package android.security.identity;

import android.content.Context;
import android.os.RemoteException;
import android.os.ServiceSpecificException;
import android.security.GateKeeper;
import android.security.identity.PersonalizationData;
import java.io.ByteArrayInputStream;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;

/* loaded from: classes.dex */
class CredstoreWritableIdentityCredential extends WritableIdentityCredential {
    private static final String TAG = "CredstoreWritableIdentityCredential";
    private IWritableCredential mBinder;
    private Context mContext;
    private String mCredentialName;
    private String mDocType;

    /* JADX INFO: Access modifiers changed from: package-private */
    public CredstoreWritableIdentityCredential(Context context, String str, String str2, IWritableCredential iWritableCredential) {
        this.mContext = context;
        this.mDocType = str2;
        this.mCredentialName = str;
        this.mBinder = iWritableCredential;
    }

    private static long getRootSid() {
        long secureUserId = GateKeeper.getSecureUserId();
        if (secureUserId != 0) {
            return secureUserId;
        }
        throw new IllegalStateException("Secure lock screen must be enabled to create credentials requiring user authentication");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static byte[] personalize(IWritableCredential iWritableCredential, PersonalizationData personalizationData) {
        Collection<AccessControlProfile> accessControlProfiles = personalizationData.getAccessControlProfiles();
        AccessControlProfileParcel[] accessControlProfileParcelArr = new AccessControlProfileParcel[accessControlProfiles.size()];
        int i = 0;
        boolean z = false;
        for (AccessControlProfile accessControlProfile : accessControlProfiles) {
            accessControlProfileParcelArr[i] = new AccessControlProfileParcel();
            accessControlProfileParcelArr[i].id = accessControlProfile.getAccessControlProfileId().getId();
            X509Certificate readerCertificate = accessControlProfile.getReaderCertificate();
            if (readerCertificate != null) {
                try {
                    accessControlProfileParcelArr[i].readerCertificate = readerCertificate.getEncoded();
                } catch (CertificateException e) {
                    throw new RuntimeException("Error encoding reader certificate", e);
                }
            } else {
                accessControlProfileParcelArr[i].readerCertificate = new byte[0];
            }
            accessControlProfileParcelArr[i].userAuthenticationRequired = accessControlProfile.isUserAuthenticationRequired();
            accessControlProfileParcelArr[i].userAuthenticationTimeoutMillis = accessControlProfile.getUserAuthenticationTimeout();
            if (accessControlProfile.isUserAuthenticationRequired()) {
                z = true;
            }
            i++;
        }
        Collection<String> namespaces = personalizationData.getNamespaces();
        EntryNamespaceParcel[] entryNamespaceParcelArr = new EntryNamespaceParcel[namespaces.size()];
        Iterator<String> it = namespaces.iterator();
        int i2 = 0;
        while (it.hasNext()) {
            String next = it.next();
            PersonalizationData.NamespaceData namespaceData = personalizationData.getNamespaceData(next);
            entryNamespaceParcelArr[i2] = new EntryNamespaceParcel();
            entryNamespaceParcelArr[i2].namespaceName = next;
            Collection<String> entryNames = namespaceData.getEntryNames();
            EntryParcel[] entryParcelArr = new EntryParcel[entryNames.size()];
            int i3 = 0;
            for (String str : entryNames) {
                entryParcelArr[i3] = new EntryParcel();
                entryParcelArr[i3].name = str;
                String str2 = next;
                entryParcelArr[i3].value = namespaceData.getEntryValue(str);
                Collection<AccessControlProfileId> accessControlProfileIds = namespaceData.getAccessControlProfileIds(str);
                Collection<AccessControlProfile> collection = accessControlProfiles;
                entryParcelArr[i3].accessControlProfileIds = new int[accessControlProfileIds.size()];
                int i4 = 0;
                Iterator<AccessControlProfileId> it2 = accessControlProfileIds.iterator();
                while (it2.hasNext()) {
                    entryParcelArr[i3].accessControlProfileIds[i4] = it2.next().getId();
                    accessControlProfileIds = accessControlProfileIds;
                    i4++;
                }
                i3++;
                next = str2;
                accessControlProfiles = collection;
            }
            entryNamespaceParcelArr[i2].entries = entryParcelArr;
            i2++;
        }
        try {
            return iWritableCredential.personalize(accessControlProfileParcelArr, entryNamespaceParcelArr, z ? getRootSid() : 0L);
        } catch (RemoteException e2) {
            throw new RuntimeException("Unexpected RemoteException ", e2);
        } catch (ServiceSpecificException e3) {
            throw new RuntimeException("Unexpected ServiceSpecificException with code " + e3.errorCode, e3);
        }
    }

    @Override // android.security.identity.WritableIdentityCredential
    public Collection<X509Certificate> getCredentialKeyCertificateChain(byte[] bArr) {
        try {
            try {
                Collection<? extends Certificate> generateCertificates = CertificateFactory.getInstance("X.509").generateCertificates(new ByteArrayInputStream(this.mBinder.getCredentialKeyCertificateChain(bArr)));
                ArrayList arrayList = new ArrayList();
                Iterator<? extends Certificate> it = generateCertificates.iterator();
                while (it.hasNext()) {
                    arrayList.add((X509Certificate) it.next());
                }
                return arrayList;
            } catch (CertificateException e) {
                throw new RuntimeException("Error decoding certificates", e);
            }
        } catch (RemoteException e2) {
            throw new RuntimeException("Unexpected RemoteException ", e2);
        } catch (ServiceSpecificException e3) {
            throw new RuntimeException("Unexpected ServiceSpecificException with code " + e3.errorCode, e3);
        }
    }

    @Override // android.security.identity.WritableIdentityCredential
    public byte[] personalize(PersonalizationData personalizationData) {
        return personalize(this.mBinder, personalizationData);
    }
}
