package com.huawei.secure.android.common.encrypt.keystore.rsa;

import android.os.Build;
import android.security.keystore.KeyGenParameterSpec;
import android.support.annotation.RequiresApi;
import android.text.TextUtils;
import android.util.Base64;
import android.util.Log;
import com.huawei.hms.aaid.constant.AaidIdConstant;
import com.huawei.secure.android.common.encrypt.utils.b;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Signature;
import java.security.SignatureException;
import java.security.UnrecoverableEntryException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;

/* loaded from: classes.dex */
public abstract class RSASignKS {
    private static final String C = "AndroidKeyStore";
    private static final int H = 2048;
    private static final int I = 3072;
    private static final String J = "SHA256withRSA/PSS";
    private static final String TAG = "RSASignKS";
    private static final String i = "";

    @RequiresApi(api = 23)
    private static synchronized KeyPair a(String str, boolean z) {
        synchronized (RSASignKS.class) {
            KeyPair keyPair = null;
            if (g(str)) {
                b.f(TAG, "Key pair exits");
                return null;
            }
            try {
                try {
                    KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", C);
                    if (z) {
                        keyPairGenerator.initialize(new KeyGenParameterSpec.Builder(str, 12).setDigests(AaidIdConstant.SIGNATURE_SHA256, "SHA-512").setSignaturePaddings("PSS").setKeySize(I).build());
                    } else {
                        keyPairGenerator.initialize(new KeyGenParameterSpec.Builder(str, 12).setDigests(AaidIdConstant.SIGNATURE_SHA256, "SHA-512").setSignaturePaddings("PSS").setKeySize(2048).build());
                    }
                    keyPair = keyPairGenerator.generateKeyPair();
                } catch (NoSuchAlgorithmException e2) {
                    b.f(TAG, "NoSuchAlgorithmException: " + e2.getMessage());
                }
            } catch (InvalidAlgorithmParameterException e3) {
                b.f(TAG, "InvalidAlgorithmParameterException: " + e3.getMessage());
            } catch (NoSuchProviderException e4) {
                b.f(TAG, "NoSuchProviderException: " + e4.getMessage());
            }
            return keyPair;
        }
    }

    @RequiresApi(api = 23)
    private static boolean a(String str, byte[] bArr, byte[] bArr2, boolean z) {
        String str2 = TAG;
        b.d(str2, "r ks v si begin ");
        if (TextUtils.isEmpty(str) || bArr == null || bArr2 == null) {
            b.f(str2, "alias or content or sign value is null");
            return false;
        }
        if (!isBuildVersionHigherThan22()) {
            b.f(str2, "sdk version is too low");
            return false;
        }
        KeyStore.Entry c2 = c(str, z);
        if (!(c2 instanceof KeyStore.PrivateKeyEntry)) {
            b.f(str2, "Not an instance of a PrivateKeyEntry");
            return false;
        }
        try {
            Signature signature = Signature.getInstance(J);
            signature.initVerify(((KeyStore.PrivateKeyEntry) c2).getCertificate());
            signature.update(bArr);
            return signature.verify(bArr2);
        } catch (InvalidKeyException e2) {
            b.f(TAG, "InvalidKeyException: " + e2.getMessage());
            return false;
        } catch (NoSuchAlgorithmException e3) {
            b.f(TAG, "NoSuchAlgorithmException: " + e3.getMessage());
            return false;
        } catch (SignatureException e4) {
            b.f(TAG, "SignatureException: " + e4.getMessage());
            return false;
        } catch (Exception e5) {
            b.f(TAG, "Exception: " + e5.getMessage());
            return false;
        }
    }

    @RequiresApi(api = 23)
    private static byte[] b(String str, byte[] bArr, boolean z) {
        String str2 = TAG;
        b.d(str2, "r ks si begin ");
        byte[] bArr2 = new byte[0];
        if (TextUtils.isEmpty(str) || bArr == null) {
            b.f(str2, "alias or content is null");
            return bArr2;
        }
        if (!isBuildVersionHigherThan22()) {
            b.f(str2, "sdk version is too low");
            return bArr2;
        }
        KeyStore.Entry c2 = c(str, z);
        if (!(c2 instanceof KeyStore.PrivateKeyEntry)) {
            b.f(str2, "Not an instance of a PrivateKeyEntry");
            return bArr2;
        }
        try {
            Signature signature = Signature.getInstance(J);
            signature.initSign(((KeyStore.PrivateKeyEntry) c2).getPrivateKey());
            signature.update(bArr);
            return signature.sign();
        } catch (InvalidKeyException e2) {
            b.f(TAG, "InvalidKeyException: " + e2.getMessage());
            return bArr2;
        } catch (NoSuchAlgorithmException e3) {
            b.f(TAG, "NoSuchAlgorithmException: " + e3.getMessage());
            return bArr2;
        } catch (SignatureException e4) {
            b.f(TAG, "SignatureException: " + e4.getMessage());
            return bArr2;
        } catch (Exception e5) {
            b.f(TAG, "Exception: " + e5.getMessage());
            return bArr2;
        }
    }

    @RequiresApi(api = 23)
    private static KeyStore.Entry c(String str, boolean z) {
        if (!g(str)) {
            a(str, z);
        }
        try {
            KeyStore keyStore = KeyStore.getInstance(C);
            keyStore.load(null);
            return keyStore.getEntry(str, null);
        } catch (IOException e2) {
            b.f(TAG, "IOException: " + e2.getMessage());
            return null;
        } catch (KeyStoreException e3) {
            b.f(TAG, "KeyStoreException: " + e3.getMessage());
            return null;
        } catch (NoSuchAlgorithmException e4) {
            b.f(TAG, "NoSuchAlgorithmException: " + e4.getMessage());
            return null;
        } catch (UnrecoverableEntryException e5) {
            b.f(TAG, "UnrecoverableEntryException: " + e5.getMessage());
            return null;
        } catch (CertificateException e6) {
            b.f(TAG, "CertificateException: " + e6.getMessage());
            return null;
        }
    }

    private static boolean g(String str) {
        try {
            KeyStore keyStore = KeyStore.getInstance(C);
            keyStore.load(null);
            return keyStore.getKey(str, null) != null;
        } catch (IOException e2) {
            b.f(TAG, "IOException: " + e2.getMessage());
            return false;
        } catch (KeyStoreException e3) {
            b.f(TAG, "KeyStoreException: " + e3.getMessage());
            return false;
        } catch (NoSuchAlgorithmException e4) {
            b.f(TAG, "NoSuchAlgorithmException: " + e4.getMessage());
            return false;
        } catch (UnrecoverableKeyException e5) {
            b.f(TAG, "UnrecoverableKeyException: " + e5.getMessage());
            return false;
        } catch (CertificateException e6) {
            b.f(TAG, "CertificateException: " + e6.getMessage());
            return false;
        }
    }

    public static boolean isBuildVersionHigherThan22() {
        return Build.VERSION.SDK_INT >= 23;
    }

    @RequiresApi(api = 23)
    @Deprecated
    public static String sign(String str, String str2) {
        b.d(TAG, "r ks si begin ");
        try {
            return Base64.encodeToString(sign(str, str2.getBytes("UTF-8")), 0);
        } catch (UnsupportedEncodingException e2) {
            Log.e(TAG, "sign UnsupportedEncodingException : " + e2.getMessage());
            return "";
        }
    }

    @RequiresApi(api = 23)
    @Deprecated
    public static byte[] sign(String str, byte[] bArr) {
        return b(str, bArr, false);
    }

    @RequiresApi(api = 23)
    public static String signNew(String str, String str2) {
        b.d(TAG, "r ks si begin ");
        try {
            return Base64.encodeToString(signNew(str, str2.getBytes("UTF-8")), 0);
        } catch (UnsupportedEncodingException e2) {
            Log.e(TAG, "sign UnsupportedEncodingException : " + e2.getMessage());
            return "";
        }
    }

    @RequiresApi(api = 23)
    public static byte[] signNew(String str, byte[] bArr) {
        return b(str, bArr, true);
    }

    @RequiresApi(api = 23)
    @Deprecated
    public static boolean verifySign(String str, String str2, String str3) {
        b.d(TAG, "r ks v si begin ");
        try {
            return verifySign(str, str2.getBytes("UTF-8"), Base64.decode(str3, 0));
        } catch (UnsupportedEncodingException e2) {
            Log.e(TAG, "verifySign UnsupportedEncodingException: " + e2.getMessage());
            return false;
        } catch (Exception e3) {
            b.f(TAG, "base64 decode Exception" + e3.getMessage());
            return false;
        }
    }

    @RequiresApi(api = 23)
    @Deprecated
    public static boolean verifySign(String str, byte[] bArr, byte[] bArr2) {
        return a(str, bArr, bArr2, false);
    }

    @RequiresApi(api = 23)
    public static boolean verifySignNew(String str, String str2, String str3) {
        b.d(TAG, "r ks v si begin ");
        try {
            return verifySignNew(str, str2.getBytes("UTF-8"), Base64.decode(str3, 0));
        } catch (UnsupportedEncodingException e2) {
            Log.e(TAG, "verifySign UnsupportedEncodingException: " + e2.getMessage());
            return false;
        } catch (Exception e3) {
            b.f(TAG, "base64 decode Exception" + e3.getMessage());
            return false;
        }
    }

    @RequiresApi(api = 23)
    public static boolean verifySignNew(String str, byte[] bArr, byte[] bArr2) {
        return a(str, bArr, bArr2, true);
    }
}
