package com.bytedance.android.sdk.bdticketguard.key;

import android.content.Context;
import android.content.SharedPreferences;
import android.util.Base64;
import android.util.Log;
import com.bykv.vk.openvk.live.TTLiveConstants;
import com.bytedance.android.sdk.bdticketguard.TicketGuardEventHelper;
import com.bytedance.android.sdk.bdticketguard.TicketGuardInnerFrameWork;
import com.taobao.accs.common.Constants;
import java.security.KeyPair;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import kotlin.Metadata;
import kotlin.jvm.internal.Intrinsics;
import kotlin.text.Charsets;

@Metadata(bv = {1, 0, 3}, d1 = {"\u0000X\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u000e\n\u0002\b\u0003\n\u0002\u0010\u000b\n\u0002\b\u0004\n\u0002\u0010\u0002\n\u0002\b\u0002\n\u0002\u0010\u0003\n\u0002\b\u0004\n\u0002\u0018\u0002\n\u0002\b\b\n\u0002\u0010\u0012\n\u0002\b\u0007\n\u0002\u0010\b\n\u0002\b\u0004\n\u0002\u0018\u0002\n\u0002\b\b\u0018\u00002\u000e\u0012\u0004\u0012\u00020\u0002\u0012\u0004\u0012\u00020\u00030\u0001B\u001d\u0012\u0006\u0010\u0004\u001a\u00020\u0005\u0012\u0006\u0010\u0006\u001a\u00020\u0007\u0012\u0006\u0010\b\u001a\u00020\u0007¢\u0006\u0002\u0010\tJ\u0018\u0010\u000f\u001a\u00020\u00102\u0006\u0010\u0011\u001a\u00020\u00072\b\u0010\u0012\u001a\u0004\u0018\u00010\u0013J\b\u0010\u0014\u001a\u00020\u000bH\u0016J\b\u0010\u0015\u001a\u00020\u000bH\u0016J\u0012\u0010\u0016\u001a\u0004\u0018\u00010\u00072\u0006\u0010\u0017\u001a\u00020\u0018H\u0002J\u0012\u0010\u0019\u001a\u0004\u0018\u00010\u00022\u0006\u0010\u001a\u001a\u00020\u0007H\u0016J\b\u0010\u001b\u001a\u00020\u0007H\u0014J\b\u0010\u001c\u001a\u00020\u0007H\u0002J\b\u0010\u001d\u001a\u00020\u0007H\u0016J\b\u0010\u001e\u001a\u00020\u0007H\u0016J\u0017\u0010\u001f\u001a\u0004\u0018\u00010\u000b2\u0006\u0010 \u001a\u00020!H\u0002¢\u0006\u0002\u0010\"J\u0015\u0010\u001f\u001a\u0004\u0018\u00010\u000b2\u0006\u0010#\u001a\u00020\u0007¢\u0006\u0002\u0010$J\u0012\u0010%\u001a\u0004\u0018\u00010\u00072\u0006\u0010\u0017\u001a\u00020\u0018H\u0002J\u0012\u0010&\u001a\u0004\u0018\u00010\u00022\u0006\u0010\u001a\u001a\u00020\u0007H\u0016J\u001a\u0010'\u001a\u0004\u0018\u00010\u00072\u0006\u0010\u0017\u001a\u00020\u00182\u0006\u0010(\u001a\u00020)H\u0002J\u001a\u0010*\u001a\u0004\u0018\u00010\u00182\u0006\u0010\u001a\u001a\u00020\u00072\u0006\u0010(\u001a\u00020)H\u0002J\u001a\u0010+\u001a\u0004\u0018\u00010\u00182\u0006\u0010\u001a\u001a\u00020\u00072\u0006\u0010(\u001a\u00020)H\u0002J*\u0010,\u001a\u0004\u0018\u00010!2\u0006\u0010-\u001a\u00020.2\u0006\u0010/\u001a\u00020!2\u0006\u0010(\u001a\u00020)2\u0006\u00100\u001a\u00020\u0007H\u0002J\u001a\u00101\u001a\u0004\u0018\u00010!2\u0006\u0010/\u001a\u00020!2\u0006\u00100\u001a\u00020\u0007H\u0016J\u000e\u00102\u001a\u00020\u00102\u0006\u0010 \u001a\u00020\u0007J \u00103\u001a\u00020\u000b2\u0006\u00104\u001a\u00020\u00032\u0006\u0010/\u001a\u00020!2\u0006\u00105\u001a\u00020!H\u0016R\u001e\u0010\f\u001a\u00020\u000b2\u0006\u0010\n\u001a\u00020\u000b@BX\u0086\u000e¢\u0006\b\n\u0000\u001a\u0004\b\r\u0010\u000eR\u000e\u0010\b\u001a\u00020\u0007X\u0082\u0004¢\u0006\u0002\n\u0000¨\u00066"}, d2 = {"Lcom/bytedance/android/sdk/bdticketguard/key/TeeKeyHelper;", "Lcom/bytedance/android/sdk/bdticketguard/key/AbsKeyHelper;", "Lcom/bytedance/android/sdk/bdticketguard/key/TeeKeyObject;", "Ljava/security/cert/Certificate;", TTLiveConstants.CONTEXT_KEY, "Landroid/content/Context;", "keystoreAlias", "", "principal", "(Landroid/content/Context;Ljava/lang/String;Ljava/lang/String;)V", "<set-?>", "", "hasEverFail", "getHasEverFail", "()Z", "apiFail", "", "reason", "error", "", "completeKeyObject", "containsAlias", "genCsr", "keyPair", "Ljava/security/KeyPair;", "generateKeyPair", "scene", "getCreateLogSpKey", "getSpKeyClientCert", "getSpKeyPrivateSuffix", "getSpKeyPublicPrefix", "isKeyMatch", "cert", "", "([B)Ljava/lang/Boolean;", "base64Cert", "(Ljava/lang/String;)Ljava/lang/Boolean;", "loadCertFromSp", "loadKeyPair", "realGenCsr", "attemptCount", "", "realGenKey", "realLoadKeyPair", "realSign", "privateKey", "Ljava/security/PrivateKey;", "data", "path", Constants.KEY_SECURITY_SIGN, "updateClientCert", "verify", "pubInfo", "signature", "bd_ticket_guard_core_release"}, k = 1, mv = {1, 1, 15})
/* renamed from: com.bytedance.android.sdk.bdticketguard.key.f, reason: from Kotlin metadata */
/* loaded from: classes11.dex */
public final class TeeKeyHelper extends AbsKeyHelper<TeeKeyObject, Certificate> {

    /* renamed from: a, reason: collision with root package name */
    private boolean f3903a;

    /* renamed from: b, reason: collision with root package name */
    private final String f3904b;

    /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
    public TeeKeyHelper(Context context, String keystoreAlias, String principal) {
        super(context, keystoreAlias);
        Intrinsics.checkParameterIsNotNull(context, "context");
        Intrinsics.checkParameterIsNotNull(keystoreAlias, "keystoreAlias");
        Intrinsics.checkParameterIsNotNull(principal, "principal");
        this.f3904b = principal;
        this.f3903a = getF3896b().getBoolean("has_ever_fail", false);
    }

    private final Boolean a(byte[] bArr) {
        TeeKeyObject a2 = a();
        if (a2 == null) {
            return null;
        }
        try {
            PrivateKey privateKey = a2.getC().getPrivate();
            Intrinsics.checkExpressionValueIsNotNull(privateKey, "it.keyPair.private");
            return Boolean.valueOf(TeeApi.a(bArr, privateKey));
        } catch (Throwable unused) {
            return null;
        }
    }

    private final String a(KeyPair keyPair) {
        String str;
        TicketGuardEventHelper.f3859b.e();
        String str2 = (String) null;
        boolean z = true;
        if (getF3896b().getBoolean("sp_key_has_load_from_origin_sp", false)) {
            str = str2;
        } else {
            SharedPreferences sharedPreferences = getE().getSharedPreferences("sp_TicketGuardManager", 0);
            str = sharedPreferences.getString("sp_key_cert", null);
            sharedPreferences.edit().remove("sp_key_cert").apply();
            SharedPreferences.Editor edit = getF3896b().edit();
            edit.putBoolean("sp_key_has_load_from_origin_sp", true);
            String str3 = str;
            if (!(str3 == null || str3.length() == 0)) {
                byte[] decode = Base64.decode(str, 0);
                Intrinsics.checkExpressionValueIsNotNull(decode, "Base64.decode(originCert, Base64.DEFAULT)");
                PrivateKey privateKey = keyPair.getPrivate();
                Intrinsics.checkExpressionValueIsNotNull(privateKey, "keyPair.private");
                if (TeeApi.a(decode, privateKey)) {
                    edit.putString(m(), str);
                    edit.apply();
                }
            }
            str = str2;
            edit.apply();
        }
        String str4 = str;
        if (!(str4 == null || str4.length() == 0)) {
            return str;
        }
        String string = getF3896b().getString(m(), null);
        String str5 = string;
        if (str5 != null && str5.length() != 0) {
            z = false;
        }
        if (z) {
            TicketGuardEventHelper.f3859b.f("sp empty");
            return string;
        }
        byte[] decode2 = Base64.decode(string, 0);
        Intrinsics.checkExpressionValueIsNotNull(decode2, "Base64.decode(cert, Base64.DEFAULT)");
        PrivateKey privateKey2 = keyPair.getPrivate();
        Intrinsics.checkExpressionValueIsNotNull(privateKey2, "keyPair.private");
        if (TeeApi.a(decode2, privateKey2)) {
            TicketGuardEventHelper.f3859b.e(string);
            return string;
        }
        TicketGuardEventHelper.f3859b.f("not match private key");
        getF3896b().edit().remove(m()).apply();
        return str2;
    }

    private final String a(KeyPair keyPair, int i) {
        try {
            String a2 = TeeApi.a(keyPair, this.f3904b);
            TicketGuardInnerFrameWork.a("生成 csr 成功");
            TicketGuardEventHelper.a(0, (Throwable) null, i);
            return a2;
        } catch (Throwable th) {
            a("generate csr", th);
            TicketGuardInnerFrameWork.a("生成 csr 失败, exception=" + Log.getStackTraceString(th));
            TicketGuardEventHelper.a(3001, th, i);
            return null;
        }
    }

    private final KeyPair a(String str, int i) {
        long currentTimeMillis = System.currentTimeMillis();
        KeyPair keyPair = null;
        try {
            String k = getF();
            SharedPreferences.Editor edit = getF3896b().edit();
            Intrinsics.checkExpressionValueIsNotNull(edit, "sp.edit()");
            KeyPair a2 = TeeApi.a(k, edit, e(), f());
            if (a2 != null) {
                TicketGuardInnerFrameWork.a("生成 Key pair 成功");
                TicketGuardEventHelper.a(0, (Throwable) null, System.currentTimeMillis() - currentTimeMillis, true, i, str);
                keyPair = a2;
            } else {
                TicketGuardInnerFrameWork.a("生成 Key pair 失败");
                TicketGuardEventHelper.a(-1, (Throwable) null, System.currentTimeMillis() - currentTimeMillis, true, i, str);
            }
        } catch (Throwable th) {
            a("generate key", th);
            TicketGuardInnerFrameWork.a("生成 Key pair 失败, exception=" + Log.getStackTraceString(th));
            TicketGuardEventHelper.a(-1, th, System.currentTimeMillis() - currentTimeMillis, true, i, str);
        }
        return keyPair;
    }

    private final byte[] a(PrivateKey privateKey, byte[] bArr, int i, String str) {
        byte[] bArr2 = (byte[]) null;
        try {
            long currentTimeMillis = System.currentTimeMillis();
            bArr2 = TeeApi.a(privateKey, bArr);
            TicketGuardInnerFrameWork.a("签名成功");
            TicketGuardEventHelper.a(0, (String) null, System.currentTimeMillis() - currentTimeMillis, i, str);
            TicketGuardEventHelper.a(true, (Throwable) null, i, System.currentTimeMillis() - currentTimeMillis, str);
        } catch (Throwable th) {
            a(Constants.KEY_SECURITY_SIGN, th);
            TicketGuardInnerFrameWork.a("签名失败, exception=" + Log.getStackTraceString(th));
            TicketGuardEventHelper.a(-1, "sign error, see bd_ticket_guard_create_signature", 0L, 3, str);
            TicketGuardEventHelper.a(false, th, i, 0L, str);
        }
        return bArr2;
    }

    private final String b(KeyPair keyPair) {
        for (int i = 1; i <= 3; i++) {
            String a2 = a(keyPair, i);
            if (a2 != null) {
                return a2;
            }
        }
        return null;
    }

    private final KeyPair b(String str, int i) {
        long currentTimeMillis = System.currentTimeMillis();
        KeyPair keyPair = null;
        try {
            KeyPair b2 = TeeApi.b(getF(), getF3896b(), e(), f());
            if (b2 != null) {
                TicketGuardInnerFrameWork.a("加载 Key pair 成功");
                TicketGuardEventHelper.a(0, (Throwable) null, System.currentTimeMillis() - currentTimeMillis, false, i, str);
                keyPair = b2;
            } else {
                TicketGuardInnerFrameWork.a("加载 Key pair 失败");
                TicketGuardEventHelper.a(0, (Throwable) null, System.currentTimeMillis() - currentTimeMillis, false, i, str);
            }
        } catch (Throwable th) {
            a("load key pair", th);
            TicketGuardInnerFrameWork.a("加载 Key pair 失败, exception=" + Log.getStackTraceString(th));
            TicketGuardEventHelper.a(-1, th, System.currentTimeMillis() - currentTimeMillis, false, i, str);
        }
        return keyPair;
    }

    private final String m() {
        return "client_cert_" + getF();
    }

    public final void a(String reason, Throwable th) {
        Intrinsics.checkParameterIsNotNull(reason, "reason");
        TicketGuardInnerFrameWork.a(reason + " fail, error=" + Log.getStackTraceString(th));
        if (this.f3903a) {
            return;
        }
        this.f3903a = true;
        getF3896b().edit().putBoolean("has_ever_fail", true).apply();
    }

    public byte[] a(byte[] data, String path) {
        Intrinsics.checkParameterIsNotNull(data, "data");
        Intrinsics.checkParameterIsNotNull(path, "path");
        TeeKeyObject a2 = a();
        if (a2 == null) {
            TicketGuardInnerFrameWork.a("签名失败, 获取私钥失败");
            TicketGuardEventHelper.a(4002, "empty private key", 0L, 0, path);
            return null;
        }
        for (int i = 1; i <= 3; i++) {
            PrivateKey privateKey = a2.getC().getPrivate();
            Intrinsics.checkExpressionValueIsNotNull(privateKey, "it.keyPair.private");
            byte[] a3 = a(privateKey, data, i, path);
            if (a3 != null) {
                return a3;
            }
        }
        return null;
    }

    @Override // com.bytedance.android.sdk.bdticketguard.key.AbsKeyHelper
    protected String c() {
        return "tee_create_key_log";
    }

    @Override // com.bytedance.android.sdk.bdticketguard.key.AbsKeyHelper
    /* renamed from: d, reason: merged with bridge method [inline-methods] */
    public TeeKeyObject b(String scene) {
        Intrinsics.checkParameterIsNotNull(scene, "scene");
        for (int i = 1; i <= 3; i++) {
            KeyPair a2 = a(scene, i);
            if (a2 != null) {
                return new TeeKeyObject(true, a2, b(a2), null);
            }
        }
        return null;
    }

    @Override // com.bytedance.android.sdk.bdticketguard.key.AbsKeyHelper
    /* renamed from: e, reason: merged with bridge method [inline-methods] */
    public TeeKeyObject c(String scene) {
        Intrinsics.checkParameterIsNotNull(scene, "scene");
        for (int i = 1; i <= 3; i++) {
            KeyPair b2 = b(scene, i);
            if (b2 != null) {
                TeeKeyObject teeKeyObject = new TeeKeyObject(false, b2, null, a(b2));
                if (!teeKeyObject.a()) {
                    j();
                }
                return teeKeyObject;
            }
        }
        return null;
    }

    public final Boolean f(String base64Cert) {
        Intrinsics.checkParameterIsNotNull(base64Cert, "base64Cert");
        byte[] decode = Base64.decode(base64Cert, 0);
        Intrinsics.checkExpressionValueIsNotNull(decode, "Base64.decode(base64Cert, Base64.DEFAULT)");
        return a(decode);
    }

    @Override // com.bytedance.android.sdk.bdticketguard.key.AbsKeyHelper
    public String g() {
        return "sp_key_public_key";
    }

    public final void g(String cert) {
        Intrinsics.checkParameterIsNotNull(cert, "cert");
        byte[] bytes = cert.getBytes(Charsets.UTF_8);
        Intrinsics.checkExpressionValueIsNotNull(bytes, "(this as java.lang.String).getBytes(charset)");
        if (Intrinsics.areEqual((Object) a(bytes), (Object) true)) {
            byte[] bytes2 = cert.getBytes(Charsets.UTF_8);
            Intrinsics.checkExpressionValueIsNotNull(bytes2, "(this as java.lang.String).getBytes(charset)");
            String base64Cert = Base64.encodeToString(bytes2, 2);
            TeeKeyObject a2 = a();
            if (a2 != null) {
                a2.b(base64Cert);
            }
            getF3896b().edit().putString(m(), base64Cert).apply();
            TicketGuardEventHelper ticketGuardEventHelper = TicketGuardEventHelper.f3859b;
            Intrinsics.checkExpressionValueIsNotNull(base64Cert, "base64Cert");
            ticketGuardEventHelper.d(base64Cert);
        }
    }

    @Override // com.bytedance.android.sdk.bdticketguard.key.AbsKeyHelper
    public String h() {
        return "sp_key_private_key";
    }

    @Override // com.bytedance.android.sdk.bdticketguard.key.AbsKeyHelper
    public boolean i() {
        try {
            return TeeApi.a(getF(), getF3896b(), e(), f());
        } catch (Throwable th) {
            a("contains alias", th);
            throw th;
        }
    }

    @Override // com.bytedance.android.sdk.bdticketguard.key.AbsKeyHelper
    public boolean j() {
        TeeKeyObject a2 = a();
        if (a2 == null) {
            return false;
        }
        a2.a(b(a2.getC()));
        return a2.a();
    }

    /* renamed from: l, reason: from getter */
    public final boolean getF3903a() {
        return this.f3903a;
    }
}
