package ca.bc.gov.id.servicescard.f.b.n;

import android.os.Build;
import android.security.keystore.KeyGenParameterSpec;
import androidx.annotation.NonNull;
import androidx.annotation.Nullable;
import ca.bc.gov.id.servicescard.data.models.alert.AlertKey;
import ca.bc.gov.id.servicescard.data.models.bcsckeypair.BcscKeyPair;
import ca.bc.gov.id.servicescard.data.models.exception.BcscException;
import ca.bc.gov.id.servicescard.data.models.exception.KeypairGenerationException;
import ca.bc.gov.id.servicescard.data.models.keypairinfo.KeyPairInfo;
import ca.bc.gov.id.servicescard.utils.Log;
import com.nimbusds.jose.JWSAlgorithm;
import com.nimbusds.jose.JWSHeader;
import com.nimbusds.jose.jwk.JWK;
import com.nimbusds.jose.jwk.RSAKey;
import com.nimbusds.jwt.JWTClaimsSet;
import com.nimbusds.jwt.SignedJWT;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.interfaces.RSAPublicKey;
import java.util.HashMap;
import java.util.Locale;

/* loaded from: classes.dex */
public class a implements b {

    @NonNull
    private final ca.bc.gov.id.servicescard.f.b.o.b a;

    public a(@NonNull ca.bc.gov.id.servicescard.f.b.o.b bVar) {
        this.a = bVar;
    }

    private boolean i(String str) {
        try {
            n().deleteEntry(str);
            return true;
        } catch (Exception unused) {
            return false;
        }
    }

    private void j(String str) {
        try {
            KeyGenParameterSpec.Builder builder = new KeyGenParameterSpec.Builder(str, 15);
            builder.setDigests("SHA-512").setEncryptionPaddings("PKCS1Padding").setKeySize(4096).setSignaturePaddings("PKCS1");
            if (Build.VERSION.SDK_INT >= 24) {
                builder.setInvalidatedByBiometricEnrollment(false);
            }
            KeyGenParameterSpec build = builder.build();
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
            keyPairGenerator.initialize(build);
            keyPairGenerator.generateKeyPair();
        } catch (InvalidAlgorithmParameterException | NoSuchAlgorithmException | NoSuchProviderException e2) {
            Log.d("BcscKeyPairRepo", e2.getMessage());
        }
    }

    @NonNull
    private KeyPair k(@NonNull KeyStore keyStore, @NonNull String str) {
        if (Build.VERSION.SDK_INT <= 27) {
            return new KeyPair(keyStore.getCertificate(str).getPublicKey(), (PrivateKey) keyStore.getKey(str, null));
        }
        KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry(str, null);
        return new KeyPair(privateKeyEntry.getCertificate().getPublicKey(), privateKeyEntry.getPrivateKey());
    }

    @Nullable
    private KeyPairInfo l(HashMap<String, KeyPairInfo> hashMap) {
        KeyPairInfo keyPairInfo = null;
        for (KeyPairInfo keyPairInfo2 : hashMap.values()) {
            if (keyPairInfo == null || keyPairInfo2.getCreatedAt().longValue() > keyPairInfo.getCreatedAt().longValue()) {
                keyPairInfo = keyPairInfo2;
            }
        }
        return keyPairInfo;
    }

    @Nullable
    private KeyPairInfo m(HashMap<String, KeyPairInfo> hashMap) {
        String str = null;
        if (hashMap.size() < 3) {
            return null;
        }
        long currentTimeMillis = System.currentTimeMillis();
        for (KeyPairInfo keyPairInfo : hashMap.values()) {
            if (keyPairInfo.getCreatedAt().longValue() < currentTimeMillis) {
                str = keyPairInfo.getAlias();
            }
        }
        return hashMap.get(str);
    }

    @NonNull
    private KeyStore n() {
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null);
        return keyStore;
    }

    @Override // ca.bc.gov.id.servicescard.f.b.n.b
    public void a(@NonNull String str) {
        this.a.c(str);
        if (!i(str)) {
            throw new BcscException(AlertKey.ERR_108_UNABLE_TO_DELETE_KEY_PAIR);
        }
    }

    @Override // ca.bc.gov.id.servicescard.f.b.n.b
    @Nullable
    public BcscKeyPair b(@NonNull String str) {
        try {
            KeyStore n = n();
            if (!n.containsAlias(str)) {
                return null;
            }
            KeyPairInfo a = this.a.a(str);
            if (a == null) {
                a = new KeyPairInfo(str, Long.valueOf(System.currentTimeMillis()));
                this.a.d(a);
            }
            return new BcscKeyPair(k(n, str), a);
        } catch (Exception unused) {
            return null;
        }
    }

    @Override // ca.bc.gov.id.servicescard.f.b.n.b
    @NonNull
    public BcscKeyPair c() {
        try {
            KeyStore n = n();
            KeyPairInfo l = l(this.a.b());
            if (l == null) {
                l = new KeyPairInfo("rsa1", Long.valueOf(System.currentTimeMillis()));
                this.a.d(l);
            }
            String format = String.format(Locale.CANADA, "%s%d", "rsa", Integer.valueOf(Integer.parseInt(l.getAlias().replaceAll("\\D+", "")) + 1));
            KeyPairInfo keyPairInfo = new KeyPairInfo(format, Long.valueOf(System.currentTimeMillis()));
            this.a.d(keyPairInfo);
            j(format);
            return new BcscKeyPair(k(n, format), keyPairInfo);
        } catch (Exception e2) {
            throw new KeypairGenerationException(e2.getMessage());
        }
    }

    @Override // ca.bc.gov.id.servicescard.f.b.n.b
    @NonNull
    public BcscKeyPair d() {
        try {
            KeyStore n = n();
            KeyPairInfo l = l(this.a.b());
            if (l == null) {
                l = new KeyPairInfo("rsa1", Long.valueOf(System.currentTimeMillis()));
                this.a.d(l);
            }
            if (!n.containsAlias(l.getAlias())) {
                j(l.getAlias());
            }
            return new BcscKeyPair(k(n, l.getAlias()), l);
        } catch (Exception e2) {
            throw new KeypairGenerationException(e2.getMessage());
        }
    }

    @Override // ca.bc.gov.id.servicescard.f.b.n.b
    @NonNull
    public String e(@NonNull JWTClaimsSet jWTClaimsSet) {
        try {
            SignedJWT signedJWT = new SignedJWT(new JWSHeader(JWSAlgorithm.RS512), jWTClaimsSet);
            signedJWT.p(new com.nimbusds.jose.crypto.b(d().getKeyPair().getPrivate()));
            return signedJWT.n();
        } catch (Exception e2) {
            throw new BcscException(AlertKey.ERR_207_UNABLE_TO_SIGN_CLAIMS_SET, e2.getMessage());
        }
    }

    @Override // ca.bc.gov.id.servicescard.f.b.n.b
    public void f() {
        KeyPairInfo m = m(this.a.b());
        if (m == null) {
            return;
        }
        this.a.c(m.getAlias());
        if (!i(m.getAlias())) {
            throw new BcscException(AlertKey.ERR_108_UNABLE_TO_DELETE_KEY_PAIR);
        }
    }

    @Override // ca.bc.gov.id.servicescard.f.b.n.b
    @NonNull
    public JWK g(@NonNull BcscKeyPair bcscKeyPair) {
        RSAKey.a aVar = new RSAKey.a((RSAPublicKey) bcscKeyPair.getKeyPair().getPublic());
        aVar.b(bcscKeyPair.getKeyInfo().getAlias());
        return aVar.a();
    }

    @Override // ca.bc.gov.id.servicescard.f.b.n.b
    public boolean h() {
        try {
            n();
            return true;
        } catch (Exception unused) {
            return false;
        }
    }
}
