package j0.g.w0.b;

import android.content.Context;
import android.content.pm.PackageManager;
import android.os.Build;
import android.security.keystore.KeyGenParameterSpec;
import androidx.annotation.NonNull;
import com.didi.security.attestation.AttestationException;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate;
import java.security.spec.ECGenParameterSpec;
import java.util.ArrayList;
import java.util.Date;
import java.util.Enumeration;
import java.util.List;

/* compiled from: AttestationManager.java */
/* loaded from: classes5.dex */
public class f {
    public final Context a;

    /* renamed from: b, reason: collision with root package name */
    public final PackageManager f37021b;

    /* renamed from: c, reason: collision with root package name */
    public final boolean f37022c;

    /* renamed from: d, reason: collision with root package name */
    public final boolean f37023d;

    /* renamed from: e, reason: collision with root package name */
    public final boolean f37024e = true;

    /* renamed from: f, reason: collision with root package name */
    public final boolean f37025f = true;

    /* renamed from: g, reason: collision with root package name */
    public boolean f37026g = false;

    /* renamed from: h, reason: collision with root package name */
    public final boolean f37027h = false;

    public f(Context context, PackageManager packageManager) {
        this.a = context;
        this.f37021b = packageManager;
        this.f37022c = Build.VERSION.SDK_INT >= 28 && packageManager.hasSystemFeature("android.hardware.strongbox_keystore");
        this.f37023d = Build.VERSION.SDK_INT >= 31 && packageManager.hasSystemFeature("android.software.device_id_attestation");
    }

    @NonNull
    public static List<X509Certificate> a(Certificate[] certificateArr) throws CertificateException, IOException {
        ArrayList arrayList = new ArrayList(certificateArr.length);
        CertificateFactory certificateFactory = CertificateFactory.getInstance(j0.h.g.d.g.f38609e);
        for (Certificate certificate : certificateArr) {
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(certificate.getEncoded());
            arrayList.add((X509Certificate) certificateFactory.generateCertificate(byteArrayInputStream));
            byteArrayInputStream.close();
        }
        return arrayList;
    }

    private Certificate[] c(String str, boolean z2, boolean z3) throws GeneralSecurityException, IOException {
        if (Build.VERSION.SDK_INT < 23) {
            return null;
        }
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC", "AndroidKeyStore");
        Date date = new Date();
        Date date2 = new Date(date.getTime() + 1000000);
        KeyGenParameterSpec.Builder keyValidityForConsumptionEnd = new KeyGenParameterSpec.Builder(str, 4).setAlgorithmParameterSpec(new ECGenParameterSpec("secp256r1")).setKeyValidityStart(date).setKeyValidityForOriginationEnd(date2).setKeyValidityForConsumptionEnd(new Date(date.getTime() + 2000000));
        if (Build.VERSION.SDK_INT >= 24) {
            keyValidityForConsumptionEnd.setAttestationChallenge(date.toString().getBytes());
        }
        if (Build.VERSION.SDK_INT >= 31 && z3) {
            keyValidityForConsumptionEnd.setDevicePropertiesAttestationIncluded(true);
        }
        if (Build.VERSION.SDK_INT >= 28 && z2) {
            keyValidityForConsumptionEnd.setIsStrongBoxBacked(true);
        }
        keyValidityForConsumptionEnd.setDigests("NONE", "SHA-256");
        keyPairGenerator.initialize(keyValidityForConsumptionEnd.build());
        keyPairGenerator.genKeyPair();
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null);
        try {
            return keyStore.getCertificateChain(str);
        } catch (KeyStoreException unused) {
            return null;
        }
    }

    public h b() throws Throwable {
        boolean z2 = this.f37022c;
        boolean z3 = this.f37023d;
        List<X509Certificate> list = null;
        try {
            Certificate[] c2 = c("Key_" + z2 + "_" + z3, z2, z3);
            if (c2 != null && c2.length > 0) {
                list = a(c2);
            }
        } catch (Throwable unused) {
        }
        return e(list);
    }

    public List<X509Certificate> d() {
        ArrayList arrayList = new ArrayList();
        try {
            KeyStore keyStore = KeyStore.getInstance(j0.q.d.a.a.j.k.f44566h);
            keyStore.load(null, null);
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                Certificate certificate = keyStore.getCertificate(aliases.nextElement());
                if (certificate instanceof X509Certificate) {
                    arrayList.add((X509Certificate) certificate);
                }
            }
        } catch (Exception unused) {
        }
        return arrayList;
    }

    public h e(List<X509Certificate> list) throws AttestationException {
        int i2;
        c cVar = null;
        if (list == null || list.size() == 0) {
            return null;
        }
        try {
            i2 = n.a(this.a, list);
        } catch (GeneralSecurityException unused) {
            i2 = -1;
        }
        int size = list.size() - 1;
        AttestationException attestationException = null;
        while (size >= 0) {
            try {
                cVar = c.m(list.get(size));
                break;
            } catch (CertificateParsingException e2) {
                size--;
                attestationException = new AttestationException(2, e2);
            }
        }
        if (cVar != null) {
            return new h(cVar, i2);
        }
        if (attestationException != null) {
            throw attestationException;
        }
        throw new AttestationException(2, new CertificateParsingException("all certificates parsing failed " + list.size()));
    }
}
