package defpackage;

import android.content.Context;
import android.os.SystemClock;
import android.text.TextUtils;
import java.io.IOException;
import java.security.KeyStoreException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.interfaces.ECPublicKey;
import java.util.UUID;
import org.json.JSONObject;

/* compiled from: :com.google.android.gms@242831000@24.28.31 (020300-652851592) */
/* loaded from: classes2.dex */
public final class rmb {
    public static final uou a = new rma();
    public final rmm b;
    private final rmj c;
    private final agca d = rcv.a("DeviceIdKeyManager");
    private final coiy e = (coiy) qxn.d.b();

    public rmb(rmm rmmVar, rmj rmjVar) {
        this.b = rmmVar;
        this.c = rmjVar;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static boolean e(String str) {
        return str.startsWith("auth_account:hardware:");
    }

    private final ECPublicKey g(String str) {
        aflt.r(str);
        return e(str) ? this.c.a(str) : this.b.b();
    }

    private final String h() {
        try {
            SystemClock.elapsedRealtime();
            rmj rmjVar = this.c;
            final String concat = "auth_account:hardware:".concat(String.valueOf(UUID.randomUUID().toString()));
            rmjVar.e(concat);
            rbc.a(rmjVar.b.b(new cxwd() { // from class: rmh
                @Override // defpackage.cxwd
                public final Object apply(Object obj) {
                    rpa rpaVar = (rpa) obj;
                    dpda dpdaVar = (dpda) rpaVar.K(5);
                    dpdaVar.Y(rpaVar);
                    if (!dpdaVar.b.J()) {
                        dpdaVar.V();
                    }
                    String str = concat;
                    rpa rpaVar2 = (rpa) dpdaVar.b;
                    rpa rpaVar3 = rpa.e;
                    rpaVar2.d = str;
                    return (rpa) dpdaVar.S();
                }
            }, dcme.a));
            SystemClock.elapsedRealtime();
            qxn.a(this.e.b(new cxwd() { // from class: rlz
                @Override // defpackage.cxwd
                public final Object apply(Object obj) {
                    rpa rpaVar = (rpa) obj;
                    if (!TextUtils.isEmpty(rpaVar.d)) {
                        return rpaVar;
                    }
                    dpda dpdaVar = (dpda) rpaVar.K(5);
                    dpdaVar.Y(rpaVar);
                    if (!dpdaVar.b.J()) {
                        dpdaVar.V();
                    }
                    ((rpa) dpdaVar.b).d = concat;
                    return (rpa) dpdaVar.S();
                }
            }, dcme.a));
            return concat;
        } catch (KeyStoreException e) {
            ((cyva) this.d.i()).x("Couldn't generate key");
            throw e;
        }
    }

    public final String a(Context context, String str, Certificate[] certificateArr, byte[] bArr) {
        JSONObject c = rbd.c();
        rbd.f(c, certificateArr);
        String b = ((rme) rme.a.b()).b(context, true);
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("sub", b);
        jSONObject.put("aud", "DeviceIdentityManagementService.AddDeviceCertificate");
        jSONObject.put("secondary_id", str);
        String d = d();
        try {
            rbd.h(jSONObject, g(d));
            rbd.i(jSONObject);
            if (bArr != null) {
                rbd.g(jSONObject, bArr);
            }
            String a2 = rbd.a(c, jSONObject);
            byte[] bytes = a2.getBytes(rbd.a);
            aflt.r(d);
            aflt.r(bytes);
            return rbd.b(a2, e(d) ? this.c.b(d, bytes) : this.b.c(bytes));
        } catch (KeyStoreException e) {
            UnrecoverableKeyException unrecoverableKeyException = new UnrecoverableKeyException("Public key was not found");
            unrecoverableKeyException.initCause(e);
            throw unrecoverableKeyException;
        }
    }

    public final String b(byte[] bArr, long j, boolean z) {
        duew.a.a().f();
        String c = c(new rbe(bArr), z);
        ECPublicKey g = g(c);
        JSONObject d = rbd.d();
        if (e(c)) {
            try {
                rbd.f(d, this.c.c(c));
            } catch (KeyStoreException | CertificateEncodingException e) {
                ((cyva) ((cyva) this.d.j()).s(e)).x("Couldn't set certificate chain.");
            }
        }
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("sub", Long.toString(j));
        jSONObject.put("aud", "DeviceIdentityManagementService.CreateDeviceAccount");
        jSONObject.put("key", rbd.e(g));
        rbd.i(jSONObject);
        rbd.g(jSONObject, bArr);
        String a2 = rbd.a(d, jSONObject);
        byte[] bytes = a2.getBytes(rbd.a);
        return rbd.b(a2, e(c) ? f(c, bytes) : this.b.c(bytes));
    }

    public final String c(rbe rbeVar, boolean z) {
        if (z || duew.a.a().e() || !agdj.b()) {
            return this.b.a();
        }
        try {
            return h();
        } catch (IOException | KeyStoreException unused) {
            ((cyva) this.d.h()).x("Fallback to software based keys.");
            return this.b.a();
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final String d() {
        return ((rpa) qxn.a(this.e.a())).d;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final byte[] f(String str, byte[] bArr) {
        aflt.r(str);
        rmj rmjVar = this.c;
        byte[] b = rmjVar.b(str, bArr);
        if (rmm.d(rmjVar.a(str), bArr, b)) {
            return b;
        }
        throw new KeyStoreException("Signature verification failed.");
    }
}
