package com.huawei.hvi.ability.util.sign;

import android.os.Build;
import android.security.keystore.KeyGenParameterSpec;
import androidx.annotation.RequiresApi;
import com.huawei.hvi.ability.component.log.Logger;
import com.huawei.hvi.ability.component.store.sp.SPStoreUtil;
import com.huawei.hvi.ability.util.ArrayUtils;
import com.huawei.hvi.ability.util.CloseUtils;
import com.huawei.hvi.ability.util.DeviceInfoUtils;
import com.huawei.hvi.ability.util.EmuiUtils;
import com.huawei.hvi.ability.util.GsonUtils;
import com.huawei.hvi.ability.util.PackageUtils;
import com.huawei.hvi.ability.util.PhoneInfoUtils;
import com.huawei.hvi.ability.util.ReflectionUtils;
import com.huawei.hvi.ability.util.TimeUtils;
import com.huawei.hvi.ability.util.concurrent.AsyncTaskBase;
import com.huawei.phoneservice.feedbackcommon.network.FeedbackWebConstants;
import com.huawei.secure.android.common.util.SafeBase64;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.ObjectOutputStream;
import java.lang.reflect.InvocationTargetException;
import java.lang.reflect.Method;
import java.math.BigInteger;
import java.nio.charset.StandardCharsets;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.ProviderException;
import java.security.Signature;
import java.security.SignatureException;
import java.security.UnrecoverableEntryException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.util.ArrayList;
import java.util.GregorianCalendar;
import java.util.HashMap;

/* loaded from: classes2.dex */
public final class DeviceInfoSignUtils {
    private static final int ARG_MIN_NUM = 1;
    private static final String ATTESTATION_CHALLENGE = "hwkeystory";
    private static final String DEVICE_ID = "deviceId";
    private static final String DEVICE_ID_TYPE = "deviceIdType";
    private static final String DEVICE_ID_TYPE_VALUE = "9";
    private static final String HAS_GENERATE_KEY_PAIR = "has_generate_key_pair";
    private static final String HW_KEY_STORE = "HwUniversalKeyStoreProvider";
    private static final String KEYSTORE_PROVIDER_ANDROID_KEYSTORE = "HwKeystore";
    private static final int KEYSTORE_SERIAL_NUMBER = 1337;
    private static final int KEY_SIZE = 2048;
    private static final int ONE_INDEX = 0;
    private static final String RANDOM = "random";
    private static final String REGISTER_HUKS_METHOD = "install";
    private static final String REGISTER_HUKS_PACKAGE = "com.huawei.security.keystore.HwUniversalKeyStoreProvider";
    private static final String SIGNATURE_SHA256WITHRSA = "SHA256withRSA";
    public static final String TAG = "OOBE_DeviceInfoSignUtils";
    private static final String TERMINAL_TYPE = "terminalType";
    private static final String TIME_STAMP = "timeStamp";
    private boolean isRegisterHUKSuccess = false;
    private static final DeviceInfoSignUtils INSTANCE = new DeviceInfoSignUtils();
    private static final String ALIAS = PackageUtils.getPackageName() + ":deviceinfo";

    /* loaded from: classes2.dex */
    private static class a extends AsyncTaskBase<String, Void, DeviceInfoSignData> {
        private DeviceInfoSignCallback a;

        private a(DeviceInfoSignCallback deviceInfoSignCallback) {
            this.a = deviceInfoSignCallback;
        }

        @Override // com.huawei.hvi.ability.util.concurrent.AsyncTaskBase
        @RequiresApi(api = 24)
        /* renamed from: a, reason: merged with bridge method [inline-methods] */
        public DeviceInfoSignData onExecute(String... strArr) {
            String str;
            Logger.i(DeviceInfoSignUtils.TAG, "onExecute");
            if (strArr == null || strArr.length < 1) {
                Logger.w(DeviceInfoSignUtils.TAG, "strings is null or less than one");
                return new DeviceInfoSignData();
            }
            if (EmuiUtils.VERSION.EMUI_SDK_INT <= 14) {
                Logger.i(DeviceInfoSignUtils.TAG, "EMUI version is equal or lesser than 8.0");
                return new DeviceInfoSignData();
            }
            Logger.d(DeviceInfoSignUtils.TAG, "generate cerChain start time: " + System.currentTimeMillis());
            Certificate[] hUKSCertificate = DeviceInfoSignUtils.getInstance().getHUKSCertificate();
            Logger.d(DeviceInfoSignUtils.TAG, "generate cerChain end time: " + System.currentTimeMillis());
            String str2 = null;
            if (hUKSCertificate == null || hUKSCertificate.length <= 0) {
                Logger.e(DeviceInfoSignUtils.TAG, "certificates is null or less than one");
                str = null;
            } else {
                Logger.d(DeviceInfoSignUtils.TAG, "length of certificates : " + hUKSCertificate.length);
                String objectToBase64 = DeviceInfoSignUtils.objectToBase64(hUKSCertificate[0]);
                str2 = DeviceInfoSignUtils.objectToBase64(hUKSCertificate);
                str = objectToBase64;
            }
            DeviceInfoSignData deviceInfoSignData = new DeviceInfoSignData();
            deviceInfoSignData.setVerification(strArr[0]);
            deviceInfoSignData.setCerChain(str2);
            deviceInfoSignData.setKey(str);
            deviceInfoSignData.setSign(DeviceInfoSignUtils.getInstance().signData(strArr[0]));
            Logger.d(DeviceInfoSignUtils.TAG, "original signData : " + strArr[0]);
            return deviceInfoSignData;
        }

        @Override // com.huawei.hvi.ability.util.concurrent.AsyncTaskBase
        /* renamed from: a, reason: merged with bridge method [inline-methods] */
        public void onCallbackResult(DeviceInfoSignData deviceInfoSignData) {
            Logger.i(DeviceInfoSignUtils.TAG, "onCallbackResult");
        }

        /* JADX INFO: Access modifiers changed from: protected */
        @Override // android.os.AsyncTask
        /* renamed from: b, reason: merged with bridge method [inline-methods] */
        public void onPostExecute(DeviceInfoSignData deviceInfoSignData) {
            super.onPostExecute(deviceInfoSignData);
            Logger.i(DeviceInfoSignUtils.TAG, "onPostExecute");
            DeviceInfoSignCallback deviceInfoSignCallback = this.a;
            if (deviceInfoSignCallback != null) {
                deviceInfoSignCallback.signInfoCallback(deviceInfoSignData);
            } else {
                Logger.w(DeviceInfoSignUtils.TAG, "DeviceInfoSignCallback in null");
            }
        }
    }

    /* loaded from: classes2.dex */
    private static class b extends AsyncTaskBase<String, Void, DeviceInfoSignData> {
        private DeviceInfoSignCallback a;

        private b(DeviceInfoSignCallback deviceInfoSignCallback) {
            this.a = deviceInfoSignCallback;
        }

        @Override // com.huawei.hvi.ability.util.concurrent.AsyncTaskBase
        @RequiresApi(api = 24)
        /* renamed from: a, reason: merged with bridge method [inline-methods] */
        public DeviceInfoSignData onExecute(String... strArr) {
            Logger.i(DeviceInfoSignUtils.TAG, "onExecute");
            if (EmuiUtils.VERSION.EMUI_SDK_INT <= 14) {
                Logger.i(DeviceInfoSignUtils.TAG, "EMUI version is equal or lesser than 8.0");
                return new DeviceInfoSignData();
            }
            if (strArr == null || strArr.length < 1) {
                Logger.w(DeviceInfoSignUtils.TAG, "strings is null or less than one");
                return new DeviceInfoSignData();
            }
            Logger.d(DeviceInfoSignUtils.TAG, "generate cerChain start time: " + System.currentTimeMillis());
            Certificate[] hUKSCertificate = DeviceInfoSignUtils.getInstance().getHUKSCertificate();
            Logger.d(DeviceInfoSignUtils.TAG, "generate cerChain end time: " + System.currentTimeMillis());
            DeviceInfoSignData deviceInfoSignData = new DeviceInfoSignData();
            deviceInfoSignData.setCerChain(DeviceInfoSignUtils.certificateListToString(hUKSCertificate));
            deviceInfoSignData.setVerification(strArr[0]);
            deviceInfoSignData.setSign(DeviceInfoSignUtils.getInstance().signData(strArr[0]));
            Logger.d(DeviceInfoSignUtils.TAG, "original signData : " + strArr[0]);
            return deviceInfoSignData;
        }

        /* JADX INFO: Access modifiers changed from: protected */
        @Override // android.os.AsyncTask
        /* renamed from: a, reason: merged with bridge method [inline-methods] */
        public void onPostExecute(DeviceInfoSignData deviceInfoSignData) {
            super.onPostExecute(deviceInfoSignData);
            Logger.i(DeviceInfoSignUtils.TAG, "onPostExecute");
            DeviceInfoSignCallback deviceInfoSignCallback = this.a;
            if (deviceInfoSignCallback != null) {
                deviceInfoSignCallback.signInfoCallback(deviceInfoSignData);
            } else {
                Logger.w(DeviceInfoSignUtils.TAG, "DeviceInfoSignCallback in null");
            }
        }
    }

    private DeviceInfoSignUtils() {
        registerHUKS();
        Logger.i(TAG, "registerHUKS" + this.isRegisterHUKSuccess);
    }

    private String base64EncodeToString(byte[] bArr) {
        return SafeBase64.encodeToString(bArr, 0);
    }

    public static String certificateListToString(Certificate[] certificateArr) {
        try {
            if (ArrayUtils.isEmpty(certificateArr)) {
                return null;
            }
            ArrayList arrayList = new ArrayList();
            for (Certificate certificate : certificateArr) {
                for (byte b2 : certificate.getEncoded()) {
                    arrayList.add(Byte.valueOf(b2));
                }
            }
            int size = arrayList.size();
            byte[] bArr = new byte[size];
            for (int i = 0; i < size; i++) {
                bArr[i] = ((Byte) arrayList.get(i)).byteValue();
            }
            return SafeBase64.encodeToString(bArr, 0);
        } catch (CertificateException e) {
            Logger.e(TAG, "certificateListToString exception", e);
            return null;
        }
    }

    private boolean checkEmuiVersionAndRegister() {
        return (EmuiUtils.VERSION.EMUI_SDK_INT > 14) && this.isRegisterHUKSuccess;
    }

    @RequiresApi(api = 24)
    private void generateKeyPair(String str, String str2, int i, String str3, String str4) {
        String str5;
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(str2, HW_KEY_STORE);
            GregorianCalendar gregorianCalendar = new GregorianCalendar();
            GregorianCalendar gregorianCalendar2 = new GregorianCalendar();
            gregorianCalendar2.add(1, 1);
            keyPairGenerator.initialize(new KeyGenParameterSpec.Builder(str, i).setDigests(str3).setSignaturePaddings(str4).setCertificateSerialNumber(BigInteger.valueOf(1337L)).setCertificateNotBefore(gregorianCalendar.getTime()).setCertificateNotAfter(gregorianCalendar2.getTime()).setAttestationChallenge(ATTESTATION_CHALLENGE.getBytes(StandardCharsets.UTF_8)).setUserAuthenticationRequired(false).setKeySize(2048).build());
            if (keyPairGenerator.generateKeyPair() != null) {
                SPStoreUtil.put(HAS_GENERATE_KEY_PAIR, true);
                Logger.i(TAG, "setGenerateKeyPair : true");
            } else {
                Logger.w(TAG, "generateKeyPair, but failed");
            }
        } catch (InvalidAlgorithmParameterException e) {
            e = e;
            str5 = "generateKeyPair: InvalidAlgorithmParameterException";
            Logger.e(TAG, str5, e);
        } catch (NoSuchAlgorithmException e2) {
            e = e2;
            str5 = "generateKeyPair: NoSuchAlgorithmException";
            Logger.e(TAG, str5, e);
        } catch (NoSuchProviderException unused) {
            Logger.e(TAG, "generateKeyPair: NoSuchProviderException");
        } catch (ProviderException e3) {
            e = e3;
            str5 = "generateKeyPair: ProviderException";
            Logger.e(TAG, str5, e);
        } catch (Exception e4) {
            e = e4;
            str5 = "generateKeyPair: Exception";
            Logger.e(TAG, str5, e);
        }
    }

    public static DeviceInfoSignUtils getInstance() {
        return INSTANCE;
    }

    public static String objectToBase64(Object obj) {
        ObjectOutputStream objectOutputStream;
        Logger.i(TAG, "objectToBase64 ");
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        ObjectOutputStream objectOutputStream2 = null;
        String str = null;
        try {
            objectOutputStream = new ObjectOutputStream(byteArrayOutputStream);
            try {
                try {
                    objectOutputStream.writeObject(obj);
                    str = SafeBase64.encodeToString(byteArrayOutputStream.toByteArray(), 0);
                } catch (IOException unused) {
                    Logger.e(TAG, "objectToBase64 IOException...");
                    CloseUtils.close(byteArrayOutputStream);
                    CloseUtils.close(objectOutputStream);
                    return str;
                }
            } catch (Throwable th) {
                th = th;
                objectOutputStream2 = objectOutputStream;
                CloseUtils.close(byteArrayOutputStream);
                CloseUtils.close(objectOutputStream2);
                throw th;
            }
        } catch (IOException unused2) {
            objectOutputStream = null;
        } catch (Throwable th2) {
            th = th2;
            CloseUtils.close(byteArrayOutputStream);
            CloseUtils.close(objectOutputStream2);
            throw th;
        }
        CloseUtils.close(byteArrayOutputStream);
        CloseUtils.close(objectOutputStream);
        return str;
    }

    private void registerHUKS() {
        String str;
        try {
            Method method = ReflectionUtils.getMethod(REGISTER_HUKS_PACKAGE, REGISTER_HUKS_METHOD, (Class<?>[]) new Class[0]);
            ReflectionUtils.setAccessible(method, true);
            if (method != null) {
                method.invoke(null, new Object[0]);
                this.isRegisterHUKSuccess = true;
            } else {
                this.isRegisterHUKSuccess = false;
            }
        } catch (IllegalAccessException e) {
            e = e;
            str = "registerHUKS: cannot access";
            Logger.e(TAG, str, e);
            this.isRegisterHUKSuccess = false;
        } catch (InvocationTargetException e2) {
            e = e2;
            str = "registerHUKS: InvocationTargetException";
            Logger.e(TAG, str, e);
            this.isRegisterHUKSuccess = false;
        } catch (Exception e3) {
            e = e3;
            str = "registerHUKS: Exception";
            Logger.e(TAG, str, e);
            this.isRegisterHUKSuccess = false;
        }
    }

    @RequiresApi(api = 24)
    public synchronized void generateHUKSKeyPair() {
        if (!checkEmuiVersionAndRegister()) {
            Logger.w(TAG, "EMUI Version less than 8.1 or register HUKS failed");
        } else if (SPStoreUtil.getBoolean(HAS_GENERATE_KEY_PAIR)) {
            Logger.i(TAG, "hasGenerateKeyPair : true");
        } else {
            Logger.i(TAG, "hasGenerateKeyPair : false. generateHUKSKeyPair : RSA");
            generateKeyPair(ALIAS, "RSA", 4, FeedbackWebConstants.SHA_256, "PKCS1");
        }
    }

    @RequiresApi(api = 24)
    public String getCerChain() {
        if (checkEmuiVersionAndRegister()) {
            return certificateListToString(getHUKSCertificate());
        }
        Logger.w(TAG, "EMUI Version less than 8.1 or register HUKS failed");
        return null;
    }

    public void getDeviceInfoSignDataAsync(DeviceInfoSignCallback deviceInfoSignCallback, String str) {
        new a(deviceInfoSignCallback).submit(str);
    }

    public void getDeviceInfoSignDataAsyncForVideo(DeviceInfoSignCallback deviceInfoSignCallback) {
        new b(deviceInfoSignCallback).submit(getDeviceInfoVerifyString());
    }

    public void getDeviceInfoSignDataAsyncForVideo(DeviceInfoSignCallback deviceInfoSignCallback, String str) {
        new b(deviceInfoSignCallback).submit(str);
    }

    public String getDeviceInfoVerifyForVideoService(String str, String str2) {
        Logger.d(TAG, "deviceId : " + str + ". deviceIdType : " + str2);
        String currentUtcTime = TimeUtils.getCurrentUtcTime();
        String uuidByBuild = DeviceInfoUtils.getUuidByBuild();
        String str3 = Build.MODEL;
        HashMap hashMap = new HashMap();
        hashMap.put(TIME_STAMP, currentUtcTime);
        hashMap.put(RANDOM, uuidByBuild);
        hashMap.put("terminalType", str3);
        hashMap.put("deviceIdType", str2);
        hashMap.put("deviceId", str);
        return GsonUtils.toJson(hashMap);
    }

    public String getDeviceInfoVerifyString() {
        String currentUtcTime = TimeUtils.getCurrentUtcTime();
        String uuidByBuild = DeviceInfoUtils.getUuidByBuild();
        String str = Build.MODEL;
        String udid = PhoneInfoUtils.getUdid();
        HashMap hashMap = new HashMap();
        hashMap.put(TIME_STAMP, currentUtcTime);
        hashMap.put(RANDOM, uuidByBuild);
        hashMap.put("terminalType", str);
        hashMap.put("deviceIdType", "9");
        hashMap.put("deviceId", udid);
        return GsonUtils.toJson(hashMap);
    }

    @RequiresApi(api = 24)
    public Certificate[] getHUKSCertificate() {
        String str;
        if (!checkEmuiVersionAndRegister()) {
            Logger.w(TAG, "EMUI Version less than 8.1 or register HUKS failed");
            return new Certificate[0];
        }
        generateHUKSKeyPair();
        try {
            KeyStore keyStore = KeyStore.getInstance("HwKeyStore");
            keyStore.load(null);
            Logger.i(TAG, "getHUKSCertificate : Load keystore success!");
            KeyStore.Entry entry = keyStore.getEntry(ALIAS, null);
            if (entry == null) {
                Logger.w(TAG, "getHUKSCertificate ：Entry is null");
                return new Certificate[0];
            }
            if (entry instanceof KeyStore.PrivateKeyEntry) {
                return ((KeyStore.PrivateKeyEntry) entry).getCertificateChain();
            }
            Logger.w(TAG, "getHUKSCertificate ：Not an instance of a PrivateKeyEntry");
            return new Certificate[0];
        } catch (IOException e) {
            e = e;
            str = "getHUKSCertificate: IOException";
            Logger.e(TAG, str, e);
            return null;
        } catch (KeyStoreException e2) {
            e = e2;
            str = "getHUKSCertificate: KeyStoreException";
            Logger.e(TAG, str, e);
            return null;
        } catch (NoSuchAlgorithmException e3) {
            e = e3;
            str = "getHUKSCertificate: NoSuchAlgorithmException";
            Logger.e(TAG, str, e);
            return null;
        } catch (UnrecoverableEntryException e4) {
            e = e4;
            str = "getHUKSCertificate: UnrecoverableEntryException";
            Logger.e(TAG, str, e);
            return null;
        } catch (CertificateException e5) {
            e = e5;
            str = "getHUKSCertificate: CertificateException";
            Logger.e(TAG, str, e);
            return null;
        } catch (Exception e6) {
            e = e6;
            str = "getHUKSCertificate: Exception";
            Logger.e(TAG, str, e);
            return null;
        }
    }

    @RequiresApi(api = 24)
    public String signData(String str) {
        String str2 = "signData: NoSuchAlgorithmException";
        if (!checkEmuiVersionAndRegister()) {
            Logger.w(TAG, "EMUI Version less than 8.1 or register HUKS failed");
            return null;
        }
        try {
            byte[] bytes = str.getBytes(StandardCharsets.UTF_8);
            KeyStore keyStore = KeyStore.getInstance(KEYSTORE_PROVIDER_ANDROID_KEYSTORE);
            keyStore.load(null);
            KeyStore.Entry entry = keyStore.getEntry(ALIAS, null);
            if (entry == null) {
                Logger.w(TAG, "entry is null");
                return null;
            }
            if (!(entry instanceof KeyStore.PrivateKeyEntry)) {
                Logger.w(TAG, "entry is not instanceof KeyStore.PrivateKeyEntry");
                return null;
            }
            Signature signature = Signature.getInstance(SIGNATURE_SHA256WITHRSA, HW_KEY_STORE);
            signature.initSign(((KeyStore.PrivateKeyEntry) entry).getPrivateKey());
            signature.update(bytes);
            return base64EncodeToString(signature.sign());
        } catch (IOException e) {
            e = e;
            str2 = "signData: IOException";
            Logger.e(TAG, str2, e);
            return null;
        } catch (InvalidKeyException e2) {
            e = e2;
            str2 = "signData: InvalidKeyException";
            Logger.e(TAG, str2, e);
            return null;
        } catch (KeyStoreException e3) {
            e = e3;
            str2 = "signData: KeyStoreException";
            Logger.e(TAG, str2, e);
            return null;
        } catch (NoSuchAlgorithmException e4) {
            e = e4;
            Logger.e(TAG, str2, e);
            return null;
        } catch (NoSuchProviderException e5) {
            e = e5;
            str2 = "signData： NoSuchProviderException";
            Logger.e(TAG, str2, e);
            return null;
        } catch (SignatureException e6) {
            e = e6;
            str2 = "signData: SignatureException";
            Logger.e(TAG, str2, e);
            return null;
        } catch (UnrecoverableEntryException e7) {
            e = e7;
            Logger.e(TAG, str2, e);
            return null;
        } catch (CertificateException e8) {
            e = e8;
            str2 = "signData: CertificateException";
            Logger.e(TAG, str2, e);
            return null;
        } catch (Exception e9) {
            e = e9;
            str2 = "signData: Exception";
            Logger.e(TAG, str2, e);
            return null;
        }
    }
}
