package pingidsdkclient.access;

import android.os.Build;
import android.security.keystore.KeyGenParameterSpec;
import com.arlo.app.utils.Constants;
import com.google.android.gms.stats.CodePackage;
import java.io.IOException;
import java.math.BigInteger;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.Key;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SignatureException;
import java.security.UnrecoverableEntryException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.security.interfaces.RSAKey;
import java.util.Date;
import javax.crypto.KeyGenerator;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.spongycastle.jce.X509Principal;
import org.spongycastle.x509.X509V3CertificateGenerator;

/* loaded from: classes4.dex */
public class AndroidKeyStoreHelper {
    private static final String ANDROID_KEY_STORE_ALIAS_NEW = "PingIDKey4New";
    private static final Logger logger = LoggerFactory.getLogger((Class<?>) PreferenceMgr.class);
    private static String ANDROID_KEY_STORE = Constants.Security.ANDROID_KEY_STORE_PROVIDER;
    public static String ANDROID_KEY_STORE_ALIAS = "PingIDKey4";
    public static String ANDROID_KEY_STORE_PRK_ALIAS = "PingIDKey4PrivateKey";

    public static X509Certificate generateCertificate(KeyPair keyPair, Date date, Date date2, String str) throws NoSuchAlgorithmException, CertificateEncodingException, NoSuchProviderException, InvalidKeyException, SignatureException {
        X509V3CertificateGenerator x509V3CertificateGenerator = new X509V3CertificateGenerator();
        x509V3CertificateGenerator.setSerialNumber(BigInteger.valueOf(1L));
        x509V3CertificateGenerator.setSubjectDN(new X509Principal("CN=localhost"));
        x509V3CertificateGenerator.setIssuerDN(new X509Principal("CN=PingID"));
        x509V3CertificateGenerator.setPublicKey(keyPair.getPublic());
        x509V3CertificateGenerator.setNotBefore(date);
        x509V3CertificateGenerator.setNotAfter(date2);
        x509V3CertificateGenerator.setSignatureAlgorithm("SHA256WithRSAEncryption");
        return x509V3CertificateGenerator.generate(keyPair.getPrivate(), "SC");
    }

    private static void generateEncryptionKey() {
        if (Build.VERSION.SDK_INT <= 22) {
            if (Build.VERSION.SDK_INT >= 21) {
                getKey(ANDROID_KEY_STORE_ALIAS_NEW, true);
                logger.info("RSA key pair generated");
                return;
            }
            return;
        }
        try {
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES", ANDROID_KEY_STORE);
            keyGenerator.init(new KeyGenParameterSpec.Builder(ANDROID_KEY_STORE_ALIAS_NEW, 3).setBlockModes(CodePackage.GCM).setEncryptionPaddings("NoPadding").setKeySize(256).build());
            keyGenerator.generateKey();
        } catch (InvalidAlgorithmParameterException e) {
            logger.error("Error generating secret key", (Throwable) e);
        } catch (NoSuchAlgorithmException e2) {
            logger.error("Error generating secret key", (Throwable) e2);
        } catch (NoSuchProviderException e3) {
            logger.error("Error generating secret key", (Throwable) e3);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static Key getEncryptionKey() {
        Key privateKey;
        try {
            KeyStore keyStore = KeyStore.getInstance(ANDROID_KEY_STORE);
            keyStore.load(null);
            try {
                if (!keyStore.containsAlias(ANDROID_KEY_STORE_ALIAS_NEW)) {
                    generateEncryptionKey();
                }
                KeyStore.Entry entry = keyStore.getEntry(ANDROID_KEY_STORE_ALIAS_NEW, null);
                if (entry instanceof KeyStore.SecretKeyEntry) {
                    privateKey = ((KeyStore.SecretKeyEntry) entry).getSecretKey();
                } else {
                    if (!(entry instanceof KeyStore.PrivateKeyEntry)) {
                        return null;
                    }
                    privateKey = ((KeyStore.PrivateKeyEntry) entry).getPrivateKey();
                }
                return privateKey;
            } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableEntryException e) {
                logger.error("Error fetching secret key", e);
                return null;
            }
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e2) {
            logger.error("Cannot get instance of KeyStore", e2);
            return null;
        }
    }

    public static String getKey(String str) {
        return getKey(str, false);
    }

    public static String getKey(String str, boolean z) {
        try {
            return Build.VERSION.SDK_INT >= 21 ? String.valueOf(getPrivateKey(str, z).getModulus()) : "";
        } catch (Throwable th) {
            logger.error("message=\"Android Keystore key " + str + " no found\"", th);
            return "";
        }
    }

    public static RSAKey getPrivateKey(String str) {
        return getPrivateKey(str, false);
    }

    /* JADX WARN: Removed duplicated region for block: B:14:0x0055 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:23:? A[RETURN, SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static java.security.interfaces.RSAKey getPrivateKey(java.lang.String r5, boolean r6) {
        /*
            java.lang.String r0 = "message=\"Exception getting key from keystore\""
            int r1 = android.os.Build.VERSION.SDK_INT
            r2 = 0
            r3 = 21
            if (r1 < r3) goto L74
            java.lang.String r1 = pingidsdkclient.access.AndroidKeyStoreHelper.ANDROID_KEY_STORE     // Catch: java.io.IOException -> L66 java.security.NoSuchAlgorithmException -> L68 java.security.cert.CertificateException -> L6a java.security.KeyStoreException -> L6c
            java.security.KeyStore r1 = java.security.KeyStore.getInstance(r1)     // Catch: java.io.IOException -> L66 java.security.NoSuchAlgorithmException -> L68 java.security.cert.CertificateException -> L6a java.security.KeyStoreException -> L6c
            r1.load(r2, r2)     // Catch: java.io.IOException -> L66 java.security.NoSuchAlgorithmException -> L68 java.security.cert.CertificateException -> L6a java.security.KeyStoreException -> L6c
            java.security.KeyStore$Entry r3 = r1.getEntry(r5, r2)     // Catch: java.security.KeyStoreException -> L3c java.security.UnrecoverableEntryException -> L44 java.security.NoSuchAlgorithmException -> L4c
            java.security.KeyStore$PrivateKeyEntry r3 = (java.security.KeyStore.PrivateKeyEntry) r3     // Catch: java.security.KeyStoreException -> L3c java.security.UnrecoverableEntryException -> L44 java.security.NoSuchAlgorithmException -> L4c
            if (r3 != 0) goto L2e
            if (r6 == 0) goto L53
            org.slf4j.Logger r6 = pingidsdkclient.access.AndroidKeyStoreHelper.logger     // Catch: java.security.KeyStoreException -> L36 java.security.UnrecoverableEntryException -> L38 java.security.NoSuchAlgorithmException -> L3a
            java.lang.String r4 = "message=\"key is null, will attempt to create a new one\""
            r6.info(r4)     // Catch: java.security.KeyStoreException -> L36 java.security.UnrecoverableEntryException -> L38 java.security.NoSuchAlgorithmException -> L3a
            setKey(r5, r2)     // Catch: java.security.KeyStoreException -> L36 java.security.UnrecoverableEntryException -> L38 java.security.NoSuchAlgorithmException -> L3a
            java.security.KeyStore$Entry r5 = r1.getEntry(r5, r2)     // Catch: java.security.KeyStoreException -> L36 java.security.UnrecoverableEntryException -> L38 java.security.NoSuchAlgorithmException -> L3a
            java.security.KeyStore$PrivateKeyEntry r5 = (java.security.KeyStore.PrivateKeyEntry) r5     // Catch: java.security.KeyStoreException -> L36 java.security.UnrecoverableEntryException -> L38 java.security.NoSuchAlgorithmException -> L3a
            r3 = r5
            goto L53
        L2e:
            java.security.PrivateKey r5 = r3.getPrivateKey()     // Catch: java.security.KeyStoreException -> L36 java.security.UnrecoverableEntryException -> L38 java.security.NoSuchAlgorithmException -> L3a
            java.security.interfaces.RSAKey r5 = (java.security.interfaces.RSAKey) r5     // Catch: java.security.KeyStoreException -> L36 java.security.UnrecoverableEntryException -> L38 java.security.NoSuchAlgorithmException -> L3a
            r2 = r5
            goto L53
        L36:
            r5 = move-exception
            goto L3e
        L38:
            r5 = move-exception
            goto L46
        L3a:
            r5 = move-exception
            goto L4e
        L3c:
            r5 = move-exception
            r3 = r2
        L3e:
            org.slf4j.Logger r6 = pingidsdkclient.access.AndroidKeyStoreHelper.logger
            r6.error(r0, r5)
            goto L53
        L44:
            r5 = move-exception
            r3 = r2
        L46:
            org.slf4j.Logger r6 = pingidsdkclient.access.AndroidKeyStoreHelper.logger
            r6.error(r0, r5)
            goto L53
        L4c:
            r5 = move-exception
            r3 = r2
        L4e:
            org.slf4j.Logger r6 = pingidsdkclient.access.AndroidKeyStoreHelper.logger
            r6.error(r0, r5)
        L53:
            if (r3 == 0) goto L74
            java.security.PrivateKey r5 = r3.getPrivateKey()     // Catch: java.lang.Exception -> L5d
            java.security.interfaces.RSAKey r5 = (java.security.interfaces.RSAKey) r5     // Catch: java.lang.Exception -> L5d
            r2 = r5
            goto L74
        L5d:
            r5 = move-exception
            org.slf4j.Logger r6 = pingidsdkclient.access.AndroidKeyStoreHelper.logger
            java.lang.String r0 = "message=\"Exception getting key from RSAKey\""
            r6.error(r0, r5)
            goto L74
        L66:
            r5 = move-exception
            goto L6d
        L68:
            r5 = move-exception
            goto L6d
        L6a:
            r5 = move-exception
            goto L6d
        L6c:
            r5 = move-exception
        L6d:
            org.slf4j.Logger r6 = pingidsdkclient.access.AndroidKeyStoreHelper.logger
            java.lang.String r0 = "message=\"Exception initializing keystore\""
            r6.error(r0, r5)
        L74:
            return r2
        */
        throw new UnsupportedOperationException("Method not decompiled: pingidsdkclient.access.AndroidKeyStoreHelper.getPrivateKey(java.lang.String, boolean):java.security.interfaces.RSAKey");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static void removeKey(String str) {
        if (Build.VERSION.SDK_INT >= 21) {
            try {
                KeyStore keyStore = KeyStore.getInstance(ANDROID_KEY_STORE);
                keyStore.load(null);
                try {
                    if (keyStore.containsAlias(str)) {
                        keyStore.deleteEntry(str);
                        logger.info("message=\"Key " + str + " removed from Android Keystore\"");
                    }
                } catch (KeyStoreException e) {
                    logger.error("message=\"Error in removeKey\"", (Throwable) e);
                }
            } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e2) {
                logger.error("message=\"Cannot get instance of KeyStore\"", e2);
            }
        }
    }

    public static String setKey(String str, KeyPair keyPair) {
        return setKeyPair(str, keyPair).getModulus().toString();
    }

    /* JADX WARN: Can't wrap try/catch for region: R(18:1|(2:2|3)|(2:5|6)|7|8|(1:10)|12|13|14|15|16|17|(1:19)|(4:21|22|23|24)|25|26|27|(1:(0))) */
    /* JADX WARN: Code restructure failed: missing block: B:30:0x00c7, code lost:
    
        r9 = move-exception;
     */
    /* JADX WARN: Code restructure failed: missing block: B:31:0x00c8, code lost:
    
        pingidsdkclient.access.AndroidKeyStoreHelper.logger.error("message=\"Error in insertion to keystore\"", (java.lang.Throwable) r9);
     */
    /* JADX WARN: Code restructure failed: missing block: B:55:0x0076, code lost:
    
        r5 = move-exception;
     */
    /* JADX WARN: Code restructure failed: missing block: B:56:0x0077, code lost:
    
        pingidsdkclient.access.AndroidKeyStoreHelper.logger.error("message=\"Error in initializing and creating the new key pair\"", r5);
     */
    /* JADX WARN: Code restructure failed: missing block: B:58:0x0061, code lost:
    
        r5 = move-exception;
     */
    /* JADX WARN: Code restructure failed: missing block: B:59:0x0062, code lost:
    
        pingidsdkclient.access.AndroidKeyStoreHelper.logger.error("message=\"Error in creating the KeyPairGenerator instance\"", (java.lang.Throwable) r5);
        r5 = null;
     */
    /* JADX WARN: Code restructure failed: missing block: B:60:0x0040, code lost:
    
        r0 = move-exception;
     */
    /* JADX WARN: Code restructure failed: missing block: B:61:0x0041, code lost:
    
        pingidsdkclient.access.AndroidKeyStoreHelper.logger.error("message=\"Error in setKeyPair\"", (java.lang.Throwable) r0);
     */
    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Removed duplicated region for block: B:10:0x003c A[Catch: KeyStoreException -> 0x0040, TRY_LEAVE, TryCatch #6 {KeyStoreException -> 0x0040, blocks: (B:8:0x0036, B:10:0x003c), top: B:7:0x0036 }] */
    /* JADX WARN: Removed duplicated region for block: B:19:0x0071 A[Catch: all -> 0x0076, TRY_LEAVE, TryCatch #14 {all -> 0x0076, blocks: (B:17:0x006c, B:19:0x0071), top: B:16:0x006c }] */
    /* JADX WARN: Type inference failed for: r5v21, types: [java.security.interfaces.RSAKey] */
    /* JADX WARN: Type inference failed for: r5v26 */
    /* JADX WARN: Type inference failed for: r5v27 */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static java.security.interfaces.RSAKey setKeyPair(java.lang.String r9, java.security.KeyPair r10) {
        /*
            Method dump skipped, instructions count: 208
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: pingidsdkclient.access.AndroidKeyStoreHelper.setKeyPair(java.lang.String, java.security.KeyPair):java.security.interfaces.RSAKey");
    }
}
