package defpackage;

import android.os.Build;
import android.security.keystore.KeyExpiredException;
import android.security.keystore.KeyGenParameterSpec;
import android.security.keystore.KeyPermanentlyInvalidatedException;
import android.util.Base64;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.ProviderException;
import java.security.Signature;
import java.security.UnrecoverableEntryException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.spec.ECGenParameterSpec;
import java.util.Arrays;

/* compiled from: :com.google.android.gms@203315009@20.33.15 (020308-330018294) */
/* loaded from: classes.dex */
public final class dva {
    private final sac a;

    public dva(sac sacVar) {
        this.a = sacVar;
    }

    public static final KeyPair a(byte[] bArr, byte[] bArr2, boolean z, int i) {
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC", "AndroidKeyStore");
            KeyGenParameterSpec.Builder attestationChallenge = new KeyGenParameterSpec.Builder(f(bArr), 4).setDigests("SHA-256").setAlgorithmParameterSpec(new ECGenParameterSpec("secp256r1")).setAttestationChallenge(e(bArr2));
            int i2 = Build.VERSION.SDK_INT;
            attestationChallenge.setUserAuthenticationRequired(z);
            attestationChallenge.setUserAuthenticationValidityDurationSeconds(i);
            attestationChallenge.setInvalidatedByBiometricEnrollment(false);
            keyPairGenerator.initialize(attestationChallenge.build());
            return keyPairGenerator.generateKeyPair();
        } catch (InvalidAlgorithmParameterException | NoSuchAlgorithmException | NoSuchProviderException | ProviderException e) {
            throw new dvi(dvk.CLIENT_INTERNAL_ERROR, "Failed to generate Key Store key.", e);
        }
    }

    private static KeyStore a() {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
            keyStore.load(null);
            return keyStore;
        } catch (IOException | RuntimeException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            throw new dvi(dvk.CLIENT_INTERNAL_ERROR, "Unable to access Android KeyStore.", e);
        }
    }

    private static boolean a(KeyStore.Entry entry) {
        try {
            Signature.getInstance("SHA256withECDSA").initSign(((KeyStore.PrivateKeyEntry) entry).getPrivateKey());
            return false;
        } catch (ClassCastException e) {
            e = e;
            throw new dvi(dvk.CLIENT_INTERNAL_ERROR, "Error initializing signature", e);
        } catch (InvalidKeyException e2) {
            return (e2 instanceof KeyPermanentlyInvalidatedException) || (e2 instanceof KeyExpiredException);
        } catch (NoSuchAlgorithmException e3) {
            e = e3;
            throw new dvi(dvk.CLIENT_INTERNAL_ERROR, "Error initializing signature", e);
        }
    }

    public static final void b(byte[] bArr) {
        try {
            a().deleteEntry(f(bArr));
        } catch (RuntimeException | KeyStoreException e) {
            throw new dvi(dvk.CLIENT_INTERNAL_ERROR, "Error deleting Android KeyStore key", e);
        }
    }

    public static final KeyStore.Entry c(byte[] bArr) {
        try {
            KeyStore a = a();
            String f = f(bArr);
            KeyStore.Entry entry = a.getEntry(f, null);
            if (entry != null) {
                return entry;
            }
            String valueOf = String.valueOf(f);
            throw new dvi(valueOf.length() != 0 ? "Key does not exist in Android KeyStore: ".concat(valueOf) : new String("Key does not exist in Android KeyStore: "), dvk.CLIENT_INTERNAL_ERROR);
        } catch (RuntimeException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableEntryException e) {
            throw new dvi(dvk.CLIENT_INTERNAL_ERROR, "Error retrieving Android KeyStore entry", e);
        }
    }

    public static final byte[] d(byte[] bArr) {
        try {
            return CertificateFactory.getInstance("X.509").generateCertPath(Arrays.asList(((KeyStore.PrivateKeyEntry) c(bArr)).getCertificateChain())).getEncoded("PkiPath");
        } catch (CertificateException e) {
            throw new dvi(dvk.CLIENT_INTERNAL_ERROR, "Error getting certificate chain.", e);
        }
    }

    private static byte[] e(byte[] bArr) {
        try {
            return MessageDigest.getInstance("SHA-256").digest(bArr);
        } catch (NoSuchAlgorithmException e) {
            throw e;
        }
    }

    private static String f(byte[] bArr) {
        return Base64.encodeToString(bArr, 11);
    }

    public final boolean a(byte[] bArr) {
        try {
            return !a(c(bArr));
        } catch (dvi e) {
            sac sacVar = this.a;
            String valueOf = String.valueOf(e.getMessage());
            sacVar.b(valueOf.length() != 0 ? "Failed to find valid key in Keystore: ".concat(valueOf) : new String("Failed to find valid key in Keystore: "), new Object[0]);
            return false;
        }
    }
}
