package androidx.security.identity;

import android.content.Context;
import android.security.keystore.KeyGenParameterSpec;
import androidx.security.identity.i1;
import co.nstant.in.cbor.CborException;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;

/* compiled from: SoftwareWritableIdentityCredential.java */
/* loaded from: classes.dex */
class p1 extends b2 {

    /* renamed from: f, reason: collision with root package name */
    private static final String f12210f = "SoftwareWritableIdentityCredential";

    /* renamed from: a, reason: collision with root package name */
    private KeyPair f12211a = null;

    /* renamed from: b, reason: collision with root package name */
    private Collection<X509Certificate> f12212b = null;

    /* renamed from: c, reason: collision with root package name */
    private String f12213c;

    /* renamed from: d, reason: collision with root package name */
    private String f12214d;

    /* renamed from: e, reason: collision with root package name */
    private Context f12215e;

    /* JADX INFO: Access modifiers changed from: package-private */
    public p1(Context context, @androidx.annotation.o0 String str, @androidx.annotation.o0 String str2) throws AlreadyPersonalizedException {
        this.f12215e = context;
        this.f12213c = str2;
        this.f12214d = str;
        if (h.f(context, str)) {
            throw new AlreadyPersonalizedException("Credential with given name already exists");
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static co.nstant.in.cbor.model.f c(String str, i1 i1Var, PrivateKey privateKey) {
        co.nstant.in.cbor.a aVar = new co.nstant.in.cbor.a();
        co.nstant.in.cbor.builder.b<co.nstant.in.cbor.a> v10 = aVar.v();
        Iterator<a> it = i1Var.a().iterator();
        while (it.hasNext()) {
            v10.q(a2.b(it.next()));
        }
        co.nstant.in.cbor.a aVar2 = new co.nstant.in.cbor.a();
        co.nstant.in.cbor.builder.d<co.nstant.in.cbor.a> w10 = aVar2.w();
        for (i1.c cVar : i1Var.c()) {
            w10.u(new co.nstant.in.cbor.model.u(cVar.d()), a2.S(cVar));
        }
        co.nstant.in.cbor.a aVar3 = new co.nstant.in.cbor.a();
        aVar3.v().r("ProofOfProvisioning").r(str).q(aVar.y().get(0)).q(aVar2.y().get(0)).s(false);
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            new co.nstant.in.cbor.c(byteArrayOutputStream).a(aVar3.y().get(0));
            return a2.G(privateKey, byteArrayOutputStream.toByteArray(), null, null);
        } catch (CborException | InvalidKeyException | NoSuchAlgorithmException | CertificateEncodingException e10) {
            throw new RuntimeException("Error building ProofOfProvisioning", e10);
        }
    }

    private Collection<X509Certificate> d(byte[] bArr) {
        KeyGenParameterSpec.Builder digests;
        KeyGenParameterSpec build;
        if (this.f12211a != null) {
            return null;
        }
        String p10 = h.p(this.f12214d);
        try {
            KeyStore keyStore = KeyStore.getInstance(com.splashtop.remote.security.f.f38680b);
            keyStore.load(null);
            if (keyStore.containsAlias(p10)) {
                keyStore.deleteEntry(p10);
            }
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC", com.splashtop.remote.security.f.f38680b);
            digests = new KeyGenParameterSpec.Builder(p10, 12).setDigests("SHA-256", "SHA-512");
            if (bArr == null) {
                bArr = new byte[0];
            }
            digests.setAttestationChallenge(bArr);
            build = digests.build();
            keyPairGenerator.initialize(build);
            this.f12211a = keyPairGenerator.generateKeyPair();
            Certificate[] certificateChain = keyStore.getCertificateChain(p10);
            this.f12212b = new ArrayList();
            for (Certificate certificate : certificateChain) {
                this.f12212b.add((X509Certificate) certificate);
            }
            return this.f12212b;
        } catch (IOException | InvalidAlgorithmParameterException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | CertificateException e10) {
            throw new RuntimeException("Error creating CredentialKey", e10);
        }
    }

    @Override // androidx.security.identity.b2
    @androidx.annotation.o0
    public Collection<X509Certificate> a(@androidx.annotation.o0 byte[] bArr) {
        Collection<X509Certificate> d10 = d(bArr);
        if (d10 != null) {
            return d10;
        }
        throw new RuntimeException("getCredentialKeyCertificateChain() must be called before personalize()");
    }

    @Override // androidx.security.identity.b2
    @androidx.annotation.o0
    public byte[] b(@androidx.annotation.o0 i1 i1Var) {
        try {
            d(null);
            co.nstant.in.cbor.model.f c10 = c(this.f12213c, i1Var, this.f12211a.getPrivate());
            byte[] digest = MessageDigest.getInstance("SHA-256").digest(a2.E(c10));
            Context context = this.f12215e;
            String str = this.f12213c;
            String str2 = this.f12214d;
            h.d(context, str, str2, h.p(str2), this.f12212b, i1Var, digest, false);
            return a2.o(c10);
        } catch (NoSuchAlgorithmException e10) {
            throw new RuntimeException("Error digesting ProofOfProvisioning", e10);
        }
    }
}
