package defpackage;

import android.accounts.Account;
import android.content.Context;
import com.google.android.gms.auth.folsom.SharedKey;
import com.google.android.gms.fido.credentialstore.KeyMetadata;
import java.nio.charset.StandardCharsets;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.Arrays;
import java.util.List;
import java.util.concurrent.ExecutionException;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import javax.crypto.spec.GCMParameterSpec;
import javax.crypto.spec.SecretKeySpec;

/* compiled from: :com.google.android.gms@224915015@22.49.15 (040300-499306216) */
/* loaded from: classes3.dex */
public final class ahpe extends ahpd {
    private final Context d;
    private final byte[] e;
    private final KeyMetadata f;
    private final Account g;
    private final byte[] h;
    private final boolean i;
    private final PublicKey j;
    private static final abcp k = new abcp(new String[]{"SyncedKeyCryptoObject"}, (char[]) null);
    private static final byte[] b = "KeychainApplicationKey:gmscore_module:com.google.android.gms.fido".getBytes(StandardCharsets.US_ASCII);
    private static final byte[] c = new byte[0];

    public ahpe(Context context, byte[] bArr, PublicKey publicKey, PrivateKey privateKey, KeyMetadata keyMetadata, Account account, boolean z) {
        super(privateKey);
        this.d = context.getApplicationContext();
        this.e = bArr;
        this.j = publicKey;
        this.f = keyMetadata;
        this.g = account;
        this.h = null;
        this.i = z;
    }

    public ahpe(Context context, byte[] bArr, PublicKey publicKey, byte[] bArr2, KeyMetadata keyMetadata, Account account, boolean z) {
        super(null);
        this.d = context.getApplicationContext();
        this.e = bArr;
        this.j = publicKey;
        this.f = keyMetadata;
        this.g = account;
        this.h = bArr2;
        this.i = z;
    }

    private static PrivateKey n(byte[] bArr, byte[] bArr2) {
        int length = bArr2.length;
        if (length < 12) {
            throw aqfl.a("Cyphertext is too short.", null, 8, cnns.a);
        }
        try {
            SecretKeySpec secretKeySpec = new SecretKeySpec(bArr, "AES");
            Cipher cipher = Cipher.getInstance("AES/GCM/NoPadding");
            byte[] copyOfRange = Arrays.copyOfRange(bArr2, 0, 12);
            byte[] copyOfRange2 = Arrays.copyOfRange(bArr2, 12, length);
            cipher.init(2, secretKeySpec, new GCMParameterSpec(128, copyOfRange));
            return KeyFactory.getInstance("EC").generatePrivate(new PKCS8EncodedKeySpec(cipher.doFinal(copyOfRange2)));
        } catch (InvalidAlgorithmParameterException | InvalidKeyException | NoSuchAlgorithmException | InvalidKeySpecException | BadPaddingException | IllegalBlockSizeException | NoSuchPaddingException e) {
            k.m("Failed to decrypt or decode private key.", e, new Object[0]);
            throw aqfl.a("Failed to decrypt credential.", e, 8, cnns.a);
        }
    }

    private static byte[] o(byte[] bArr) {
        if (bArr.length != 32) {
            throw aqfl.a("Domain secret invalid length.", null, 8, cnns.a);
        }
        try {
            return dexy.k(new SecretKeySpec(bArr, "AES"), c, b);
        } catch (InvalidKeyException | NoSuchAlgorithmException e) {
            throw aqfl.a("Failed to derive domain secret.", e, 8, cnns.a);
        }
    }

    @Override // defpackage.ahpa
    public final cnpu a() {
        return cnpu.j(this.f);
    }

    @Override // defpackage.ahpd, defpackage.ahpa
    public final cnpu c() {
        return cnpu.j(this.g);
    }

    @Override // defpackage.ahpa
    public final crzk d() {
        return crzd.i(0L);
    }

    @Override // defpackage.ahpa
    public final PublicKey f() {
        PublicKey publicKey = this.j;
        if (publicKey != null) {
            return publicKey;
        }
        throw null;
    }

    @Override // defpackage.ahpd, defpackage.ahpa
    public final void g() {
        if (dlcf.c() && j()) {
            Context context = this.d;
            String str = this.g.name;
            oug a = ouh.a();
            a.a = "hw_protected";
            try {
                List list = (List) aqfj.c(oue.a(context, a.a()).hd(str)).get();
                if (list.isEmpty()) {
                    throw aqfl.a("No shared keys available.", null, 8, cnns.a);
                }
                k.c("Got shared keys for %s", str);
                this.a = n(o(((SharedKey) cobh.o(list)).b), (byte[]) cnpx.a(this.h));
            } catch (InterruptedException | ExecutionException e) {
                throw aqfl.a("Error getting shared keys.", e, 8, cnns.a);
            }
        }
        super.g();
    }

    @Override // defpackage.ahpa
    public final boolean h() {
        return false;
    }

    @Override // defpackage.ahpa
    public final boolean i() {
        return true;
    }

    @Override // defpackage.ahpd, defpackage.ahpa
    public final boolean j() {
        return this.a == null;
    }

    @Override // defpackage.ahpa
    public final boolean k() {
        return this.i;
    }

    @Override // defpackage.ahpa
    public final boolean l() {
        return false;
    }

    @Override // defpackage.ahpa
    public final byte[] m() {
        return this.e;
    }
}
