package com.bytedance.android.sdk.bdticketguard.key;

import android.security.keystore.KeyGenParameterSpec;
import com.bytedance.android.sdk.bdticketguard.TicketGuardEventHelper;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.StringWriter;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.UnrecoverableEntryException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.interfaces.ECPublicKey;
import java.security.spec.ECPoint;
import java.security.spec.InvalidKeySpecException;
import java.util.Arrays;
import kotlin.jvm.JvmStatic;
import kotlin.jvm.internal.Intrinsics;
import kotlin.text.Charsets;
import net.bytedance.zdplib.Delta;
import org.bouncycastle.operator.OperatorCreationException;
import org.jetbrains.annotations.NotNull;
import ql0.l;
import ql0.n;

/* compiled from: TeeKeyHelper.kt */
/* loaded from: classes.dex */
public final class d {
    @JvmStatic
    public static final boolean a(String str) throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException {
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null);
        return keyStore.containsAlias(str);
    }

    @JvmStatic
    @NotNull
    public static final String b(@NotNull KeyPair keyPair, String str) throws OperatorCreationException, IOException {
        om0.a a11 = new org.bouncycastle.operator.jcajce.a().a(keyPair.getPrivate());
        qm0.a aVar = new qm0.a(new ol0.c(str), keyPair.getPublic());
        n nVar = new n();
        nVar.a(l.f43828g, new ql0.g());
        aVar.a(jl0.f.f38499n0, nVar.b());
        kn0.b bVar = new kn0.b("CERTIFICATE REQUEST", aVar.b(a11).a());
        StringWriter stringWriter = new StringWriter();
        kn0.c cVar = new kn0.c(stringWriter);
        cVar.a(bVar);
        cVar.close();
        stringWriter.close();
        return stringWriter.toString();
    }

    @JvmStatic
    public static final KeyPair c(String str) throws NoSuchProviderException, NoSuchAlgorithmException, InvalidAlgorithmParameterException {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC", "AndroidKeyStore");
        if (str == null) {
            Intrinsics.throwNpe();
        }
        keyPairGenerator.initialize(new KeyGenParameterSpec.Builder(str, 4).setDigests("SHA-256").build());
        return keyPairGenerator.generateKeyPair();
    }

    @JvmStatic
    public static final boolean d(@NotNull byte[] bArr, @NotNull PrivateKey privateKey) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException, IOException, CertificateException {
        byte[] bytes = "test".getBytes(Charsets.UTF_8);
        byte[] h11 = h(privateKey, bytes);
        X509Certificate g11 = g(bArr);
        if (g11 == null) {
            return false;
        }
        Signature signature = Signature.getInstance("SHA256withECDSA");
        signature.initVerify(g11);
        signature.update(bytes);
        boolean verify = signature.verify(h11);
        if (!verify) {
            TicketGuardEventHelper.o();
        }
        return verify;
    }

    @JvmStatic
    public static final KeyPair e(String str) throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException, UnrecoverableEntryException, InvalidKeySpecException {
        PrivateKey privateKey;
        PublicKey publicKey;
        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
        keyStore.load(null);
        KeyStore.Entry entry = keyStore.getEntry(str, null);
        if (entry instanceof KeyStore.PrivateKeyEntry) {
            KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) entry;
            publicKey = privateKeyEntry.getCertificate().getPublicKey();
            privateKey = privateKeyEntry.getPrivateKey();
        } else {
            privateKey = null;
            publicKey = null;
        }
        if (publicKey == null || privateKey == null) {
            return null;
        }
        return new KeyPair(publicKey, privateKey);
    }

    @JvmStatic
    @NotNull
    public static final String f(@NotNull ECPublicKey eCPublicKey) {
        ECPoint w11 = eCPublicKey.getW();
        byte[] byteArray = w11.getAffineX().toByteArray();
        byte[] byteArray2 = w11.getAffineY().toByteArray();
        if (byteArray[0] == 0) {
            byteArray = Arrays.copyOfRange(byteArray, 1, byteArray.length);
        }
        if (byteArray2[0] == 0) {
            byteArray2 = Arrays.copyOfRange(byteArray2, 1, byteArray2.length);
        }
        return "04" + Delta.d(byteArray) + Delta.d(byteArray2);
    }

    @JvmStatic
    public static final X509Certificate g(@NotNull byte[] bArr) throws IOException, CertificateException {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        Certificate generateCertificate = CertificateFactory.getInstance("X.509").generateCertificate(byteArrayInputStream);
        byteArrayInputStream.close();
        if (generateCertificate instanceof X509Certificate) {
            return (X509Certificate) generateCertificate;
        }
        return null;
    }

    @JvmStatic
    @NotNull
    public static final byte[] h(@NotNull PrivateKey privateKey, @NotNull byte[] bArr) throws NoSuchAlgorithmException, InvalidKeyException, SignatureException {
        Signature signature = Signature.getInstance("SHA256withECDSA");
        signature.initSign(privateKey);
        signature.update(bArr);
        return signature.sign();
    }
}
