package il;

import android.security.keystore.KeyGenParameterSpec;
import android.security.keystore.KeyInfo;
import android.util.Base64;
import com.adjust.sdk.Constants;
import com.tesco.mobile.identity.model.AttestationRegistryRequest;
import java.io.ByteArrayInputStream;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.KeySpec;
import java.util.Arrays;
import kotlin.jvm.internal.h;
import kotlin.jvm.internal.p;
import sh.ep.DGRfGSxqP;

/* loaded from: classes5.dex */
public final class c implements b {

    /* renamed from: a, reason: collision with root package name */
    public static final a f32626a = new a(null);

    /* loaded from: classes3.dex */
    public static final class a {
        public a() {
        }

        public /* synthetic */ a(h hVar) {
            this();
        }
    }

    private final String g(Certificate certificate) throws CertificateEncodingException {
        String encodeToString = Base64.encodeToString(certificate != null ? certificate.getEncoded() : null, 2);
        p.j(encodeToString, "encodeToString(certifica….encoded, Base64.NO_WRAP)");
        return encodeToString;
    }

    private final String h(X509Certificate[] x509CertificateArr) {
        String str = "";
        for (X509Certificate x509Certificate : x509CertificateArr) {
            str = str + g(x509Certificate) + ".";
        }
        return str;
    }

    private final X509Certificate[] i(String str) {
        KeyStore.Entry e12 = e(str);
        if (!(e12 instanceof KeyStore.PrivateKeyEntry)) {
            it1.a.c("Not an instance of a PrivateKeyEntry", new Object[0]);
            return new X509Certificate[0];
        }
        Certificate[] certificateChain = ((KeyStore.PrivateKeyEntry) e12).getCertificateChain();
        X509Certificate[] x509CertificateArr = new X509Certificate[certificateChain.length];
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
        int length = certificateChain.length;
        for (int i12 = 0; i12 < length; i12++) {
            Certificate generateCertificate = certificateFactory.generateCertificate(new ByteArrayInputStream(certificateChain[i12].getEncoded()));
            p.i(generateCertificate, DGRfGSxqP.RfG);
            x509CertificateArr[i12] = (X509Certificate) generateCertificate;
        }
        return x509CertificateArr;
    }

    private final KeyStore k() {
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null);
        p.j(keyStore, "keyStore");
        return keyStore;
    }

    private final String l(byte[] bArr) {
        byte[] digest = MessageDigest.getInstance(Constants.SHA256).digest(bArr);
        p.j(digest, "digest");
        String str = "";
        for (byte b12 : digest) {
            String format = String.format("%02x", Arrays.copyOf(new Object[]{Byte.valueOf(b12)}, 1));
            p.j(format, "format(this, *args)");
            str = str + format;
        }
        return str;
    }

    @Override // il.b
    public String a() {
        byte[] decodedPublicKey = Base64.decode(j("trn:tesco:identity:devicekey"), 2);
        p.j(decodedPublicKey, "decodedPublicKey");
        return l(decodedPublicKey);
    }

    @Override // il.b
    public void b(String keyAlias) {
        p.k(keyAlias, "keyAlias");
        try {
            k().deleteEntry(keyAlias);
        } catch (Exception e12) {
            it1.a.d(e12);
        }
    }

    @Override // il.b
    public void c(String keyAlias, String attestationChallenge) {
        p.k(keyAlias, "keyAlias");
        p.k(attestationChallenge, "attestationChallenge");
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC", "AndroidKeyStore");
            KeyGenParameterSpec.Builder digests = new KeyGenParameterSpec.Builder(keyAlias, 12).setDigests(Constants.SHA256, "SHA-512");
            byte[] bytes = attestationChallenge.getBytes(zr1.d.f77288b);
            p.j(bytes, "this as java.lang.String).getBytes(charset)");
            keyPairGenerator.initialize(digests.setAttestationChallenge(bytes).build());
            keyPairGenerator.generateKeyPair();
        } catch (Exception e12) {
            it1.a.d(e12);
            throw new KeyStoreException("Failed to generate KeyPair");
        }
    }

    @Override // il.b
    public boolean d(String keyAlias) {
        p.k(keyAlias, "keyAlias");
        Key key = k().getKey(keyAlias, null);
        p.j(key, "keystore.getKey(keyAlias, null)");
        KeyFactory keyFactory = KeyFactory.getInstance(key.getAlgorithm(), "AndroidKeyStore");
        p.j(keyFactory, "getInstance(privateKey.a…rithm, ANDROID_KEY_STORE)");
        KeySpec keySpec = keyFactory.getKeySpec(key, KeyInfo.class);
        p.j(keySpec, "keyFactory.getKeySpec(pr…Key, KeyInfo::class.java)");
        return ((KeyInfo) keySpec).isInsideSecureHardware();
    }

    @Override // il.b
    public KeyStore.Entry e(String keyAlias) {
        p.k(keyAlias, "keyAlias");
        KeyStore.Entry entry = null;
        try {
            entry = k().getEntry(keyAlias, null);
            return entry;
        } catch (Exception e12) {
            it1.a.d(e12);
            return entry;
        }
    }

    @Override // il.b
    public AttestationRegistryRequest f(String keyAlias, String nonce) {
        p.k(keyAlias, "keyAlias");
        p.k(nonce, "nonce");
        return AttestationRegistryRequest.Companion.build(a(), nonce, h(i(keyAlias)));
    }

    public final String j(String keyAlias) {
        p.k(keyAlias, "keyAlias");
        KeyStore.Entry e12 = e(keyAlias);
        if (!(e12 instanceof KeyStore.PrivateKeyEntry)) {
            it1.a.c("Not an instance of a PrivateKeyEntry", new Object[0]);
            throw new KeyStoreException("Couldn't create public key");
        }
        String encodeToString = Base64.encodeToString(((KeyStore.PrivateKeyEntry) e12).getCertificate().getPublicKey().getEncoded(), 2);
        p.j(encodeToString, "encodeToString(publicKey, Base64.NO_WRAP)");
        return encodeToString;
    }
}
