package com.jd.stat.common.attestation;

import android.content.Context;
import android.content.pm.PackageManager;
import android.os.Build;
import android.security.KeyStoreException;
import android.security.keystore.KeyGenParameterSpec;
import android.security.keystore.StrongBoxUnavailableException;
import java.io.ByteArrayInputStream;
import java.security.GeneralSecurityException;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.ProviderException;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.ECGenParameterSpec;
import java.util.ArrayList;
import java.util.Date;
import javax.security.auth.x500.X500Principal;
import org.apache.commons.codec.digest.MessageDigestAlgorithms;
import org.json.JSONException;
import org.json.JSONObject;

/* compiled from: Proguard */
/* loaded from: classes3.dex */
public class e {
    public static b a(Context context) {
        int i = Build.VERSION.SDK_INT;
        if (i < 24) {
            return null;
        }
        PackageManager packageManager = context.getPackageManager();
        boolean z = i >= 28 && packageManager.hasSystemFeature("android.hardware.strongbox_keystore");
        boolean z2 = i >= 31 && packageManager.hasSystemFeature("android.software.device_id_attestation");
        boolean z3 = i >= 31 && packageManager.hasSystemFeature("android.hardware.keystore.app_attest_key");
        ArrayList arrayList = new ArrayList();
        String str = z ? "jma2023qwertzxcvb1_strongbox" : "jma2023qwertzxcvb1";
        String str2 = z3 ? str + "_persistent" : null;
        try {
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            com.jd.stat.common.utils.e.a("JDMob.Security.Attestation", "doAttestation useAttestKey : " + z3);
            com.jd.stat.common.utils.e.a("JDMob.Security.Attestation", "doAttestation useStrongBox : " + z);
            com.jd.stat.common.utils.e.a("JDMob.Security.Attestation", "doAttestation includeProps : " + z2);
            com.jd.stat.common.utils.e.a("JDMob.Security.Attestation", "doAttestation alias : " + str);
            com.jd.stat.common.utils.e.a("JDMob.Security.Attestation", "doAttestation attestKeyAlias : " + str2);
            if (z3 && !keyStore.containsAlias(str2)) {
                com.jd.stat.common.utils.e.a("JDMob.Security.Attestation", "doAttestation generateKey attestKeyAlias!!!!!");
                if (!keyStore.containsAlias(str2)) {
                    a(str2, z, z2, str2);
                }
            }
            if (!keyStore.containsAlias(str)) {
                a(str, z, z2, str2);
            }
            for (Certificate certificate : keyStore.getCertificateChain(str)) {
                X509Certificate x509Certificate = (X509Certificate) certificateFactory.generateCertificate(new ByteArrayInputStream(certificate.getEncoded()));
                com.jd.stat.common.utils.e.a("JDMob.Security.Attestation", "doAttestation Certificate 1 x509Certificate : " + x509Certificate.getSubjectDN());
                arrayList.add(x509Certificate);
            }
            if (z3) {
                for (Certificate certificate2 : keyStore.getCertificateChain(str2)) {
                    X509Certificate x509Certificate2 = (X509Certificate) certificateFactory.generateCertificate(new ByteArrayInputStream(certificate2.getEncoded()));
                    com.jd.stat.common.utils.e.a("JDMob.Security.Attestation", "doAttestation Certificate 2 x509Certificate : " + x509Certificate2.getSubjectDN());
                    arrayList.add(x509Certificate2);
                }
            }
            return c.a(arrayList);
        } catch (ProviderException e) {
            com.jd.stat.common.utils.e.b("JDMob.Security.Attestation", "doAttestation ProviderException error : " + e);
            e.printStackTrace();
            return a(e);
        } catch (Exception e2) {
            com.jd.stat.common.utils.e.b("JDMob.Security.Attestation", "doAttestation Exception error : " + e2);
            e2.printStackTrace();
            return a(e2);
        }
    }

    private static b a(Exception exc) {
        if (!(exc instanceof ProviderException)) {
            return b.a(-1);
        }
        Throwable cause = exc.getCause();
        int i = Build.VERSION.SDK_INT;
        if (i >= 28 && (exc instanceof StrongBoxUnavailableException)) {
            return b.a(3);
        }
        if (i < 33 || cause == null || !(cause instanceof KeyStoreException)) {
            return (cause == null || cause.getMessage() == null || !cause.getMessage().contains("device ids")) ? b.a(0) : b.a(4);
        }
        KeyStoreException keyStoreException = (KeyStoreException) cause;
        int numericErrorCode = keyStoreException.getNumericErrorCode();
        return numericErrorCode != 8 ? numericErrorCode != 16 ? keyStoreException.isTransientFailure() ? b.a(7) : b.a(0) : keyStoreException.isTransientFailure() ? b.a(6) : b.a(5) : b.a(4);
    }

    private static void a(String str, boolean z, boolean z2, String str2) throws GeneralSecurityException, ProviderException {
        int i = Build.VERSION.SDK_INT;
        if (i >= 24) {
            Date date = new Date();
            boolean z3 = str == str2;
            KeyGenParameterSpec.Builder attestationChallenge = new KeyGenParameterSpec.Builder(str, (i < 31 || !z3) ? 4 : 128).setAlgorithmParameterSpec(new ECGenParameterSpec("secp256r1")).setDigests(MessageDigestAlgorithms.SHA_256).setCertificateNotBefore(date).setAttestationChallenge(String.valueOf(date.getTime()).getBytes());
            if (i >= 28 && z) {
                attestationChallenge.setIsStrongBoxBacked(true);
            }
            if (i >= 31) {
                if (z2) {
                    attestationChallenge.setDevicePropertiesAttestationIncluded(true);
                }
                if (z3) {
                    attestationChallenge.setCertificateSubject(new X500Principal("CN=App Attest Key"));
                } else {
                    attestationChallenge.setAttestKeyAlias(str2);
                }
            }
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC", "AndroidKeyStore");
            keyPairGenerator.initialize(attestationChallenge.build());
            keyPairGenerator.generateKeyPair();
        }
    }

    public static JSONObject b(Context context) {
        com.jd.stat.common.utils.e.a("JDMob.Security.Attestation", "KeyAttestationUtil getAttestationResult来了！");
        JSONObject jSONObject = new JSONObject();
        b a2 = a(context);
        if (a2 != null) {
            try {
                if (a2.b() != -2) {
                    jSONObject.put("eC", a2.b());
                    com.jd.stat.common.utils.e.a("JDMob.Security.Attestation", "KeyAttestationUtil getAttestationResult exception result json : " + jSONObject);
                    com.jd.stat.common.utils.e.a("JDMob.Security.Attestation", "KeyAttestationUtil getAttestationResult exception result json length : " + jSONObject.toString().length());
                    return jSONObject;
                }
                jSONObject.put("status", a2.c());
                a aVar = a2.f3377d;
                if (aVar != null) {
                    JSONObject jSONObject2 = new JSONObject();
                    jSONObject2.put("eT", aVar.d());
                    jSONObject2.put("eS", aVar.c());
                    com.jd.stat.common.utils.e.a("JDMob.Security.Attestation", "KeyAttestationUtil getAttestationResult ExtensionBase64Str length : " + aVar.c().length());
                    jSONObject2.put("cT", aVar.a());
                    jSONObject2.put("erM", aVar.b());
                    jSONObject.put("attest", jSONObject2);
                }
                a2.a();
                com.jd.stat.common.utils.e.a("JDMob.Security.Attestation", "KeyAttestationUtil getAttestationResult result json : " + jSONObject);
                com.jd.stat.common.utils.e.a("JDMob.Security.Attestation", "KeyAttestationUtil getAttestationResult result json length : " + jSONObject.toString().length());
            } catch (JSONException e) {
                e.printStackTrace();
            }
        }
        return jSONObject;
    }
}
