package com.samsung.android.email.newsecurity.smime;

import android.os.Process;
import android.os.RemoteException;
import com.samsung.android.email.common.util.SemCryptoUtil;
import com.samsung.android.emailcommon.basic.exception.CertificateManagerException;
import com.samsung.android.emailcommon.basic.log.SemSMIMELog;
import com.samsung.android.emailcommon.newsecurity.CertificateConst;
import com.samsung.android.knox.util.SemCertAndroidKeyStore;
import com.samsung.android.knox.util.SemCertByte;
import com.samsung.android.knox.util.SemKeyStoreManager;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;

/* loaded from: classes2.dex */
public class SemCertificateInstaller implements CertificateInstaller {
    private static final String TAG = "SemCertificateInstaller";
    private SemCertAndroidKeyStore mSemCertAndroidKeyStoreForCA;
    private final SemKeyStoreManager mSemKeyStoreManager;

    public SemCertificateInstaller(SemKeyStoreManager semKeyStoreManager) {
        this.mSemKeyStoreManager = semKeyStoreManager;
    }

    private SemCertByte getSemCertByte(X509Certificate[] x509CertificateArr, ByteArrayOutputStream byteArrayOutputStream) throws CertificateEncodingException, IOException {
        SemCertByte semCertByte = SMIMEInstanceFactory.getSemCertByte();
        semCertByte.certsize = byteArrayOutputStream.size();
        semCertByte.certBytes = byteArrayOutputStream.toByteArray();
        byte[] convertToPem = SemCryptoUtil.convertToPem(x509CertificateArr);
        semCertByte.caSize = convertToPem.length;
        semCertByte.caCertBytes = convertToPem;
        return semCertByte;
    }

    private X509Certificate getX509Certificate(Certificate[] certificateArr, X509Certificate[] x509CertificateArr) {
        X509Certificate x509Certificate = null;
        int i = 0;
        for (Certificate certificate : certificateArr) {
            X509Certificate x509Certificate2 = (X509Certificate) certificate;
            if (SemCryptoUtil.isCa(x509Certificate2)) {
                x509CertificateArr[i] = x509Certificate2;
                i++;
            } else {
                x509Certificate = x509Certificate2;
            }
        }
        return x509Certificate;
    }

    @Override // com.samsung.android.email.newsecurity.smime.CertificateInstaller
    public void install(KeyStore keyStore, String str, String str2) throws CertificateManagerException, RemoteException, CertificateException, UnrecoverableKeyException, NoSuchAlgorithmException, KeyStoreException, NoSuchProviderException, IOException {
        Certificate[] certificateChain = keyStore.getCertificateChain(str2);
        Key key = keyStore.getKey(str2, str.toCharArray());
        X509Certificate[] x509Certificates = SMIMEInstanceFactory.getX509Certificates(certificateChain.length - 1);
        X509Certificate x509Certificate = getX509Certificate(certificateChain, x509Certificates);
        installCa(x509Certificates);
        String replace = str2.trim().replace(' ', '_');
        int installCertInAndroidKeyStore = this.mSemKeyStoreManager.installCertInAndroidKeyStore(getSemCertByte(x509Certificates, KeyStoreManager.getCertByteArrayOutputStream(str, replace, key, SMIMEInstanceFactory.getX509Certificates(x509Certificate))), replace, str.toCharArray(), false, Process.myUid());
        String str3 = TAG;
        SemSMIMELog.d("%s::Status code from SCEP proxy for cert installation statusCode[%s]", str3, Integer.valueOf(installCertInAndroidKeyStore));
        if (installCertInAndroidKeyStore == 0) {
            SemSMIMELog.d("%s::EMAIL Key Installation alias[%s] SUCCESS", str3, replace);
        } else {
            SemSMIMELog.sysW("%s::EMAIL Key Installation alias[%s] FAILURE", str3, replace);
            throw new CertificateManagerException(CertificateConst.KEYSTORE_PROXY_CERT_INSTALL_ERROR);
        }
    }

    @Override // com.samsung.android.email.newsecurity.smime.CertificateInstaller
    public void installCa(Certificate[] certificateArr) throws RemoteException {
        if (certificateArr.length > 0) {
            if (this.mSemCertAndroidKeyStoreForCA == null) {
                this.mSemCertAndroidKeyStoreForCA = new SemCertAndroidKeyStore();
            }
            this.mSemCertAndroidKeyStoreForCA.certs = certificateArr;
            SemSMIMELog.d("%s::Status code for CA cert installation statusCode[%s]", TAG, Integer.valueOf(this.mSemKeyStoreManager.installCaCert(this.mSemCertAndroidKeyStoreForCA)));
        }
    }

    void setSemCertAndroidKeyStore(SemCertAndroidKeyStore semCertAndroidKeyStore) {
        this.mSemCertAndroidKeyStoreForCA = semCertAndroidKeyStore;
    }
}
