package com.tgi.library.seencryption.impl;

import android.content.Context;
import android.os.IEncryptionChipService;
import android.os.RemoteException;
import android.os.ServiceManager;
import android.text.TextUtils;
import android.util.Base64;
import b.h.a.a.a;
import b.h.a.a.b;
import com.tgi.library.seencryption.interfaces.SignDataCallback;
import com.tgi.library.seencryption.model.PublicKeyModel;
import com.tgi.library.seencryption.model.SEHardwareModel;
import com.tgi.library.seencryption.provider.ECCProvider;
import com.tgi.library.seencryption.util.SEUtils;
import com.tgi.library.util.HexUtils;
import com.tgi.library.util.LogUtils;
import com.tgi.library.util.encrypt.AESUtils;
import com.tgi.library.util.encrypt.IEncryptionProvider;
import com.tgi.library.util.encrypt.IKeyStore;
import com.tgi.library.util.encrypt.ISignatureProvider;
import com.tgi.library.util.encrypt.KeyStoreSingleton;
import com.tgi.library.util.encrypt.RSAUtils;
import java.security.Key;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.X509EncodedKeySpec;
import javax.crypto.SecretKey;

/* loaded from: classes.dex */
public class SEKeyStore implements IKeyStore {
    private SecretKey aesKey;
    private String deviceId;
    private IEncryptionChipService encryptionChipService;
    private PublicKey publicKey;
    private String publicKey1Base64;
    private PublicKey responsePublicKey;
    private PublicKey signaturePublicKey;

    /* loaded from: classes.dex */
    private static class SEKeyStoreHolder {
        private static SEKeyStore instance = new SEKeyStore();

        private SEKeyStoreHolder() {
        }
    }

    public SEKeyStore() {
        initSE();
    }

    public SEKeyStore(IEncryptionChipService iEncryptionChipService) {
        this.encryptionChipService = iEncryptionChipService;
    }

    public static SEKeyStore getInstance() {
        return SEKeyStoreHolder.instance;
    }

    private void initSE() {
        if (this.encryptionChipService == null) {
            this.encryptionChipService = IEncryptionChipService.Stub.asInterface(ServiceManager.getService(Context.ENCRYPTION_CHIP_SERVICE));
        }
    }

    @Override // com.tgi.library.util.encrypt.IKeyStore
    public Key getAESKey() {
        return this.aesKey;
    }

    public IEncryptionChipService getEncryptionChipService() {
        return this.encryptionChipService;
    }

    @Override // com.tgi.library.util.encrypt.IKeyStore
    public PublicKey getPublicKey1() {
        return this.publicKey;
    }

    @Override // com.tgi.library.util.encrypt.IKeyStore
    public String getRandomString(int i2) {
        return RSAUtils.getRandomString(16);
    }

    @Override // com.tgi.library.util.encrypt.IKeyStore
    public IEncryptionProvider getResponseKeyProvider() {
        return new b();
    }

    @Override // com.tgi.library.util.encrypt.IKeyStore
    public String getResponsePublicKey() {
        return Base64.encodeToString(this.responsePublicKey.getEncoded(), 2);
    }

    @Override // com.tgi.library.util.encrypt.IKeyStore
    public String getSEDeviceId() {
        return this.deviceId;
    }

    @Override // com.tgi.library.util.encrypt.IKeyStore
    public IEncryptionProvider getSessionKeyProvider() {
        if (this.aesKey != null) {
            return new a();
        }
        return null;
    }

    @Override // com.tgi.library.util.encrypt.IKeyStore
    public ISignatureProvider getSignatureKeyProvider() {
        return new ECCProvider(this.encryptionChipService);
    }

    @Override // com.tgi.library.util.encrypt.IKeyStore
    public String getSignaturePublicKey() {
        PublicKeyModel publicKeyModel = new PublicKeyModel();
        SEUtils.readDevicePubKey(this.encryptionChipService, publicKeyModel);
        return Base64.encodeToString(HexUtils.hexStr2Bytes(publicKeyModel.getPublicKey()), 2);
    }

    @Override // com.tgi.library.util.encrypt.IKeyStore
    public void initKeyStore(Context context) {
        this.aesKey = AESUtils.generateAESKey();
        this.responsePublicKey = KeyStoreSingleton.getInstance().containsAlias("response-key") ? KeyStoreSingleton.getInstance().getPublicKeyFromKeyPair("response-key") : KeyStoreSingleton.getInstance().generateKeyPair(context, "response-key", 2048, "RSA").getPublic();
    }

    public void resetKeyStores() {
        KeyStoreSingleton.getInstance().deleteKey("response-key");
    }

    @Override // com.tgi.library.util.encrypt.IKeyStore
    public boolean setPublicKey(String str) {
        if (!TextUtils.isEmpty(this.publicKey1Base64) && this.publicKey1Base64.equals(str)) {
            return false;
        }
        this.publicKey1Base64 = str;
        try {
            this.publicKey = KeyFactory.getInstance("RSA").generatePublic(new X509EncodedKeySpec(Base64.decode(str, 2)));
            return true;
        } catch (NoSuchAlgorithmException e2) {
            e2.printStackTrace();
            return false;
        } catch (InvalidKeySpecException e3) {
            e3.printStackTrace();
            return false;
        }
    }

    public void setSEDeviceId(String str) {
        this.deviceId = str;
    }

    @Override // com.tgi.library.util.encrypt.IKeyStore
    public synchronized byte[] signData(byte[] bArr) {
        byte[] bArr2;
        bArr2 = new byte[32];
        try {
            if (SEUtils.open(this.encryptionChipService)) {
                bArr2 = getSignatureKeyProvider().signData(null, bArr, null);
                SEHardwareModel sEHardwareModel = new SEHardwareModel();
                SEUtils.setModelId(this.encryptionChipService, sEHardwareModel);
                boolean verifySignature = SEUtils.verifySignature(this.encryptionChipService, sEHardwareModel, HexUtils.byte2HexStr(bArr2), bArr);
                LogUtils.TGI("first time, isValidated:" + verifySignature, new Object[0]);
                if (!verifySignature) {
                    try {
                        Thread.sleep(20L);
                        LogUtils.TGI("second time, isValidated:" + SEUtils.verifySignature(this.encryptionChipService, sEHardwareModel, HexUtils.byte2HexStr(bArr2), bArr), new Object[0]);
                    } catch (InterruptedException e2) {
                        e2.printStackTrace();
                    }
                }
                this.encryptionChipService.close();
            }
        } catch (RemoteException e3) {
            e3.printStackTrace();
        }
        return bArr2;
    }

    public void signDataWithCallback(byte[] bArr, SignDataCallback signDataCallback) {
        try {
            if (SEUtils.open(this.encryptionChipService)) {
                byte[] signData = getSignatureKeyProvider().signData(null, bArr, null);
                SEHardwareModel sEHardwareModel = new SEHardwareModel();
                SEUtils.setModelId(this.encryptionChipService, sEHardwareModel);
                boolean verifySignature = SEUtils.verifySignature(this.encryptionChipService, sEHardwareModel, HexUtils.byte2HexStr(signData), bArr);
                if (!verifySignature) {
                    try {
                        Thread.sleep(20L);
                        verifySignature = SEUtils.verifySignature(this.encryptionChipService, sEHardwareModel, HexUtils.byte2HexStr(signData), bArr);
                        LogUtils.TGI("second time, isValidated:" + verifySignature, new Object[0]);
                    } catch (InterruptedException e2) {
                        e2.printStackTrace();
                    }
                }
                signDataCallback.onDataSign(verifySignature, HexUtils.byte2HexStr(signData));
                this.encryptionChipService.close();
            }
        } catch (RemoteException e3) {
            e3.printStackTrace();
            signDataCallback.onDataSign(false, null);
        }
    }
}
