package com.threatmetrix.TrustDefender.internal;

import android.annotation.TargetApi;
import android.content.Context;
import android.os.Build;
import android.security.KeyChain;
import android.security.KeyPairGeneratorSpec;
import com.threatmetrix.TrustDefender.internal.V;
import com.threatmetrix.TrustDefender.internal.i;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.UnrecoverableEntryException;
import java.security.cert.CertificateException;
import java.util.Calendar;
import java.util.Locale;
import javax.security.auth.x500.X500Principal;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes2.dex */
public class af {
    private static final String c = al.a(af.class);
    static long a = 0;
    private static String d = null;
    private static PublicKey e = null;
    static PrivateKey b = null;
    private static boolean f = false;

    af() {
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static aq a(String str, V.a aVar, String str2) {
        aq aqVar = new aq();
        if (i.j.a.c < i.j.b.k) {
            aqVar.c = "hardware_sid_unsupported_api";
            return aqVar;
        }
        if (aVar == null || ag.c(str)) {
            aqVar.c = "hardware_sid_invalid_param";
            return aqVar;
        }
        if (f || !a(aVar.a)) {
            aqVar.c = "hardware_sid_failed_to_generate_keypair";
            return aqVar;
        }
        if (b == null || e == null || d == null) {
            aqVar.c = "hardware_sid_invalid_key";
            return aqVar;
        }
        String a2 = ag.a(10);
        byte[] a3 = a(a2.concat(str).concat(String.valueOf(a)).concat(d).concat(str2));
        if (a3 != null) {
            aqVar.a = ag.c(a3);
            aqVar.b = ag.a(a2);
            aqVar.e = ag.a(String.valueOf(a));
            aqVar.d = ag.a(d);
            aqVar.f = ag.c(e.getEncoded());
            aqVar.c = null;
        } else {
            aqVar.c = "hardware_sid_null_signature";
        }
        return aqVar;
    }

    @TargetApi(18)
    private static KeyPair a(String str, Context context, String str2, String str3) {
        if (!KeyChain.isKeyAlgorithmSupported(str)) {
            return null;
        }
        try {
        } catch (InvalidAlgorithmParameterException e2) {
            al.c(c, "Can't create KeyPair {}", e2.toString());
        } catch (NoSuchAlgorithmException unused) {
        } catch (NoSuchProviderException e3) {
            al.c(c, "Can't create KeyPair {}", e3.toString());
        } catch (Throwable th) {
            al.a(c, "Can't create KeyPair  (runtime exception) {}", th.toString());
        }
        if (i.n.c()) {
            return ba.a(str, str2, str3);
        }
        if (i.j.a.c >= i.j.b.k && i.j.a.c < 23 && i.n.b()) {
            Calendar calendar = Calendar.getInstance();
            Calendar calendar2 = Calendar.getInstance();
            calendar2.add(1, 99);
            KeyPairGeneratorSpec.Builder endDate = new KeyPairGeneratorSpec.Builder(context).setAlias(str3).setSubject(new X500Principal("CN=TrustDefenderSDK O=ThreatMetrix")).setSerialNumber(BigInteger.TEN).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime());
            if (Build.VERSION.SDK_INT > 18) {
                endDate.setKeyType(str);
            }
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(str, str2);
            keyPairGenerator.initialize(endDate.build());
            return keyPairGenerator.generateKeyPair();
        }
        return null;
    }

    private static boolean a(Context context) {
        if (!i.n.a() || f) {
            return false;
        }
        if (b != null && e != null) {
            return true;
        }
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            KeyStore.Entry entry = keyStore.getEntry("TrustDefenderSDK", null);
            if (!(entry instanceof KeyStore.PrivateKeyEntry)) {
                KeyPair a2 = a("EC", context, "AndroidKeyStore", "TrustDefenderSDK");
                if ((a2 != null && a(a2.getPrivate(), "AndroidKeyStore")) || ((a2 = a("RSA", context, "AndroidKeyStore", "TrustDefenderSDK")) != null && a(a2.getPrivate(), "AndroidKeyStore"))) {
                    b = a2.getPrivate();
                    e = a2.getPublic();
                }
                f = true;
                return false;
            }
            PrivateKey privateKey = ((KeyStore.PrivateKeyEntry) entry).getPrivateKey();
            if (!a(privateKey, "AndroidKeyStore")) {
                f = true;
                return false;
            }
            e = keyStore.getCertificate("TrustDefenderSDK").getPublicKey();
            b = privateKey;
            if (b == null) {
                return false;
            }
            d = "strong:".concat("EC".equalsIgnoreCase(b.getAlgorithm()) ? "ecdsa" : b.getAlgorithm()).toLowerCase(Locale.US);
            a = keyStore.getCreationDate("TrustDefenderSDK").getTime();
            return true;
        } catch (IOException e2) {
            al.c(c, "Can't load the KeyStore {}", e2.toString());
            return false;
        } catch (KeyStoreException e3) {
            al.c(c, "Can't retrieve key from KeyStore {}", e3.toString());
            return false;
        } catch (NoSuchAlgorithmException e4) {
            al.c(c, "Can't retrieve key from KeyStore {}", e4.toString());
            return false;
        } catch (UnrecoverableEntryException e5) {
            al.c(c, "KeyEntry is not recoverable {}", e5.toString());
            return false;
        } catch (CertificateException e6) {
            al.c(c, "Can't load the KeyStore {}", e6.toString());
            return false;
        } catch (Throwable th) {
            al.a(c, "Can't load the KeyStore (runtime exception) {}", th.toString());
            return false;
        }
    }

    public static boolean a(V.a aVar) {
        if (f) {
            return false;
        }
        return a(aVar.a);
    }

    @TargetApi(18)
    private static boolean a(PrivateKey privateKey, String str) {
        if (privateKey == null) {
            return false;
        }
        try {
        } catch (Throwable th) {
            al.a(c, "Can't check key properties (runtime exception) {}", th.toString());
        }
        if (i.n.c()) {
            return ba.a(privateKey, str);
        }
        if (i.j.a.c >= i.j.b.k && i.j.a.c < 23 && i.n.b()) {
            return KeyChain.isBoundKeyAlgorithm(privateKey.getAlgorithm());
        }
        return false;
    }

    private static byte[] a(String str) {
        try {
            if (!i.n.d()) {
                return null;
            }
            if (b == null) {
                KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
                keyStore.load(null);
                KeyStore.Entry entry = keyStore.getEntry("TrustDefenderSDK", null);
                if (!(entry instanceof KeyStore.PrivateKeyEntry)) {
                    return null;
                }
                b = ((KeyStore.PrivateKeyEntry) entry).getPrivateKey();
            }
            Signature signature = Signature.getInstance("EC".equalsIgnoreCase(b.getAlgorithm()) ? "SHA256withECDSA" : "SHA256withRSA");
            signature.initSign(b);
            signature.update(str.getBytes());
            return signature.sign();
        } catch (IOException e2) {
            al.c(c, "Can't sign the input {}", e2.toString());
            return null;
        } catch (InvalidKeyException e3) {
            al.c(c, "Can't sign the input {}", e3.toString());
            return null;
        } catch (KeyStoreException e4) {
            al.c(c, "Can't sign the input {}", e4.toString());
            return null;
        } catch (NoSuchAlgorithmException e5) {
            al.c(c, "Can't sign the input {}", e5.toString());
            return null;
        } catch (SignatureException e6) {
            al.c(c, "Can't sign the input {}", e6.toString());
            return null;
        } catch (UnrecoverableEntryException e7) {
            al.c(c, "Can't sign the input {}", e7.toString());
            return null;
        } catch (CertificateException e8) {
            al.c(c, "Can't sign the input {}", e8.toString());
            return null;
        } catch (Throwable th) {
            al.a(c, "Can't sign the input (runtime exception) {}", th.toString());
            return null;
        }
    }
}
