package j;

import android.content.Context;
import android.security.KeyPairGeneratorSpec;
import at.bluecode.sdk.token.BCLog;
import java.io.InputStream;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SignatureException;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.GregorianCalendar;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes.dex */
public class q0 {

    /* renamed from: a, reason: collision with root package name */
    public Context f10583a;

    /* renamed from: b, reason: collision with root package name */
    public final String f10584b;

    public q0(Context context, String str) throws c {
        this.f10583a = context;
        this.f10584b = str;
        c(context, str, false);
    }

    public static boolean e(String str) {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            return keyStore.containsAlias(str);
        } catch (Exception unused) {
            return false;
        }
    }

    public PrivateKey a() throws c {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            return (PrivateKey) keyStore.getKey(this.f10584b, null);
        } catch (Exception e10) {
            throw new c("Token SDK: Failed to get private key.", e10);
        }
    }

    public final void b(Context context) throws NoSuchProviderException, NoSuchAlgorithmException, InvalidAlgorithmParameterException, InvalidKeyException, SignatureException {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
        GregorianCalendar gregorianCalendar = new GregorianCalendar();
        GregorianCalendar gregorianCalendar2 = new GregorianCalendar();
        gregorianCalendar2.add(1, 30);
        KeyPairGeneratorSpec.Builder keySize = new KeyPairGeneratorSpec.Builder(context).setAlias(this.f10584b).setKeyType("RSA").setKeySize(2048);
        StringBuilder w10 = a3.a.w("CN=");
        w10.append(this.f10584b);
        keyPairGenerator.initialize(keySize.setSubject(new X500Principal(w10.toString())).setSerialNumber(BigInteger.valueOf(Math.abs(this.f10584b.hashCode()))).setStartDate(gregorianCalendar.getTime()).setEndDate(gregorianCalendar2.getTime()).build());
        keyPairGenerator.generateKeyPair();
    }

    public final void c(Context context, String str, boolean z10) throws c {
        if (!z10) {
            try {
                if (e(str)) {
                    return;
                }
            } catch (Exception e10) {
                throw new c("Token SDK: Failed to initialize key store.", e10);
            }
        }
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null);
        keyStore.deleteEntry(str);
        b(context);
        if (!e(str)) {
            throw new c("Token SDK: Failed to generate new key pair.");
        }
        BCLog.d("BCTokenSecureKeyStore", "Token SDK: Generated new key pair.");
    }

    public void d(String str, InputStream inputStream, InputStream inputStream2) throws c {
        Certificate certificate;
        try {
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            try {
                Certificate generateCertificate = certificateFactory.generateCertificate(inputStream);
                BCLog.d("BCTokenSecureKeyStore", "Token SDK: " + str + "=" + ((X509Certificate) generateCertificate).getSubjectDN());
                if (inputStream2 != null) {
                    certificate = certificateFactory.generateCertificate(inputStream2);
                    BCLog.d("BCTokenSecureKeyStore", "Token SDK: " + str + "-Old=" + ((X509Certificate) certificate).getSubjectDN());
                } else {
                    certificate = null;
                }
                KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
                keyStore.load(null);
                keyStore.setCertificateEntry(str, generateCertificate);
                if (certificate != null) {
                    keyStore.setCertificateEntry(str + "-Old", certificate);
                }
                BCLog.d("BCTokenSecureKeyStore", "Token SDK: Refreshed server certificates.");
            } finally {
                inputStream.close();
                if (inputStream2 != null) {
                    inputStream2.close();
                }
            }
        } catch (Exception e10) {
            throw new c("Token SDK: Failed to set server certificate.", e10);
        }
    }

    public PublicKey f() throws c {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            Certificate certificate = keyStore.getCertificate(this.f10584b);
            if (certificate != null) {
                return certificate.getPublicKey();
            }
            c(this.f10583a, this.f10584b, true);
            return keyStore.getCertificate(this.f10584b).getPublicKey();
        } catch (Exception e10) {
            throw new c("Token SDK: Failed to get public key.", e10);
        }
    }
}
