package defpackage;

import android.content.Context;
import android.security.keystore.KeyExpiredException;
import android.security.keystore.KeyGenParameterSpec;
import android.security.keystore.KeyInfo;
import android.security.keystore.KeyPermanentlyInvalidatedException;
import android.security.keystore.UserNotAuthenticatedException;
import android.security.keystore.UserPresenceUnavailableException;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.UnrecoverableEntryException;
import java.security.cert.CertificateException;
import java.security.spec.ECGenParameterSpec;
import java.security.spec.InvalidKeySpecException;

/* compiled from: :com.google.android.gms@212116098@21.21.16 (080406-378233385) */
/* loaded from: classes2.dex */
public final class pha {
    private final Context b;
    private static final lcf c = new lcf("KeyStoreCryptoHelper");
    private static final pvz a = pvz.SECP256R1;

    public pha(Context context) {
        auzx.a(context);
        this.b = context;
    }

    public static final void b(String str) {
        auzx.b(str, "keyStorageIdentifier cannot be null");
        auzx.d(!str.trim().isEmpty(), "keyStorageIdentifier cannot be empty");
        c.b("Deleting key in Android KeyStore", new Object[0]);
        try {
            h().a(str);
        } catch (KeyStoreException | tuj e) {
            tvu b = tvv.b();
            b.c = 8;
            b.b = e;
            b.a = "Unable to delete the key from Android Keystore";
            throw b.a();
        }
    }

    public static final PrivateKey c(String str) {
        auzx.a(str);
        try {
            KeyStore.Entry c2 = new tuk().c(str);
            if (c2 != null) {
                return ((KeyStore.PrivateKeyEntry) c2).getPrivateKey();
            }
            tvu b = tvv.b();
            b.c = 8;
            b.a = "Unable to get the private key from Android Keystore";
            throw b.a();
        } catch (IOException | ClassCastException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableEntryException | CertificateException | tuj e) {
            tvu b2 = tvv.b();
            b2.c = 8;
            b2.b = e;
            b2.a = "Unable to get the private key from Android Keystore";
            throw b2.a();
        }
    }

    public static final PublicKey d(String str) {
        auzx.b(str, "keyStorageIdentifier cannot be null");
        auzx.d(!str.trim().isEmpty(), "keyStorageIdentifier cannot be empty");
        c.b("Retrieving public key in Android KeyStore", new Object[0]);
        try {
            KeyStore.Entry c2 = h().c(str);
            if (c2 == null) {
                return null;
            }
            return ((KeyStore.PrivateKeyEntry) c2).getCertificate().getPublicKey();
        } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableEntryException | tuj e) {
            tvu b = tvv.b();
            b.c = 8;
            b.b = e;
            b.a = "Unable to get the public key from Android Keystore";
            throw b.a();
        }
    }

    public static final boolean e(String str) {
        auzx.a(str);
        tuk h = h();
        if (!bhyh.c()) {
            try {
                return h.b(str);
            } catch (KeyStoreException | tuj e) {
                tvu b = tvv.b();
                b.c = 8;
                b.b = e;
                b.a = "Unable to check if the key exist in Android Keystore";
                throw b.a();
            }
        }
        try {
            KeyStore.Entry c2 = h.c(str);
            if (c2 == null) {
                return false;
            }
            Signature.getInstance("SHA256withECDSA").initSign(((KeyStore.PrivateKeyEntry) c2).getPrivateKey());
            return true;
        } catch (InvalidKeyException e2) {
            return i(h, str, e2);
        } catch (KeyStoreException e3) {
            e = e3;
            tvu b2 = tvv.b();
            b2.c = 8;
            b2.b = e;
            b2.a = "Error looking up Android KeyStore key";
            throw b2.a();
        } catch (NoSuchAlgorithmException e4) {
            e = e4;
            tvu b22 = tvv.b();
            b22.c = 8;
            b22.b = e;
            b22.a = "Error looking up Android KeyStore key";
            throw b22.a();
        } catch (UnrecoverableEntryException e5) {
            e = e5;
            tvu b222 = tvv.b();
            b222.c = 8;
            b222.b = e;
            b222.a = "Error looking up Android KeyStore key";
            throw b222.a();
        } catch (tuj e6) {
            e = e6;
            tvu b2222 = tvv.b();
            b2222.c = 8;
            b2222.b = e;
            b2222.a = "Error looking up Android KeyStore key";
            throw b2222.a();
        }
    }

    public static final KeyInfo f(String str) {
        try {
            return (KeyInfo) KeyFactory.getInstance("EC", "AndroidKeyStore").getKeySpec(c(str), KeyInfo.class);
        } catch (NoSuchAlgorithmException | NoSuchProviderException | InvalidKeySpecException e) {
            tvu b = tvv.b();
            b.c = 8;
            b.b = e;
            b.a = "Failed to get the keyInfo.";
            throw b.a();
        }
    }

    private static tui g() {
        try {
            return new tui();
        } catch (NoSuchAlgorithmException | NoSuchProviderException | tuj e) {
            tvu b = tvv.b();
            b.c = 8;
            b.b = e;
            b.a = "Unable to access KeyPairGenerator";
            throw b.a();
        }
    }

    private static tuk h() {
        try {
            return new tuk();
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException | tuj e) {
            tvu b = tvv.b();
            b.c = 8;
            b.b = e;
            b.a = "Unable to access Android KeyStore";
            throw b.a();
        }
    }

    private static boolean i(tuk tukVar, String str, InvalidKeyException invalidKeyException) {
        if (!lqu.b()) {
            tvu b = tvv.b();
            b.c = 8;
            b.a = "Error looking up Android KeyStore key";
            throw b.a();
        }
        if (invalidKeyException instanceof UserNotAuthenticatedException) {
            return true;
        }
        if (lqu.g() && (invalidKeyException instanceof UserPresenceUnavailableException)) {
            return true;
        }
        if ((invalidKeyException instanceof KeyPermanentlyInvalidatedException) || (invalidKeyException instanceof KeyExpiredException)) {
            try {
                tukVar.a(str);
                return false;
            } catch (KeyStoreException e) {
                return false;
            } catch (tuj e2) {
                return false;
            }
        }
        tvu b2 = tvv.b();
        b2.c = 8;
        b2.b = invalidKeyException;
        b2.a = "Error looking up Android KeyStore key";
        throw b2.a();
    }

    /* JADX WARN: Failed to find 'out' block for switch in B:9:0x005b. Please report as an issue. */
    public final void a(String str, pwr pwrVar) {
        KeyGenParameterSpec.Builder userAuthenticationValidityDurationSeconds;
        auzx.b(str, "keyStorageIdentifier cannot be null");
        auzx.d(!str.trim().isEmpty(), "keyStorageIdentifier cannot be empty");
        auzx.d(pwrVar != pwr.KEYSTORE ? pwrVar == pwr.STRONGBOX : true, "keyStorageType can only be KEYSTORE or STRONGBOX");
        c.b("Creating a key pair in Android KeyStore", new Object[0]);
        tui g = g();
        try {
            KeyGenParameterSpec.Builder algorithmParameterSpec = new KeyGenParameterSpec.Builder(str, 4).setDigests("SHA-256").setAlgorithmParameterSpec(new ECGenParameterSpec(auyb.b(a.name())));
            switch (pwrVar) {
                case KEYSTORE:
                    userAuthenticationValidityDurationSeconds = algorithmParameterSpec.setUserAuthenticationRequired(true).setUserAuthenticationValidityDurationSeconds(((Integer) pwo.f.g()).intValue());
                    try {
                        g.a.initialize(userAuthenticationValidityDurationSeconds.build());
                        try {
                            g.a.generateKeyPair();
                            return;
                        } catch (RuntimeException e) {
                            throw new tuj("Unable to generate key pair via keyPairGenerator", e);
                        }
                    } catch (RuntimeException e2) {
                        throw new tuj("Unable to initialize keyPairGenerator", e2);
                    }
                case SOFTWARE:
                default:
                    throw new IllegalStateException("Not supported key storage type");
                case STRONGBOX:
                    auzx.d(lqu.g(), "the platform version must be at least P");
                    auzx.d(this.b.getPackageManager().hasSystemFeature("android.hardware.strongbox_keystore"), "Strongbox feature is not supported");
                    userAuthenticationValidityDurationSeconds = algorithmParameterSpec.setIsStrongBoxBacked(true).setUserPresenceRequired(true);
                    g.a.initialize(userAuthenticationValidityDurationSeconds.build());
                    g.a.generateKeyPair();
                    return;
            }
        } catch (InvalidAlgorithmParameterException | tuj e3) {
            tvu b = tvv.b();
            b.c = 8;
            b.b = e3;
            b.a = "Unable to generate Android Keystore key pair";
            throw b.a();
        }
    }
}
