package com.microsoft.identity.internal.device;

import android.os.Build;
import android.security.keystore.KeyInfo;
import android.util.Base64;
import com.microsoft.identity.common.java.crypto.key.KeyUtil;
import com.microsoft.identity.internal.AsymmetricKey;
import com.microsoft.identity.internal.CryptoOperationResponse;
import com.microsoft.identity.internal.StatusInternal;
import com.microsoft.identity.internal.SubStatusInternal;
import com.microsoft.identity.internal.TempError;
import com.microsoft.identity.internal.utils.DeviceErrorUtils;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.Provider;
import java.security.PublicKey;
import java.security.Security;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.X509EncodedKeySpec;
import java.util.Arrays;
import java.util.Date;
import java.util.HashMap;
import javax.crypto.KeyAgreement;

/* loaded from: classes.dex */
public class EccKeyImpl extends AsymmetricKey {
    private final Date mCreationDate;
    private final String mId;
    private int mIsStoredInHardware;
    private final KeyPair mKeyPair;
    private final Provider mProvider;

    /* JADX INFO: Access modifiers changed from: package-private */
    public EccKeyImpl(String str, KeyPair keyPair, Provider provider, Date date) {
        this.mId = str;
        this.mKeyPair = keyPair;
        this.mProvider = provider;
        this.mCreationDate = date;
        this.mIsStoredInHardware = keyPair.getPrivate() == null ? 0 : -1;
    }

    private CryptoOperationResponse fail(StatusInternal statusInternal, String str, Exception exc, int i10) {
        return new CryptoOperationResponse(null, DeviceErrorUtils.createError(statusInternal, str, exc, i10));
    }

    @Override // com.microsoft.identity.internal.AsymmetricKey
    public CryptoOperationResponse generateSharedSecret(byte[] bArr, byte[] bArr2) {
        try {
            Provider provider = Security.getProviders("KeyAgreement.ECDH")[0];
            PublicKey generatePublic = KeyFactory.getInstance("EC", provider).generatePublic(new X509EncodedKeySpec(bArr));
            KeyAgreement keyAgreement = KeyAgreement.getInstance("ECDH");
            keyAgreement.init(this.mKeyPair.getPrivate());
            keyAgreement.doPhase(generatePublic, true);
            byte[] generateSecret = keyAgreement.generateSecret();
            byte[] copyOf = Arrays.copyOf(generateSecret, generateSecret.length + bArr2.length);
            System.arraycopy(bArr2, 0, copyOf, generateSecret.length, bArr2.length);
            return new CryptoOperationResponse(new String(MessageDigest.getInstance(KeyUtil.HMAC_KEY_HASH_ALGORITHM).digest(copyOf)), null);
        } catch (InvalidKeyException e10) {
            return fail(StatusInternal.UNEXPECTED, "Failed to generate shared secret.", e10, 0);
        } catch (NoSuchAlgorithmException e11) {
            return fail(StatusInternal.UNEXPECTED, "Failed to generate shared secret.", e11, 0);
        } catch (InvalidKeySpecException e12) {
            return fail(StatusInternal.UNEXPECTED, "Failed to generate shared secret.", e12, 0);
        }
    }

    @Override // com.microsoft.identity.internal.AsymmetricKey
    public Date getCreatedOn() {
        return this.mCreationDate;
    }

    @Override // com.microsoft.identity.internal.AsymmetricKey
    public String getId() {
        return this.mId;
    }

    @Override // com.microsoft.identity.internal.AsymmetricKey
    public String getJsonWebKey() {
        return "";
    }

    @Override // com.microsoft.identity.internal.AsymmetricKey
    public String getPublicKey() {
        return Base64.encodeToString(getPublicKeyRawBytes(), 11);
    }

    @Override // com.microsoft.identity.internal.AsymmetricKey
    public byte[] getPublicKeyRawBytes() {
        return this.mKeyPair.getPublic().getEncoded();
    }

    @Override // com.microsoft.identity.internal.AsymmetricKey
    public String getThumbprint() {
        return "";
    }

    @Override // com.microsoft.identity.internal.AsymmetricKey
    public boolean isStoredInHardware() {
        int securityLevel;
        if (this.mIsStoredInHardware < 0) {
            synchronized (this) {
                if (this.mIsStoredInHardware < 0) {
                    KeyFactory keyFactory = null;
                    try {
                        keyFactory = KeyFactory.getInstance("EC", this.mProvider);
                    } catch (NoSuchAlgorithmException unused) {
                    }
                    if (keyFactory == null) {
                        this.mIsStoredInHardware = 0;
                        return false;
                    }
                    try {
                        int i10 = Build.VERSION.SDK_INT;
                        KeyInfo keyInfo = (KeyInfo) keyFactory.getKeySpec(this.mKeyPair.getPrivate(), KeyInfo.class);
                        if (i10 < 31) {
                            int i11 = keyInfo.isInsideSecureHardware() ? 1 : 0;
                            this.mIsStoredInHardware = i11;
                            return i11 == 1;
                        }
                        securityLevel = keyInfo.getSecurityLevel();
                        if (securityLevel == -1 || securityLevel == 1 || securityLevel == 2) {
                            this.mIsStoredInHardware = 1;
                        } else {
                            this.mIsStoredInHardware = 0;
                        }
                    } catch (InvalidKeySpecException unused2) {
                        this.mIsStoredInHardware = 0;
                    }
                }
            }
        }
        return this.mIsStoredInHardware == 1;
    }

    @Override // com.microsoft.identity.internal.AsymmetricKey
    public CryptoOperationResponse sign(String str) {
        HashMap hashMap = new HashMap();
        hashMap.put("message", "EccKeyImpl does not implement ECDSA signing");
        return new CryptoOperationResponse(null, new TempError(StatusInternal.API_CONTRACT_VIOLATION, SubStatusInternal.NONE, hashMap, 0));
    }
}
