package defpackage;

import android.security.keystore.KeyGenParameterSpec;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.ProviderException;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.SignatureException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.security.spec.ECGenParameterSpec;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.X509EncodedKeySpec;
import java.util.Arrays;
import javax.security.auth.x500.X500Principal;

/* compiled from: :com.google.android.gms@214816015@21.48.16 (040300-420364950) */
/* loaded from: classes4.dex */
public final class apoj {
    public final apoi a = new apoi();
    private final SecureRandom b = new SecureRandom();

    public static final boolean d(byte[] bArr, byte[] bArr2, byte[] bArr3) {
        if (!cyqn.aA()) {
            return false;
        }
        try {
            KeyFactory keyFactory = KeyFactory.getInstance("EC");
            X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(bArr);
            try {
                PublicKey generatePublic = keyFactory.generatePublic(x509EncodedKeySpec);
                try {
                    Signature signature = Signature.getInstance("SHA256withECDSA");
                    try {
                        signature.initVerify(generatePublic);
                        try {
                            signature.update(bArr2);
                            return signature.verify(bArr3);
                        } catch (SignatureException e) {
                            ((cczx) ((cczx) ((cczx) apoa.a.j()).r(e)).ab((char) 5454)).w("Failed to verify bytes with paired key.");
                            return false;
                        }
                    } catch (InvalidKeyException e2) {
                        ((cczx) ((cczx) ((cczx) apoa.a.j()).r(e2)).ab((char) 5455)).w("Failed to verify bytes with paired key.");
                        return false;
                    }
                } catch (NoSuchAlgorithmException e3) {
                    ((cczx) ((cczx) ((cczx) apoa.a.j()).r(e3)).ab((char) 5456)).A("Failed to verify bytes with paired key: %s", "SHA256withECDSA");
                    return false;
                }
            } catch (InvalidKeySpecException e4) {
                ((cczx) ((cczx) ((cczx) apoa.a.j()).r(e4)).ab((char) 5457)).A("Failed to verify bytes with paired key: %s", x509EncodedKeySpec.getFormat());
                return false;
            }
        } catch (NoSuchAlgorithmException e5) {
            ((cczx) ((cczx) ((cczx) apoa.a.j()).r(e5)).ab((char) 5458)).A("Failed to verify bytes with paired key: %s", "EC");
            return false;
        }
    }

    private static String e(String str) {
        return String.format("%s.%s", "nearby.connections", str);
    }

    private final byte[] f() {
        byte[] bArr = new byte[72];
        this.b.nextBytes(bArr);
        return bArr;
    }

    public final void a(String str) {
        try {
            apoi apoiVar = this.a;
            String e = e(str);
            KeyStore keyStore = apoiVar.a;
            if (keyStore == null) {
                throw new KeyStoreException("No AndroidKeyStore found on device.");
            }
            if (keyStore.containsAlias(e)) {
                apoiVar.a.deleteEntry(e);
            }
        } catch (KeyStoreException e2) {
            xtp xtpVar = apoa.a;
        }
    }

    public final byte[] b(String str) {
        if (!cyqn.aA()) {
            return null;
        }
        String e = e(str);
        try {
            Certificate a = this.a.a(e);
            if (a != null) {
                return a.getPublicKey().getEncoded();
            }
            try {
                KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC", "AndroidKeyStore");
                try {
                    keyPairGenerator.initialize(new KeyGenParameterSpec.Builder(e, 12).setDigests("SHA-256").setAlgorithmParameterSpec(new ECGenParameterSpec("secp256r1")).setCertificateSubject(new X500Principal("O=Google, OU=Android, C=US")).setRandomizedEncryptionRequired(false).build());
                    try {
                        keyPairGenerator.generateKeyPair();
                        xtp xtpVar = apoa.a;
                        try {
                            return this.a.a(e).getPublicKey().getEncoded();
                        } catch (KeyStoreException e2) {
                            ((cczx) ((cczx) ((cczx) apoa.a.j()).r(e2)).ab((char) 5461)).w("Failed to create paired key.");
                            return null;
                        }
                    } catch (ProviderException e3) {
                        ((cczx) ((cczx) ((cczx) apoa.a.j()).r(e3)).ab((char) 5462)).w("Failed to create paired key.");
                        return null;
                    }
                } catch (InvalidAlgorithmParameterException e4) {
                    ((cczx) ((cczx) ((cczx) apoa.a.j()).r(e4)).ab((char) 5463)).w("Failed to create paired key.");
                    return null;
                }
            } catch (NoSuchAlgorithmException | NoSuchProviderException e5) {
                ((cczx) ((cczx) ((cczx) apoa.a.j()).r(e5)).ab((char) 5464)).w("Failed to create paired key.");
                return null;
            }
        } catch (KeyStoreException e6) {
            ((cczx) ((cczx) ((cczx) apoa.a.j()).r(e6)).ab((char) 5459)).w("Failed to create paired key.");
            return null;
        }
    }

    public final byte[] c(String str, byte[] bArr) {
        if (!cyqn.aA()) {
            return f();
        }
        try {
            String e = e(str);
            KeyStore keyStore = this.a.a;
            if (keyStore == null) {
                throw new KeyStoreException("No AndroidKeyStore found on device.");
            }
            PrivateKey privateKey = (PrivateKey) keyStore.getKey(e, null);
            X509Certificate x509Certificate = (X509Certificate) this.a.a(e);
            if (privateKey == null) {
                ((cczx) ((cczx) apoa.a.j()).ab((char) 5469)).w("No private key is available. Failed to sign with paired key.");
                return f();
            }
            if (x509Certificate != null && x509Certificate.getPublicKey() != null) {
                xtp xtpVar = apoa.a;
                Arrays.toString(x509Certificate.getPublicKey().getEncoded());
            }
            try {
                Signature signature = Signature.getInstance("SHA256withECDSA");
                try {
                    signature.initSign(privateKey);
                    try {
                        signature.update(bArr);
                        return signature.sign();
                    } catch (SignatureException e2) {
                        ((cczx) ((cczx) ((cczx) apoa.a.j()).r(e2)).ab((char) 5465)).w("Failed to sign with paired key.");
                        return f();
                    }
                } catch (InvalidKeyException e3) {
                    ((cczx) ((cczx) ((cczx) apoa.a.j()).r(e3)).ab((char) 5466)).A("Failed to sign with paired key: %s", privateKey.getAlgorithm());
                    return f();
                }
            } catch (NoSuchAlgorithmException e4) {
                ((cczx) ((cczx) ((cczx) apoa.a.j()).r(e4)).ab((char) 5467)).w("Failed to sign with paired key.");
                return f();
            }
        } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException e5) {
            ((cczx) ((cczx) ((cczx) apoa.a.j()).r(e5)).ab((char) 5470)).w("Failed to sign with paired key.");
            return f();
        }
    }
}
