package com.bloomberg.android.notifications.fcm;

import android.security.keystore.KeyGenParameterSpec;
import android.security.keystore.KeyInfo;
import com.bloomberg.mobile.logging.ILogger;
import com.bloomberg.mobile.notification.fcm.interfaces.SecureHardware;
import java.io.IOException;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.ProviderException;
import java.security.UnrecoverableEntryException;
import java.security.cert.CertificateException;
import java.security.spec.InvalidKeySpecException;
import java.util.Calendar;
import java.util.Objects;
import javax.security.auth.x500.X500Principal;
import org.jose4j.jwk.RsaJsonWebKey;

/* loaded from: classes2.dex */
public class a implements t00.j {

    /* renamed from: a, reason: collision with root package name */
    public final ILogger f25018a;

    /* renamed from: b, reason: collision with root package name */
    public final l40.a f25019b;

    public a(ILogger iLogger, l40.a aVar) {
        this.f25018a = (ILogger) com.bloomberg.mobile.utils.j.c(iLogger);
        this.f25019b = (l40.a) com.bloomberg.mobile.utils.j.c(aVar);
    }

    public static void e(String str, boolean z11) {
        Calendar calendar = Calendar.getInstance();
        Calendar calendar2 = Calendar.getInstance();
        calendar2.add(1, 10);
        KeyGenParameterSpec.Builder encryptionPaddings = new KeyGenParameterSpec.Builder(str, 3).setCertificateSerialNumber(BigInteger.TEN).setCertificateNotBefore(calendar.getTime()).setCertificateNotAfter(calendar2.getTime()).setCertificateSubject(new X500Principal("CN=" + str)).setEncryptionPaddings("PKCS1Padding");
        if (z11) {
            encryptionPaddings.setIsStrongBoxBacked(true);
        }
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(RsaJsonWebKey.KEY_TYPE, "AndroidKeyStore");
        keyPairGenerator.initialize(encryptionPaddings.build());
        keyPairGenerator.generateKeyPair();
    }

    public static KeyPair g(KeyStore keyStore, String str) {
        try {
            Objects.requireNonNull(str);
            KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry(str, null);
            return new KeyPair(privateKeyEntry.getCertificate().getPublicKey(), privateKeyEntry.getPrivateKey());
        } catch (NullPointerException e11) {
            throw new UnrecoverableEntryException(e11.getMessage());
        }
    }

    @Override // t00.j
    public KeyPair a(String str) {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            if (keyStore.containsAlias(str)) {
                return f(keyStore, str);
            }
            d(str);
            return g(keyStore, str);
        } catch (IOException | UnsupportedOperationException | GeneralSecurityException e11) {
            KeyStoreException keyStoreException = new KeyStoreException("Can't obtain key pair", e11);
            this.f25018a.y("getOrCreateKeyPair", keyStoreException);
            throw keyStoreException;
        }
    }

    @Override // t00.j
    public void b(String str) {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            keyStore.deleteEntry(str);
        } catch (IOException | UnsupportedOperationException | KeyStoreException | NoSuchAlgorithmException | CertificateException e11) {
            this.f25018a.y("removeKeyPair", e11);
        }
    }

    @Override // t00.j
    public SecureHardware c(String str) {
        if (this.f25019b.g("isStrongBoxBacked-" + str, false)) {
            return SecureHardware.STRONG_BOX;
        }
        try {
            KeyPair a11 = a(str);
            return ((KeyInfo) KeyFactory.getInstance(a11.getPrivate().getAlgorithm(), "AndroidKeyStore").getKeySpec(a11.getPrivate(), KeyInfo.class)).isInsideSecureHardware() ? SecureHardware.SECURE : SecureHardware.INSECURE;
        } catch (KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | InvalidKeySpecException unused) {
            return SecureHardware.INSECURE;
        }
    }

    public void d(String str) {
        try {
            e(str, true);
            h(str, true);
        } catch (ProviderException e11) {
            this.f25018a.F(e11.getMessage());
            e(str, false);
            h(str, false);
        }
    }

    public final KeyPair f(KeyStore keyStore, String str) {
        try {
            return g(keyStore, str);
        } catch (UnrecoverableEntryException e11) {
            this.f25018a.y("loadExistingKeyPair", e11);
            keyStore.deleteEntry(str);
            d(str);
            return g(keyStore, str);
        }
    }

    public final void h(String str, boolean z11) {
        this.f25019b.o("isStrongBoxBacked-" + str, z11);
    }
}
