package com.alipay.iotauth.logic.fp_km.biz;

import android.annotation.TargetApi;
import android.os.Build;
import android.security.keystore.KeyGenParameterSpec;
import android.security.keystore.KeyInfo;
import android.security.keystore.KeyPermanentlyInvalidatedException;
import android.support.annotation.Keep;
import android.text.TextUtils;
import com.alipay.iotauth.logic.common.log.d;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.ProviderException;
import java.security.PublicKey;
import java.security.Signature;
import java.security.UnrecoverableEntryException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.spec.ECGenParameterSpec;
import java.security.spec.InvalidKeySpecException;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.List;

@Keep
/* loaded from: classes3.dex */
public class KeyMasterUtils {
    private static final String TAG = "KeyMasterUtils";
    private static KeyMasterUtils instance = null;

    private KeyMasterUtils() {
    }

    public static synchronized KeyMasterUtils getInstance() {
        KeyMasterUtils keyMasterUtils;
        synchronized (KeyMasterUtils.class) {
            if (instance == null) {
                instance = new KeyMasterUtils();
            }
            keyMasterUtils = instance;
        }
        return keyMasterUtils;
    }

    public boolean deleteKey(String str) {
        try {
            d.a().b(TAG, "deleteKey alias:" + str);
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            keyStore.deleteEntry(str);
            return true;
        } catch (IOException e) {
            d.a().c(TAG, "Could not delete key." + e.getMessage());
            return false;
        } catch (KeyStoreException e2) {
            d.a().c(TAG, "Could not delete key." + e2.getMessage());
            return false;
        } catch (NoSuchAlgorithmException e3) {
            d.a().c(TAG, "Could not delete key." + e3.getMessage());
            return false;
        } catch (CertificateException e4) {
            d.a().c(TAG, "Could not delete key." + e4.getMessage());
            return false;
        }
    }

    @TargetApi(23)
    public boolean generateKey(String str) {
        KeyPair keyPair;
        d.a().b(TAG, "generateKey alias:" + str);
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC", "AndroidKeyStore");
            keyPairGenerator.initialize(new KeyGenParameterSpec.Builder(str, 12).setDigests("SHA-256", "SHA-512").setAlgorithmParameterSpec(new ECGenParameterSpec("prime256v1")).setUserAuthenticationRequired(true).build());
            keyPair = keyPairGenerator.generateKeyPair();
        } catch (InvalidAlgorithmParameterException e) {
            d.a().c(TAG, "exception:" + e.getMessage());
            keyPair = null;
        } catch (NoSuchAlgorithmException e2) {
            d.a().c(TAG, "exception:" + e2.getMessage());
            keyPair = null;
        } catch (NoSuchProviderException e3) {
            d.a().c(TAG, "exception:" + e3.getMessage());
            keyPair = null;
        } catch (ProviderException e4) {
            d.a().c(TAG, "exception:" + e4.getMessage());
            keyPair = null;
        }
        return keyPair != null;
    }

    @TargetApi(23)
    public boolean generateKey(String str, boolean z, byte[] bArr) {
        KeyPair keyPair;
        d.a().b(TAG, "generateKey alias:" + str);
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC", "AndroidKeyStore");
            KeyGenParameterSpec.Builder userAuthenticationRequired = new KeyGenParameterSpec.Builder(str, 12).setDigests("SHA-256", "SHA-512").setAlgorithmParameterSpec(new ECGenParameterSpec("prime256v1")).setUserAuthenticationRequired(z);
            if (Build.VERSION.SDK_INT >= 24 && bArr != null && bArr.length > 0) {
                userAuthenticationRequired.setAttestationChallenge(bArr);
            }
            keyPairGenerator.initialize(userAuthenticationRequired.build());
            keyPair = keyPairGenerator.generateKeyPair();
        } catch (InvalidAlgorithmParameterException e) {
            d.a().c(TAG, "exception:" + e.getMessage());
            keyPair = null;
        } catch (NoSuchAlgorithmException e2) {
            d.a().c(TAG, "exception:" + e2.getMessage());
            keyPair = null;
        } catch (NoSuchProviderException e3) {
            d.a().c(TAG, "exception:" + e3.getMessage());
            keyPair = null;
        } catch (ProviderException e4) {
            d.a().c(TAG, "exception:" + e4.getMessage());
            keyPair = null;
        }
        return keyPair != null;
    }

    public List<String> getAliasList() {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            Enumeration<String> aliases = keyStore.aliases();
            ArrayList arrayList = new ArrayList();
            while (aliases.hasMoreElements()) {
                arrayList.add(aliases.nextElement());
            }
            return arrayList;
        } catch (IOException e) {
            e.printStackTrace();
            return null;
        } catch (KeyStoreException e2) {
            e2.printStackTrace();
            return null;
        } catch (NoSuchAlgorithmException e3) {
            e3.printStackTrace();
            return null;
        } catch (CertificateException e4) {
            e4.printStackTrace();
            return null;
        }
    }

    public Certificate[] getCertficateChain(String str) {
        try {
            if (!isKeyContains(str)) {
                return null;
            }
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            return keyStore.getCertificateChain(str);
        } catch (IOException e) {
            e.printStackTrace();
            return null;
        } catch (KeyStoreException e2) {
            e2.printStackTrace();
            return null;
        } catch (NoSuchAlgorithmException e3) {
            e3.printStackTrace();
            return null;
        } catch (CertificateException e4) {
            e4.printStackTrace();
            return null;
        }
    }

    @TargetApi(23)
    public Signature initSignature(String str) {
        d.a().b(TAG, "initSign alias:" + str);
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            PrivateKey privateKey = (PrivateKey) keyStore.getKey(str, null);
            Signature signature = Signature.getInstance("SHA256withECDSA");
            signature.initSign(privateKey);
            return signature;
        } catch (KeyPermanentlyInvalidatedException e) {
            d.a().c(TAG, "Failed to init Signature." + e.getMessage());
            return null;
        } catch (IOException e2) {
            d.a().c(TAG, "Failed to init Signature." + e2.getMessage());
            return null;
        } catch (InvalidKeyException e3) {
            d.a().c(TAG, "Failed to init Signature." + e3.getMessage());
            return null;
        } catch (KeyStoreException e4) {
            d.a().c(TAG, "Failed to init Signature." + e4.getMessage());
            return null;
        } catch (NoSuchAlgorithmException e5) {
            d.a().c(TAG, "Failed to init Signature." + e5.getMessage());
            return null;
        } catch (UnrecoverableKeyException e6) {
            d.a().c(TAG, "Failed to init Signature." + e6.getMessage());
            return null;
        } catch (CertificateException e7) {
            d.a().c(TAG, "Failed to init Signature." + e7.getMessage());
            return null;
        }
    }

    @TargetApi(23)
    public boolean isInsideSecureHardware(String str) {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            PrivateKey privateKey = ((KeyStore.PrivateKeyEntry) keyStore.getEntry(str, null)).getPrivateKey();
            if (privateKey == null) {
                return false;
            }
            return ((KeyInfo) KeyFactory.getInstance(privateKey.getAlgorithm(), "AndroidKeyStore").getKeySpec(privateKey, KeyInfo.class)).isInsideSecureHardware();
        } catch (IOException e) {
            e.printStackTrace();
            return false;
        } catch (KeyStoreException e2) {
            e2.printStackTrace();
            return false;
        } catch (NoSuchAlgorithmException e3) {
            e3.printStackTrace();
            return false;
        } catch (NoSuchProviderException e4) {
            e4.printStackTrace();
            return false;
        } catch (UnrecoverableEntryException e5) {
            e5.printStackTrace();
            return false;
        } catch (CertificateException e6) {
            e6.printStackTrace();
            return false;
        } catch (InvalidKeySpecException e7) {
            e7.printStackTrace();
            return false;
        }
    }

    public boolean isKeyContains(String str) {
        if (TextUtils.isEmpty(str)) {
            return false;
        }
        try {
            d.a().b(TAG, "isKeyContains alias:" + str);
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            return keyStore.containsAlias(str);
        } catch (IOException e) {
            d.a().c(TAG, "exception:" + e.getMessage());
            return false;
        } catch (KeyStoreException e2) {
            d.a().c(TAG, "exception:" + e2.getMessage());
            return false;
        } catch (NoSuchAlgorithmException e3) {
            d.a().c(TAG, "exception:" + e3.getMessage());
            return false;
        } catch (CertificateException e4) {
            d.a().c(TAG, "exception:" + e4.getMessage());
            return false;
        }
    }

    public PublicKey loadPublicKey(String str) {
        try {
            d.a().b(TAG, "loadPublicKey  alias:" + str);
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            return ((KeyStore.PrivateKeyEntry) keyStore.getEntry(str, null)).getCertificate().getPublicKey();
        } catch (IOException e) {
            d.a().c(TAG, "Failed to load publickey." + e.getMessage());
            return null;
        } catch (KeyStoreException e2) {
            d.a().c(TAG, "Failed to load publickey." + e2.getMessage());
            return null;
        } catch (NoSuchAlgorithmException e3) {
            d.a().c(TAG, "Failed to load publickey." + e3.getMessage());
            return null;
        } catch (UnrecoverableEntryException e4) {
            d.a().c(TAG, "Failed to load publickey." + e4.getMessage());
            return null;
        } catch (CertificateException e5) {
            d.a().c(TAG, "Failed to load publickey." + e5.getMessage());
            return null;
        }
    }
}
