package com.bytedance.android.sdk.bdticketguard;

import android.content.Context;
import android.content.SharedPreferences;
import android.os.Build;
import android.security.keystore.KeyGenParameterSpec;
import android.security.keystore.KeyInfo;
import android.text.TextUtils;
import android.util.Base64;
import android.util.Log;
import androidx.annotation.NonNull;
import com.huawei.hms.aaid.constant.AaidIdConstant;
import com.meituan.robust.ChangeQuickRedirect;
import com.meituan.robust.PatchProxy;
import com.meituan.robust.PatchProxyResult;
import com.meizu.cloud.pushsdk.constants.PushConstants;
import com.ss.android.article.news.launch.boost.spopt.SharedPreferencesManager;
import com.ss.android.article.news.launch.codeopt.StringBuilderOpt;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.StringWriter;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.SignatureException;
import java.security.UnrecoverableEntryException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;

/* loaded from: classes7.dex */
public class m {

    /* renamed from: a, reason: collision with root package name */
    public static ChangeQuickRedirect f11773a;

    /* renamed from: b, reason: collision with root package name */
    public volatile KeyPair f11774b;

    /* renamed from: c, reason: collision with root package name */
    private final SharedPreferences f11775c;
    private final String d;
    private final String e;

    /* loaded from: classes7.dex */
    public static class a {

        /* renamed from: a, reason: collision with root package name */
        public static ChangeQuickRedirect f11776a;

        public static int a(@NonNull PrivateKey privateKey) throws NoSuchAlgorithmException, InvalidKeySpecException {
            ChangeQuickRedirect changeQuickRedirect = f11776a;
            if (PatchProxy.isEnable(changeQuickRedirect)) {
                PatchProxyResult proxy = PatchProxy.proxy(new Object[]{privateKey}, null, changeQuickRedirect, true, 12400);
                if (proxy.isSupported) {
                    return ((Integer) proxy.result).intValue();
                }
            }
            KeyFactory keyFactory = KeyFactory.getInstance(privateKey.getAlgorithm());
            if (Build.VERSION.SDK_INT < 23) {
                return 0;
            }
            KeyInfo keyInfo = (KeyInfo) keyFactory.getKeySpec(privateKey, KeyInfo.class);
            return Build.VERSION.SDK_INT >= 31 ? keyInfo.getSecurityLevel() : keyInfo.isInsideSecureHardware() ? 1 : 0;
        }

        public static String a(@NonNull KeyPair keyPair, String str) throws org.bouncycastle.b.c, IOException {
            ChangeQuickRedirect changeQuickRedirect = f11776a;
            if (PatchProxy.isEnable(changeQuickRedirect)) {
                PatchProxyResult proxy = PatchProxy.proxy(new Object[]{keyPair, str}, null, changeQuickRedirect, true, 12396);
                if (proxy.isSupported) {
                    return (String) proxy.result;
                }
            }
            org.bouncycastle.b.a a2 = new org.bouncycastle.b.a.a("SHA256withECDSA").a(keyPair.getPrivate());
            org.bouncycastle.c.a.a aVar = new org.bouncycastle.c.a.a(new org.bouncycastle.a.r.c(str), keyPair.getPublic());
            org.bouncycastle.a.s.e eVar = new org.bouncycastle.a.s.e();
            eVar.a(org.bouncycastle.a.s.c.g, true, (org.bouncycastle.a.f) new org.bouncycastle.a.s.b(true));
            aVar.a(org.bouncycastle.a.o.d.ah, eVar.a());
            org.bouncycastle.d.b.a.c cVar = new org.bouncycastle.d.b.a.c("CERTIFICATE REQUEST", aVar.a(a2).a());
            StringWriter stringWriter = new StringWriter();
            org.bouncycastle.d.b.a.e eVar2 = new org.bouncycastle.d.b.a.e(stringWriter);
            eVar2.a(cVar);
            eVar2.close();
            stringWriter.close();
            return stringWriter.toString();
        }

        public static KeyPair a(String str, SharedPreferences.Editor editor, String str2, String str3) throws NoSuchProviderException, NoSuchAlgorithmException, InvalidAlgorithmParameterException {
            ChangeQuickRedirect changeQuickRedirect = f11776a;
            if (PatchProxy.isEnable(changeQuickRedirect)) {
                PatchProxyResult proxy = PatchProxy.proxy(new Object[]{str, editor, str2, str3}, null, changeQuickRedirect, true, 12395);
                if (proxy.isSupported) {
                    return (KeyPair) proxy.result;
                }
            }
            if (Build.VERSION.SDK_INT >= 23) {
                KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC", "AndroidKeyStore");
                keyPairGenerator.initialize(new KeyGenParameterSpec.Builder(str, 4).setDigests(AaidIdConstant.SIGNATURE_SHA256).build());
                return keyPairGenerator.generateKeyPair();
            }
            KeyPairGenerator keyPairGenerator2 = KeyPairGenerator.getInstance("EC", "BC");
            keyPairGenerator2.initialize(256, new SecureRandom());
            KeyPair generateKeyPair = keyPairGenerator2.generateKeyPair();
            editor.putString(str2, m.a(generateKeyPair.getPublic()));
            editor.putString(str3, m.a(generateKeyPair.getPrivate()));
            editor.apply();
            return generateKeyPair;
        }

        public static Certificate a(byte[] bArr) throws IOException, CertificateException {
            ChangeQuickRedirect changeQuickRedirect = f11776a;
            if (PatchProxy.isEnable(changeQuickRedirect)) {
                PatchProxyResult proxy = PatchProxy.proxy(new Object[]{bArr}, null, changeQuickRedirect, true, 12402);
                if (proxy.isSupported) {
                    return (Certificate) proxy.result;
                }
            }
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
            Certificate generateCertificate = CertificateFactory.getInstance("X.509").generateCertificate(byteArrayInputStream);
            byteArrayInputStream.close();
            return generateCertificate;
        }

        public static boolean a(String str, SharedPreferences sharedPreferences, String str2, String str3) throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException {
            ChangeQuickRedirect changeQuickRedirect = f11776a;
            if (PatchProxy.isEnable(changeQuickRedirect)) {
                PatchProxyResult proxy = PatchProxy.proxy(new Object[]{str, sharedPreferences, str2, str3}, null, changeQuickRedirect, true, 12399);
                if (proxy.isSupported) {
                    return ((Boolean) proxy.result).booleanValue();
                }
            }
            if (Build.VERSION.SDK_INT < 23) {
                return (TextUtils.isEmpty(sharedPreferences.getString(str2, null)) || TextUtils.isEmpty(sharedPreferences.getString(str3, null))) ? false : true;
            }
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            return keyStore.containsAlias(str);
        }

        public static boolean a(Certificate certificate, byte[] bArr, byte[] bArr2) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException {
            ChangeQuickRedirect changeQuickRedirect = f11776a;
            if (PatchProxy.isEnable(changeQuickRedirect)) {
                PatchProxyResult proxy = PatchProxy.proxy(new Object[]{certificate, bArr, bArr2}, null, changeQuickRedirect, true, 12397);
                if (proxy.isSupported) {
                    return ((Boolean) proxy.result).booleanValue();
                }
            }
            Signature signature = Signature.getInstance("SHA256withECDSA");
            signature.initVerify(certificate);
            signature.update(bArr);
            return signature.verify(bArr2);
        }

        public static boolean a(byte[] bArr, PrivateKey privateKey) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException, IOException, CertificateException {
            ChangeQuickRedirect changeQuickRedirect = f11776a;
            if (PatchProxy.isEnable(changeQuickRedirect)) {
                PatchProxyResult proxy = PatchProxy.proxy(new Object[]{bArr, privateKey}, null, changeQuickRedirect, true, 12403);
                if (proxy.isSupported) {
                    return ((Boolean) proxy.result).booleanValue();
                }
            }
            byte[] bytes = "test".getBytes();
            boolean a2 = a(a(bArr), bytes, a(privateKey, bytes));
            if (!a2) {
                i.a();
            }
            return a2;
        }

        public static byte[] a(PrivateKey privateKey, byte[] bArr) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException {
            ChangeQuickRedirect changeQuickRedirect = f11776a;
            if (PatchProxy.isEnable(changeQuickRedirect)) {
                PatchProxyResult proxy = PatchProxy.proxy(new Object[]{privateKey, bArr}, null, changeQuickRedirect, true, 12401);
                if (proxy.isSupported) {
                    return (byte[]) proxy.result;
                }
            }
            Signature signature = Signature.getInstance("SHA256withECDSA");
            signature.initSign(privateKey);
            signature.update(bArr);
            return signature.sign();
        }

        public static KeyPair b(String str, SharedPreferences sharedPreferences, String str2, String str3) throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException, UnrecoverableEntryException, InvalidKeySpecException {
            PrivateKey generatePrivate;
            PublicKey publicKey;
            ChangeQuickRedirect changeQuickRedirect = f11776a;
            if (PatchProxy.isEnable(changeQuickRedirect)) {
                PatchProxyResult proxy = PatchProxy.proxy(new Object[]{str, sharedPreferences, str2, str3}, null, changeQuickRedirect, true, 12398);
                if (proxy.isSupported) {
                    return (KeyPair) proxy.result;
                }
            }
            if (Build.VERSION.SDK_INT >= 23) {
                KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
                keyStore.load(null);
                KeyStore.Entry entry = keyStore.getEntry(str, null);
                if (entry instanceof KeyStore.PrivateKeyEntry) {
                    KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) entry;
                    publicKey = privateKeyEntry.getCertificate().getPublicKey();
                    generatePrivate = privateKeyEntry.getPrivateKey();
                } else {
                    generatePrivate = null;
                    publicKey = null;
                }
            } else {
                PublicKey generatePublic = KeyFactory.getInstance("EC").generatePublic(new X509EncodedKeySpec(Base64.decode(sharedPreferences.getString(str2, null), 0)));
                generatePrivate = KeyFactory.getInstance("EC").generatePrivate(new PKCS8EncodedKeySpec(Base64.decode(sharedPreferences.getString(str3, null), 0)));
                publicKey = generatePublic;
            }
            if (publicKey == null || generatePrivate == null) {
                return null;
            }
            return new KeyPair(publicKey, generatePrivate);
        }
    }

    public m(Context context, String str, String str2) {
        this.f11775c = a(com.bytedance.knot.base.Context.createInstance(context, null, "com/bytedance/android/sdk/bdticketguard/TicketGuardKeyHelper", "<init>(Landroid/content/Context;Ljava/lang/String;Ljava/lang/String;)V", ""), "sp_TicketGuardHelper", 0);
        this.d = str;
        this.e = str2;
    }

    public static SharedPreferences a(com.bytedance.knot.base.Context context, String str, int i) {
        ChangeQuickRedirect changeQuickRedirect = f11773a;
        if (PatchProxy.isEnable(changeQuickRedirect)) {
            PatchProxyResult proxy = PatchProxy.proxy(new Object[]{context, str, new Integer(i)}, null, changeQuickRedirect, true, 12409);
            if (proxy.isSupported) {
                return (SharedPreferences) proxy.result;
            }
        }
        return SharedPreferencesManager.getSharedPreferences(str, i);
    }

    public static String a(String str, String str2, String str3, String str4) {
        ChangeQuickRedirect changeQuickRedirect = f11773a;
        if (PatchProxy.isEnable(changeQuickRedirect)) {
            PatchProxyResult proxy = PatchProxy.proxy(new Object[]{str, str2, str3, str4}, null, changeQuickRedirect, true, 12407);
            if (proxy.isSupported) {
                return (String) proxy.result;
            }
        }
        return String.format("CN=%s, OU=%s, O=%s, C=%s", str, str2, str3, str4);
    }

    public static String a(Key key) {
        ChangeQuickRedirect changeQuickRedirect = f11773a;
        if (PatchProxy.isEnable(changeQuickRedirect)) {
            PatchProxyResult proxy = PatchProxy.proxy(new Object[]{key}, null, changeQuickRedirect, true, 12405);
            if (proxy.isSupported) {
                return (String) proxy.result;
            }
        }
        return Base64.encodeToString(key.getEncoded(), 0);
    }

    private String a(@NonNull KeyPair keyPair, int i) {
        ChangeQuickRedirect changeQuickRedirect = f11773a;
        if (PatchProxy.isEnable(changeQuickRedirect)) {
            PatchProxyResult proxy = PatchProxy.proxy(new Object[]{keyPair, new Integer(i)}, this, changeQuickRedirect, false, 12420);
            if (proxy.isSupported) {
                return (String) proxy.result;
            }
        }
        try {
            String a2 = a.a(keyPair, this.e);
            n.f11779c.c("生成 csr 成功");
            i.a(0, null, i);
            return a2;
        } catch (Throwable th) {
            n nVar = n.f11779c;
            StringBuilder sb = StringBuilderOpt.get();
            sb.append("生成 csr 失败, exception=");
            sb.append(Log.getStackTraceString(th));
            nVar.c(StringBuilderOpt.release(sb));
            i.a(3001, th, i);
            return null;
        }
    }

    private KeyPair a(int i) {
        ChangeQuickRedirect changeQuickRedirect = f11773a;
        if (PatchProxy.isEnable(changeQuickRedirect)) {
            PatchProxyResult proxy = PatchProxy.proxy(new Object[]{new Integer(i)}, this, changeQuickRedirect, false, 12413);
            if (proxy.isSupported) {
                return (KeyPair) proxy.result;
            }
        }
        long currentTimeMillis = System.currentTimeMillis();
        try {
            this.f11774b = a.a(this.d, this.f11775c.edit(), f(), g());
            n.f11779c.c("生成 Key pair 成功");
            i.a(h(), 0, (Throwable) null, System.currentTimeMillis() - currentTimeMillis, true, i);
            return this.f11774b;
        } catch (Throwable th) {
            n nVar = n.f11779c;
            StringBuilder sb = StringBuilderOpt.get();
            sb.append("生成 Key pair 失败, exception=");
            sb.append(Log.getStackTraceString(th));
            nVar.c(StringBuilderOpt.release(sb));
            i.a(0, -1, th, System.currentTimeMillis() - currentTimeMillis, true, i);
            return null;
        }
    }

    private byte[] a(byte[] bArr, int i, String str) {
        ChangeQuickRedirect changeQuickRedirect = f11773a;
        if (PatchProxy.isEnable(changeQuickRedirect)) {
            PatchProxyResult proxy = PatchProxy.proxy(new Object[]{bArr, new Integer(i), str}, this, changeQuickRedirect, false, 12419);
            if (proxy.isSupported) {
                return (byte[]) proxy.result;
            }
        }
        byte[] bArr2 = null;
        try {
            long currentTimeMillis = System.currentTimeMillis();
            bArr2 = a.a(this.f11774b.getPrivate(), bArr);
            n.f11779c.c("签名成功");
            i.a(0, null, System.currentTimeMillis() - currentTimeMillis, i, str);
            return bArr2;
        } catch (Throwable th) {
            n nVar = n.f11779c;
            StringBuilder sb = StringBuilderOpt.get();
            sb.append("签名失败, exception=");
            sb.append(Log.getStackTraceString(th));
            nVar.c(StringBuilderOpt.release(sb));
            i.a(4003, Log.getStackTraceString(th), 0L, i, str);
            return bArr2;
        }
    }

    private KeyPair b(int i) {
        ChangeQuickRedirect changeQuickRedirect = f11773a;
        if (PatchProxy.isEnable(changeQuickRedirect)) {
            PatchProxyResult proxy = PatchProxy.proxy(new Object[]{new Integer(i)}, this, changeQuickRedirect, false, 12406);
            if (proxy.isSupported) {
                return (KeyPair) proxy.result;
            }
        }
        if (this.f11774b != null) {
            return this.f11774b;
        }
        long currentTimeMillis = System.currentTimeMillis();
        try {
            this.f11774b = a.b(this.d, this.f11775c, f(), g());
            n.f11779c.c("加载 Key pair 成功");
            i.a(h(), 0, (Throwable) null, System.currentTimeMillis() - currentTimeMillis, false, i);
        } catch (Exception e) {
            n nVar = n.f11779c;
            StringBuilder sb = StringBuilderOpt.get();
            sb.append("加载 Key pair 失败, exception=");
            sb.append(Log.getStackTraceString(e));
            nVar.c(StringBuilderOpt.release(sb));
            i.a(0, -1, (Throwable) e, System.currentTimeMillis() - currentTimeMillis, false, i);
        }
        return this.f11774b;
    }

    private String f() {
        ChangeQuickRedirect changeQuickRedirect = f11773a;
        if (PatchProxy.isEnable(changeQuickRedirect)) {
            PatchProxyResult proxy = PatchProxy.proxy(new Object[0], this, changeQuickRedirect, false, 12412);
            if (proxy.isSupported) {
                return (String) proxy.result;
            }
        }
        StringBuilder sb = StringBuilderOpt.get();
        sb.append("sp_key_public_key_");
        sb.append(this.d);
        return StringBuilderOpt.release(sb);
    }

    private String g() {
        ChangeQuickRedirect changeQuickRedirect = f11773a;
        if (PatchProxy.isEnable(changeQuickRedirect)) {
            PatchProxyResult proxy = PatchProxy.proxy(new Object[0], this, changeQuickRedirect, false, 12415);
            if (proxy.isSupported) {
                return (String) proxy.result;
            }
        }
        StringBuilder sb = StringBuilderOpt.get();
        sb.append("sp_key_private_key_");
        sb.append(this.d);
        return StringBuilderOpt.release(sb);
    }

    private int h() {
        ChangeQuickRedirect changeQuickRedirect = f11773a;
        int i = 0;
        if (PatchProxy.isEnable(changeQuickRedirect)) {
            PatchProxyResult proxy = PatchProxy.proxy(new Object[0], this, changeQuickRedirect, false, 12404);
            if (proxy.isSupported) {
                return ((Integer) proxy.result).intValue();
            }
        }
        Throwable th = null;
        try {
            i = a.a(this.f11774b.getPrivate());
        } catch (Throwable th2) {
            th = th2;
        }
        i.a(i, th);
        return i;
    }

    public boolean a() {
        ChangeQuickRedirect changeQuickRedirect = f11773a;
        if (PatchProxy.isEnable(changeQuickRedirect)) {
            PatchProxyResult proxy = PatchProxy.proxy(new Object[0], this, changeQuickRedirect, false, 12410);
            if (proxy.isSupported) {
                return ((Boolean) proxy.result).booleanValue();
            }
        }
        try {
            return a.a(this.d, this.f11775c, f(), g());
        } catch (Exception e) {
            n nVar = n.f11779c;
            StringBuilder sb = StringBuilderOpt.get();
            sb.append("containsAlias failed, e=");
            sb.append(Log.getStackTraceString(e));
            nVar.c(StringBuilderOpt.release(sb));
            return false;
        }
    }

    public boolean a(byte[] bArr) {
        ChangeQuickRedirect changeQuickRedirect = f11773a;
        if (PatchProxy.isEnable(changeQuickRedirect)) {
            PatchProxyResult proxy = PatchProxy.proxy(new Object[]{bArr}, this, changeQuickRedirect, false, 12411);
            if (proxy.isSupported) {
                return ((Boolean) proxy.result).booleanValue();
            }
        }
        try {
            return a.a(bArr, this.f11774b.getPrivate());
        } catch (Throwable th) {
            n nVar = n.f11779c;
            StringBuilder sb = StringBuilderOpt.get();
            sb.append("isKeyMatch failed, e=");
            sb.append(Log.getStackTraceString(th));
            nVar.c(StringBuilderOpt.release(sb));
            return false;
        }
    }

    public byte[] a(byte[] bArr, String str) {
        ChangeQuickRedirect changeQuickRedirect = f11773a;
        if (PatchProxy.isEnable(changeQuickRedirect)) {
            PatchProxyResult proxy = PatchProxy.proxy(new Object[]{bArr, str}, this, changeQuickRedirect, false, 12418);
            if (proxy.isSupported) {
                return (byte[]) proxy.result;
            }
        }
        if (this.f11774b == null || this.f11774b.getPrivate() == null) {
            n.f11779c.c("签名失败, 获取私钥失败");
            i.a(4002, "empty private key", 0L, 0, str);
            return null;
        }
        for (int i = 1; i <= 3; i++) {
            byte[] a2 = a(bArr, i, str);
            if (a2 != null) {
                return a2;
            }
        }
        return null;
    }

    public KeyPair b() {
        ChangeQuickRedirect changeQuickRedirect = f11773a;
        if (PatchProxy.isEnable(changeQuickRedirect)) {
            PatchProxyResult proxy = PatchProxy.proxy(new Object[0], this, changeQuickRedirect, false, 12414);
            if (proxy.isSupported) {
                return (KeyPair) proxy.result;
            }
        }
        for (int i = 1; i <= 3; i++) {
            KeyPair a2 = a(i);
            if (a2 != null) {
                this.f11774b = a2;
                return this.f11774b;
            }
        }
        return null;
    }

    public KeyPair c() {
        ChangeQuickRedirect changeQuickRedirect = f11773a;
        if (PatchProxy.isEnable(changeQuickRedirect)) {
            PatchProxyResult proxy = PatchProxy.proxy(new Object[0], this, changeQuickRedirect, false, 12408);
            if (proxy.isSupported) {
                return (KeyPair) proxy.result;
            }
        }
        for (int i = 1; i <= 3; i++) {
            KeyPair b2 = b(i);
            if (b2 != null) {
                return b2;
            }
        }
        return null;
    }

    public String d() {
        ChangeQuickRedirect changeQuickRedirect = f11773a;
        if (PatchProxy.isEnable(changeQuickRedirect)) {
            PatchProxyResult proxy = PatchProxy.proxy(new Object[0], this, changeQuickRedirect, false, 12416);
            if (proxy.isSupported) {
                return (String) proxy.result;
            }
        }
        if (this.f11774b == null) {
            n.f11779c.c("生成 csr 失败, key pair为空");
            i.a(PushConstants.WORK_RECEIVER_EVENT_CORE_ERROR, null, 0);
            return null;
        }
        for (int i = 1; i <= 3; i++) {
            String a2 = a(this.f11774b, i);
            if (a2 != null) {
                return a2;
            }
        }
        return null;
    }

    public boolean e() {
        ChangeQuickRedirect changeQuickRedirect = f11773a;
        if (PatchProxy.isEnable(changeQuickRedirect)) {
            PatchProxyResult proxy = PatchProxy.proxy(new Object[0], this, changeQuickRedirect, false, 12417);
            if (proxy.isSupported) {
                return ((Boolean) proxy.result).booleanValue();
            }
        }
        return (this.f11774b == null || this.f11774b.getPublic() == null || this.f11774b.getPrivate() == null) ? false : true;
    }
}
