package defpackage;

import android.content.Context;
import com.felicanetworks.mfc.mfi.BaseMfiEventCallback;
import com.google.android.gms.auth.folsom.SharedKey;
import com.google.android.gms.chimera.modules.fido.AppContextProvider;
import com.google.android.gms.common.api.Status;
import com.google.android.gms.fido.credentialstore.KeyCreationRequestOptions;
import com.google.android.gms.fido.credentialstore.KeyData;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.spec.ECGenParameterSpec;
import java.util.Date;
import java.util.List;
import java.util.concurrent.ExecutionException;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.GCMParameterSpec;
import javax.crypto.spec.SecretKeySpec;

/* compiled from: :com.google.android.gms@224915015@22.49.15 (040300-499306216) */
/* loaded from: classes3.dex */
public final class ahkj extends aswo {
    private static final abcp g = new abcp(new String[]{"GenerateKeyOperation"}, (char[]) null);
    public final cnpu a;
    public final aieq b;
    private final aivh c;
    private final ahla d;
    private final KeyCreationRequestOptions e;
    private final ouf f;

    public ahkj(aieq aieqVar, KeyCreationRequestOptions keyCreationRequestOptions) {
        super(BaseMfiEventCallback.TYPE_CARD_NOT_UNIQUE, "GenerateKey");
        this.b = aieqVar;
        this.e = keyCreationRequestOptions;
        this.c = (aivh) aivh.d.b();
        this.a = (cnpu) ahju.a.b();
        this.d = new ahla(AppContextProvider.a());
        this.f = (ouf) ahkz.a.b();
    }

    private static KeyPair b() {
        try {
            ECGenParameterSpec eCGenParameterSpec = new ECGenParameterSpec("secp256r1");
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC");
            keyPairGenerator.initialize(eCGenParameterSpec);
            return keyPairGenerator.generateKeyPair();
        } catch (InvalidAlgorithmParameterException | NoSuchAlgorithmException e) {
            throw aqfl.a("Failed to generate key pair for software key", e, 8, cnns.a);
        }
    }

    private final byte[] c(String str) {
        try {
            List list = (List) aqfj.c(this.f.hd(str)).get();
            if (list.isEmpty()) {
                throw aqfl.a("No shared key available.", null, 8, cnns.a);
            }
            return ahlo.d(((SharedKey) cobh.o(list)).b);
        } catch (InterruptedException | InvalidKeyException | NoSuchAlgorithmException | ExecutionException e) {
            throw aqfl.a("Failed to get shared key.", e, 8, cnns.a);
        }
    }

    private static final byte[] d(byte[] bArr, byte[] bArr2, SecureRandom secureRandom) {
        if (bArr.length != 32) {
            throw aqfl.a("Domain secret invalid length.", null, 8, cnns.a);
        }
        byte[] bArr3 = new byte[12];
        secureRandom.nextBytes(bArr3);
        GCMParameterSpec gCMParameterSpec = new GCMParameterSpec(128, bArr3);
        SecretKeySpec secretKeySpec = new SecretKeySpec(bArr, "AES");
        try {
            Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
            cipher.init(1, secretKeySpec, gCMParameterSpec);
            return cruo.d(bArr3, cipher.doFinal(bArr2));
        } catch (InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e) {
            throw aqfl.a("Encrypting Webauthn credential failed.", e, 8, cnns.a);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    /* JADX WARN: Failed to find 'out' block for switch in B:27:0x00b3. Please report as an issue. */
    @Override // defpackage.aswo
    public final void f(Context context) {
        bqaf d;
        try {
            KeyCreationRequestOptions keyCreationRequestOptions = this.e;
            String str = keyCreationRequestOptions.a;
            aiee a = aiee.a(keyCreationRequestOptions.c);
            cnpx.b(str, "rpId cannot be null");
            cnpx.d(!str.trim().isEmpty(), "rpId cannot be empty");
            g.c("generateKey with rpId " + str + " with keyType " + a.f, new Object[0]);
            if (dldd.c()) {
                if (keyCreationRequestOptions.b && a != aiee.SYNCED) {
                    throw aqfl.a("Discoverable credentials must be SYNCED", null, 8, cnns.a);
                }
                int[] iArr = keyCreationRequestOptions.d;
                if (iArr != null) {
                    for (int i : iArr) {
                        if (i != -7) {
                        }
                    }
                    throw aqfl.a("No supported algorithm", null, 8, cnns.a);
                }
            }
            byte[] bArr = new byte[32];
            new SecureRandom().nextBytes(bArr);
            cnpx.b(a, "keyStorageType cannot be null");
            cnpx.b(str, "rpId cannot be null");
            String i2 = cnpp.c('.').i(Integer.valueOf(a.f), couc.d.m(bArr), str);
            switch (a) {
                case KEYSTORE:
                case STRONGBOX:
                    this.d.a(i2, a);
                    PublicKey d2 = ahla.d(i2);
                    if (d2 == null) {
                        throw aqfl.a("Failed to get public key from Android keystore", null, 8, cnns.a);
                    }
                    abbl.o(i2, "keyStorageIdentifier cannot be empty");
                    String substring = i2.substring(2);
                    try {
                        aiee a2 = aiee.a(Character.getNumericValue(i2.charAt(0)));
                        byte[] o = couc.d.o(substring.substring(0, substring.indexOf(".") - 1));
                        byte[] a3 = ahkx.a(substring.substring(substring.indexOf(".") + 1), d2);
                        this.c.i(i2, new Date(System.currentTimeMillis()), cnns.a, keyCreationRequestOptions.i);
                        d = bqba.d(KeyData.c(a.f, ahkx.b(a2, o, a3), i2, null, null, keyCreationRequestOptions.i));
                        d.w(new ahke(this));
                        return;
                    } catch (IllegalArgumentException e) {
                        throw aqfl.a("Unable to extract valid keyStorageType from keyStorageIdentifier", e, 8, cnns.a);
                    }
                case SOFTWARE:
                    KeyPair b = b();
                    PublicKey publicKey = b.getPublic();
                    abbl.o(i2, "keyStorageIdentifier cannot be empty");
                    abbl.p(publicKey, "publicKey cannot be null");
                    String substring2 = i2.substring(2);
                    try {
                        aiee a4 = aiee.a(Character.getNumericValue(i2.charAt(0)));
                        byte[] o2 = couc.d.o(substring2.substring(0, substring2.indexOf(".") - 1));
                        byte[] a5 = ahkx.a(substring2.substring(substring2.indexOf(".") + 1), publicKey);
                        this.c.i(i2, new Date(System.currentTimeMillis()), cnpu.j(b), keyCreationRequestOptions.i);
                        d = bqba.d(KeyData.d(ahkx.b(a4, o2, a5), b, i2, null, null, keyCreationRequestOptions.i));
                        d.w(new ahke(this));
                        return;
                    } catch (IllegalArgumentException e2) {
                        throw aqfl.a("Unable to extract valid keyStorageType from keyStorageIdentifier", e2, 8, cnns.a);
                    }
                case SYNCED:
                    if (!dldd.c() || !this.a.h()) {
                        throw new UnsupportedOperationException("Feature disabled");
                    }
                    if (!keyCreationRequestOptions.b) {
                        throw aqfl.a("SYNCED keys must be discoverable", null, 8, cnns.a);
                    }
                    if (keyCreationRequestOptions.e == null || keyCreationRequestOptions.f == null || keyCreationRequestOptions.g == null || keyCreationRequestOptions.h == null) {
                        throw aqfl.a("Metadata fields cannot be null for discoverable credentials", null, 8, cnns.a);
                    }
                    KeyPair b2 = b();
                    byte[] encoded = b2.getPrivate().getEncoded();
                    byte[] bArr2 = new byte[16];
                    byte[] bArr3 = new byte[16];
                    SecureRandom secureRandom = new SecureRandom();
                    secureRandom.nextBytes(bArr2);
                    secureRandom.nextBytes(bArr3);
                    ddlc u = dcqb.l.u();
                    ddjv B = ddjv.B(bArr3);
                    if (!u.b.aa()) {
                        u.I();
                    }
                    dcqb dcqbVar = (dcqb) u.b;
                    dcqbVar.a |= 1;
                    dcqbVar.b = B;
                    ddjv B2 = ddjv.B(bArr2);
                    if (!u.b.aa()) {
                        u.I();
                    }
                    dcqb dcqbVar2 = (dcqb) u.b;
                    dcqbVar2.a |= 2;
                    dcqbVar2.c = B2;
                    if (!u.b.aa()) {
                        u.I();
                    }
                    dcqb dcqbVar3 = (dcqb) u.b;
                    str.getClass();
                    dcqbVar3.a |= 4;
                    dcqbVar3.d = str;
                    ddjv B3 = ddjv.B(keyCreationRequestOptions.e);
                    if (!u.b.aa()) {
                        u.I();
                    }
                    dcqb dcqbVar4 = (dcqb) u.b;
                    dcqbVar4.a = 8 | dcqbVar4.a;
                    dcqbVar4.e = B3;
                    String str2 = keyCreationRequestOptions.f;
                    if (!u.b.aa()) {
                        u.I();
                    }
                    dcqb dcqbVar5 = (dcqb) u.b;
                    str2.getClass();
                    dcqbVar5.a = 32 | dcqbVar5.a;
                    dcqbVar5.h = str2;
                    String str3 = keyCreationRequestOptions.g;
                    if (!u.b.aa()) {
                        u.I();
                    }
                    dcqb dcqbVar6 = (dcqb) u.b;
                    str3.getClass();
                    dcqbVar6.a |= 64;
                    dcqbVar6.i = str3;
                    long currentTimeMillis = System.currentTimeMillis();
                    if (!u.b.aa()) {
                        u.I();
                    }
                    dcqb dcqbVar7 = (dcqb) u.b;
                    dcqbVar7.a = 16 | dcqbVar7.a;
                    dcqbVar7.g = currentTimeMillis;
                    boolean z = keyCreationRequestOptions.i;
                    if (!u.b.aa()) {
                        u.I();
                    }
                    dcqb dcqbVar8 = (dcqb) u.b;
                    dcqbVar8.a |= 256;
                    dcqbVar8.k = z;
                    byte[] d3 = d(c(keyCreationRequestOptions.h.name), encoded, secureRandom);
                    ddjv B4 = ddjv.B(d3);
                    if (!u.b.aa()) {
                        u.I();
                    }
                    dcqb dcqbVar9 = (dcqb) u.b;
                    dcqbVar9.a |= 128;
                    dcqbVar9.j = B4;
                    d = ahlo.a((ahju) this.a.c(), str, keyCreationRequestOptions.e, keyCreationRequestOptions.h).d(new ahki(this, u, keyCreationRequestOptions)).d(new ahkh(this, str, keyCreationRequestOptions)).d(new ahkg(this, keyCreationRequestOptions)).b(new ahkf(keyCreationRequestOptions, bArr2, b2, d3, encoded));
                    d.w(new ahke(this));
                    return;
                case CORP:
                    throw new IllegalStateException("Not supported key storage type");
                default:
                    throw new IllegalStateException("Not supported key storage type");
            }
        } catch (aqfm e3) {
            this.b.a(e3.a(), null);
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // defpackage.aswo
    public final void j(Status status) {
        this.b.a(status, null);
    }
}
