package com.xunmeng.pinduoduo.wallet.common.util.a;

import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.text.TextUtils;
import com.xunmeng.core.ab.AbTest;
import com.xunmeng.core.log.Logger;
import com.xunmeng.pinduoduo.b.h;
import com.xunmeng.pinduoduo.wallet.common.util.WalletSignatureException;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.math.BigInteger;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.util.Calendar;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Map;
import java.util.TreeMap;
import javax.security.auth.x500.X500Principal;

/* compiled from: Pdd */
/* loaded from: classes7.dex */
public class b {
    private KeyStore b;
    protected KeyPair g;

    public b() {
        if (com.xunmeng.manwe.hotfix.c.c(196429, this)) {
            return;
        }
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            this.b = keyStore;
            keyStore.load(null);
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            Logger.e(d(), "[construct]", e);
        }
    }

    private String c(Map<String, String> map) {
        if (com.xunmeng.manwe.hotfix.c.o(196569, this, map)) {
            return com.xunmeng.manwe.hotfix.c.w();
        }
        Map<String, String> f = f(map);
        StringBuilder sb = new StringBuilder();
        int i = 0;
        for (String str : f.keySet()) {
            Object h = h.h(f, str.toString());
            if (h != null && !TextUtils.isEmpty(h.toString())) {
                sb.append(i == 0 ? "" : "&");
                sb.append((Object) str);
                sb.append("=");
                sb.append(h);
                i++;
            }
        }
        return sb.toString();
    }

    private Map<String, String> f(Map<String, String> map) {
        if (com.xunmeng.manwe.hotfix.c.o(196590, this, map)) {
            return (Map) com.xunmeng.manwe.hotfix.c.s();
        }
        TreeMap treeMap = new TreeMap(c.f29948a);
        if (map != null) {
            treeMap.putAll(map);
        }
        return treeMap;
    }

    public static String r(PublicKey publicKey) {
        return com.xunmeng.manwe.hotfix.c.o(196596, null, publicKey) ? com.xunmeng.manwe.hotfix.c.w() : com.xunmeng.pinduoduo.basekit.commonutil.a.a(publicKey.getEncoded());
    }

    private static boolean s() {
        return com.xunmeng.manwe.hotfix.c.l(196599, null) ? com.xunmeng.manwe.hotfix.c.u() : AbTest.instance().isFlowControl("ab_wallet_forbid_keystore_status_5700", false);
    }

    protected String a() {
        if (com.xunmeng.manwe.hotfix.c.l(196409, this)) {
            return com.xunmeng.manwe.hotfix.c.w();
        }
        return null;
    }

    protected String d() {
        if (com.xunmeng.manwe.hotfix.c.l(196424, this)) {
            return com.xunmeng.manwe.hotfix.c.w();
        }
        return null;
    }

    protected void e(Exception exc) {
        com.xunmeng.manwe.hotfix.c.f(196500, this, exc);
    }

    public KeyPair h(boolean z, boolean z2) {
        if (com.xunmeng.manwe.hotfix.c.p(196444, this, Boolean.valueOf(z), Boolean.valueOf(z2))) {
            return (KeyPair) com.xunmeng.manwe.hotfix.c.s();
        }
        try {
            return i(z, z2);
        } catch (Exception e) {
            Logger.e(d(), "[generateKeyPair]", e);
            e(e);
            return null;
        }
    }

    public KeyPair i(boolean z, boolean z2) throws Exception {
        if (com.xunmeng.manwe.hotfix.c.k(196458, this, new Object[]{Boolean.valueOf(z), Boolean.valueOf(z2)})) {
            return (KeyPair) com.xunmeng.manwe.hotfix.c.s();
        }
        Logger.i(d(), "[generateKeyPair]");
        int i = z ? 15 : 12;
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
        KeyGenParameterSpec.Builder userAuthenticationRequired = new KeyGenParameterSpec.Builder(a(), i).setKeySize(2048).setDigests("SHA-256").setSignaturePaddings("PKCS1").setUserAuthenticationRequired(z2);
        if (z) {
            userAuthenticationRequired.setEncryptionPaddings("PKCS1Padding");
        }
        keyPairGenerator.initialize(userAuthenticationRequired.build());
        return keyPairGenerator.generateKeyPair();
    }

    public KeyPair j() throws Exception {
        if (com.xunmeng.manwe.hotfix.c.k(196472, this, new Object[0])) {
            return (KeyPair) com.xunmeng.manwe.hotfix.c.s();
        }
        Logger.i(d(), "[generateKeyPairUnderM]");
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
        Calendar calendar = Calendar.getInstance();
        Calendar calendar2 = Calendar.getInstance();
        calendar2.add(1, 3);
        KeyPairGeneratorSpec.Builder endDate = new KeyPairGeneratorSpec.Builder(com.xunmeng.pinduoduo.basekit.a.c()).setAlias(a()).setSubject(new X500Principal("CN=" + a())).setSerialNumber(BigInteger.valueOf(1337L)).setStartDate(calendar.getTime()).setEndDate(calendar2.getTime());
        if (Build.VERSION.SDK_INT >= 19) {
            endDate.setKeySize(2048);
        }
        keyPairGenerator.initialize(endDate.build());
        return keyPairGenerator.generateKeyPair();
    }

    public KeyPair k() {
        if (com.xunmeng.manwe.hotfix.c.l(196503, this)) {
            return (KeyPair) com.xunmeng.manwe.hotfix.c.s();
        }
        if (this.g != null) {
            Logger.i(d(), "[getCurrentKey] from cache.");
            return this.g;
        }
        KeyPair n = n();
        this.g = n;
        return n;
    }

    public void l() {
        if (com.xunmeng.manwe.hotfix.c.c(196509, this)) {
            return;
        }
        this.g = null;
    }

    public Map<String, String> m() {
        if (com.xunmeng.manwe.hotfix.c.l(196512, this)) {
            return (Map) com.xunmeng.manwe.hotfix.c.s();
        }
        HashMap hashMap = new HashMap(2);
        if (this.b == null) {
            Logger.e(d(), "[getStatus] with null.");
            return hashMap;
        }
        if (s()) {
            Logger.i(d(), "[getStatus] abort by switch");
            return hashMap;
        }
        try {
            h.I(hashMap, "count", String.valueOf(this.b.size()));
            StringBuilder sb = new StringBuilder();
            Enumeration<String> aliases = this.b.aliases();
            while (aliases.hasMoreElements()) {
                if (sb.length() != 0) {
                    sb.append(";\n");
                }
                sb.append(aliases.nextElement());
            }
            h.I(hashMap, "alias", sb.toString());
        } catch (KeyStoreException e) {
            Logger.e(d(), e);
        }
        return hashMap;
    }

    public KeyPair n() {
        if (com.xunmeng.manwe.hotfix.c.l(196531, this)) {
            return (KeyPair) com.xunmeng.manwe.hotfix.c.s();
        }
        Logger.i(d(), "[getCurrentKey]");
        try {
            if (!this.b.containsAlias(a())) {
                Logger.i(d(), "[getCurrentKey] not contain key");
                return null;
            }
            Certificate certificate = this.b.getCertificate(a());
            if (certificate == null) {
                Logger.i(d(), "[getCurrentKey] Certificate is null");
                return null;
            }
            PublicKey publicKey = certificate.getPublicKey();
            Logger.i(d(), "[getCurrentKey] get PublicKey success");
            PrivateKey privateKey = (PrivateKey) this.b.getKey(a(), null);
            Logger.i(d(), "[getCurrentKey] get PrivateKey success");
            return new KeyPair(publicKey, privateKey);
        } catch (NullPointerException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException e) {
            Logger.e(d(), "[getCurrentKey]", e);
            return null;
        }
    }

    public void o() {
        if (com.xunmeng.manwe.hotfix.c.c(196547, this)) {
            return;
        }
        Logger.i(d(), "[deleteCurrentKey]");
        try {
            this.b.deleteEntry(a());
        } catch (Exception e) {
            Logger.e(d(), "[deleteCurrentKey]", e);
        }
    }

    public Signature p(PrivateKey privateKey, boolean z) throws WalletSignatureException {
        if (com.xunmeng.manwe.hotfix.c.k(196554, this, new Object[]{privateKey, Boolean.valueOf(z)})) {
            return (Signature) com.xunmeng.manwe.hotfix.c.s();
        }
        try {
            Signature signature = Signature.getInstance("SHA256withRSA");
            signature.initSign(privateKey);
            return signature;
        } catch (InvalidKeyException e) {
            Logger.e(d(), "[initSignature]", e);
            throw new WalletSignatureException(4, "InvalidKeyException");
        } catch (NoSuchAlgorithmException e2) {
            Logger.e(d(), "[initSignature]", e2);
            if (z) {
                throw new WalletSignatureException(5, "NoSuchAlgorithmException");
            }
            return null;
        }
    }

    public String q(Signature signature, Map<String, String> map) {
        if (com.xunmeng.manwe.hotfix.c.p(196564, this, signature, map)) {
            return com.xunmeng.manwe.hotfix.c.w();
        }
        try {
            signature.update(c(map).getBytes("utf-8"));
            return com.xunmeng.pinduoduo.basekit.commonutil.a.a(signature.sign());
        } catch (UnsupportedEncodingException | SignatureException e) {
            Logger.e(d(), "[getSign]", e);
            return null;
        }
    }
}
