package com.allawn.cryptography.security.attestation;

import android.security.keystore.KeyGenParameterSpec;
import com.allawn.cryptography.teesdk.CryptoEngCmd;
import com.allawn.cryptography.teesdk.TAInterfaceException;
import com.allawn.cryptography.util.Base64Utils;
import com.allawn.cryptography.util.KeyUtil;
import com.allawn.cryptography.util.LogUtil;
import com.heytap.baselib.utils.SecurityUtils;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyPairGenerator;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.cert.X509Certificate;
import java.security.spec.ECGenParameterSpec;

/* loaded from: classes.dex */
public abstract class AttestationUtil {
    public static String createApplicationPublicKey(AttestationProperties$ApplicationKeyAlgorithmEnum attestationProperties$ApplicationKeyAlgorithmEnum, String str) {
        KeyGenParameterSpec.Builder digests;
        KeyPairGenerator keyPairGenerator;
        try {
            if (attestationProperties$ApplicationKeyAlgorithmEnum == AttestationProperties$ApplicationKeyAlgorithmEnum.RSA) {
                keyPairGenerator = KeyPairGenerator.getInstance("RSA", "AndroidKeyStore");
                digests = new KeyGenParameterSpec.Builder(str, 15).setKeySize(2048).setSignaturePaddings("PSS").setEncryptionPaddings("OAEPPadding").setDigests("SHA-1", "SHA-224", "SHA-256", "SHA-384", "SHA-512");
            } else {
                KeyPairGenerator keyPairGenerator2 = KeyPairGenerator.getInstance(SecurityUtils.ECDSA.KEY_ALGORITHM, "AndroidKeyStore");
                digests = new KeyGenParameterSpec.Builder(str, 76).setAlgorithmParameterSpec(new ECGenParameterSpec(attestationProperties$ApplicationKeyAlgorithmEnum.getAlgorithm())).setDigests("NONE", "SHA-224", "SHA-256", "SHA-384", "SHA-512");
                keyPairGenerator = keyPairGenerator2;
            }
            if (digests == null) {
                return null;
            }
            keyPairGenerator.initialize(digests.build());
            return KeyUtil.publicKeyToPem(Base64Utils.encodeToString(keyPairGenerator.generateKeyPair().getPublic().getEncoded()));
        } catch (InvalidAlgorithmParameterException | NoSuchAlgorithmException | NoSuchProviderException e) {
            throw new KeyStoreException("Failed to generate application key pair through AndroidKeyStore: " + e);
        }
    }

    public static String encodeToString(X509Certificate x509Certificate) {
        return Base64Utils.encodeToString(x509Certificate.getEncoded());
    }

    public static boolean isSupportAttestation(int i) {
        try {
            boolean z = CryptoEngCmd.getPKIGroupCertStatus() == 0;
            if (i == 1) {
                return z && (CryptoEngCmd.getPKICertStatus() == 0);
            }
            return z;
        } catch (TAInterfaceException e) {
            LogUtil.e("AttestationUtil", "isSupportAttestation error: " + e);
            return false;
        }
    }
}
