package com.eero.android.pki;

import android.annotation.SuppressLint;
import android.content.Context;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import com.eero.android.util.QRUtilsKt;
import java.math.BigInteger;
import java.security.Key;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Date;
import java.util.Enumeration;
import java.util.List;
import javax.security.auth.x500.X500Principal;
import kotlin.Lazy;
import kotlin.LazyKt__LazyJVMKt;
import kotlin.collections.CollectionsKt__IterablesKt;
import kotlin.jvm.functions.Function0;
import kotlin.jvm.internal.Intrinsics;
import kotlin.jvm.internal.PropertyReference1Impl;
import kotlin.jvm.internal.Reflection;
import kotlin.reflect.KProperty;
import kotlin.text.StringsKt__StringsJVMKt;
import kotlin.text.StringsKt__StringsKt;

/* compiled from: Keys.kt */
/* loaded from: classes.dex */
public class JcaSegmentedKeyStore implements SegmentedKeyStore {
    static final /* synthetic */ KProperty[] $$delegatedProperties = {Reflection.property1(new PropertyReference1Impl(Reflection.getOrCreateKotlinClass(JcaSegmentedKeyStore.class), "keyStore", "getKeyStore()Ljava/security/KeyStore;"))};
    private final Lazy keyStore$delegate;
    private final String keyStoreProvider;
    private final String prefix;

    public JcaSegmentedKeyStore(String keyStoreProvider, String prefix) {
        Lazy lazy;
        Intrinsics.checkParameterIsNotNull(keyStoreProvider, "keyStoreProvider");
        Intrinsics.checkParameterIsNotNull(prefix, "prefix");
        this.keyStoreProvider = keyStoreProvider;
        this.prefix = prefix;
        lazy = LazyKt__LazyJVMKt.lazy(new Function0<KeyStore>() { // from class: com.eero.android.pki.JcaSegmentedKeyStore$keyStore$2
            /* JADX INFO: Access modifiers changed from: package-private */
            {
                super(0);
            }

            @Override // kotlin.jvm.functions.Function0
            public final KeyStore invoke() {
                KeyStore keyStore = KeyStore.getInstance(JcaSegmentedKeyStore.this.getKeyStoreProvider());
                keyStore.load(null);
                return keyStore;
            }
        });
        this.keyStore$delegate = lazy;
    }

    private final String convertAlias(String str) {
        return getPrefix() + str;
    }

    @Override // com.eero.android.pki.SegmentedKeyStore
    public boolean contains(String alias) {
        Intrinsics.checkParameterIsNotNull(alias, "alias");
        return getKeyStore().containsAlias(convertAlias(alias));
    }

    @Override // com.eero.android.pki.SegmentedKeyStore
    public void delete(String alias) {
        Intrinsics.checkParameterIsNotNull(alias, "alias");
        getKeyStore().deleteEntry(convertAlias(alias));
    }

    @Override // com.eero.android.pki.SegmentedKeyStore
    @SuppressLint({"WrongConstant"})
    public void generateKey(Context context, String alias, String x500Subject) {
        KeyPairGenerator keyPairGenerator;
        Intrinsics.checkParameterIsNotNull(context, "context");
        Intrinsics.checkParameterIsNotNull(alias, "alias");
        Intrinsics.checkParameterIsNotNull(x500Subject, "x500Subject");
        Date date = new Date();
        String convertAlias = convertAlias(alias);
        X500Principal x500Principal = new X500Principal(x500Subject);
        BigInteger randomCertSerial = X509Kt.randomCertSerial();
        if (Build.VERSION.SDK_INT >= 23) {
            keyPairGenerator = KeyPairGenerator.getInstance("EC", this.keyStoreProvider);
            keyPairGenerator.initialize(new KeyGenParameterSpec.Builder(convertAlias, 12).setDigests("NONE", "SHA-256", "SHA-512").setKeySize(QRUtilsKt.QR_BITMAP_DIMEN_PX).setCertificateSubject(x500Principal).setCertificateNotBefore(date).setCertificateNotAfter(X509Kt.expiryForStartDate(date)).setCertificateSerialNumber(randomCertSerial).build());
        } else {
            KeyPairGenerator keyPairGenerator2 = KeyPairGenerator.getInstance("RSA", this.keyStoreProvider);
            keyPairGenerator2.initialize(new KeyPairGeneratorSpec.Builder(context).setAlias(convertAlias).setSubject(x500Principal).setSerialNumber(randomCertSerial).setKeyType("EC").setStartDate(date).setEndDate(X509Kt.expiryForStartDate(date)).setKeySize(QRUtilsKt.QR_BITMAP_DIMEN_PX).build());
            keyPairGenerator = keyPairGenerator2;
        }
        keyPairGenerator.generateKeyPair();
    }

    @Override // com.eero.android.pki.SegmentedKeyStore
    public List<String> getAliases() {
        int collectionSizeOrDefault;
        String removePrefix;
        boolean startsWith$default;
        Enumeration<String> aliases = getKeyStore().aliases();
        Intrinsics.checkExpressionValueIsNotNull(aliases, "keyStore.aliases()");
        ArrayList list = Collections.list(aliases);
        Intrinsics.checkExpressionValueIsNotNull(list, "java.util.Collections.list(this)");
        ArrayList arrayList = new ArrayList();
        for (Object obj : list) {
            String it = (String) obj;
            Intrinsics.checkExpressionValueIsNotNull(it, "it");
            startsWith$default = StringsKt__StringsJVMKt.startsWith$default(it, getPrefix(), false, 2, null);
            if (startsWith$default) {
                arrayList.add(obj);
            }
        }
        ArrayList<String> arrayList2 = arrayList;
        collectionSizeOrDefault = CollectionsKt__IterablesKt.collectionSizeOrDefault(arrayList2, 10);
        ArrayList arrayList3 = new ArrayList(collectionSizeOrDefault);
        for (String it2 : arrayList2) {
            Intrinsics.checkExpressionValueIsNotNull(it2, "it");
            removePrefix = StringsKt__StringsKt.removePrefix(it2, getPrefix());
            arrayList3.add(removePrefix);
        }
        return arrayList3;
    }

    @Override // com.eero.android.pki.SegmentedKeyStore
    public Certificate getCertificate(String alias) {
        Intrinsics.checkParameterIsNotNull(alias, "alias");
        return getKeyStore().getCertificate(convertAlias(alias));
    }

    @Override // com.eero.android.pki.SegmentedKeyStore
    public Key getKey(String alias, char[] cArr) {
        Intrinsics.checkParameterIsNotNull(alias, "alias");
        return getKeyStore().getKey(convertAlias(alias), cArr);
    }

    @Override // com.eero.android.pki.SegmentedKeyStore
    public KeyStore getKeyStore() {
        Lazy lazy = this.keyStore$delegate;
        KProperty kProperty = $$delegatedProperties[0];
        return (KeyStore) lazy.getValue();
    }

    public final String getKeyStoreProvider() {
        return this.keyStoreProvider;
    }

    @Override // com.eero.android.pki.SegmentedKeyStore
    public String getPrefix() {
        return this.prefix;
    }

    @Override // com.eero.android.pki.SegmentedKeyStore
    public void setCertificate(String alias, Certificate cert) {
        Intrinsics.checkParameterIsNotNull(alias, "alias");
        Intrinsics.checkParameterIsNotNull(cert, "cert");
        getKeyStore().setCertificateEntry(convertAlias(alias), cert);
    }

    public final void setKey$pki_release(String x500Subject, Key key, char[] cArr, Certificate[] chain) {
        Intrinsics.checkParameterIsNotNull(x500Subject, "x500Subject");
        Intrinsics.checkParameterIsNotNull(key, "key");
        Intrinsics.checkParameterIsNotNull(chain, "chain");
        getKeyStore().setKeyEntry(convertAlias(x500Subject), key, cArr, chain);
    }
}
