package defpackage;

import android.content.Context;
import android.os.SystemClock;
import android.text.TextUtils;
import java.io.IOException;
import java.security.KeyStoreException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.interfaces.ECPublicKey;
import java.util.UUID;
import org.json.JSONObject;

/* compiled from: :com.google.android.gms@240615000@24.06.15 (020300-607434073) */
/* loaded from: classes2.dex */
public final class pah {
    public static final sfg a = new pag();
    public final pas b;
    private final pap c;
    private final acpt d = ryr.b("DeviceIdKeyManager");
    private final cgep e = (cgep) olr.d.b();

    public pah(pas pasVar, pap papVar) {
        this.b = pasVar;
        this.c = papVar;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static boolean e(String str) {
        return str.startsWith("auth_account:hardware:");
    }

    private final ECPublicKey g(String str) {
        abzx.r(str);
        return e(str) ? this.c.a(str) : this.b.b();
    }

    private final String h() {
        try {
            SystemClock.elapsedRealtime();
            pap papVar = this.c;
            final String concat = "auth_account:hardware:".concat(String.valueOf(UUID.randomUUID().toString()));
            papVar.e(concat);
            ope.a(papVar.b.b(new cpmo() { // from class: pan
                @Override // defpackage.cpmo
                public final Object apply(Object obj) {
                    pdh pdhVar = (pdh) obj;
                    dghk dghkVar = (dghk) pdhVar.ea(5);
                    dghkVar.W(pdhVar);
                    if (!dghkVar.b.dZ()) {
                        dghkVar.T();
                    }
                    String str = concat;
                    pdh pdhVar2 = (pdh) dghkVar.b;
                    pdh pdhVar3 = pdh.e;
                    pdhVar2.d = str;
                    return (pdh) dghkVar.P();
                }
            }, cudt.a));
            SystemClock.elapsedRealtime();
            olr.a(this.e.b(new cpmo() { // from class: paf
                @Override // defpackage.cpmo
                public final Object apply(Object obj) {
                    pdh pdhVar = (pdh) obj;
                    if (!TextUtils.isEmpty(pdhVar.d)) {
                        return pdhVar;
                    }
                    dghk dghkVar = (dghk) pdhVar.ea(5);
                    dghkVar.W(pdhVar);
                    if (!dghkVar.b.dZ()) {
                        dghkVar.T();
                    }
                    ((pdh) dghkVar.b).d = concat;
                    return (pdh) dghkVar.P();
                }
            }, cudt.a));
            return concat;
        } catch (KeyStoreException e) {
            ((cqkn) this.d.i()).y("Couldn't generate key");
            throw e;
        }
    }

    public final String a(Context context, String str, Certificate[] certificateArr, byte[] bArr) {
        JSONObject c = opf.c();
        opf.f(c, certificateArr);
        String b = ((pak) pak.a.b()).b(context, true);
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("sub", b);
        jSONObject.put("aud", "DeviceIdentityManagementService.AddDeviceCertificate");
        jSONObject.put("secondary_id", str);
        String d = d();
        try {
            opf.h(jSONObject, g(d));
            opf.i(jSONObject);
            if (bArr != null) {
                opf.g(jSONObject, bArr);
            }
            String a2 = opf.a(c, jSONObject);
            byte[] bytes = a2.getBytes(opf.a);
            abzx.r(d);
            abzx.r(bytes);
            return opf.b(a2, e(d) ? this.c.b(d, bytes) : this.b.c(bytes));
        } catch (KeyStoreException e) {
            UnrecoverableKeyException unrecoverableKeyException = new UnrecoverableKeyException("Public key was not found");
            unrecoverableKeyException.initCause(e);
            throw unrecoverableKeyException;
        }
    }

    public final String b(byte[] bArr, long j) {
        dlfn.a.a().f();
        String c = c(new opg(bArr));
        ECPublicKey g = g(c);
        JSONObject d = opf.d();
        if (e(c)) {
            try {
                opf.f(d, this.c.c(c));
            } catch (KeyStoreException | CertificateEncodingException e) {
                ((cqkn) ((cqkn) this.d.j()).s(e)).y("Couldn't set certificate chain.");
            }
        }
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("sub", Long.toString(j));
        jSONObject.put("aud", "DeviceIdentityManagementService.CreateDeviceAccount");
        jSONObject.put("key", opf.e(g));
        opf.i(jSONObject);
        opf.g(jSONObject, bArr);
        String a2 = opf.a(d, jSONObject);
        byte[] bytes = a2.getBytes(opf.a);
        return opf.b(a2, e(c) ? f(c, bytes) : this.b.c(bytes));
    }

    public final String c(opg opgVar) {
        if (dlfn.a.a().e() || !acrf.b()) {
            return this.b.a();
        }
        try {
            return h();
        } catch (IOException | KeyStoreException e) {
            ((cqkn) this.d.h()).y("Fallback to software based keys.");
            return this.b.a();
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final String d() {
        return ((pdh) olr.a(this.e.a())).d;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final byte[] f(String str, byte[] bArr) {
        abzx.r(str);
        pap papVar = this.c;
        byte[] b = papVar.b(str, bArr);
        if (pas.d(papVar.a(str), bArr, b)) {
            return b;
        }
        throw new KeyStoreException("Signature verification failed.");
    }
}
