package com.meituan.android.paybase.fingerprint.soter.sotercore.external;

import android.annotation.SuppressLint;
import android.os.Build;
import android.os.Process;
import android.util.Base64;
import com.meituan.android.paybase.common.analyse.AnalyseUtils;
import com.meituan.android.paybase.utils.l;
import com.meituan.android.paybase.utils.n;
import java.io.IOException;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Provider;
import java.security.Security;
import java.security.Signature;
import java.security.UnrecoverableEntryException;
import java.security.cert.CertificateException;
import java.util.Map;

/* loaded from: classes.dex */
public final class a {
    public static final String a = "SOTER_ASK_" + Process.myUid();
    private static boolean b = false;

    private a() {
    }

    public static int a(String str) {
        l.a("SoterCore", "generateAuthKey", "start to generate authKey");
        long currentTimeMillis = System.currentTimeMillis();
        if (f(str)) {
            l.a("SoterCore", "generateAuthKey", "auth key name is null or nil. abort.");
            return 2;
        }
        if (!a()) {
            l.a("SoterCore", "not support soter");
            return 3;
        }
        try {
            if (!d()) {
                return 4;
            }
            KeyStore.getInstance("AndroidKeyStore").load(null);
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "SoterKeyStore");
            try {
                keyPairGenerator.initialize(com.meituan.android.paybase.fingerprint.soter.sotercore.keystore.a.a(str + String.format(".addcounter.auto_signed_when_get_pubkey(%s).secmsg_and_counter_signed_when_sign", a), 4).a("SHA-256").a(true).b("PSS").a());
                keyPairGenerator.generateKeyPair();
                AnalyseUtils.a("b_pay_4k1t762h_mc", new AnalyseUtils.b().a("generateAuthKeyTime", String.valueOf(System.currentTimeMillis() - currentTimeMillis)).a("generateAuthKey", "successfully").a);
                return 0;
            } catch (Exception e) {
                n.a("b_an74lgy8", new AnalyseUtils.b().a("scene", "SoterCore_generateAuthKey").a("message", e.getMessage()).a);
                l.a("SoterCore", "generateAuthKey", "generate fail", e.toString());
                return 1;
            }
        } catch (Exception e2) {
            n.a("b_an74lgy8", new AnalyseUtils.b().a("scene", "SoterCore_generateAuthKey").a("message", e2.getMessage()).a);
            l.a("SoterCore", "generateAuthKey", "generate fail", e2.toString());
            return 1;
        }
    }

    public static c a(byte[] bArr) {
        if (bArr == null || bArr.length <= 0) {
            l.a("SoterCore", "convertFromBytesToSignatureResult", "origin is null or nil. abort");
            return null;
        }
        if (bArr.length < 4) {
            l.a("SoterCore", "convertFromBytesToSignatureResult", "length not correct 1");
            return null;
        }
        byte[] bArr2 = new byte[4];
        System.arraycopy(bArr, 0, bArr2, 0, 4);
        int b2 = b(bArr2);
        byte[] bArr3 = new byte[b2];
        int i = b2 + 4;
        if (bArr.length <= i) {
            l.a("SoterCore", "convertFromBytesToSignatureResult", "length not correct 2");
            return null;
        }
        System.arraycopy(bArr, 4, bArr3, 0, b2);
        c a2 = c.a(new String(bArr3));
        int length = bArr.length - i;
        byte[] bArr4 = new byte[length];
        System.arraycopy(bArr, i, bArr4, 0, length);
        if (a2 != null) {
            a2.b = Base64.encodeToString(bArr4, 2);
        }
        return a2;
    }

    public static boolean a() {
        if (!b) {
            try {
                try {
                    try {
                        Method method = Class.forName("android.security.keystore.SoterKeyStoreProvider").getMethod("install", new Class[0]);
                        method.setAccessible(true);
                        method.invoke(null, new Object[0]);
                    } catch (ClassNotFoundException e) {
                        AnalyseUtils.a(e, "SoterCore_setUp", (Map<String, Object>) null);
                    } catch (InvocationTargetException e2) {
                        AnalyseUtils.a(e2, "SoterCore_setUp", (Map<String, Object>) null);
                    }
                } catch (IllegalAccessException e3) {
                    AnalyseUtils.a(e3, "SoterCore_setUp", (Map<String, Object>) null);
                } catch (NoSuchMethodException e4) {
                    AnalyseUtils.a(e4, "SoterCore_setUp", (Map<String, Object>) null);
                }
            } finally {
                b = true;
            }
        }
        Provider[] providers = Security.getProviders();
        if (providers == null) {
            AnalyseUtils.a("b_pay_ff4agou8_mv", new AnalyseUtils.b().a("isSuppportSoter", "noProvider").a);
            return false;
        }
        for (Provider provider : providers) {
            if ("SoterKeyStore".equals(provider.getName())) {
                AnalyseUtils.a("b_pay_ff4agou8_mv", new AnalyseUtils.b().a("isSuppportSoter", "support").a);
                return true;
            }
        }
        AnalyseUtils.a("b_pay_ff4agou8_mv", new AnalyseUtils.b().a("isSuppportSoter", "notSupport").a);
        return false;
    }

    public static boolean a(String str, boolean z) {
        if (f(str)) {
            l.a("SoterCore", "auth key name is null or nil. abort.");
            return false;
        }
        l.a("SoterCore", "removeAuthKey", "start remove key");
        if (a()) {
            try {
                KeyStore keyStore = KeyStore.getInstance("SoterKeyStore");
                keyStore.load(null);
                keyStore.deleteEntry(str);
                if (z) {
                    l.a("SoterCore", "removeAuthKey", "auto delete ask");
                    if (d()) {
                        c();
                    }
                }
                return true;
            } catch (Exception e) {
                n.a("b_an74lgy8", new AnalyseUtils.b().a("scene", "SoterCore_removeAuthKey").a("message", e.getMessage()).a);
                l.a("SoterCore", "removeAuthKey " + e.toString());
            }
        } else {
            l.a("SoterCore", "removeAuthKey", "not support soter");
        }
        return false;
    }

    @SuppressLint({"TrulyRandom"})
    public static int b() {
        long currentTimeMillis = System.currentTimeMillis();
        l.a("SoterCore", "generateAppGlobalSecureKey", "start generate ask");
        if (!a()) {
            l.a("SoterCore", "generateAppGlobalSecureKey", "not support soter");
            return 3;
        }
        try {
            KeyStore.getInstance("AndroidKeyStore").load(null);
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "SoterKeyStore");
            keyPairGenerator.initialize(com.meituan.android.paybase.fingerprint.soter.sotercore.keystore.a.a(a + ".addcounter.auto_signed_when_get_pubkey_attk", 4).a("SHA-256").b("PSS").a());
            keyPairGenerator.generateKeyPair();
            AnalyseUtils.a("b_pay_4k1t762h_mc", new AnalyseUtils.b().a("generateAppGlobalSecureKeyTime", String.valueOf(System.currentTimeMillis() - currentTimeMillis)).a("generateAppGlobalSecureKey", "successfully").a);
            return 0;
        } catch (Exception e) {
            n.a("b_an74lgy8", new AnalyseUtils.b().a("scene", "SoterCore_generateAppGlobalSecureKey").a("message", e.getMessage()).a);
            l.a("SoterCore", "generateAppGlobalSecureKey", "generate fail", e.toString());
            return 1;
        }
    }

    private static int b(byte[] bArr) {
        int i = 0;
        for (int i2 = 0; i2 < 4; i2++) {
            i += (bArr[i2] & 255) << (i2 * 8);
        }
        return i;
    }

    public static boolean b(String str) {
        if (f(str)) {
            l.a("SoterCore", "hasAuthKey", "authkey name not correct");
            return false;
        }
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            return keyStore.getCertificate(str) != null;
        } catch (Exception e) {
            n.a("b_an74lgy8", new AnalyseUtils.b().a("scene", "SoterCore_hasAuthKey").a("message", e.getMessage()).a);
            l.a("SoterCore", "hasAuthKey", e.toString());
            return false;
        }
    }

    public static boolean b(String str, boolean z) {
        l.a("SoterCore", "isAuthKeyValid");
        if (f(str)) {
            l.a("SoterCore", "isAuthKeyValid", "checking key valid: authkey name not correct");
            return false;
        }
        try {
            e(str);
            l.a("SoterCore", "isAuthKeyValid", "key valid");
            return true;
        } catch (InvalidKeyException | UnrecoverableEntryException e) {
            n.a("b_an74lgy8", new AnalyseUtils.b().a("scene", "SoterCore_isAuthKeyValid").a("message", e.getMessage()).a);
            l.a("SoterCore", "isAuthKeyValid", "key invalid.");
            a(str, false);
            return false;
        } catch (Exception unused) {
            l.a("SoterCore", "isAuthKeyValid", "occurs other exceptions");
            return false;
        }
    }

    public static b c(String str) {
        l.a("SoterCore", "getAuthKeyModel");
        if (f(str)) {
            l.a("SoterCore", "getAuthKeyModel", "auth key name is null or nil. abort.");
            return null;
        }
        if (a()) {
            try {
                KeyStore keyStore = KeyStore.getInstance("SoterKeyStore");
                keyStore.load(null);
                try {
                    Key key = keyStore.getKey(str, "from_soter_ui".toCharArray());
                    if (key != null) {
                        return c(key.getEncoded());
                    }
                    l.a("SoterCore", "getAuthKeyModel", "key can not be retrieved");
                    return null;
                } catch (ClassCastException e) {
                    n.a("b_an74lgy8", new AnalyseUtils.b().a("scene", "SoterCore_getAuthKeyModel").a("message", e.getMessage()).a);
                    l.a("SoterCore", "getAuthKeyModel", "cast error");
                    return null;
                }
            } catch (Exception e2) {
                n.a("b_an74lgy8", new AnalyseUtils.b().a("scene", "SoterCore_getAuthKeyModel").a("message", e2.getMessage()).a);
            }
        } else {
            l.a("SoterCore", "getAuthKeyModel", "not support soter");
        }
        return null;
    }

    private static b c(byte[] bArr) {
        if (bArr == null) {
            l.a("SoterCore", "retriveJsonFromExportedData", "raw data is null");
            return null;
        }
        if (bArr.length < 4) {
            l.a("SoterCore", "retriveJsonFromExportedData", "raw data length smaller than RAW_LENGTH_PREFIX");
        }
        byte[] bArr2 = new byte[4];
        System.arraycopy(bArr, 0, bArr2, 0, 4);
        int b2 = b(bArr2);
        byte[] bArr3 = new byte[b2];
        int i = b2 + 4;
        if (bArr.length <= i) {
            l.a("SoterCore", "retriveJsonFromExportedData", "length not correct 2");
            return null;
        }
        System.arraycopy(bArr, 4, bArr3, 0, b2);
        b bVar = new b(new String(bArr3), "");
        int length = bArr.length - i;
        byte[] bArr4 = new byte[length];
        System.arraycopy(bArr, i, bArr4, 0, length);
        bVar.b = Base64.encodeToString(bArr4, 2);
        return bVar;
    }

    public static boolean c() {
        l.a("SoterCore", "removeAppGlobalSecureKey", "start remove app global secure key");
        if (a()) {
            try {
                KeyStore keyStore = KeyStore.getInstance("SoterKeyStore");
                keyStore.load(null);
                keyStore.deleteEntry(a);
                return true;
            } catch (Exception e) {
                n.a("b_an74lgy8", new AnalyseUtils.b().a("scene", "SoterCore_removeAppGlobalSecureKey").a("message", e.getMessage()).a);
                l.a("SoterCore", "removeAppGlobalSecureKey ", e.toString());
            }
        } else {
            l.a("SoterCore", "removeAppGlobalSecureKey", "not support soter");
        }
        return false;
    }

    public static Signature d(String str) {
        l.a("SoterCore", "getAuthInitAndSign");
        if (f(str)) {
            l.a("SoterCore", "auth key name is null or nil. abort.");
            return null;
        }
        if (!a()) {
            l.a("SoterCore", "getAuthInitAndSign", "not support soter");
            return null;
        }
        try {
            return e(str);
        } catch (InvalidKeyException | UnrecoverableEntryException e) {
            n.a("b_an74lgy8", new AnalyseUtils.b().a("scene", "SoterCore_getAuthInitAndSign").a("message", e.getMessage()).a);
            l.a("SoterCore", "getAuthInitAndSign", "key invalid");
            return null;
        } catch (Exception e2) {
            n.a("b_an74lgy8", new AnalyseUtils.b().a("scene", "SoterCore_getAuthInitAndSign").a("message", e2.getMessage()).a);
            l.a("SoterCore", "getAuthInitAndSign", e2.toString());
            return null;
        }
    }

    public static boolean d() {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            return keyStore.getCertificate(a) != null;
        } catch (Exception e) {
            n.a("b_an74lgy8", new AnalyseUtils.b().a("scene", "SoterCore_hasAppBlobalSecureKey").a("message", e.getMessage()).a);
            l.a("SoterCore", "hasAppBlobalSecureKey", e.toString());
            return false;
        }
    }

    public static b e() {
        l.a("SoterCore", "getAppGlobalSecureKeyModel", "start get app global secure key pub");
        if (a()) {
            try {
                KeyStore keyStore = KeyStore.getInstance("SoterKeyStore");
                keyStore.load(null);
                try {
                    Key key = keyStore.getKey(a, "from_soter_ui".toCharArray());
                    if (key != null) {
                        return c(key.getEncoded());
                    }
                    l.a("SoterCore", "getAppGlobalSecureKeyModel", "key can not be retrieved");
                    return null;
                } catch (ClassCastException e) {
                    n.a("b_an74lgy8", new AnalyseUtils.b().a("scene", "SoterCore_getAppGlobalSecureKeyModel").a("message", e.getMessage()).a);
                    l.a("SoterCore", "getAppGlobalSecureKeyModel", "cast error");
                    return null;
                }
            } catch (Exception e2) {
                n.a("b_an74lgy8", new AnalyseUtils.b().a("scene", "SoterCore_getAppGlobalSecureKeyModel").a("message", e2.getMessage()).a);
            }
        } else {
            l.a("SoterCore", "getAppGlobalSecureKeyModel", "not support soter");
        }
        return null;
    }

    private static Signature e(String str) throws InvalidKeyException, NoSuchProviderException, NoSuchAlgorithmException, KeyStoreException, IOException, CertificateException, UnrecoverableEntryException {
        if (f(str)) {
            l.a("SoterCore", "getAuthInitAndSign", "auth key name is null or nil. abort.");
            return null;
        }
        Signature signature = Signature.getInstance("SHA256withRSA/PSS", "AndroidKeyStoreBCWorkaround");
        KeyStore keyStore = KeyStore.getInstance("SoterKeyStore");
        keyStore.load(null);
        KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry(str, null);
        if (privateKeyEntry != null) {
            signature.initSign(privateKeyEntry.getPrivateKey());
            return signature;
        }
        l.a("SoterCore", "getAuthInitAndSign", "entry not exists");
        return null;
    }

    public static String f() {
        StringBuilder sb = new StringBuilder();
        sb.append("<deviceinfo>");
        sb.append("<MANUFACTURER name=\"");
        sb.append(Build.MANUFACTURER);
        sb.append("\">");
        sb.append("<MODEL name=\"");
        sb.append(Build.MODEL);
        sb.append("\">");
        sb.append("<VERSION_RELEASE name=\"");
        sb.append(Build.VERSION.RELEASE);
        sb.append("\">");
        sb.append("<VERSION_INCREMENTAL name=\"");
        sb.append(Build.VERSION.INCREMENTAL);
        sb.append("\">");
        sb.append("<DISPLAY name=\"");
        sb.append(Build.DISPLAY);
        sb.append("\">");
        sb.append("</DISPLAY></VERSION_INCREMENTAL></VERSION_RELEASE></MODEL></MANUFACTURER></deviceinfo>");
        l.a("SoterCore", "model_key", sb.toString());
        return sb.toString();
    }

    private static boolean f(String str) {
        return str == null || str.length() <= 0;
    }
}
