package androidx.security.identity;

import android.content.Context;
import android.os.Build;
import android.security.keystore.KeyGenParameterSpec;
import androidx.annotation.h0;
import androidx.security.identity.i;
import co.nstant.in.cbor.CborException;
import co.nstant.in.cbor.h.u;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;

/* compiled from: SoftwareWritableIdentityCredential.java */
/* loaded from: classes.dex */
class n extends p {

    /* renamed from: f, reason: collision with root package name */
    private static final String f1072f = "SoftwareWritableIdentityCredential";
    private KeyPair a = null;
    private Collection<X509Certificate> b = null;
    private String c;
    private String d;
    private Context e;

    /* JADX INFO: Access modifiers changed from: package-private */
    public n(Context context, @h0 String str, @h0 String str2) throws AlreadyPersonalizedException {
        this.e = context;
        this.c = str2;
        this.d = str;
        if (c.f(context, str)) {
            throw new AlreadyPersonalizedException("Credential with given name already exists");
        }
    }

    static byte[] c(String str, i iVar, PrivateKey privateKey) {
        co.nstant.in.cbor.a aVar = new co.nstant.in.cbor.a();
        co.nstant.in.cbor.e.b<co.nstant.in.cbor.a> v = aVar.v();
        Iterator<a> it = iVar.a().iterator();
        while (it.hasNext()) {
            v.q(o.b(it.next()));
        }
        co.nstant.in.cbor.a aVar2 = new co.nstant.in.cbor.a();
        co.nstant.in.cbor.e.d<co.nstant.in.cbor.a> w = aVar2.w();
        for (i.c cVar : iVar.c()) {
            w.u(new u(cVar.d()), o.D(cVar));
        }
        co.nstant.in.cbor.a aVar3 = new co.nstant.in.cbor.a();
        aVar3.v().r("ProofOfProvisioning").r(str).q(aVar.y().get(0)).q(aVar2.y().get(0)).s(false);
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            new co.nstant.in.cbor.c(byteArrayOutputStream).a(aVar3.y().get(0));
            return o.w(privateKey, byteArrayOutputStream.toByteArray(), null, null);
        } catch (CborException | InvalidKeyException | NoSuchAlgorithmException | CertificateEncodingException e) {
            throw new RuntimeException("Error building ProofOfProvisioning", e);
        }
    }

    private Collection<X509Certificate> d(byte[] bArr) {
        if (this.a != null) {
            return null;
        }
        String o = c.o(this.d);
        try {
            KeyStore keyStore = KeyStore.getInstance(com.splashtop.remote.h5.g.b);
            keyStore.load(null);
            if (keyStore.containsAlias(o)) {
                keyStore.deleteEntry(o);
            }
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC", com.splashtop.remote.h5.g.b);
            KeyGenParameterSpec.Builder digests = new KeyGenParameterSpec.Builder(o, 12).setDigests("SHA-256", "SHA-512");
            if (Build.VERSION.SDK_INT >= 24) {
                if (bArr == null) {
                    bArr = new byte[0];
                }
                digests.setAttestationChallenge(bArr);
            }
            keyPairGenerator.initialize(digests.build());
            this.a = keyPairGenerator.generateKeyPair();
            Certificate[] certificateChain = keyStore.getCertificateChain(o);
            this.b = new ArrayList();
            for (Certificate certificate : certificateChain) {
                this.b.add((X509Certificate) certificate);
            }
            return this.b;
        } catch (IOException | InvalidAlgorithmParameterException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | CertificateException e) {
            throw new RuntimeException("Error creating CredentialKey", e);
        }
    }

    @Override // androidx.security.identity.p
    @h0
    public Collection<X509Certificate> a(@h0 byte[] bArr) {
        Collection<X509Certificate> d = d(bArr);
        if (d != null) {
            return d;
        }
        throw new RuntimeException("getCredentialKeyCertificateChain() must be called before personalize()");
    }

    @Override // androidx.security.identity.p
    @h0
    public byte[] b(@h0 i iVar) {
        d(null);
        byte[] c = c(this.c, iVar, this.a.getPrivate());
        Context context = this.e;
        String str = this.c;
        String str2 = this.d;
        c.d(context, str, str2, c.o(str2), this.b, iVar);
        return c;
    }
}
