package defpackage;

import android.content.Context;
import android.os.SystemClock;
import android.text.TextUtils;
import java.io.IOException;
import java.security.KeyStoreException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.interfaces.ECPublicKey;
import java.util.UUID;
import org.json.JSONObject;

/* compiled from: :com.google.android.gms@241518111@24.15.18 (080706-627556096) */
/* loaded from: classes2.dex */
public final class phw {
    public static final suj a = new phv();
    public final pih b;
    private final pie c;
    private final xyx d = oyk.a("DeviceIdKeyManager");
    private final bmqe e = (bmqe) otn.d.b();

    public phw(pih pihVar, pie pieVar) {
        this.b = pihVar;
        this.c = pieVar;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static boolean e(String str) {
        return str.startsWith("auth_account:hardware:");
    }

    private final String g(oxf oxfVar) {
        try {
            SystemClock.elapsedRealtime();
            pie pieVar = this.c;
            final String concat = "auth_account:hardware:".concat(String.valueOf(UUID.randomUUID().toString()));
            pieVar.b(concat, oxfVar);
            oxd.a(pieVar.b.b(new bsaa() { // from class: pic
                @Override // defpackage.bsaa
                public final Object apply(Object obj) {
                    plh plhVar = (plh) obj;
                    cedt cedtVar = (cedt) plhVar.fq(5);
                    cedtVar.P(plhVar);
                    if (!cedtVar.b.fp()) {
                        cedtVar.M();
                    }
                    String str = concat;
                    plh plhVar2 = (plh) cedtVar.b;
                    plh plhVar3 = plh.e;
                    plhVar2.d = str;
                    return (plh) cedtVar.I();
                }
            }, bvjo.a));
            SystemClock.elapsedRealtime();
            otn.a(this.e.b(new bsaa() { // from class: phu
                @Override // defpackage.bsaa
                public final Object apply(Object obj) {
                    plh plhVar = (plh) obj;
                    if (!TextUtils.isEmpty(plhVar.d)) {
                        return plhVar;
                    }
                    cedt cedtVar = (cedt) plhVar.fq(5);
                    cedtVar.P(plhVar);
                    if (!cedtVar.b.fp()) {
                        cedtVar.M();
                    }
                    ((plh) cedtVar.b).d = concat;
                    return (plh) cedtVar.I();
                }
            }, bvjo.a));
            return concat;
        } catch (KeyStoreException e) {
            ((bswj) this.d.i()).y("Couldn't generate key");
            throw e;
        }
    }

    private final ECPublicKey h(String str) {
        xis.q(str);
        return e(str) ? this.c.a(str) : this.b.b();
    }

    public final String a(Context context, String str, Certificate[] certificateArr, byte[] bArr) {
        JSONObject c = oxe.c();
        oxe.f(c, certificateArr);
        String b = ((phz) phz.a.b()).b(context, true);
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("sub", b);
        jSONObject.put("aud", "DeviceIdentityManagementService.AddDeviceCertificate");
        jSONObject.put("secondary_id", str);
        String d = d();
        try {
            oxe.h(jSONObject, h(d));
            oxe.i(jSONObject);
            if (bArr != null) {
                oxe.g(jSONObject, bArr);
            }
            String a2 = oxe.a(c, jSONObject);
            byte[] bytes = a2.getBytes(oxe.a);
            xis.q(d);
            xis.q(bytes);
            return oxe.b(a2, e(d) ? this.c.d(d, bytes) : this.b.c(bytes));
        } catch (KeyStoreException e) {
            UnrecoverableKeyException unrecoverableKeyException = new UnrecoverableKeyException("Public key was not found");
            unrecoverableKeyException.initCause(e);
            throw unrecoverableKeyException;
        }
    }

    public final String b(byte[] bArr, long j) {
        boolean z = false;
        if (chlw.a.a().f() && pie.c()) {
            z = true;
        }
        String c = c(new oxf(bArr, z));
        ECPublicKey h = h(c);
        JSONObject d = oxe.d();
        if (e(c)) {
            try {
                oxe.f(d, this.c.e(c));
            } catch (KeyStoreException | CertificateEncodingException e) {
                ((bswj) ((bswj) this.d.j()).s(e)).y("Couldn't set certificate chain.");
            }
        }
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("sub", Long.toString(j));
        jSONObject.put("aud", "DeviceIdentityManagementService.CreateDeviceAccount");
        jSONObject.put("key", oxe.e(h));
        oxe.i(jSONObject);
        oxe.g(jSONObject, bArr);
        String a2 = oxe.a(d, jSONObject);
        byte[] bytes = a2.getBytes(oxe.a);
        return oxe.b(a2, e(c) ? f(c, bytes) : this.b.c(bytes));
    }

    public final String c(oxf oxfVar) {
        if (chlw.a.a().e() || !yak.b()) {
            return this.b.a();
        }
        try {
            return g(oxfVar);
        } catch (IOException | KeyStoreException unused) {
            ((bswj) this.d.h()).y("Fallback to software based keys.");
            return this.b.a();
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final String d() {
        return ((plh) otn.a(this.e.a())).d;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final byte[] f(String str, byte[] bArr) {
        xis.q(str);
        pie pieVar = this.c;
        byte[] d = pieVar.d(str, bArr);
        if (pih.d(pieVar.a(str), bArr, d)) {
            return d;
        }
        throw new KeyStoreException("Signature verification failed.");
    }
}
