package com.lfg.cma.strongkey.sacl.crypto;

import android.content.ContextWrapper;
import android.security.keystore.KeyGenParameterSpec;
import android.security.keystore.KeyInfo;
import android.security.keystore.StrongBoxUnavailableException;
import android.util.Log;
import com.lfg.cma.strongkey.sacl.utilities.Common;
import com.lfg.cma.strongkey.sacl.utilities.SaclConstants;
import com.lfg.consumerparticipant.R;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.CertificateException;
import java.security.spec.ECGenParameterSpec;
import java.security.spec.InvalidKeySpecException;
import org.bouncycastle.pqc.jcajce.spec.McElieceCCA2KeyGenParameterSpec;
import org.json.JSONException;
import org.json.JSONObject;
import org.spongycastle.util.encoders.Hex;

/* loaded from: classes.dex */
class AndroidKeystoreKeyGeneration {
    static final /* synthetic */ boolean $assertionsDisabled = false;
    private static final String TAG = AndroidKeystoreKeyGeneration.class.getSimpleName();
    private static String MTAG = "generate";

    AndroidKeystoreKeyGeneration() {
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static JSONObject execute(String str, String str2, ContextWrapper contextWrapper) {
        KeyPair generateKeyPair;
        SaclConstants.SECURITY_MODULE security_module;
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC", SaclConstants.FIDO2_KEYSTORE_PROVIDER);
            keyPairGenerator.initialize(new KeyGenParameterSpec.Builder(str, 12).setAlgorithmParameterSpec(new ECGenParameterSpec(SaclConstants.FIDO2_KEY_ECDSA_CURVE)).setDigests(McElieceCCA2KeyGenParameterSpec.SHA256).setAttestationChallenge(Common.urlDecode(str2)).setIsStrongBoxBacked(Boolean.TRUE.booleanValue()).setUserAuthenticationValidityDurationSeconds(300).build());
            generateKeyPair = keyPairGenerator.generateKeyPair();
            security_module = SaclConstants.SECURITY_MODULE.SECURE_ELEMENT;
            Log.i("SECURITY_MODULE : ", String.valueOf(security_module));
            Log.i(TAG, contextWrapper.getString(R.string.message_keygen_success_se));
        } catch (StrongBoxUnavailableException | NoSuchMethodError unused) {
            Log.w(TAG, contextWrapper.getString(R.string.message_keygen_failure_se));
            try {
                KeyPairGenerator keyPairGenerator2 = KeyPairGenerator.getInstance("EC", SaclConstants.FIDO2_KEYSTORE_PROVIDER);
                keyPairGenerator2.initialize(new KeyGenParameterSpec.Builder(str, 12).setAlgorithmParameterSpec(new ECGenParameterSpec(SaclConstants.FIDO2_KEY_ECDSA_CURVE)).setDigests(McElieceCCA2KeyGenParameterSpec.SHA256, McElieceCCA2KeyGenParameterSpec.SHA384, McElieceCCA2KeyGenParameterSpec.SHA512).setAttestationChallenge(Common.urlDecode(str2)).setUserAuthenticationValidityDurationSeconds(300).build());
                generateKeyPair = keyPairGenerator2.generateKeyPair();
                security_module = SaclConstants.SECURITY_MODULE.TRUSTED_EXECUTION_ENVIRONMENT;
                Log.i(TAG, contextWrapper.getString(R.string.message_keygen_success_tee));
            } catch (InvalidAlgorithmParameterException | NoSuchAlgorithmException | NoSuchProviderException e) {
                e.printStackTrace();
                try {
                    return Common.JsonError(TAG, MTAG, SaclConstants.ERROR_EXCEPTION, e.getLocalizedMessage());
                } catch (JSONException e2) {
                    e2.printStackTrace();
                    return null;
                }
            }
        } catch (IllegalStateException e3) {
            e = e3;
            Exception exc = e;
            exc.printStackTrace();
            try {
                return Common.JsonError(TAG, MTAG, SaclConstants.ERROR_EXCEPTION, exc.getLocalizedMessage());
            } catch (JSONException e4) {
                e4.printStackTrace();
                return null;
            }
        } catch (InvalidAlgorithmParameterException e5) {
            e = e5;
            Exception exc2 = e;
            exc2.printStackTrace();
            return Common.JsonError(TAG, MTAG, SaclConstants.ERROR_EXCEPTION, exc2.getLocalizedMessage());
        } catch (NoSuchAlgorithmException e6) {
            e = e6;
            Exception exc22 = e;
            exc22.printStackTrace();
            return Common.JsonError(TAG, MTAG, SaclConstants.ERROR_EXCEPTION, exc22.getLocalizedMessage());
        } catch (NoSuchProviderException e7) {
            e = e7;
            Exception exc222 = e;
            exc222.printStackTrace();
            return Common.JsonError(TAG, MTAG, SaclConstants.ERROR_EXCEPTION, exc222.getLocalizedMessage());
        }
        try {
            KeyStore.getInstance(SaclConstants.FIDO2_KEYSTORE_PROVIDER).load(null);
            PrivateKey privateKey = generateKeyPair.getPrivate();
            PublicKey publicKey = generateKeyPair.getPublic();
            KeyInfo keyInfo = (KeyInfo) KeyFactory.getInstance(privateKey.getAlgorithm(), SaclConstants.FIDO2_KEYSTORE_PROVIDER).getKeySpec(privateKey, KeyInfo.class);
            Log.v(TAG, "ECDSA PublicKey Format: " + publicKey.getFormat());
            int origin = keyInfo.getOrigin();
            SaclConstants.KEY_ORIGIN key_origin = origin != 1 ? origin != 2 ? SaclConstants.KEY_ORIGIN.UNKNOWN : SaclConstants.KEY_ORIGIN.IMPORTED : SaclConstants.KEY_ORIGIN.GENERATED;
            String str3 = privateKey.getAlgorithm() + " [" + SaclConstants.FIDO2_KEY_ECDSA_CURVE + "]";
            String str4 = keyInfo.isInsideSecureHardware() + " [" + security_module + "]";
            Log.v(TAG, contextWrapper.getString(R.string.vmessage_keyname) + keyInfo.getKeystoreAlias());
            Log.v(TAG, contextWrapper.getString(R.string.vmessage_origin) + key_origin);
            Log.v(TAG, contextWrapper.getString(R.string.vmessage_algorithm) + str3);
            Log.v(TAG, contextWrapper.getString(R.string.vmessage_size) + keyInfo.getKeySize());
            Log.v(TAG, contextWrapper.getString(R.string.vmessage_userauth) + keyInfo.isUserAuthenticationRequired());
            Log.v(TAG, contextWrapper.getString(R.string.vmessage_semodule) + str4);
            JSONObject put = new JSONObject().put(SaclConstants.FIDO2_KEY_LABEL_KEYNAME, keyInfo.getKeystoreAlias()).put("origin", key_origin).put(SaclConstants.FIDO2_KEY_LABEL_ALGORITHM, str3).put(SaclConstants.FIDO2_KEY_LABEL_SIZE, keyInfo.getKeySize()).put(SaclConstants.FIDO2_KEY_LABEL_USER_AUTH, keyInfo.isUserAuthenticationRequired()).put(SaclConstants.FIDO2_KEY_LABEL_SEMODULE, str4).put(SaclConstants.FIDO2_KEY_LABEL_HEX_PUBLIC_KEY, Hex.toHexString(publicKey.getEncoded()));
            Log.v(TAG, "Newly generated FIDO key: " + put.toString(2));
            return put;
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | CertificateException | InvalidKeySpecException | JSONException e8) {
            e8.printStackTrace();
            try {
                return Common.JsonError(TAG, MTAG, SaclConstants.ERROR_EXCEPTION, e8.getLocalizedMessage());
            } catch (JSONException e9) {
                e9.printStackTrace();
                return null;
            }
        }
    }
}
