package com.samsung.android.app.twatchmanager.sak.gakverify;

import android.annotation.SuppressLint;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Log;
import com.samsung.android.app.twatchmanager.sak.VerificationCallback;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.ObjectInputStream;
import java.io.ObjectOutputStream;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.PublicKey;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.List;

/* loaded from: classes.dex */
public class CryptoHelper {
    private static final String CERTIFICATE_ALIAS = "WM_GAK_CERT";
    private static final String TAG = "SAK:GAK_CryptoHelper";
    private static CryptoHelper sInstance;
    private final Crypto mCrypto = Crypto.getInstance();

    private CryptoHelper() {
    }

    @SuppressLint({"NewApi"})
    private List<X509Certificate> createCertificate(byte[] bArr) {
        Certificate[] certificateArr = null;
        try {
            this.mCrypto.kpg = KeyPairGenerator.getInstance("EC", "AndroidKeyStore");
            this.mCrypto.kpg.initialize(new KeyGenParameterSpec.Builder(CERTIFICATE_ALIAS, 12).setDigests("SHA-256", "SHA-512").setAttestationChallenge(bArr).build());
            this.mCrypto.kpg.generateKeyPair();
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            certificateArr = keyStore.getCertificateChain(CERTIFICATE_ALIAS);
            Log.i(TAG, "get certificate chain from Keystore");
        } catch (Exception e2) {
            e2.printStackTrace();
            Log.e(TAG, "ERROR) get certificate chain from Keystore");
        }
        if (certificateArr == null) {
            Log.e(TAG, "get certificate chain return null");
            return new ArrayList(0);
        }
        ArrayList arrayList = new ArrayList(2);
        for (Certificate certificate : certificateArr) {
            arrayList.add((X509Certificate) certificate);
        }
        return arrayList;
    }

    public static List<X509Certificate> deserializeCertificateChain(byte[] bArr) {
        try {
            ObjectInputStream objectInputStream = new ObjectInputStream(new ByteArrayInputStream(bArr));
            try {
                return (ArrayList) objectInputStream.readObject();
            } catch (Throwable th) {
                try {
                    throw th;
                } finally {
                    try {
                        objectInputStream.close();
                    } catch (Throwable unused) {
                    }
                }
            }
        } catch (IOException | ClassNotFoundException e2) {
            Log.i(TAG, "deserializeCertificateChain " + e2.getMessage());
            return new ArrayList(0);
        }
    }

    public static synchronized CryptoHelper getInstance() {
        CryptoHelper cryptoHelper;
        synchronized (CryptoHelper.class) {
            if (sInstance == null) {
                sInstance = new CryptoHelper();
            }
            cryptoHelper = sInstance;
        }
        return cryptoHelper;
    }

    public static byte[] getPublicKeyFromKeyPair(KeyPair keyPair) {
        if (keyPair != null) {
            return Crypto.base64Encode(keyPair.getPublic().getEncoded());
        }
        Log.i(TAG, "getPublicKeyFromKeyPair, keypair is not set");
        return new byte[]{0};
    }

    public static byte[] serializeCertificateChain(List<X509Certificate> list) {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        try {
            try {
                new ObjectOutputStream(byteArrayOutputStream).writeObject(list);
            } finally {
            }
        } catch (IOException e2) {
            Log.i(TAG, "serializeCertificateChain" + e2.getMessage());
        }
        Log.i(TAG, "serializeCertificateChain, totalsize= " + byteArrayOutputStream.size());
        return byteArrayOutputStream.toByteArray();
    }

    public static boolean verifyCertificate(List<X509Certificate> list, byte[] bArr, VerificationCallback verificationCallback) {
        return Verifier.verifyCertificate(list, bArr, verificationCallback);
    }

    public KeyPair generateKeyPair() {
        return this.mCrypto.generateKeyPair();
    }

    public synchronized List<X509Certificate> getCertificateChain(byte[] bArr) {
        List<X509Certificate> createCertificate;
        createCertificate = createCertificate(bArr);
        Log.i(TAG, "getCertificateChain, attestKey with creation done. # of X509 Certificates=" + createCertificate.size());
        return createCertificate;
    }

    public PublicKey getPublicKeyFromEncoded(byte[] bArr) {
        if (bArr == null) {
            return null;
        }
        return this.mCrypto.getPublicKeyFromEncoded(Crypto.base64Decode(bArr));
    }
}
