e.getCause();
            com.scl.rdservice.ecsclient.h.c.a("CryptoService:deleteGarbageKeystores:Catch Exception: Error" + e.getMessage());
        }
    }

    public boolean c(Context context, String str) {
        StringBuilder sb;
        String message;
        Certificate certificate;
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry(c.c(context, str), null);
            if (privateKeyEntry == null || (certificate = privateKeyEntry.getCertificate()) == null) {
                return false;
            }
            ((X509Certificate) certificate).checkValidity(new Date(System.currentTimeMillis()));
            return true;
        } catch (IOException e) {
            e = e;
            sb = new StringBuilder();
            sb.append("CryptoService:checkCertificateExpiry:2:Catch Exception: Error");
            message = e.getMessage();
            sb.append(message);
            com.scl.rdservice.ecsclient.h.c.a(sb.toString());
            return false;
        } catch (KeyStoreException e2) {
            e = e2;
            sb = new StringBuilder();
            sb.append("CryptoService:checkCertificateExpiry:2:Catch Exception: Error");
            message = e.getMessage();
            sb.append(message);
            com.scl.rdservice.ecsclient.h.c.a(sb.toString());
            return false;
        } catch (NoSuchAlgorithmException e3) {
            e = e3;
            sb = new StringBuilder();
            sb.append("CryptoService:checkCertificateExpiry:2:Catch Exception: Error");
            message = e.getMessage();
            sb.append(message);
            com.scl.rdservice.ecsclient.h.c.a(sb.toString());
            return false;
        } catch (UnrecoverableEntryException e4) {
            e = e4;
            sb = new StringBuilder();
            sb.append("CryptoService:checkCertificateExpiry:2:Catch Exception: Error");
            message = e.getMessage();
            sb.append(message);
            com.scl.rdservice.ecsclient.h.c.a(sb.toString());
            return false;
        } catch (CertificateExpiredException e5) {
            e = e5;
            sb = new StringBuilder();
            sb.append("CryptoService:checkCertificateExpiry:1:Catch Exception: Error");
            message = e.getMessage();
            sb.append(message);
            com.scl.rdservice.ecsclient.h.c.a(sb.toString());
            return false;
        } catch (CertificateNotYetValidException e6) {
            e = e6;
            sb = new StringBuilder();
            sb.append("CryptoService:checkCertificateExpiry:1:Catch Exception: Error");
            message = e.getMessage();
            sb.append(message);
            com.scl.rdservice.ecsclient.h.c.a(sb.toString());
            return false;
        } catch (CertificateException e7) {
            e = e7;
            sb = new StringBuilder();
            sb.append("CryptoService:checkCertificateExpiry:2:Catch Exception: Error");
            message = e.getMessage();
            sb.append(message);
            com.scl.rdservice.ecsclient.h.c.a(sb.toString());
            return false;
        }
    }
}
