package defpackage;

import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.spec.ECGenParameterSpec;
import java.security.spec.PKCS8EncodedKeySpec;
import java.security.spec.X509EncodedKeySpec;
import java.util.concurrent.locks.Lock;
import java.util.concurrent.locks.ReentrantLock;
import javax.crypto.Cipher;

/* compiled from: :com.google.android.gms@203016023@20.30.16 (040800-323885386) */
/* loaded from: classes2.dex */
final class rxn {
    public static final Lock a = new ReentrantLock();
    public static final smf b = new smf("GLSUser", "BindingKeyManager");
    public static volatile rxn c;
    public static volatile iha d;

    private static final void a(KeyPair keyPair) {
        PrivateKey privateKey = keyPair.getPrivate();
        PublicKey publicKey = keyPair.getPublic();
        boolean a2 = d.a("channel_binding_manager_privateKey", swr.b(privateKey.getEncoded()), d.a("channel_binding_manager_privateKey"));
        String b2 = swr.b(publicKey.getEncoded());
        boolean z = a2 && d.a("channel_binding_manager_publicKey", b2, d.a("channel_binding_manager_publicKey"));
        b.a("Successfully pubKey? %s [ %s ]", Boolean.valueOf(z), b2);
        if (!z) {
            throw new IllegalStateException("Failure to set Channel ID keys in store!");
        }
        d.a();
    }

    public static final KeyPair b() {
        ECGenParameterSpec eCGenParameterSpec = new ECGenParameterSpec("secp256r1");
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC");
        keyPairGenerator.initialize(eCGenParameterSpec, new SecureRandom());
        KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
        a(generateKeyPair);
        return generateKeyPair;
    }

    public final KeyPair a() {
        KeyPair b2;
        iha ihaVar;
        try {
            try {
                try {
                    try {
                        KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
                        keyStore.load(null);
                        KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry("rsa.channel.wrapper", null);
                        if (privateKeyEntry == null) {
                            b2 = b();
                            ihaVar = d;
                        } else {
                            PrivateKey privateKey = privateKeyEntry.getPrivateKey();
                            keyStore.deleteEntry("rsa.channel.wrapper");
                            String a2 = d.a("wrapped_private_channel_key_b64");
                            String a3 = d.a("public_channel_key_b64");
                            if (a2 != null && a3 != null) {
                                byte[] a4 = swr.a(a2);
                                KeyFactory keyFactory = KeyFactory.getInstance("EC");
                                PublicKey generatePublic = keyFactory.generatePublic(new X509EncodedKeySpec(swr.a(a3)));
                                Cipher cipher = Cipher.getInstance("RSA/ECB/PKCS1Padding", "AndroidOpenSSL");
                                cipher.init(2, privateKey);
                                KeyPair keyPair = new KeyPair(generatePublic, keyFactory.generatePrivate(new PKCS8EncodedKeySpec(cipher.doFinal(a4))));
                                a(keyPair);
                                b.a("Successfully transitioned wrapped keys.", new Object[0]);
                                return keyPair;
                            }
                            b2 = b();
                            ihaVar = d;
                        }
                    } catch (Exception e) {
                        b.a("We have a borked keystore. Deleting old keys/creating new keys.", new Object[0]);
                        b2 = b();
                        ihaVar = d;
                    }
                } catch (KeyStoreException e2) {
                    b.d("Unable to get instance of AndroidKeyStore", new Object[0]);
                    b2 = b();
                    ihaVar = d;
                }
            } catch (NoSuchProviderException e3) {
                b.d("BOUNCYCASTLE provider unavailable. Creating new keys.", new Object[0]);
                b2 = b();
                ihaVar = d;
            }
            ihaVar.b("wrapped_private_channel_key_b64");
            d.b("public_channel_key_b64");
            d.b("wrapped_private_channel_key_format_b64");
            d.b("public_channel_key_format_b64");
            d.a();
            return b2;
        } finally {
            d.b("wrapped_private_channel_key_b64");
            d.b("public_channel_key_b64");
            d.b("wrapped_private_channel_key_format_b64");
            d.b("public_channel_key_format_b64");
            d.a();
        }
    }
}
