package com.threatmetrix.TrustDefender.internal;

import android.annotation.TargetApi;
import android.content.Context;
import android.os.Build;
import android.security.KeyChain;
import android.security.KeyPairGeneratorSpec;
import com.threatmetrix.TrustDefender.internal.A;
import com.threatmetrix.TrustDefender.internal.X;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.UnrecoverableEntryException;
import java.security.cert.CertificateException;
import java.util.Calendar;
import java.util.Locale;
import javax.security.auth.x500.X500Principal;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes.dex */
public class t {

    /* renamed from: a, reason: collision with root package name */
    static long f5386a = 0;

    /* renamed from: b, reason: collision with root package name */
    static PrivateKey f5387b = null;

    /* renamed from: c, reason: collision with root package name */
    private static final String f5388c = TN.m185for(t.class);

    /* renamed from: d, reason: collision with root package name */
    private static String f5389d = null;

    /* renamed from: e, reason: collision with root package name */
    private static PublicKey f5390e = null;
    private static boolean f = false;

    t() {
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static ZL$O a(String str, X.O o, String str2) {
        ZL$O zl$o = new ZL$O();
        if (A.f.a.f5195c < A.f.b.k) {
            zl$o.f320for = "hardware_sid_unsupported_api";
            return zl$o;
        }
        if (o == null || DN.m40do(str)) {
            zl$o.f320for = "hardware_sid_invalid_param";
            return zl$o;
        }
        if (f || !a(o.f260int)) {
            zl$o.f320for = "hardware_sid_failed_to_generate_keypair";
            return zl$o;
        }
        if (f5387b == null || f5390e == null || f5389d == null) {
            zl$o.f320for = "hardware_sid_invalid_key";
            return zl$o;
        }
        try {
            String m42for = DN.m42for(10);
            byte[] a2 = a(m42for.concat(str).concat(String.valueOf(f5386a)).concat(f5389d).concat(str2));
            if (a2 != null) {
                zl$o.f321if = DN.m53int(a2);
                zl$o.f319do = DN.m47if(m42for);
                zl$o.f323new = DN.m47if(String.valueOf(f5386a));
                zl$o.f322int = DN.m47if(f5389d);
                zl$o.f318char = DN.m53int(f5390e.getEncoded());
                zl$o.f320for = null;
            } else {
                zl$o.f320for = "hardware_sid_null_signature";
            }
        } catch (InterruptedException e2) {
            TN.m183do(f5388c, "Can't encode the result {}", e2.toString());
            zl$o.f320for = "hardware_sid_failed_to_encode";
        }
        return zl$o;
    }

    @TargetApi(18)
    private static KeyPair a(String str, Context context, String str2, String str3) {
        if (!KeyChain.isKeyAlgorithmSupported(str)) {
            return null;
        }
        try {
        } catch (InvalidAlgorithmParameterException e2) {
            TN.m183do(f5388c, "Can't create KeyPair {}", e2.toString());
        } catch (NoSuchAlgorithmException unused) {
        } catch (NoSuchProviderException e3) {
            TN.m183do(f5388c, "Can't create KeyPair {}", e3.toString());
        } catch (Throwable th) {
            TN.m189int(f5388c, "Can't create KeyPair  (runtime exception) {}", th.toString());
        }
        if (A.h.c()) {
            return af.a(str, str2, str3);
        }
        if (A.f.a.f5195c >= A.f.b.k && A.f.a.f5195c < 23 && A.h.b()) {
            Calendar calendar = Calendar.getInstance();
            Calendar calendar2 = Calendar.getInstance();
            calendar2.add(1, 99);
            KeyPairGeneratorSpec.Builder endDate = new KeyPairGeneratorSpec.Builder(context).setAlias(str3).setSubject(new X500Principal("CN=TrustDefenderSDK O=ThreatMetrix")).setSerialNumber(BigInteger.TEN).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime());
            if (Build.VERSION.SDK_INT > 18) {
                endDate.setKeyType(str);
            }
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(str, str2);
            keyPairGenerator.initialize(endDate.build());
            return keyPairGenerator.generateKeyPair();
        }
        return null;
    }

    private static boolean a(Context context) {
        if (!A.h.a() || f) {
            return false;
        }
        if (f5387b != null && f5390e != null) {
            return true;
        }
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            KeyStore.Entry entry = keyStore.getEntry("TrustDefenderSDK", null);
            if (!(entry instanceof KeyStore.PrivateKeyEntry)) {
                KeyPair a2 = a("EC", context, "AndroidKeyStore", "TrustDefenderSDK");
                if ((a2 != null && a(a2.getPrivate(), "AndroidKeyStore")) || ((a2 = a("RSA", context, "AndroidKeyStore", "TrustDefenderSDK")) != null && a(a2.getPrivate(), "AndroidKeyStore"))) {
                    f5387b = a2.getPrivate();
                    f5390e = a2.getPublic();
                }
                f = true;
                return false;
            }
            PrivateKey privateKey = ((KeyStore.PrivateKeyEntry) entry).getPrivateKey();
            if (!a(privateKey, "AndroidKeyStore")) {
                f = true;
                return false;
            }
            f5390e = keyStore.getCertificate("TrustDefenderSDK").getPublicKey();
            f5387b = privateKey;
            if (f5387b == null) {
                return false;
            }
            f5389d = "strong:".concat("EC".equalsIgnoreCase(f5387b.getAlgorithm()) ? "ecdsa" : f5387b.getAlgorithm()).toLowerCase(Locale.US);
            f5386a = keyStore.getCreationDate("TrustDefenderSDK").getTime();
            return true;
        } catch (IOException e2) {
            TN.m183do(f5388c, "Can't load the KeyStore {}", e2.toString());
            return false;
        } catch (KeyStoreException e3) {
            TN.m183do(f5388c, "Can't retrieve key from KeyStore {}", e3.toString());
            return false;
        } catch (NoSuchAlgorithmException e4) {
            TN.m183do(f5388c, "Can't retrieve key from KeyStore {}", e4.toString());
            return false;
        } catch (UnrecoverableEntryException e5) {
            TN.m183do(f5388c, "KeyEntry is not recoverable {}", e5.toString());
            return false;
        } catch (CertificateException e6) {
            TN.m183do(f5388c, "Can't load the KeyStore {}", e6.toString());
            return false;
        } catch (Throwable th) {
            TN.m189int(f5388c, "Can't load the KeyStore (runtime exception) {}", th.toString());
            return false;
        }
    }

    public static boolean a(X.O o) {
        if (f) {
            return false;
        }
        return a(o.f260int);
    }

    @TargetApi(18)
    private static boolean a(PrivateKey privateKey, String str) {
        if (privateKey == null) {
            return false;
        }
        try {
        } catch (Throwable th) {
            TN.m189int(f5388c, "Can't check key properties (runtime exception) {}", th.toString());
        }
        if (A.h.c()) {
            return af.a(privateKey, str);
        }
        if (A.f.a.f5195c >= A.f.b.k && A.f.a.f5195c < 23 && A.h.b()) {
            return KeyChain.isBoundKeyAlgorithm(privateKey.getAlgorithm());
        }
        return false;
    }

    private static byte[] a(String str) {
        try {
            if (!A.h.d()) {
                return null;
            }
            if (f5387b == null) {
                KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
                keyStore.load(null);
                KeyStore.Entry entry = keyStore.getEntry("TrustDefenderSDK", null);
                if (!(entry instanceof KeyStore.PrivateKeyEntry)) {
                    return null;
                }
                f5387b = ((KeyStore.PrivateKeyEntry) entry).getPrivateKey();
            }
            Signature signature = Signature.getInstance("EC".equalsIgnoreCase(f5387b.getAlgorithm()) ? "SHA256withECDSA" : "SHA256withRSA");
            signature.initSign(f5387b);
            signature.update(str.getBytes());
            return signature.sign();
        } catch (IOException e2) {
            TN.m183do(f5388c, "Can't sign the input {}", e2.toString());
            return null;
        } catch (InvalidKeyException e3) {
            TN.m183do(f5388c, "Can't sign the input {}", e3.toString());
            return null;
        } catch (KeyStoreException e4) {
            TN.m183do(f5388c, "Can't sign the input {}", e4.toString());
            return null;
        } catch (NoSuchAlgorithmException e5) {
            TN.m183do(f5388c, "Can't sign the input {}", e5.toString());
            return null;
        } catch (SignatureException e6) {
            TN.m183do(f5388c, "Can't sign the input {}", e6.toString());
            return null;
        } catch (UnrecoverableEntryException e7) {
            TN.m183do(f5388c, "Can't sign the input {}", e7.toString());
            return null;
        } catch (CertificateException e8) {
            TN.m183do(f5388c, "Can't sign the input {}", e8.toString());
            return null;
        } catch (Throwable th) {
            TN.m189int(f5388c, "Can't sign the input (runtime exception) {}", th.toString());
            return null;
        }
    }
}
