package androidx.security.identity;

import android.content.Context;
import android.security.keystore.KeyGenParameterSpec;
import androidx.security.identity.q0;
import co.nstant.in.cbor.CborException;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;

/* loaded from: classes.dex */
class x0 extends L0 {

    /* renamed from: f, reason: collision with root package name */
    private static final String f21731f = "SoftwareWritableIdentityCredential";

    /* renamed from: a, reason: collision with root package name */
    private KeyPair f21732a = null;

    /* renamed from: b, reason: collision with root package name */
    private Collection<X509Certificate> f21733b = null;

    /* renamed from: c, reason: collision with root package name */
    private String f21734c;

    /* renamed from: d, reason: collision with root package name */
    private String f21735d;

    /* renamed from: e, reason: collision with root package name */
    private Context f21736e;

    /* JADX INFO: Access modifiers changed from: package-private */
    public x0(Context context, @androidx.annotation.O String str, @androidx.annotation.O String str2) throws AlreadyPersonalizedException {
        this.f21736e = context;
        this.f21734c = str2;
        this.f21735d = str;
        if (C1686k.f(context, str)) {
            throw new AlreadyPersonalizedException("Credential with given name already exists");
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static co.nstant.in.cbor.model.f c(String str, q0 q0Var, PrivateKey privateKey) {
        co.nstant.in.cbor.a aVar = new co.nstant.in.cbor.a();
        co.nstant.in.cbor.builder.b<co.nstant.in.cbor.a> v5 = aVar.v();
        Iterator<C1666a> it = q0Var.a().iterator();
        while (it.hasNext()) {
            v5.q(K0.b(it.next()));
        }
        co.nstant.in.cbor.a aVar2 = new co.nstant.in.cbor.a();
        co.nstant.in.cbor.builder.d<co.nstant.in.cbor.a> w5 = aVar2.w();
        for (q0.c cVar : q0Var.c()) {
            w5.u(new co.nstant.in.cbor.model.u(cVar.d()), K0.S(cVar));
        }
        co.nstant.in.cbor.a aVar3 = new co.nstant.in.cbor.a();
        aVar3.v().r("ProofOfProvisioning").r(str).q(aVar.y().get(0)).q(aVar2.y().get(0)).s(false);
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            new co.nstant.in.cbor.c(byteArrayOutputStream).a(aVar3.y().get(0));
            return K0.G(privateKey, byteArrayOutputStream.toByteArray(), null, null);
        } catch (CborException | InvalidKeyException | NoSuchAlgorithmException | CertificateEncodingException e5) {
            throw new RuntimeException("Error building ProofOfProvisioning", e5);
        }
    }

    private Collection<X509Certificate> d(byte[] bArr) {
        KeyGenParameterSpec.Builder digests;
        KeyGenParameterSpec build;
        if (this.f21732a != null) {
            return null;
        }
        String p5 = C1686k.p(this.f21735d);
        try {
            KeyStore keyStore = KeyStore.getInstance(com.splashtop.remote.security.f.f49962b);
            keyStore.load(null);
            if (keyStore.containsAlias(p5)) {
                keyStore.deleteEntry(p5);
            }
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC", com.splashtop.remote.security.f.f49962b);
            C1684j.a();
            digests = androidx.security.crypto.i.a(p5, 12).setDigests("SHA-256", "SHA-512");
            if (bArr == null) {
                bArr = new byte[0];
            }
            digests.setAttestationChallenge(bArr);
            build = digests.build();
            keyPairGenerator.initialize(build);
            this.f21732a = keyPairGenerator.generateKeyPair();
            Certificate[] certificateChain = keyStore.getCertificateChain(p5);
            this.f21733b = new ArrayList();
            for (Certificate certificate : certificateChain) {
                this.f21733b.add((X509Certificate) certificate);
            }
            return this.f21733b;
        } catch (IOException e5) {
            e = e5;
            throw new RuntimeException("Error creating CredentialKey", e);
        } catch (InvalidAlgorithmParameterException e6) {
            e = e6;
            throw new RuntimeException("Error creating CredentialKey", e);
        } catch (KeyStoreException e7) {
            e = e7;
            throw new RuntimeException("Error creating CredentialKey", e);
        } catch (NoSuchAlgorithmException e8) {
            e = e8;
            throw new RuntimeException("Error creating CredentialKey", e);
        } catch (NoSuchProviderException e9) {
            e = e9;
            throw new RuntimeException("Error creating CredentialKey", e);
        } catch (CertificateException e10) {
            e = e10;
            throw new RuntimeException("Error creating CredentialKey", e);
        }
    }

    @Override // androidx.security.identity.L0
    @androidx.annotation.O
    public Collection<X509Certificate> a(@androidx.annotation.O byte[] bArr) {
        Collection<X509Certificate> d5 = d(bArr);
        if (d5 != null) {
            return d5;
        }
        throw new RuntimeException("getCredentialKeyCertificateChain() must be called before personalize()");
    }

    @Override // androidx.security.identity.L0
    @androidx.annotation.O
    public byte[] b(@androidx.annotation.O q0 q0Var) {
        try {
            d(null);
            co.nstant.in.cbor.model.f c5 = c(this.f21734c, q0Var, this.f21732a.getPrivate());
            byte[] digest = MessageDigest.getInstance("SHA-256").digest(K0.E(c5));
            Context context = this.f21736e;
            String str = this.f21734c;
            String str2 = this.f21735d;
            C1686k.d(context, str, str2, C1686k.p(str2), this.f21733b, q0Var, digest, false);
            return K0.o(c5);
        } catch (NoSuchAlgorithmException e5) {
            throw new RuntimeException("Error digesting ProofOfProvisioning", e5);
        }
    }
}
