package com.huawei.hms.framework.wlac.util;

import android.content.Context;
import android.os.Build;
import android.security.keystore.KeyGenParameterSpec;
import android.text.TextUtils;
import android.util.Base64;
import android.util.Log;
import com.huawei.hms.framework.common.Logger;
import com.huawei.openalliance.ad.constant.JsbMapKeyNames;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.ObjectOutputStream;
import java.io.UnsupportedEncodingException;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.ProviderException;
import java.security.Signature;
import java.security.SignatureException;
import java.security.UnrecoverableEntryException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.util.GregorianCalendar;
import org.json.JSONArray;
import org.json.JSONException;

/* loaded from: classes2.dex */
public class Huks {
    private static final String TAG = "HuksUtil";
    private static final String WLAC = "_wlac";
    private static volatile Huks instance = new Huks();
    private boolean isInit = false;
    private String mAlias;

    private KeyPair generateKeyPair(Context context, String str, String str2, int i, String str3, String str4) {
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(str2, "HwUniversalKeyStoreProvider");
            GregorianCalendar gregorianCalendar = new GregorianCalendar();
            GregorianCalendar gregorianCalendar2 = new GregorianCalendar();
            gregorianCalendar2.add(1, 1);
            if (Build.VERSION.SDK_INT >= 24) {
                keyPairGenerator.initialize(new KeyGenParameterSpec.Builder(str, i).setDigests(str3).setSignaturePaddings(str4).setCertificateSerialNumber(BigInteger.valueOf(1337L)).setCertificateNotBefore(gregorianCalendar.getTime()).setCertificateNotAfter(gregorianCalendar2.getTime()).setAttestationChallenge(WLACUtil.uuid().getBytes("UTF-8")).setUserAuthenticationRequired(false).build());
                return keyPairGenerator.generateKeyPair();
            }
            Logger.i(TAG, "the mobile phone version is smaller than 24! and the cert is null");
            return null;
        } catch (UnsupportedEncodingException unused) {
            Logger.w(TAG, "generateKeyPair is failure! Encoding Error ");
            return null;
        } catch (InvalidAlgorithmParameterException unused2) {
            Logger.w(TAG, "generateKeyPair is failure! Parameter Error");
            return null;
        } catch (NoSuchAlgorithmException unused3) {
            Logger.w(TAG, "generateKeyPair is failure! Algorithm Error");
            return null;
        } catch (NoSuchProviderException unused4) {
            Logger.w(TAG, "generateKeyPair is failure! Provider Error");
            return null;
        } catch (ProviderException unused5) {
            Logger.w(TAG, "generateKeyPair is failure! Provider Error ");
            return null;
        } catch (Throwable unused6) {
            Logger.w(TAG, "generateKeyPair is failure! Throwable ");
            return null;
        }
    }

    private Certificate[] getCertificateChain(String str) {
        Certificate[] certificateArr = new Certificate[0];
        try {
            huksInit();
            KeyStore keyStore = KeyStore.getInstance("HwKeyStore");
            keyStore.load(null);
            Log.i(TAG, "Load  keystore success!");
            KeyStore.Entry entry = keyStore.getEntry(str, null);
            if (entry == null) {
                Log.w(TAG, "Entry is not exist");
                return certificateArr;
            }
            if (entry instanceof KeyStore.PrivateKeyEntry) {
                return ((KeyStore.PrivateKeyEntry) entry).getCertificateChain();
            }
            Log.w(TAG, "Not an instance of a PrivateKeyEntry");
            return certificateArr;
        } catch (IOException unused) {
            Logger.w(TAG, "getting the certificates failed! IOException");
            return certificateArr;
        } catch (KeyStoreException unused2) {
            Logger.w(TAG, "getting the certificates failed! KeyStore Error");
            return certificateArr;
        } catch (NoSuchAlgorithmException unused3) {
            Logger.w(TAG, "getting the certificates failed! Algorithm Error");
            return certificateArr;
        } catch (UnrecoverableEntryException unused4) {
            Logger.w(TAG, "getting the certificates failed! Entry Error");
            return certificateArr;
        } catch (CertificateException unused5) {
            Logger.w(TAG, "getting the certificates failed! Certificate Error");
            return certificateArr;
        } catch (Throwable unused6) {
            Logger.w(TAG, "getting the certificates failed! Throwable");
            return certificateArr;
        }
    }

    public static Huks getInstance() {
        return instance;
    }

    private void huksInit() {
        if (this.isInit) {
            return;
        }
        try {
            try {
                try {
                    try {
                        Method method = Class.forName("com.huawei.security.keystore.HwUniversalKeyStoreProvider").getMethod(JsbMapKeyNames.H5_TEXT_DOWNLOAD_INSTALL, new Class[0]);
                        method.setAccessible(true);
                        method.invoke(null, new Object[0]);
                    } catch (NoSuchMethodException unused) {
                        Logger.i(TAG, "HwUniversalKeyStore: function not found");
                    }
                } catch (IllegalAccessException unused2) {
                    Logger.i(TAG, "HwUniversalKeyStore: cannot access");
                }
            } catch (ClassNotFoundException unused3) {
                Logger.i(TAG, "HwUniversalKeyStore: no HwUniversalKeyStore found");
            } catch (InvocationTargetException unused4) {
                Logger.i(TAG, "HwUniversalKeyStore: InvocationTargetException");
            }
        } finally {
            this.isInit = true;
            Logger.i(TAG, "Finish init");
        }
    }

    public String encodeCertificateToString(Certificate[] certificateArr) throws IOException, JSONException {
        if (certificateArr == null || certificateArr.length != 4) {
            return "";
        }
        String[] strArr = new String[3];
        int i = 1;
        for (int i2 = 0; i <= 3 && i2 <= 2; i2++) {
            strArr[i2] = getInstance().encodeToStringByBase64(certificateArr[i]);
            i++;
        }
        return new JSONArray(strArr).toString();
    }

    public String encodeToStringByBase64(Certificate certificate) throws IOException {
        if (certificate == null) {
            return "";
        }
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        ObjectOutputStream objectOutputStream = new ObjectOutputStream(byteArrayOutputStream);
        objectOutputStream.writeObject(certificate);
        objectOutputStream.flush();
        return Base64.encodeToString(byteArrayOutputStream.toByteArray(), 0);
    }

    public KeyPair generateKeyPair(Context context) {
        return generateKeyPair(context, this.mAlias, "RSA", 12, "SHA-256", "PSS");
    }

    public byte[] generateSignData(String str, String str2, String str3, String str4) {
        StringBuffer stringBuffer = new StringBuffer();
        if (!TextUtils.isEmpty(str)) {
            stringBuffer.append(str);
        }
        stringBuffer.append(";");
        stringBuffer.append(str2);
        stringBuffer.append(";");
        stringBuffer.append(str3);
        stringBuffer.append(";");
        try {
            if (!WLACUtil.checkNull(str4)) {
                stringBuffer.append(str4);
            }
            return stringBuffer.toString().getBytes("UTF8");
        } catch (UnsupportedEncodingException unused) {
            Logger.w(TAG, "generate sign data error");
            return new byte[0];
        }
    }

    public Certificate[] getCertificateChain() {
        return getCertificateChain(this.mAlias);
    }

    public String getmAlias() {
        return this.mAlias;
    }

    public void setmAlias(String str) {
        this.mAlias = str + WLAC;
    }

    public byte[] signData(byte[] bArr) {
        byte[] bArr2 = new byte[0];
        try {
            KeyStore keyStore = KeyStore.getInstance("HwKeystore");
            keyStore.load(null);
            Key key = keyStore.getKey(this.mAlias, null);
            if (key == null) {
                Logger.i(TAG, "Signature: PrivateKey error");
                return bArr2;
            }
            Signature signature = Signature.getInstance("SHA256withRSA/PSS", "HwUniversalKeyStoreProvider");
            signature.initSign((PrivateKey) key);
            signature.update(bArr);
            return signature.sign();
        } catch (IOException unused) {
            Logger.w(TAG, "Signature: IO error");
            return bArr2;
        } catch (InvalidKeyException unused2) {
            Logger.w(TAG, "Signature: Key error");
            return bArr2;
        } catch (KeyStoreException unused3) {
            Logger.w(TAG, "Signature: Keystore error");
            return bArr2;
        } catch (NoSuchAlgorithmException unused4) {
            Logger.w(TAG, "Signature: Algorithm error");
            return bArr2;
        } catch (NoSuchProviderException unused5) {
            Logger.w(TAG, "Signature: Provider error");
            return bArr2;
        } catch (SignatureException unused6) {
            Logger.w(TAG, "Signature: Signature error");
            return bArr2;
        } catch (UnrecoverableKeyException unused7) {
            Logger.w(TAG, "Signature: Key error");
            return bArr2;
        } catch (CertificateException unused8) {
            Logger.w(TAG, "Signature: Certificate error");
            return bArr2;
        } catch (Throwable unused9) {
            Logger.w(TAG, "Signature: Signature  Throwable");
            return bArr2;
        }
    }
}
