package h21;

import ae5.i0;
import android.os.Build;
import android.security.keystore.KeyGenParameterSpec;
import android.security.keystore.KeyInfo;
import android.text.TextUtils;
import com.google.android.gms.common.util.AndroidUtilsLight;
import com.tencent.mm.sdk.platformtools.n2;
import java.nio.ByteBuffer;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.spec.KeySpec;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.UUID;
import javax.crypto.KeyGenerator;
import javax.crypto.SecretKeyFactory;
import kotlin.coroutines.Continuation;
import org.json.JSONArray;
import org.json.JSONObject;
import ta5.c1;

/* loaded from: classes12.dex */
public final class t extends p {
    public static final int CTRL_INDEX = 1282;
    public static final String NAME = "cryptoGenerateKey";

    @Override // h21.p
    public Object B(com.tencent.mm.plugin.appbrand.jsapi.l lVar, JSONObject jSONObject, Continuation continuation) {
        ArrayList arrayList;
        String str;
        boolean z16;
        Integer[] numArr;
        if (((ArrayList) p.f220292g.d(lVar)).size() > 20) {
            throw new n(m21.i.f272036b);
        }
        String optString = jSONObject.optString("algorithm");
        String uuid = UUID.randomUUID().toString();
        kotlin.jvm.internal.o.g(uuid, "toString(...)");
        int optInt = jSONObject.optInt("keySize", 256);
        JSONArray optJSONArray = jSONObject.optJSONArray("blockModes");
        if (optJSONArray != null) {
            arrayList = new ArrayList();
            vn4.b bVar = new vn4.b(optJSONArray);
            while (bVar.hasNext()) {
                Object next = bVar.next();
                if (next instanceof String) {
                    arrayList.add(next);
                }
            }
        } else {
            arrayList = new ArrayList();
        }
        ArrayList arrayList2 = arrayList;
        kotlin.jvm.internal.o.e(optString);
        if (i0.B(optString, "-", false, 2, null)) {
            List b06 = i0.b0(optString, new String[]{"-"}, false, 0, 6, null);
            arrayList2.addAll(b06.subList(1, b06.size()));
            optString = (String) b06.get(0);
        }
        n2.j("MicroMsg.AppBrand.JsApiCryptoGenerateKey", "genkey alg=" + optString + " blockModes=" + arrayList2 + " keyAlias=" + uuid + " keySize=" + optInt, null);
        StringBuilder sb6 = new StringBuilder();
        String appId = lVar.getAppId();
        kotlin.jvm.internal.o.g(appId, "getAppId(...)");
        StringBuilder sb7 = new StringBuilder("com.tencent.mm.plugin.appbrand.jsapi.crypto.");
        sb7.append(appId);
        sb7.append(".key.");
        sb6.append(sb7.toString());
        sb6.append(uuid);
        String sb8 = sb6.toString();
        kotlin.jvm.internal.o.e(optString);
        String str2 = "doPerform, isInsideSecureHardware: ";
        if (ta5.z.E(p.f220294i, optString)) {
            Iterator it = arrayList2.iterator();
            while (it.hasNext()) {
                Iterator it5 = it;
                String str3 = (String) it.next();
                String str4 = str2;
                if (!ta5.z.E(p.f220293h, str3)) {
                    String str5 = "fail:invalid block mode " + str3;
                    str = TextUtils.isEmpty(str5) ? "fail:jsapi invalid request data" : str5;
                    String str6 = str == null ? "" : str;
                    String str7 = com.tencent.mm.sdk.platformtools.z.f164160a;
                    JSONObject jSONObject2 = new JSONObject();
                    try {
                        jSONObject2.put("errno", 101);
                    } catch (Exception e16) {
                        n2.e("MicroMsg.AppBrandJsApi", "makeReturnJson with JSONObject, put errno, e=%s", e16);
                    }
                    String u16 = u(str6, jSONObject2);
                    kotlin.jvm.internal.o.g(u16, "makeReturnJson(...)");
                    return u16;
                }
                it = it5;
                str2 = str4;
            }
            String[] strArr = (String[]) arrayList2.toArray(new String[0]);
            KeyGenerator keyGenerator = KeyGenerator.getInstance(optString, "AndroidKeyStore");
            keyGenerator.init(new KeyGenParameterSpec.Builder(sb8, 15).setKeySize(optInt).setBlockModes((String[]) Arrays.copyOf(strArr, strArr.length)).setRandomizedEncryptionRequired(false).setEncryptionPaddings("NoPadding", "PKCS7Padding").build());
            KeySpec keySpec = SecretKeyFactory.getInstance(optString).getKeySpec(keyGenerator.generateKey(), KeyInfo.class);
            kotlin.jvm.internal.o.f(keySpec, "null cannot be cast to non-null type android.security.keystore.KeyInfo");
            boolean isInsideSecureHardware = ((KeyInfo) keySpec).isInsideSecureHardware();
            n2.j("MicroMsg.AppBrand.JsApiCryptoGenerateKey", str2 + isInsideSecureHardware, null);
            HashMap h16 = c1.h(new sa5.l("keyAlias", uuid), new sa5.l("inSecureHardware", Boolean.valueOf(isInsideSecureHardware)));
            String str8 = com.tencent.mm.sdk.platformtools.z.f164160a;
            h16.put("errno", 0);
            String t16 = t("ok", h16);
            kotlin.jvm.internal.o.g(t16, "makeReturnJson(...)");
            return t16;
        }
        if (!ta5.z.E(p.f220295m, optString)) {
            String concat = "fail:invalid algorithm ".concat(optString);
            str = TextUtils.isEmpty(concat) ? "fail:jsapi invalid request data" : concat;
            String str9 = str == null ? "" : str;
            String str10 = com.tencent.mm.sdk.platformtools.z.f164160a;
            JSONObject jSONObject3 = new JSONObject();
            try {
                jSONObject3.put("errno", 101);
            } catch (Exception e17) {
                n2.e("MicroMsg.AppBrandJsApi", "makeReturnJson with JSONObject, put errno, e=%s", e17);
            }
            String u17 = u(str9, jSONObject3);
            kotlin.jvm.internal.o.g(u17, "makeReturnJson(...)");
            return u17;
        }
        if (kotlin.jvm.internal.o.c(optString, "EC")) {
            numArr = new Integer[]{224, 256, 384, 521};
            z16 = false;
        } else if (kotlin.jvm.internal.o.c(optString, "RSA")) {
            z16 = false;
            numArr = new Integer[]{512, 1024, 2048, 4096};
        } else {
            z16 = false;
            numArr = new Integer[0];
        }
        if (!ta5.z.E(numArr, Integer.valueOf(optInt))) {
            n2.j("MicroMsg.AppBrand.JsApiCryptoGenerateKey", "invalid keysize " + optInt, null);
            throw new n(-1, "fail:invalid keysize");
        }
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(optString, "AndroidKeyStore");
        KeyGenParameterSpec.Builder digests = new KeyGenParameterSpec.Builder(sb8, 15).setKeySize(optInt).setRandomizedEncryptionRequired(z16).setEncryptionPaddings("NoPadding", "PKCS7Padding", "PKCS1Padding", "OAEPPadding").setSignaturePaddings("PKCS1", "PSS").setDigests("MD5", "SHA-1", "SHA-224", "SHA-256", "SHA-384", AndroidUtilsLight.DIGEST_ALGORITHM_SHA512);
        int i16 = Build.VERSION.SDK_INT;
        if (i16 >= 28) {
            digests.setIsStrongBoxBacked(false);
        }
        if (i16 >= 31) {
            digests.setMaxUsageCount(-1);
        }
        keyPairGenerator.initialize(digests.build());
        KeyPair genKeyPair = keyPairGenerator.genKeyPair();
        KeySpec keySpec2 = KeyFactory.getInstance(optString).getKeySpec(genKeyPair.getPrivate(), KeyInfo.class);
        kotlin.jvm.internal.o.f(keySpec2, "null cannot be cast to non-null type android.security.keystore.KeyInfo");
        boolean isInsideSecureHardware2 = ((KeyInfo) keySpec2).isInsideSecureHardware();
        n2.j("MicroMsg.AppBrand.JsApiCryptoGenerateKey", "doPerform, isInsideSecureHardware: " + isInsideSecureHardware2, null);
        String w16 = w(lVar, m21.f.f272004a, c1.h(new sa5.l("publicKey", ByteBuffer.wrap(genKeyPair.getPublic().getEncoded())), new sa5.l("keyAlias", uuid), new sa5.l("inSecureHardware", Boolean.valueOf(isInsideSecureHardware2))));
        kotlin.jvm.internal.o.g(w16, "makeReturnJsonWithNativeBuffer(...)");
        return w16;
    }
}
