package com.centrify.android.keystore;

import android.content.Context;
import android.os.Build;
import com.centrify.agent.samsung.utils.LogUtil;
import com.centrify.android.utils.KeyStoreUtils;
import java.io.IOException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import org.apache.commons.codec.binary.Base64;
import org.spongycastle.cms.CMSException;
import org.spongycastle.jce.provider.BouncyCastleProvider;
import org.spongycastle.operator.OperatorCreationException;

/* loaded from: classes.dex */
public class SystemKeyStoreManager implements KeyStoreManager {
    private static final String TAG = "SystemKeyStoreManager";
    KeyStore mAndroidKeyStore = getAndroidKeyStore();
    private Context mAppContext;

    public SystemKeyStoreManager(Context context) {
        this.mAppContext = context;
    }

    private KeyStore getAndroidKeyStore() {
        LogUtil.debug(TAG, "getAndroidKeyStore");
        if (this.mAndroidKeyStore == null && Build.VERSION.SDK_INT >= 23) {
            try {
                KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
                keyStore.load(null);
                this.mAndroidKeyStore = keyStore;
            } catch (IOException e) {
                LogUtil.error(TAG, "getAndroidKeyStore" + e.getMessage(), e);
            } catch (KeyStoreException e2) {
                LogUtil.error(TAG, "getAndroidKeyStore" + e2.getMessage(), e2);
            } catch (NoSuchAlgorithmException e3) {
                LogUtil.error(TAG, "getAndroidKeyStore" + e3.getMessage(), e3);
            } catch (CertificateException e4) {
                LogUtil.error(TAG, "getAndroidKeyStore" + e4.getMessage(), e4);
            }
        }
        return this.mAndroidKeyStore;
    }

    @Override // com.centrify.android.keystore.KeyStoreManager
    public void clearKeyStore() {
        LogUtil.info(TAG, "Clear key store called:");
        KeyStore androidKeyStore = getAndroidKeyStore();
        if (androidKeyStore != null) {
            try {
                Enumeration<String> aliases = androidKeyStore.aliases();
                while (aliases.hasMoreElements()) {
                    androidKeyStore.deleteEntry(aliases.nextElement());
                }
            } catch (KeyStoreException e) {
                LogUtil.error(TAG, "Clear key store exception", e);
            }
        }
    }

    @Override // com.centrify.android.keystore.KeyStoreManager
    public String getCMS(String str, char[] cArr) {
        LogUtil.debug(TAG, "getCMS method called:" + str);
        String str2 = null;
        try {
            KeyStore androidKeyStore = getAndroidKeyStore();
            if (androidKeyStore != null) {
                Key privateKeyFromPkcs12 = KeyStoreUtils.privateKeyFromPkcs12(androidKeyStore, str);
                X509Certificate certificateFromPkcs12 = KeyStoreUtils.certificateFromPkcs12(androidKeyStore, str);
                if (privateKeyFromPkcs12 == null) {
                    LogUtil.error(TAG, "privateKey not found" + str);
                    return null;
                }
                str2 = new String(Base64.encodeBase64(KeyStoreUtils.signWithCert("".getBytes(), certificateFromPkcs12, (PrivateKey) privateKeyFromPkcs12, null)));
            }
        } catch (IOException e) {
            LogUtil.error(TAG, "getCMS " + e.getMessage(), e);
        } catch (KeyStoreException e2) {
            LogUtil.error(TAG, "getCMS " + e2.getMessage(), e2);
        } catch (NoSuchAlgorithmException e3) {
            LogUtil.error(TAG, "getCMS " + e3.getMessage(), e3);
        } catch (UnrecoverableKeyException e4) {
            LogUtil.error(TAG, "getCMS " + e4.getMessage(), e4);
        } catch (CertificateEncodingException e5) {
            LogUtil.error(TAG, "getCMS " + e5.getMessage(), e5);
        } catch (CMSException e6) {
            LogUtil.error(TAG, "getCMS " + e6.getMessage(), e6);
        } catch (OperatorCreationException e7) {
            LogUtil.error(TAG, "getCMS " + e7.getMessage(), e7);
        }
        return str2;
    }

    @Override // com.centrify.android.keystore.KeyStoreManager
    public KeyStore getCert(String str, char[] cArr) {
        LogUtil.debug(TAG, "getCert method called:" + str);
        KeyStore keyStore = null;
        try {
            keyStore = KeyStore.getInstance("PKCS12", BouncyCastleProvider.PROVIDER_NAME);
            keyStore.load(null);
            PrivateKey privateKey = getPrivateKey(str, cArr);
            X509Certificate[] certificateChain = getCertificateChain(str, cArr);
            if (privateKey != null && certificateChain != null && certificateChain.length > 0) {
                keyStore.setKeyEntry(str, privateKey, null, certificateChain);
            }
        } catch (IOException e) {
            LogUtil.error(TAG, "getCert " + e.getMessage(), e);
        } catch (KeyStoreException e2) {
            LogUtil.error(TAG, "getCert " + e2.getMessage(), e2);
        } catch (NoSuchAlgorithmException e3) {
            LogUtil.error(TAG, "getCert " + e3.getMessage(), e3);
        } catch (NoSuchProviderException e4) {
            LogUtil.error(TAG, "getCert " + e4.getMessage(), e4);
        } catch (CertificateException e5) {
            LogUtil.error(TAG, "getCert " + e5.getMessage(), e5);
        }
        return keyStore;
    }

    @Override // com.centrify.android.keystore.KeyStoreManager
    public X509Certificate[] getCertificateChain(String str, char[] cArr) {
        KeyStore androidKeyStore = getAndroidKeyStore();
        if (androidKeyStore == null) {
            return null;
        }
        try {
            X509Certificate certificateFromPkcs12 = KeyStoreUtils.certificateFromPkcs12(androidKeyStore, str);
            if (certificateFromPkcs12 != null) {
                return new X509Certificate[]{certificateFromPkcs12};
            }
            return null;
        } catch (KeyStoreException e) {
            LogUtil.error(TAG, "Get certificate chain  from  key store failed for:" + str, e);
            return null;
        }
    }

    @Override // com.centrify.android.keystore.KeyStoreManager
    public PrivateKey getPrivateKey(String str, char[] cArr) {
        KeyStore androidKeyStore = getAndroidKeyStore();
        if (androidKeyStore == null) {
            return null;
        }
        try {
            return (PrivateKey) KeyStoreUtils.privateKeyFromPkcs12(androidKeyStore, str);
        } catch (KeyStoreException e) {
            LogUtil.error(TAG, "Get private Key from  key store failed for:" + str, e);
            return null;
        } catch (NoSuchAlgorithmException e2) {
            LogUtil.error(TAG, "Get private Key from  key store failed for::" + str, e2);
            return null;
        } catch (UnrecoverableKeyException e3) {
            LogUtil.error(TAG, "Get private Key from  key store failed for:" + str, e3);
            return null;
        }
    }

    @Override // com.centrify.android.keystore.KeyStoreManager
    public boolean isCertAvailable(String str, char[] cArr) {
        LogUtil.debug(TAG, "isCertAvailable method called:" + str);
        try {
            KeyStore androidKeyStore = getAndroidKeyStore();
            r1 = androidKeyStore != null ? androidKeyStore.containsAlias(str) : false;
            LogUtil.debug(TAG, "isCertAvailable method called:" + r1);
        } catch (KeyStoreException e) {
            LogUtil.error(TAG, e.getMessage(), e);
        }
        return r1;
    }

    @Override // com.centrify.android.keystore.KeyStoreManager
    public void removeCert(String str) {
        LogUtil.debug(TAG, "removeCert method called:" + str);
        try {
            KeyStore androidKeyStore = getAndroidKeyStore();
            if (androidKeyStore != null) {
                androidKeyStore.deleteEntry(str);
                LogUtil.info(TAG, "Cert removed from android keystore:" + str);
            }
        } catch (KeyStoreException e) {
            LogUtil.error(TAG, e.getMessage(), e);
        }
    }

    @Override // com.centrify.android.keystore.KeyStoreManager
    public void removeCerts(String[] strArr) {
        KeyStore androidKeyStore = getAndroidKeyStore();
        if (androidKeyStore != null) {
            for (String str : strArr) {
                try {
                    androidKeyStore.deleteEntry(str);
                    LogUtil.info(TAG, "Cert removed from android keystore:" + str);
                } catch (KeyStoreException e) {
                    LogUtil.error(TAG, "Delete cert from key store failed for:" + str, e);
                }
            }
        }
    }

    @Override // com.centrify.android.keystore.KeyStoreManager
    public boolean saveCert(String str, Key key, Certificate[] certificateArr) {
        KeyStore androidKeyStore = getAndroidKeyStore();
        if (androidKeyStore == null) {
            return false;
        }
        try {
            androidKeyStore.setKeyEntry(str, key, null, certificateArr);
            LogUtil.info(TAG, "cert (pk & cert) stored successfully in android keystore:" + str);
            return true;
        } catch (KeyStoreException e) {
            LogUtil.error(TAG, "Error occurred while storing cert to Android key store", e);
            return false;
        }
    }

    @Override // com.centrify.android.keystore.KeyStoreManager
    public boolean saveCert(String str, char[] cArr, String str2, char[] cArr2) {
        LogUtil.debug(TAG, "saveCert method called:" + str2);
        KeyStore androidKeyStore = getAndroidKeyStore();
        if (androidKeyStore == null) {
            return false;
        }
        try {
            KeyStore generateKeyStore = KeyStoreUtils.generateKeyStore(str, cArr);
            androidKeyStore.setKeyEntry(str2, KeyStoreUtils.privateKeyFromPkcs12(generateKeyStore), null, new Certificate[]{KeyStoreUtils.certificateFromPkcs12(generateKeyStore)});
            LogUtil.info(TAG, "cert stored successfully in android keystore:" + str2);
            return true;
        } catch (IOException e) {
            LogUtil.error(TAG, "saveCert " + e.getMessage(), e);
            return false;
        } catch (KeyStoreException e2) {
            LogUtil.error(TAG, "saveCert " + e2.getMessage(), e2);
            return false;
        } catch (NoSuchAlgorithmException e3) {
            LogUtil.error(TAG, "saveCert " + e3.getMessage(), e3);
            return false;
        } catch (NoSuchProviderException e4) {
            LogUtil.error(TAG, "saveCert " + e4.getMessage(), e4);
            return false;
        } catch (UnrecoverableKeyException e5) {
            LogUtil.error(TAG, "saveCert " + e5.getMessage(), e5);
            return false;
        } catch (CertificateException e6) {
            LogUtil.error(TAG, "saveCert " + e6.getMessage(), e6);
            return false;
        }
    }
}
