package defpackage;

import android.content.Context;
import android.os.SystemClock;
import android.provider.Telephony;
import android.text.TextUtils;
import java.io.IOException;
import java.security.KeyStoreException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.interfaces.ECPublicKey;
import java.util.UUID;
import org.json.JSONObject;

/* compiled from: :com.google.android.gms@243234038@24.32.34 (190400-665920202) */
/* loaded from: classes9.dex */
public final class trm {
    public static final xzl a = new trl();
    public final trx b;
    private final tru c;
    private final amuu d = thy.a("DeviceIdKeyManager");
    private final efpu e = (efpu) tcl.d.b();

    public trm(trx trxVar, tru truVar) {
        this.b = trxVar;
        this.c = truVar;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static boolean e(String str) {
        return str.startsWith("auth_account:hardware:");
    }

    private final String g(tgg tggVar) {
        try {
            SystemClock.elapsedRealtime();
            tru truVar = this.c;
            final String concat = "auth_account:hardware:".concat(String.valueOf(UUID.randomUUID().toString()));
            truVar.b(concat, tggVar);
            tge.a(truVar.b.b(new eqty() { // from class: trs
                @Override // defpackage.eqty
                public final Object apply(Object obj) {
                    tuw tuwVar = (tuw) obj;
                    fnao fnaoVar = (fnao) tuwVar.L(5);
                    fnaoVar.W(tuwVar);
                    if (!fnaoVar.b.K()) {
                        fnaoVar.T();
                    }
                    String str = String.this;
                    tuw tuwVar2 = (tuw) fnaoVar.b;
                    tuw tuwVar3 = tuw.a;
                    tuwVar2.e = str;
                    return (tuw) fnaoVar.Q();
                }
            }, ewhk.a));
            SystemClock.elapsedRealtime();
            tcl.a(this.e.b(new eqty() { // from class: trk
                @Override // defpackage.eqty
                public final Object apply(Object obj) {
                    tuw tuwVar = (tuw) obj;
                    if (!TextUtils.isEmpty(tuwVar.e)) {
                        return tuwVar;
                    }
                    fnao fnaoVar = (fnao) tuwVar.L(5);
                    fnaoVar.W(tuwVar);
                    if (!fnaoVar.b.K()) {
                        fnaoVar.T();
                    }
                    ((tuw) fnaoVar.b).e = String.this;
                    return (tuw) fnaoVar.Q();
                }
            }, ewhk.a));
            return concat;
        } catch (KeyStoreException e) {
            ((ertf) this.d.i()).x("Couldn't generate key");
            throw e;
        }
    }

    private final ECPublicKey h(String str) {
        amdo.s(str);
        return e(str) ? this.c.a(str) : this.b.b();
    }

    public final String a(Context context, String str, Certificate[] certificateArr, byte[] bArr) {
        JSONObject c = tgf.c();
        tgf.f(c, certificateArr);
        String b = ((trp) trp.a.b()).b(context, true);
        JSONObject jSONObject = new JSONObject();
        jSONObject.put(Telephony.BaseMmsColumns.SUBJECT, b);
        jSONObject.put("aud", "DeviceIdentityManagementService.AddDeviceCertificate");
        jSONObject.put("secondary_id", str);
        String d = d();
        try {
            tgf.h(jSONObject, h(d));
            tgf.i(jSONObject);
            if (bArr != null) {
                tgf.g(jSONObject, bArr);
            }
            String a2 = tgf.a(c, jSONObject);
            byte[] bytes = a2.getBytes(tgf.a);
            amdo.s(d);
            amdo.s(bytes);
            return tgf.b(a2, e(d) ? this.c.d(d, bytes) : this.b.c(bytes));
        } catch (KeyStoreException e) {
            UnrecoverableKeyException unrecoverableKeyException = new UnrecoverableKeyException("Public key was not found");
            unrecoverableKeyException.initCause(e);
            throw unrecoverableKeyException;
        }
    }

    public final String b(byte[] bArr, long j, boolean z) {
        boolean z2 = false;
        if (fuwm.a.c().f() && tru.c()) {
            z2 = true;
        }
        String c = c(new tgg(bArr, z2), z);
        ECPublicKey h = h(c);
        JSONObject d = tgf.d();
        if (e(c)) {
            try {
                tgf.f(d, this.c.e(c));
            } catch (KeyStoreException | CertificateEncodingException e) {
                C3222a.ae(this.d.j(), "Couldn't set certificate chain.", e);
            }
        }
        JSONObject jSONObject = new JSONObject();
        jSONObject.put(Telephony.BaseMmsColumns.SUBJECT, Long.toString(j));
        jSONObject.put("aud", "DeviceIdentityManagementService.CreateDeviceAccount");
        jSONObject.put("key", tgf.e(h));
        tgf.i(jSONObject);
        tgf.g(jSONObject, bArr);
        String a2 = tgf.a(d, jSONObject);
        byte[] bytes = a2.getBytes(tgf.a);
        return tgf.b(a2, e(c) ? f(c, bytes) : this.b.c(bytes));
    }

    public final String c(tgg tggVar, boolean z) {
        if (z || fuwm.a.c().e()) {
            return this.b.a();
        }
        try {
            return g(tggVar);
        } catch (IOException | KeyStoreException unused) {
            ((ertf) this.d.h()).x("Fallback to software based keys.");
            return this.b.a();
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final String d() {
        return ((tuw) tcl.a(this.e.a())).e;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final byte[] f(String str, byte[] bArr) {
        amdo.s(str);
        tru truVar = this.c;
        byte[] d = truVar.d(str, bArr);
        if (trx.d(truVar.a(str), bArr, d)) {
            return d;
        }
        throw new KeyStoreException("Signature verification failed.");
    }
}
