package com.ebay.mobile.connection.idsignin.pushtwofactor.util;

import android.security.keystore.KeyGenParameterSpec;
import android.util.Base64;
import androidx.annotation.NonNull;
import androidx.annotation.Nullable;
import com.ebay.mobile.logging.EbayLogger;
import com.ebay.mobile.logging.EbayLoggerFactory;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyFactory;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.spec.ECGenParameterSpec;
import java.security.spec.PKCS8EncodedKeySpec;
import javax.crypto.KeyGenerator;
import javax.inject.Inject;

/* loaded from: classes5.dex */
public class CryptoSupplier {
    public final EbayLogger logger;

    @Inject
    public CryptoSupplier(@NonNull EbayLoggerFactory ebayLoggerFactory) {
        this.logger = ebayLoggerFactory.create(CryptoSupplier.class);
    }

    public void generateKeyPair(@NonNull String str) {
        this.logger.logMethod(3, str);
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC", "AndroidKeyStore");
            keyPairGenerator.initialize(new KeyGenParameterSpec.Builder(str, 4).setAlgorithmParameterSpec(new ECGenParameterSpec("secp256r1")).setDigests("SHA-256", "SHA-384", "SHA-512").build());
            keyPairGenerator.generateKeyPair();
        } catch (InvalidAlgorithmParameterException | NoSuchAlgorithmException | NoSuchProviderException e) {
            this.logger.error("key pair generation failed", e);
        }
    }

    @Nullable
    public String generateUniqueKeyId() {
        this.logger.logMethod(3, new Object[0]);
        try {
            KeyGenerator keyGenerator = KeyGenerator.getInstance("AES");
            keyGenerator.init(256, SecureRandom.getInstance("SHA1PRNG"));
            return String.format("ebay-push2fa-keyid-%s", Base64.encodeToString(keyGenerator.generateKey().getEncoded(), 10));
        } catch (NoSuchAlgorithmException e) {
            this.logger.error("unique Key identifier generation failed", e);
            return null;
        }
    }

    @NonNull
    public byte[] getPublicKey(@NonNull String str) throws Exception {
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null);
        return keyStore.getCertificate(str).getPublicKey().getEncoded();
    }

    @NonNull
    public byte[] getSignature(@NonNull byte[] bArr, @NonNull String str) throws Exception {
        this.logger.logMethod(3, bArr, str);
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null);
        PrivateKey privateKey = (PrivateKey) keyStore.getKey(str, null);
        Signature signature = Signature.getInstance("SHA256withECDSA");
        signature.initSign(privateKey);
        signature.update(bArr);
        return signature.sign();
    }

    @NonNull
    public byte[] signWithAttestationKey(@NonNull byte[] bArr, byte[] bArr2) throws Exception {
        PrivateKey generatePrivate = KeyFactory.getInstance("EC").generatePrivate(new PKCS8EncodedKeySpec(bArr));
        Signature signature = Signature.getInstance("SHA256withECDSA");
        signature.initSign(generatePrivate);
        signature.update(bArr2);
        return signature.sign();
    }
}
