package com.gmrz.asm.fp.utils;

import android.content.Context;
import android.hardware.fingerprint.FingerprintManager;
import android.os.Build;
import android.security.keystore.KeyGenParameterSpec;
import com.gmrz.appsdk.attestation.KeyASecurityType;
import com.gmrz.appsdk.util.FpUtil;
import java.io.IOException;
import java.lang.reflect.Method;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.security.cert.X509Certificate;
import java.security.spec.ECGenParameterSpec;
import java.util.UUID;

/* loaded from: classes.dex */
public class KeyStoreChecker {
    private static final String CLS_NAME_PROVIDER_OTHER_UNIVERSAL_KEYSTORE = "com.other.security.keystore.HwUniversalKeyStoreProvider";
    private static final String KEYSTORE_NAME_ANDROID = "AndroidKeyStore";
    private static final String KEYSTORE_NAME_OTHER_UNIVERSAL = "HwKeystore";
    private static final String PROVIDER_NAME_ANDROID_KEYSTORE = "AndroidKeyStore";
    private static final String PROVIDER_NAME_OTHER_UNIVERSAL_KEYSTORE = "HwUniversalKeyStoreProvider";
    private static final String TAG = "FingerprintUtils";
    private static KeyStoreChecker instance;
    private final FingerprintManager fingerprintManager;
    private Boolean mGoogleKeyStoreAvailable = null;
    private Boolean mOtherKeyStoreAvailable = null;
    public KeyASecurityType googleSecurityType = null;
    public KeyASecurityType otherSecurityType = null;

    private KeyStoreChecker(Context context) throws Exception {
        if (Build.VERSION.SDK_INT < 23) {
            throw new Exception("device android version below Android 6.0");
        }
        if (context.checkSelfPermission("android.permission.USE_FINGERPRINT") != 0) {
            throw new Exception("fingerprint permission not granted");
        }
        this.fingerprintManager = (FingerprintManager) context.getSystemService("fingerprint");
    }

    private byte[] genChallenge(int i) {
        byte[] bArr = new byte[i];
        new SecureRandom().nextBytes(bArr);
        return bArr;
    }

    public static KeyStoreChecker getInstance(Context context) throws Exception {
        if (instance == null) {
            instance = new KeyStoreChecker(context);
        }
        return instance;
    }

    private boolean isGoogleAvailable() {
        if (Build.VERSION.SDK_INT < 24) {
            return false;
        }
        com.gmrz.appsdk.util.Logger.d(TAG, "google keystore key pair generation test start");
        String uuid = UUID.randomUUID().toString();
        byte[] genChallenge = genChallenge(105);
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC", "AndroidKeyStore");
            keyPairGenerator.initialize(new KeyGenParameterSpec.Builder(uuid, 4).setDigests("SHA-256").setAlgorithmParameterSpec(new ECGenParameterSpec("prime256v1")).setUserAuthenticationRequired(false).setAttestationChallenge(genChallenge).build());
            keyPairGenerator.generateKeyPair();
            com.gmrz.appsdk.util.Logger.d(TAG, "google keystore ECC key pair generate testing passed");
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            com.gmrz.appsdk.util.Logger.d(TAG, "google keystore load testing passed");
            this.googleSecurityType = FpUtil.getSecurityLevel((X509Certificate) keyStore.getCertificateChain(uuid)[0]);
            com.gmrz.appsdk.util.Logger.d(TAG, "google keystore export certificate chain testing passed");
            if (keyStore.getKey(uuid, null) == null) {
                throw new IOException("google keystore retrieve key failed: pri key instance is null");
            }
            keyStore.load(null);
            keyStore.deleteEntry(uuid);
            com.gmrz.appsdk.util.Logger.d(TAG, "google keystore testing key pair deleted");
            return true;
        } catch (Exception e) {
            com.gmrz.appsdk.util.Logger.e(TAG, "google keystore sign testing failure:" + e.getMessage());
            return false;
        }
    }

    private boolean isOtherAvailable() {
        com.gmrz.appsdk.util.Logger.d(TAG, "other keystore key pair generation test start");
        if (Build.VERSION.SDK_INT < 24) {
            return false;
        }
        if (!Checker.isSupportHwKeystore()) {
            com.gmrz.appsdk.util.Logger.e(TAG, "device not support other universal keystore");
            return false;
        }
        String uuid = UUID.randomUUID().toString();
        byte[] genChallenge = genChallenge(105);
        try {
            prepareOtherKeystore();
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC", PROVIDER_NAME_OTHER_UNIVERSAL_KEYSTORE);
            keyPairGenerator.initialize(new KeyGenParameterSpec.Builder(uuid, 4).setDigests("SHA-256").setAlgorithmParameterSpec(new ECGenParameterSpec("prime256v1")).setUserAuthenticationRequired(false).setAttestationChallenge(genChallenge).build());
            keyPairGenerator.generateKeyPair();
            com.gmrz.appsdk.util.Logger.d(TAG, "other keystore ECC key pair generate testing passed");
            KeyStore keyStore = KeyStore.getInstance(KEYSTORE_NAME_OTHER_UNIVERSAL);
            keyStore.load(null);
            com.gmrz.appsdk.util.Logger.d(TAG, "other keystore load testing passed");
            this.otherSecurityType = FpUtil.getSecurityLevel((X509Certificate) keyStore.getCertificateChain(uuid)[0]);
            com.gmrz.appsdk.util.Logger.d(TAG, "other keystore export certificate chain testing passed");
            if (keyStore.getKey(uuid, null) == null) {
                throw new IOException("other keystore retrieve key failed: pri key instance is null");
            }
            keyStore.load(null);
            keyStore.deleteEntry(uuid);
            com.gmrz.appsdk.util.Logger.d(TAG, "other keystore testing key pair deleted");
            return true;
        } catch (Exception e) {
            com.gmrz.appsdk.util.Logger.e(TAG, "other keystore sign testing failure:" + e.getMessage());
            return false;
        }
    }

    public Boolean isGoogleKeyStoreAvailable() {
        if (this.mGoogleKeyStoreAvailable == null) {
            this.mGoogleKeyStoreAvailable = Boolean.valueOf(isGoogleAvailable());
        }
        return this.mGoogleKeyStoreAvailable;
    }

    public boolean isHardwareDetected() {
        FingerprintManager fingerprintManager;
        if (Build.VERSION.SDK_INT >= 23 && (fingerprintManager = this.fingerprintManager) != null) {
            return fingerprintManager.isHardwareDetected();
        }
        return false;
    }

    public Boolean isOtherKeyStoreAvailable() {
        if (this.mOtherKeyStoreAvailable == null) {
            this.mOtherKeyStoreAvailable = Boolean.valueOf(isOtherAvailable());
        }
        return this.mOtherKeyStoreAvailable;
    }

    public void prepareOtherKeystore() {
        try {
            Method method = Class.forName(CLS_NAME_PROVIDER_OTHER_UNIVERSAL_KEYSTORE).getMethod("install", new Class[0]);
            method.setAccessible(true);
            method.invoke(null, new Object[0]);
        } catch (Exception e) {
            com.gmrz.appsdk.util.Logger.e(TAG, "HwUniversalKeystore init failed: " + e.getMessage());
        }
    }
}
