package com.daon.sdk.crypto;

import android.content.Context;
import android.os.Bundle;
import android.security.keystore.KeyGenParameterSpec;
import android.util.Log;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.spec.ECGenParameterSpec;
import java.util.UUID;

/* loaded from: classes.dex */
public class CryptoSdk {
    public static String DEFAULT_CIPHER_ALGORITHM = "AES";

    /* renamed from: a, reason: collision with root package name */
    private static String f9702a = "cipherAlgorithm";

    /* renamed from: b, reason: collision with root package name */
    private static String f9703b = "cipherKeyCached";

    /* renamed from: i, reason: collision with root package name */
    private static CryptoSdk f9704i = new CryptoSdk();

    /* renamed from: c, reason: collision with root package name */
    private boolean f9705c;

    /* renamed from: d, reason: collision with root package name */
    private boolean f9706d;

    /* renamed from: e, reason: collision with root package name */
    private boolean f9707e;

    /* renamed from: f, reason: collision with root package name */
    private boolean f9708f;

    /* renamed from: g, reason: collision with root package name */
    private boolean f9709g = true;

    /* renamed from: h, reason: collision with root package name */
    private String f9710h = DEFAULT_CIPHER_ALGORITHM;

    /* loaded from: classes.dex */
    public interface IInitializeCallback {
        void onInitializeComplete(Throwable th);
    }

    private CryptoSdk() {
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void a(Context context, IInitializeCallback iInitializeCallback, Throwable th) {
        if (th == null) {
            try {
                this.f9706d = a();
                this.f9705c = true;
                com.daon.sdk.crypto.e.b.a(context);
            } catch (Throwable th2) {
                iInitializeCallback.onInitializeComplete(th2);
                return;
            }
        }
        iInitializeCallback.onInitializeComplete(th);
    }

    private void a(Bundle bundle) {
        if (bundle != null) {
            this.f9710h = bundle.getString(f9702a, DEFAULT_CIPHER_ALGORITHM);
            this.f9709g = bundle.getBoolean(f9703b, true);
        }
    }

    private boolean a() {
        KeyGenParameterSpec.Builder algorithmParameterSpec;
        KeyGenParameterSpec.Builder digests;
        KeyGenParameterSpec.Builder userAuthenticationRequired;
        KeyGenParameterSpec build;
        KeyPair keyPair;
        KeyGenParameterSpec build2;
        boolean isInsideSecureHardware;
        if (com.daon.sdk.crypto.h.b.b()) {
            try {
                String uuid = UUID.randomUUID().toString();
                KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC", "AndroidKeyStore");
                j.a();
                algorithmParameterSpec = i.a(uuid, 6).setAlgorithmParameterSpec(new ECGenParameterSpec("secp256r1"));
                digests = algorithmParameterSpec.setDigests("SHA-256");
                userAuthenticationRequired = digests.setUserAuthenticationRequired(false);
                if (com.daon.sdk.crypto.h.b.a()) {
                    Log.d("DAON", "Android N and above: Try key attestation");
                    userAuthenticationRequired.setAttestationChallenge(new byte[]{1, 2, 3, 4, 5, 6, 7, 8});
                }
                build = userAuthenticationRequired.build();
                keyPairGenerator.initialize(build);
                try {
                    keyPair = keyPairGenerator.generateKeyPair();
                } catch (Exception e10) {
                    e = e10;
                    keyPair = null;
                }
                try {
                    if (com.daon.sdk.crypto.h.b.a()) {
                        Log.d("DAON", "Android N and above: Key with attestation generated successfully. Attestation supported.");
                        this.f9707e = true;
                    }
                } catch (Exception e11) {
                    e = e11;
                    Log.e("DAON", "Generate key exception", e);
                    if (!com.daon.sdk.crypto.h.b.a()) {
                        Log.e("DAON", "Throw exception");
                        throw e;
                    }
                    Log.d("DAON", "Android N and above: Generate key with key attestation failed. Try without key attestation");
                    userAuthenticationRequired.setAttestationChallenge(null);
                    try {
                        KeyPairGenerator keyPairGenerator2 = KeyPairGenerator.getInstance("EC", "AndroidKeyStore");
                        build2 = userAuthenticationRequired.build();
                        keyPairGenerator2.initialize(build2);
                        keyPairGenerator2.generateKeyPair();
                        Log.d("DAON", "Android N and above: Key without attestation generated successfully. Attestation not supported.");
                        isInsideSecureHardware = g.a(KeyFactory.getInstance("EC", "AndroidKeyStore").getKeySpec(keyPair.getPrivate(), f.a())).isInsideSecureHardware();
                        Log.d("DAON", "Asym key in hardware: " + isInsideSecureHardware);
                        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
                        keyStore.load(null);
                        keyStore.deleteEntry(uuid);
                        return isInsideSecureHardware;
                    } catch (Exception e12) {
                        Log.e("DAON", "Generate key without attestation exception", e12);
                        throw e12;
                    }
                }
                isInsideSecureHardware = g.a(KeyFactory.getInstance("EC", "AndroidKeyStore").getKeySpec(keyPair.getPrivate(), f.a())).isInsideSecureHardware();
                Log.d("DAON", "Asym key in hardware: " + isInsideSecureHardware);
                KeyStore keyStore2 = KeyStore.getInstance("AndroidKeyStore");
                keyStore2.load(null);
                keyStore2.deleteEntry(uuid);
                return isInsideSecureHardware;
            } catch (Exception e13) {
                Log.e("DAON", "Failed to check for hardware OS key support.", e13);
            }
        }
        return false;
    }

    public static CryptoSdk getInstance() {
        return f9704i;
    }

    public String getCipherAlgorithm() {
        return this.f9710h;
    }

    public void initialize(final Context context, Bundle bundle, final IInitializeCallback iInitializeCallback) {
        com.daon.sdk.crypto.h.g.a();
        a(bundle);
        boolean a10 = com.daon.sdk.crypto.g.b.a();
        Log.d("DAON", "Ext TEE? " + a10);
        if (a10 && com.daon.sdk.crypto.h.b.b()) {
            com.daon.sdk.crypto.g.a.a().a(context, bundle, new IInitializeCallback() { // from class: com.daon.sdk.crypto.CryptoSdk.1
                @Override // com.daon.sdk.crypto.CryptoSdk.IInitializeCallback
                public void onInitializeComplete(Throwable th) {
                    if (th != null) {
                        Log.e("DAON", "TEE crypto framework failed to initialize.", th);
                    }
                    CryptoSdk.this.f9708f = com.daon.sdk.crypto.g.a.a().d();
                    CryptoSdk.this.a(context, iInitializeCallback, th);
                }
            });
        } else {
            a(context, iInitializeCallback, null);
        }
    }

    public boolean isCipherKeyCached() {
        return this.f9709g;
    }

    public boolean isExtCryptoSupported() {
        return this.f9708f;
    }

    public boolean isHardwareOsKeysSupported() {
        return this.f9706d;
    }

    public boolean isInitialized() {
        return this.f9705c;
    }

    public boolean isKeyAttestationSupported() {
        return this.f9707e;
    }
}
