package com.symantec.secureenclave;

import android.annotation.TargetApi;
import android.security.keystore.KeyGenParameterSpec;
import android.security.keystore.KeyInfo;
import android.security.keystore.KeyPermanentlyInvalidatedException;
import com.amazonaws.services.s3.internal.crypto.JceEncryptionConstants;
import com.amazonaws.services.s3.internal.crypto.S3KeyWrapScheme;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PublicKey;
import java.security.UnrecoverableEntryException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.MGF1ParameterSpec;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.KeyGenerator;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.SecretKey;
import javax.crypto.SecretKeyFactory;
import javax.crypto.spec.OAEPParameterSpec;
import javax.crypto.spec.PSource;

/* compiled from: KeyManager.java */
@TargetApi(23)
/* loaded from: classes3.dex */
public class c {

    /* renamed from: a, reason: collision with root package name */
    public String f11449a = c.class.getName();

    /* renamed from: b, reason: collision with root package name */
    public KeyStore f11450b;

    public c() {
    }

    public c(String str) throws KeyDataException {
        if (!"AndroidKeyStore".equals(str)) {
            KeyDataExceptionType keyDataExceptionType = KeyDataExceptionType.KEYSTORE_ERROR;
            keyDataExceptionType.toString();
            throw new KeyDataException(keyDataExceptionType.b());
        }
        try {
            KeyStore keyStore = KeyStore.getInstance(str);
            this.f11450b = keyStore;
            keyStore.load(null);
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e10) {
            e10.getMessage();
            throw new KeyDataException(e10.getMessage());
        }
    }

    public SecureBinary a(SecureBinary secureBinary, a aVar) throws KeyDataException, KeyPermanentlyInvalidatedException {
        boolean e10 = e(aVar);
        if (secureBinary == null || !e10) {
            StringBuilder sb2 = new StringBuilder();
            sb2.append(KeyDataExceptionType.ASYMMETRIC_DECRYPTION_PARAM_ERROR.b());
            sb2.append(!e10 ? " cipherInfo is not Valid" : " cipherText is null");
            throw new KeyDataException(sb2.toString());
        }
        try {
            KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) this.f11450b.getEntry(aVar.a(), null);
            if (privateKeyEntry == null || privateKeyEntry.getPrivateKey() == null) {
                throw new KeyDataException(KeyDataExceptionType.PRIVATE_KEYENTRY_ERROR.b());
            }
            Cipher cipher = Cipher.getInstance(aVar.b());
            cipher.init(2, privateKeyEntry.getPrivateKey());
            return new SecureBinary(cipher.doFinal(secureBinary.a()));
        } catch (KeyPermanentlyInvalidatedException e11) {
            throw e11;
        } catch (InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableEntryException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException unused) {
            throw new KeyDataException(KeyDataExceptionType.ASYMMETRIC_DECRYTION_FAILED.b());
        }
    }

    public SecureBinary b(SecureBinary secureBinary, a aVar, b bVar) throws KeyDataException {
        if (secureBinary == null || !e(aVar) || !f(bVar)) {
            throw new KeyDataException(KeyDataExceptionType.ASYMMETRIC_ENCRYPTION_PARAM_ERROR.b());
        }
        try {
            PublicKey publicKey = this.f11450b.getCertificate(aVar.a()).getPublicKey();
            if (publicKey != null) {
                Cipher cipher = Cipher.getInstance(aVar.b());
                cipher.init(1, publicKey, new OAEPParameterSpec(bVar.b(), "MGF1", MGF1ParameterSpec.SHA1, PSource.PSpecified.DEFAULT));
                return new SecureBinary(cipher.doFinal(secureBinary.a()));
            }
            KeyDataExceptionType keyDataExceptionType = KeyDataExceptionType.PUBLIC_KEYENTRY_ERROR;
            keyDataExceptionType.toString();
            throw new KeyDataException(keyDataExceptionType.b());
        } catch (InvalidAlgorithmParameterException | InvalidKeyException | KeyStoreException | NoSuchAlgorithmException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e10) {
            e10.getMessage();
            throw new KeyDataException(KeyDataExceptionType.ASYMMETRIC_ENCRYTION_FAILED.b());
        }
    }

    public boolean c(String str) {
        if (str != null && !str.trim().isEmpty()) {
            try {
                this.f11450b.deleteEntry(str);
                return true;
            } catch (KeyStoreException e10) {
                e10.getMessage();
            }
        }
        return false;
    }

    public void d(b bVar) throws KeyDataException {
        if (!f(bVar)) {
            throw new KeyDataException(KeyDataExceptionType.ASYMMETRIC_KEYDATA_ERROR.b());
        }
        if (g(bVar.a())) {
            throw new KeyDataException(KeyDataExceptionType.ASYMMETRIC_KEY_EXISTS.b());
        }
        try {
            StringBuilder sb2 = new StringBuilder();
            sb2.append(this.f11449a);
            sb2.append("TIMER_TAG");
            String.valueOf(System.currentTimeMillis());
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(bVar.e(), bVar.g());
            KeyGenParameterSpec.Builder builder = new KeyGenParameterSpec.Builder(bVar.a(), 3);
            builder.setEncryptionPaddings(bVar.c());
            builder.setKeySize(bVar.f());
            builder.setDigests(bVar.b());
            builder.setUserAuthenticationRequired(bVar.d());
            builder.setInvalidatedByBiometricEnrollment(false);
            keyPairGenerator.initialize(builder.build());
            keyPairGenerator.generateKeyPair();
            StringBuilder sb3 = new StringBuilder();
            sb3.append(this.f11449a);
            sb3.append("TIMER_TAG");
            String.valueOf(System.currentTimeMillis());
        } catch (InvalidAlgorithmParameterException | NoSuchAlgorithmException | NoSuchProviderException e10) {
            e10.getMessage();
        }
    }

    public final boolean e(a aVar) throws KeyDataException {
        return g(aVar.a()) && this.f11450b.getProvider().toString().contains(aVar.c()) && aVar.b().equals(S3KeyWrapScheme.RSA_ECB_OAEP_WITH_SHA256_AND_MGF1_PADDING) && aVar.a() != null && !aVar.a().trim().isEmpty() && this.f11450b != null;
    }

    public final boolean f(b bVar) throws KeyDataException {
        if (!this.f11450b.getProvider().toString().contains(bVar.g()) || !"RSA".equals(bVar.e()) || bVar.c() == null || bVar.a() == null || bVar.a().trim().isEmpty()) {
            return false;
        }
        if ("SHA-512".equals(bVar.b()) || "SHA-256".equals(bVar.b())) {
            return bVar.f() == 1024 || bVar.f() == 2048 || bVar.f() == 4096;
        }
        return false;
    }

    public boolean g(String str) {
        if (str != null && !str.trim().isEmpty()) {
            try {
                if (this.f11450b.getKey(str, null) != null) {
                    return true;
                }
            } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException e10) {
                e10.getMessage();
            }
        }
        return false;
    }

    public boolean h() throws KeyDataException {
        try {
            try {
                StringBuilder sb2 = new StringBuilder();
                sb2.append(this.f11449a);
                sb2.append("TIMER_TAG");
                String.valueOf(System.currentTimeMillis());
                KeyGenerator keyGenerator = KeyGenerator.getInstance(JceEncryptionConstants.SYMMETRIC_KEY_ALGORITHM, "AndroidKeyStore");
                keyGenerator.init(new KeyGenParameterSpec.Builder("Check", 3).setBlockModes("GCM").setEncryptionPaddings("NoPadding").build());
                SecretKey generateKey = keyGenerator.generateKey();
                if (((KeyInfo) SecretKeyFactory.getInstance(generateKey.getAlgorithm(), "AndroidKeyStore").getKeySpec(generateKey, KeyInfo.class)).isInsideSecureHardware()) {
                    c("Check");
                    StringBuilder sb3 = new StringBuilder();
                    sb3.append(this.f11449a);
                    sb3.append("TIMER_TAG");
                    String.valueOf(System.currentTimeMillis());
                    return true;
                }
                c("Check");
                StringBuilder sb4 = new StringBuilder();
                sb4.append(this.f11449a);
                sb4.append("TIMER_TAG");
                String.valueOf(System.currentTimeMillis());
                return false;
            } catch (Throwable th2) {
                c("Check");
                StringBuilder sb5 = new StringBuilder();
                sb5.append(this.f11449a);
                sb5.append("TIMER_TAG");
                String.valueOf(System.currentTimeMillis());
                throw th2;
            }
        } catch (InvalidAlgorithmParameterException | NoSuchAlgorithmException | NoSuchProviderException | InvalidKeySpecException e10) {
            e10.getMessage();
            c("Check");
            StringBuilder sb6 = new StringBuilder();
            sb6.append(this.f11449a);
            sb6.append("TIMER_TAG");
            String.valueOf(System.currentTimeMillis());
            throw new KeyDataException(KeyDataExceptionType.SECURE_HARDWARE_EXCEPTION.b());
        }
    }
}
