package defpackage;

import android.os.Build;
import android.security.keystore.KeyGenParameterSpec;
import androidx.annotation.RequiresApi;
import com.huawei.secure.android.common.util.SafeBase64;
import defpackage.ev;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.ObjectOutputStream;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.math.BigInteger;
import java.nio.charset.StandardCharsets;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.ProviderException;
import java.security.Signature;
import java.security.SignatureException;
import java.security.UnrecoverableEntryException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.util.ArrayList;
import java.util.GregorianCalendar;
import java.util.HashMap;

/* loaded from: classes2.dex */
public final class yy {
    public static final String b = "OOBE_DeviceInfoSignUtils";
    public static final String d = "timeStamp";
    public static final String e = "random";
    public static final String f = "terminalType";
    public static final String g = "deviceIdType";
    public static final String h = "deviceId";
    public static final String i = "9";
    public static final int j = 1337;
    public static final String k = "SHA256withRSA";
    public static final String l = "HwUniversalKeyStoreProvider";
    public static final String m = "hwkeystory";
    public static final int n = 2048;
    public static final String o = "HwKeystore";
    public static final String q = "com.huawei.security.keystore.HwUniversalKeyStoreProvider";
    public static final String r = "install";
    public static final int s = 0;
    public static final String t = "has_generate_key_pair";
    public static final int u = 1;

    /* renamed from: a, reason: collision with root package name */
    public boolean f11750a = false;
    public static final yy c = new yy();
    public static final String p = sv.getPackageName() + ":deviceinfo";

    /* loaded from: classes2.dex */
    public static class b extends dx<String, Void, xy> {

        /* renamed from: a, reason: collision with root package name */
        public wy f11751a;

        public b(wy wyVar) {
            this.f11751a = wyVar;
        }

        @Override // defpackage.dx
        @RequiresApi(api = 24)
        /* renamed from: a, reason: merged with bridge method [inline-methods] */
        public xy onExecute(String... strArr) {
            String str;
            yr.i(yy.b, "onExecute");
            if (strArr == null || strArr.length < 1) {
                yr.w(yy.b, "strings is null or less than one");
                return new xy();
            }
            if (ev.a.f7641a <= 14) {
                yr.i(yy.b, "EMUI version is equal or lesser than 8.0");
                return new xy();
            }
            yr.d(yy.b, "generate cerChain start time: " + System.currentTimeMillis());
            Certificate[] hUKSCertificate = yy.getInstance().getHUKSCertificate();
            yr.d(yy.b, "generate cerChain end time: " + System.currentTimeMillis());
            String str2 = null;
            if (hUKSCertificate == null || hUKSCertificate.length <= 0) {
                yr.e(yy.b, "certificates is null or less than one");
                str = null;
            } else {
                yr.d(yy.b, "length of certificates : " + hUKSCertificate.length);
                String objectToBase64 = yy.objectToBase64(hUKSCertificate[0]);
                str2 = yy.objectToBase64(hUKSCertificate);
                str = objectToBase64;
            }
            xy xyVar = new xy();
            xyVar.setVerification(strArr[0]);
            xyVar.setCerChain(str2);
            xyVar.setKey(str);
            xyVar.setSign(yy.getInstance().signData(strArr[0]));
            yr.d(yy.b, "original signData : " + strArr[0]);
            return xyVar;
        }

        @Override // defpackage.dx
        /* renamed from: a, reason: merged with bridge method [inline-methods] */
        public void onCallbackResult(xy xyVar) {
            yr.i(yy.b, "onCallbackResult");
        }

        @Override // android.os.AsyncTask
        /* renamed from: b, reason: merged with bridge method [inline-methods] */
        public void onPostExecute(xy xyVar) {
            super.onPostExecute(xyVar);
            yr.i(yy.b, "onPostExecute");
            wy wyVar = this.f11751a;
            if (wyVar != null) {
                wyVar.signInfoCallback(xyVar);
            } else {
                yr.w(yy.b, "DeviceInfoSignCallback in null");
            }
        }
    }

    /* loaded from: classes2.dex */
    public static class c extends dx<String, Void, xy> {

        /* renamed from: a, reason: collision with root package name */
        public wy f11752a;

        public c(wy wyVar) {
            this.f11752a = wyVar;
        }

        @Override // defpackage.dx
        @RequiresApi(api = 24)
        /* renamed from: a, reason: merged with bridge method [inline-methods] */
        public xy onExecute(String... strArr) {
            yr.i(yy.b, "onExecute");
            if (ev.a.f7641a <= 14) {
                yr.i(yy.b, "EMUI version is equal or lesser than 8.0");
                return new xy();
            }
            if (strArr == null || strArr.length < 1) {
                yr.w(yy.b, "strings is null or less than one");
                return new xy();
            }
            yr.d(yy.b, "generate cerChain start time: " + System.currentTimeMillis());
            Certificate[] hUKSCertificate = yy.getInstance().getHUKSCertificate();
            yr.d(yy.b, "generate cerChain end time: " + System.currentTimeMillis());
            xy xyVar = new xy();
            xyVar.setCerChain(yy.certificateListToString(hUKSCertificate));
            xyVar.setVerification(strArr[0]);
            xyVar.setSign(yy.getInstance().signData(strArr[0]));
            yr.d(yy.b, "original signData : " + strArr[0]);
            return xyVar;
        }

        @Override // android.os.AsyncTask
        /* renamed from: a, reason: merged with bridge method [inline-methods] */
        public void onPostExecute(xy xyVar) {
            super.onPostExecute(xyVar);
            yr.i(yy.b, "onPostExecute");
            wy wyVar = this.f11752a;
            if (wyVar != null) {
                wyVar.signInfoCallback(xyVar);
            } else {
                yr.w(yy.b, "DeviceInfoSignCallback in null");
            }
        }
    }

    public yy() {
        d();
        yr.i(b, "registerHUKS" + this.f11750a);
    }

    private String a(byte[] bArr) {
        return SafeBase64.encodeToString(bArr, 0);
    }

    private boolean b() {
        return (ev.a.f7641a > 14) && this.f11750a;
    }

    @RequiresApi(api = 24)
    private void c(String str, String str2, int i2, String str3, String str4) {
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(str2, l);
            GregorianCalendar gregorianCalendar = new GregorianCalendar();
            GregorianCalendar gregorianCalendar2 = new GregorianCalendar();
            gregorianCalendar2.add(1, 1);
            keyPairGenerator.initialize(new KeyGenParameterSpec.Builder(str, i2).setDigests(str3).setSignaturePaddings(str4).setCertificateSerialNumber(BigInteger.valueOf(1337L)).setCertificateNotBefore(gregorianCalendar.getTime()).setCertificateNotAfter(gregorianCalendar2.getTime()).setAttestationChallenge(m.getBytes(StandardCharsets.UTF_8)).setUserAuthenticationRequired(false).setKeySize(2048).build());
            if (keyPairGenerator.generateKeyPair() != null) {
                ft.put(t, true);
                yr.i(b, "setGenerateKeyPair : true");
            } else {
                yr.w(b, "generateKeyPair, but failed");
            }
        } catch (InvalidAlgorithmParameterException e2) {
            yr.e(b, "generateKeyPair: InvalidAlgorithmParameterException", e2);
        } catch (NoSuchAlgorithmException e3) {
            yr.e(b, "generateKeyPair: NoSuchAlgorithmException", e3);
        } catch (NoSuchProviderException unused) {
            yr.e(b, "generateKeyPair: NoSuchProviderException");
        } catch (ProviderException e4) {
            yr.e(b, "generateKeyPair: ProviderException", e4);
        } catch (Exception e5) {
            yr.e(b, "generateKeyPair: Exception", e5);
        }
    }

    public static String certificateListToString(Certificate[] certificateArr) {
        try {
            if (mu.isEmpty(certificateArr)) {
                return null;
            }
            ArrayList arrayList = new ArrayList();
            for (Certificate certificate : certificateArr) {
                for (byte b2 : certificate.getEncoded()) {
                    arrayList.add(Byte.valueOf(b2));
                }
            }
            int size = arrayList.size();
            byte[] bArr = new byte[size];
            for (int i2 = 0; i2 < size; i2++) {
                bArr[i2] = ((Byte) arrayList.get(i2)).byteValue();
            }
            return SafeBase64.encodeToString(bArr, 0);
        } catch (CertificateException e2) {
            yr.e(b, "certificateListToString exception", e2);
            return null;
        }
    }

    private void d() {
        try {
            Method method = wv.getMethod(q, "install", (Class<?>[]) new Class[0]);
            wv.setAccessible(method, true);
            if (method != null) {
                method.invoke(null, new Object[0]);
                this.f11750a = true;
            } else {
                this.f11750a = false;
            }
        } catch (IllegalAccessException e2) {
            yr.e(b, "registerHUKS: cannot access", e2);
            this.f11750a = false;
        } catch (InvocationTargetException e3) {
            yr.e(b, "registerHUKS: InvocationTargetException", e3);
            this.f11750a = false;
        } catch (Exception e4) {
            yr.e(b, "registerHUKS: Exception", e4);
            this.f11750a = false;
        }
    }

    public static yy getInstance() {
        return c;
    }

    public static String objectToBase64(Object obj) {
        ObjectOutputStream objectOutputStream;
        yr.i(b, "objectToBase64 ");
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        ObjectOutputStream objectOutputStream2 = null;
        String str = null;
        try {
            objectOutputStream = new ObjectOutputStream(byteArrayOutputStream);
            try {
                try {
                    objectOutputStream.writeObject(obj);
                    str = SafeBase64.encodeToString(byteArrayOutputStream.toByteArray(), 0);
                } catch (IOException unused) {
                    yr.e(b, "objectToBase64 IOException...");
                    uu.close(byteArrayOutputStream);
                    uu.close(objectOutputStream);
                    return str;
                }
            } catch (Throwable th) {
                th = th;
                objectOutputStream2 = objectOutputStream;
                uu.close(byteArrayOutputStream);
                uu.close(objectOutputStream2);
                throw th;
            }
        } catch (IOException unused2) {
            objectOutputStream = null;
        } catch (Throwable th2) {
            th = th2;
            uu.close(byteArrayOutputStream);
            uu.close(objectOutputStream2);
            throw th;
        }
        uu.close(byteArrayOutputStream);
        uu.close(objectOutputStream);
        return str;
    }

    @RequiresApi(api = 24)
    public synchronized void generateHUKSKeyPair() {
        if (!b()) {
            yr.w(b, "EMUI Version less than 8.1 or register HUKS failed");
        } else if (ft.getBoolean(t)) {
            yr.i(b, "hasGenerateKeyPair : true");
        } else {
            yr.i(b, "hasGenerateKeyPair : false. generateHUKSKeyPair : RSA");
            c(p, "RSA", 4, "SHA-256", "PKCS1");
        }
    }

    @RequiresApi(api = 24)
    public String getCerChain() {
        if (b()) {
            return certificateListToString(getHUKSCertificate());
        }
        yr.w(b, "EMUI Version less than 8.1 or register HUKS failed");
        return null;
    }

    public void getDeviceInfoSignDataAsync(wy wyVar, String str) {
        new b(wyVar).submit(str);
    }

    public void getDeviceInfoSignDataAsyncForVideo(wy wyVar) {
        new c(wyVar).submit(getDeviceInfoVerifyString());
    }

    public void getDeviceInfoSignDataAsyncForVideo(wy wyVar, String str) {
        new c(wyVar).submit(str);
    }

    public String getDeviceInfoVerifyForVideoService(String str, String str2) {
        yr.d(b, "deviceId : " + str + ". deviceIdType : " + str2);
        String currentUtcTime = jw.getCurrentUtcTime();
        String uuidByBuild = cv.getUuidByBuild();
        String str3 = Build.MODEL;
        HashMap hashMap = new HashMap();
        hashMap.put("timeStamp", currentUtcTime);
        hashMap.put(e, uuidByBuild);
        hashMap.put("terminalType", str3);
        hashMap.put("deviceIdType", str2);
        hashMap.put("deviceId", str);
        return hv.toJson(hashMap);
    }

    public String getDeviceInfoVerifyString() {
        String currentUtcTime = jw.getCurrentUtcTime();
        String uuidByBuild = cv.getUuidByBuild();
        String str = Build.MODEL;
        String udid = vv.getUdid();
        HashMap hashMap = new HashMap();
        hashMap.put("timeStamp", currentUtcTime);
        hashMap.put(e, uuidByBuild);
        hashMap.put("terminalType", str);
        hashMap.put("deviceIdType", "9");
        hashMap.put("deviceId", udid);
        return hv.toJson(hashMap);
    }

    @RequiresApi(api = 24)
    public Certificate[] getHUKSCertificate() {
        if (!b()) {
            yr.w(b, "EMUI Version less than 8.1 or register HUKS failed");
            return new Certificate[0];
        }
        generateHUKSKeyPair();
        try {
            KeyStore keyStore = KeyStore.getInstance("HwKeyStore");
            keyStore.load(null);
            yr.i(b, "getHUKSCertificate : Load keystore success!");
            KeyStore.Entry entry = keyStore.getEntry(p, null);
            if (entry == null) {
                yr.w(b, "getHUKSCertificate ：Entry is null");
                return new Certificate[0];
            }
            if (entry instanceof KeyStore.PrivateKeyEntry) {
                return ((KeyStore.PrivateKeyEntry) entry).getCertificateChain();
            }
            yr.w(b, "getHUKSCertificate ：Not an instance of a PrivateKeyEntry");
            return new Certificate[0];
        } catch (IOException e2) {
            yr.e(b, "getHUKSCertificate: IOException", e2);
            return null;
        } catch (KeyStoreException e3) {
            yr.e(b, "getHUKSCertificate: KeyStoreException", e3);
            return null;
        } catch (NoSuchAlgorithmException e4) {
            yr.e(b, "getHUKSCertificate: NoSuchAlgorithmException", e4);
            return null;
        } catch (UnrecoverableEntryException e5) {
            yr.e(b, "getHUKSCertificate: UnrecoverableEntryException", e5);
            return null;
        } catch (CertificateException e6) {
            yr.e(b, "getHUKSCertificate: CertificateException", e6);
            return null;
        } catch (Exception e7) {
            yr.e(b, "getHUKSCertificate: Exception", e7);
            return null;
        }
    }

    @RequiresApi(api = 24)
    public String signData(String str) {
        if (!b()) {
            yr.w(b, "EMUI Version less than 8.1 or register HUKS failed");
            return null;
        }
        try {
            byte[] bytes = str.getBytes(StandardCharsets.UTF_8);
            KeyStore keyStore = KeyStore.getInstance(o);
            keyStore.load(null);
            KeyStore.Entry entry = keyStore.getEntry(p, null);
            if (entry == null) {
                yr.w(b, "entry is null");
                return null;
            }
            if (!(entry instanceof KeyStore.PrivateKeyEntry)) {
                yr.w(b, "entry is not instanceof KeyStore.PrivateKeyEntry");
                return null;
            }
            Signature signature = Signature.getInstance(k, l);
            signature.initSign(((KeyStore.PrivateKeyEntry) entry).getPrivateKey());
            signature.update(bytes);
            return a(signature.sign());
        } catch (IOException e2) {
            yr.e(b, "signData: IOException", e2);
            return null;
        } catch (InvalidKeyException e3) {
            yr.e(b, "signData: InvalidKeyException", e3);
            return null;
        } catch (KeyStoreException e4) {
            yr.e(b, "signData: KeyStoreException", e4);
            return null;
        } catch (NoSuchAlgorithmException e5) {
            yr.e(b, "signData: NoSuchAlgorithmException", e5);
            return null;
        } catch (NoSuchProviderException e6) {
            yr.e(b, "signData： NoSuchProviderException", e6);
            return null;
        } catch (SignatureException e7) {
            yr.e(b, "signData: SignatureException", e7);
            return null;
        } catch (UnrecoverableEntryException e8) {
            yr.e(b, "signData: NoSuchAlgorithmException", e8);
            return null;
        } catch (CertificateException e9) {
            yr.e(b, "signData: CertificateException", e9);
            return null;
        } catch (Exception e10) {
            yr.e(b, "signData: Exception", e10);
            return null;
        }
    }
}
