package defpackage;

import android.security.keystore.KeyGenParameterSpec;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.ProviderException;
import java.security.PublicKey;
import java.security.SecureRandom;
import java.security.Signature;
import java.security.SignatureException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.security.spec.ECGenParameterSpec;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.X509EncodedKeySpec;
import java.util.Arrays;
import javax.security.auth.x500.X500Principal;

/* compiled from: :com.google.android.gms@224915015@22.49.15 (040300-499306216) */
/* loaded from: classes4.dex */
public final class axjo {
    private final SecureRandom b = new SecureRandom();
    public final axjn a = new axjn();

    static String a(String str) {
        return String.format("%s.%s", "nearby.connections", str);
    }

    static final Signature e() {
        return Signature.getInstance("SHA256withECDSA");
    }

    public static final boolean f(byte[] bArr, byte[] bArr2, byte[] bArr3) {
        if (!dmyg.aC()) {
            return false;
        }
        try {
            KeyFactory keyFactory = KeyFactory.getInstance("EC");
            X509EncodedKeySpec x509EncodedKeySpec = new X509EncodedKeySpec(bArr);
            try {
                PublicKey generatePublic = keyFactory.generatePublic(x509EncodedKeySpec);
                try {
                    Signature e = e();
                    try {
                        e.initVerify(generatePublic);
                        try {
                            e.update(bArr2);
                            return e.verify(bArr3);
                        } catch (SignatureException e2) {
                            ((cojz) ((cojz) ((cojz) axje.a.j()).s(e2)).aj((char) 5289)).y("Failed to verify bytes with paired key.");
                            return false;
                        }
                    } catch (InvalidKeyException e3) {
                        ((cojz) ((cojz) ((cojz) axje.a.j()).s(e3)).aj((char) 5290)).y("Failed to verify bytes with paired key.");
                        return false;
                    }
                } catch (NoSuchAlgorithmException e4) {
                    ((cojz) ((cojz) ((cojz) axje.a.j()).s(e4)).aj((char) 5291)).C("Failed to verify bytes with paired key: %s", "SHA256withECDSA");
                    return false;
                }
            } catch (InvalidKeySpecException e5) {
                ((cojz) ((cojz) ((cojz) axje.a.j()).s(e5)).aj((char) 5292)).C("Failed to verify bytes with paired key: %s", x509EncodedKeySpec.getFormat());
                return false;
            }
        } catch (NoSuchAlgorithmException e6) {
            ((cojz) ((cojz) ((cojz) axje.a.j()).s(e6)).aj((char) 5293)).C("Failed to verify bytes with paired key: %s", "EC");
            return false;
        }
    }

    private final byte[] g() {
        byte[] bArr = new byte[72];
        this.b.nextBytes(bArr);
        return bArr;
    }

    public final void b(String str) {
        try {
            axjn axjnVar = this.a;
            String a = a(str);
            KeyStore keyStore = axjnVar.a;
            if (keyStore == null) {
                throw new KeyStoreException("No AndroidKeyStore found on device.");
            }
            if (keyStore.containsAlias(a)) {
                axjnVar.a.deleteEntry(a);
            }
        } catch (KeyStoreException e) {
            absf absfVar = axje.a;
        }
    }

    public final byte[] c(String str) {
        if (!dmyg.aC()) {
            return null;
        }
        String a = a(str);
        try {
            Certificate a2 = this.a.a(a);
            if (a2 != null) {
                return a2.getPublicKey().getEncoded();
            }
            try {
                KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC", "AndroidKeyStore");
                try {
                    keyPairGenerator.initialize(new KeyGenParameterSpec.Builder(a, 12).setDigests("SHA-256").setAlgorithmParameterSpec(new ECGenParameterSpec("secp256r1")).setCertificateSubject(new X500Principal("O=Google, OU=Android, C=US")).setRandomizedEncryptionRequired(false).build());
                    try {
                        keyPairGenerator.generateKeyPair();
                        absf absfVar = axje.a;
                        try {
                            Certificate a3 = this.a.a(a);
                            if (a3 == null) {
                                return null;
                            }
                            return a3.getPublicKey().getEncoded();
                        } catch (KeyStoreException e) {
                            ((cojz) ((cojz) ((cojz) axje.a.j()).s(e)).aj((char) 5296)).y("Failed to create paired key.");
                            return null;
                        }
                    } catch (ProviderException e2) {
                        ((cojz) ((cojz) ((cojz) axje.a.j()).s(e2)).aj((char) 5297)).y("Failed to create paired key.");
                        return null;
                    }
                } catch (InvalidAlgorithmParameterException e3) {
                    ((cojz) ((cojz) ((cojz) axje.a.j()).s(e3)).aj((char) 5298)).y("Failed to create paired key.");
                    return null;
                }
            } catch (NoSuchAlgorithmException | NoSuchProviderException e4) {
                ((cojz) ((cojz) ((cojz) axje.a.j()).s(e4)).aj((char) 5299)).y("Failed to create paired key.");
                return null;
            }
        } catch (KeyStoreException e5) {
            ((cojz) ((cojz) ((cojz) axje.a.j()).s(e5)).aj((char) 5294)).y("Failed to create paired key.");
            return null;
        }
    }

    public final byte[] d(String str, byte[] bArr) {
        if (!dmyg.aC()) {
            return g();
        }
        try {
            String a = a(str);
            KeyStore keyStore = this.a.a;
            if (keyStore == null) {
                throw new KeyStoreException("No AndroidKeyStore found on device.");
            }
            PrivateKey privateKey = (PrivateKey) keyStore.getKey(a, null);
            X509Certificate x509Certificate = (X509Certificate) this.a.a(a);
            if (privateKey == null) {
                ((cojz) ((cojz) axje.a.j()).aj((char) 5304)).y("No private key is available. Failed to sign with paired key.");
                return g();
            }
            if (x509Certificate != null && x509Certificate.getPublicKey() != null) {
                absf absfVar = axje.a;
                Arrays.toString(x509Certificate.getPublicKey().getEncoded());
            }
            try {
                Signature e = e();
                try {
                    e.initSign(privateKey);
                    try {
                        e.update(bArr);
                        return e.sign();
                    } catch (SignatureException e2) {
                        ((cojz) ((cojz) ((cojz) axje.a.j()).s(e2)).aj((char) 5300)).y("Failed to sign with paired key.");
                        return g();
                    }
                } catch (InvalidKeyException e3) {
                    ((cojz) ((cojz) ((cojz) axje.a.j()).s(e3)).aj((char) 5301)).C("Failed to sign with paired key: %s", privateKey.getAlgorithm());
                    return g();
                }
            } catch (NoSuchAlgorithmException e4) {
                ((cojz) ((cojz) ((cojz) axje.a.j()).s(e4)).aj((char) 5302)).y("Failed to sign with paired key.");
                return g();
            }
        } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException e5) {
            ((cojz) ((cojz) ((cojz) axje.a.j()).s(e5)).aj((char) 5305)).y("Failed to sign with paired key.");
            return g();
        }
    }
}
