package com.iqiyi.passportsdk.thirdparty.b;

import android.app.KeyguardManager;
import android.security.keystore.KeyGenParameterSpec;
import android.support.annotation.RequiresApi;
import android.util.Base64;
import com.iqiyi.passportsdk.be;
import com.iqiyi.passportsdk.j.com9;
import com.iqiyi.passportsdk.j.lpt2;
import java.math.BigInteger;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.Signature;
import java.security.cert.Certificate;
import java.util.GregorianCalendar;
import javax.security.auth.x500.X500Principal;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: classes2.dex */
public class prn {
    public static String ago() {
        try {
            return z(getCertificate().getPublicKey().getEncoded());
        } catch (Exception e) {
            com9.d("FingerSelfKeytoreHelper---->", e.getMessage());
            return "";
        }
    }

    private static KeyStore.PrivateKeyEntry agp() {
        try {
            KeyStore.Entry entry = getKeyStore().getEntry(agq(), null);
            if (entry != null && (entry instanceof KeyStore.PrivateKeyEntry)) {
                return (KeyStore.PrivateKeyEntry) entry;
            }
            return null;
        } catch (Exception e) {
            com9.d("FingerSelfKeytoreHelper---->", e.getMessage());
            return null;
        }
    }

    private static String agq() {
        return "IQIYI_FINGER_" + be.ack();
    }

    public static String agr() {
        try {
            Certificate[] certificateChain = getKeyStore().getCertificateChain(agq());
            JSONObject jSONObject = new JSONObject();
            for (int i = 0; i < certificateChain.length; i++) {
                try {
                    String z = z(certificateChain[i].getEncoded());
                    jSONObject.put(String.valueOf(i), "-----BEGIN CERTIFICATE-----\n" + z + "\n-----END CERTIFICATE-----");
                } catch (JSONException e) {
                    com9.d("FingerSelfKeytoreHelper---->", e.getMessage());
                }
            }
            return z(jSONObject.toString().getBytes());
        } catch (Exception e2) {
            com9.d("FingerSelfKeytoreHelper---->", e2.getMessage());
            return "";
        }
    }

    public static Signature ags() {
        Signature signature = null;
        try {
            signature = Signature.getInstance("SHA256withECDSA");
            signature.initSign(getPrivateKey());
            return signature;
        } catch (Exception e) {
            com9.d("FingerSelfKeytoreHelper---->", e.getMessage());
            return signature;
        }
    }

    public static boolean agt() {
        return agp() != null;
    }

    public static boolean checkUserPrivateKey() {
        int agT = lpt2.agT();
        if (agT == 0) {
            return false;
        }
        if (agT == 1 || agT == 2) {
            return true;
        }
        boolean agS = lpt2.agS();
        boolean agt = agt();
        if (agS && !agt) {
            con.agd();
        }
        return agS && agt;
    }

    private static Certificate getCertificate() {
        try {
            return agp().getCertificate();
        } catch (Exception e) {
            com9.d("FingerSelfKeytoreHelper---->", e.getMessage());
            return null;
        }
    }

    private static KeyStore getKeyStore() {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            return keyStore;
        } catch (Exception e) {
            com9.d("FingerSelfKeytoreHelper---->", e.getMessage());
            return null;
        }
    }

    private static PrivateKey getPrivateKey() {
        try {
            KeyStore.PrivateKeyEntry agp = agp();
            if (agp != null) {
                return agp.getPrivateKey();
            }
            return null;
        } catch (Exception e) {
            com9.d("FingerSelfKeytoreHelper---->", e.getMessage());
            return null;
        }
    }

    @RequiresApi(api = 23)
    public static boolean isDeviceSecure() {
        try {
            return ((KeyguardManager) com.iqiyi.psdk.base.aux.anr().getSystemService("keyguard")).isDeviceSecure();
        } catch (Exception e) {
            com9.d("FingerSelfKeytoreHelper---->", e.getMessage());
            return false;
        }
    }

    @RequiresApi(api = 24)
    public static void kA(String str) {
        try {
            byte[] decode = Base64.decode(str, 2);
            GregorianCalendar gregorianCalendar = new GregorianCalendar();
            String agq = agq();
            KeyGenParameterSpec build = new KeyGenParameterSpec.Builder(agq, 4).setUserAuthenticationRequired(true).setAttestationChallenge(decode).setDigests("SHA-256").setCertificateSubject(new X500Principal("CN=" + agq)).setCertificateSerialNumber(BigInteger.valueOf(1337L)).setUserAuthenticationValidityDurationSeconds(300).setCertificateNotBefore(gregorianCalendar.getTime()).build();
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC", "AndroidKeyStore");
            keyPairGenerator.initialize(build);
            keyPairGenerator.generateKeyPair();
        } catch (Exception e) {
            com9.d("FingerSelfKeytoreHelper---->", e.getMessage());
        }
    }

    public static String kB(String str) {
        try {
            byte[] decode = Base64.decode(str, 2);
            Signature ags = ags();
            ags.update(decode);
            return z(ags.sign());
        } catch (Exception e) {
            com9.d("FingerSelfKeytoreHelper---->", e.getMessage());
            return "";
        }
    }

    private static String z(byte[] bArr) {
        return Base64.encodeToString(bArr, 2);
    }
}
