package com.tencent.security.key;

import android.annotation.SuppressLint;
import android.content.Context;
import android.os.Build;
import android.security.KeyChain;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.security.keystore.KeyInfo;
import android.util.Base64;
import com.tencent.bugly.crashreport.CrashReport;
import com.tencent.mars.xlog.common.log.TLog;
import java.math.BigInteger;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.spec.AlgorithmParameterSpec;
import java.text.MessageFormat;
import java.util.GregorianCalendar;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes.dex */
public final class KeyHelper {

    /* renamed from: a, reason: collision with root package name */
    private String f15307a;
    private String b;

    public KeyHelper(String str, String str2) {
        this.f15307a = str;
        this.b = str2;
    }

    public KeyPair a() {
        PublicKey publicKey;
        try {
            KeyStore keyStore = KeyStore.getInstance(this.b);
            keyStore.load(null);
            PrivateKey privateKey = (PrivateKey) keyStore.getKey(this.f15307a, null);
            if (privateKey != null && keyStore.getCertificate(this.f15307a) != null && (publicKey = keyStore.getCertificate(this.f15307a).getPublicKey()) != null) {
                return new KeyPair(publicKey, privateKey);
            }
        } catch (Exception e) {
            CrashReport.postCatchedException(e);
            TLog.e("KeyGenerator", "cannot find a key pair", e);
        }
        return null;
    }

    /* JADX WARN: Not initialized variable reg: 5, insn: 0x0168: IF  (r5 I:??[int, boolean, OBJECT, ARRAY, byte, short, char]) == (0 ??[int, boolean, OBJECT, ARRAY, byte, short, char])  -> B:43:?, block:B:36:0x0168 */
    @SuppressLint({"WrongConstant"})
    public void a(Context context, boolean z) {
        KeyStore keyStore;
        KeyStore keyStore2;
        AlgorithmParameterSpec build;
        boolean isInsideSecureHardware;
        try {
            try {
                keyStore2 = KeyStore.getInstance(this.b);
            } catch (Exception e) {
                TLog.e("KeyGenerator", MessageFormat.format("error while generate key for alias:{0}, remove key", this.f15307a), e);
                if (keyStore != null) {
                    try {
                        keyStore.deleteEntry(this.f15307a);
                        return;
                    } catch (Exception unused) {
                        return;
                    }
                }
                return;
            }
        } catch (Exception e2) {
            e = e2;
        }
        try {
            keyStore2.load(null);
            if (((PrivateKey) keyStore2.getKey(this.f15307a, null)) != null && keyStore2.getCertificate(this.f15307a) != null) {
                if (keyStore2.getCertificate(this.f15307a).getPublicKey() != null) {
                    return;
                }
            }
            GregorianCalendar gregorianCalendar = new GregorianCalendar();
            GregorianCalendar gregorianCalendar2 = new GregorianCalendar();
            if (z) {
                gregorianCalendar2.add(12, 5);
            } else {
                gregorianCalendar2.add(1, 10);
            }
            if (Build.VERSION.SDK_INT < 23) {
                build = new KeyPairGeneratorSpec.Builder(context).setAlias(this.f15307a).setSubject(new X500Principal("CN=" + this.f15307a)).setSerialNumber(BigInteger.valueOf(234331L)).setStartDate(gregorianCalendar.getTime()).setEndDate(gregorianCalendar2.getTime()).build();
            } else {
                build = new KeyGenParameterSpec.Builder(this.f15307a, 3).setDigests("SHA-256", "SHA-512").setCertificateNotAfter(gregorianCalendar.getTime()).setCertificateNotAfter(gregorianCalendar2.getTime()).setBlockModes("ECB").setCertificateSerialNumber(BigInteger.valueOf(234331L)).setCertificateSubject(new X500Principal("CN=" + this.f15307a)).setEncryptionPaddings("PKCS1Padding").setKeySize(1024).build();
            }
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", keyStore2.getProvider());
            keyPairGenerator.initialize(build);
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            if (Build.VERSION.SDK_INT < 23) {
                isInsideSecureHardware = KeyChain.isBoundKeyAlgorithm("RSA");
            } else {
                PrivateKey privateKey = generateKeyPair.getPrivate();
                isInsideSecureHardware = ((KeyInfo) KeyFactory.getInstance(privateKey.getAlgorithm(), keyStore2.getProvider()).getKeySpec(privateKey, KeyInfo.class)).isInsideSecureHardware();
            }
            TLog.d("KeyGenerator", "Hardware-Backed Keystore Supported: " + isInsideSecureHardware);
        } catch (Exception e3) {
            e = e3;
            TLog.e("KeyGenerator", MessageFormat.format("key store:{0} unavailable", this.b), e);
            CrashReport.postCatchedException(e);
        }
    }

    public String b() {
        KeyPair a2 = a();
        if (a2 == null) {
            return null;
        }
        try {
            return MessageFormat.format("-----BEGIN PUBLIC KEY-----\n{0}-----END PUBLIC KEY-----\n", Base64.encodeToString(a2.getPublic().getEncoded(), 0));
        } catch (Exception unused) {
            TLog.e("KeyGenerator", "failed to genreate PEM pattern key");
            return null;
        }
    }
}
