package com.microsoft.identity.internal.device;

import android.os.Build;
import android.security.keystore.KeyGenParameterSpec;
import androidx.compose.ui.platform.J0;
import com.microsoft.identity.internal.EccKeyFactory;
import com.microsoft.identity.internal.EccKeyResponse;
import com.microsoft.identity.internal.StatusInternal;
import com.microsoft.identity.internal.TempError;
import java.io.IOException;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Provider;
import java.security.PublicKey;
import java.security.Security;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.spec.ECGenParameterSpec;
import java.util.Date;

/* loaded from: classes3.dex */
public class AndroidKeyStoreEccKeyFactoryImpl extends EccKeyFactory {
    private KeyStore mKeyStore;

    private EccKeyResponse fail(int i10, StatusInternal statusInternal, String str, Throwable th) {
        return new EccKeyResponse(null, ErrorUtils.createError(i10, statusInternal, str, th));
    }

    private TempError initializeKeyStore() {
        try {
            if (this.mKeyStore == null) {
                synchronized (this) {
                    try {
                        if (this.mKeyStore == null) {
                            KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore");
                            this.mKeyStore = keyStore;
                            if (keyStore == null) {
                                return ErrorUtils.createError(507822219, StatusInternal.UNEXPECTED, "Failed to get AndroidKeyStore instance.", null);
                            }
                            keyStore.load(null);
                        }
                    } finally {
                    }
                }
            }
            return null;
        } catch (IOException e10) {
            return ErrorUtils.createError(507822216, StatusInternal.UNEXPECTED, "Failed to load AndroidKeyStore instance.", e10);
        } catch (KeyStoreException e11) {
            return ErrorUtils.createError(507822218, StatusInternal.UNEXPECTED, "Failed to get AndroidKeyStore instance.", e11);
        } catch (NoSuchAlgorithmException e12) {
            return ErrorUtils.createError(507822215, StatusInternal.UNEXPECTED, "Failed to load AndroidKeyStore instance.", e12);
        } catch (CertificateException e13) {
            return ErrorUtils.createError(507822217, StatusInternal.UNEXPECTED, "Failed to load AndroidKeyStore instance.", e13);
        }
    }

    @Override // com.microsoft.identity.internal.EccKeyFactory
    public TempError deleteEccKey(String str) {
        if (str.isEmpty()) {
            return ErrorUtils.createError(507822221, StatusInternal.UNEXPECTED, "Key id is empty.", null);
        }
        TempError initializeKeyStore = initializeKeyStore();
        if (initializeKeyStore != null) {
            return initializeKeyStore;
        }
        try {
            if (this.mKeyStore.containsAlias(str)) {
                this.mKeyStore.deleteEntry(str);
            }
            return null;
        } catch (KeyStoreException e10) {
            return ErrorUtils.createError(507822220, StatusInternal.UNEXPECTED, J0.n("KeyStore entry ", str, " cannot be removed."), e10);
        }
    }

    @Override // com.microsoft.identity.internal.EccKeyFactory
    public EccKeyResponse generateEccKey(String str, boolean z10) {
        if (Build.VERSION.SDK_INT < 31) {
            return fail(507822157, StatusInternal.UNEXPECTED, "AndroidKeyStore does not support ECDH with SDK version < 31", null);
        }
        if (str.isEmpty()) {
            return fail(507822156, StatusInternal.UNEXPECTED, "Key id is empty.", null);
        }
        Provider provider = Security.getProvider("AndroidKeyStore");
        if (provider == null) {
            return fail(507822155, StatusInternal.UNEXPECTED, "AndroidKeyStore is unavailable", null);
        }
        try {
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC", provider);
            keyPairGenerator.initialize(new KeyGenParameterSpec.Builder(str, 64).setAlgorithmParameterSpec(new ECGenParameterSpec("prime256v1")).setUserAuthenticationRequired(false).build());
            KeyPair generateKeyPair = keyPairGenerator.generateKeyPair();
            return generateKeyPair == null ? fail(507822152, StatusInternal.UNEXPECTED, "Failed to generate device keys.", null) : new EccKeyResponse(new EccKeyImpl(str, generateKeyPair, provider, new Date()), null);
        } catch (InvalidAlgorithmParameterException e10) {
            return fail(507822153, StatusInternal.UNEXPECTED, "Failed to initialize the key generator.", e10);
        } catch (NoSuchAlgorithmException e11) {
            return fail(507822154, StatusInternal.UNEXPECTED, "We must be running with unsupported SDK version.", e11);
        }
    }

    @Override // com.microsoft.identity.internal.EccKeyFactory
    public EccKeyResponse loadEccKey(String str) {
        if (str.isEmpty()) {
            return fail(507822151, StatusInternal.UNEXPECTED, "Key id is empty.", null);
        }
        Provider provider = Security.getProvider("AndroidKeyStore");
        if (provider == null) {
            return fail(507822150, StatusInternal.UNEXPECTED, "AndroidKeyStore is unavailable", null);
        }
        TempError initializeKeyStore = initializeKeyStore();
        if (initializeKeyStore != null) {
            return new EccKeyResponse(null, initializeKeyStore);
        }
        try {
            Certificate certificate = this.mKeyStore.getCertificate(str);
            if (certificate == null) {
                return new EccKeyResponse(null, null);
            }
            PublicKey publicKey = certificate.getPublicKey();
            try {
                return new EccKeyResponse(new EccKeyImpl(str, new KeyPair(publicKey, (PrivateKey) this.mKeyStore.getKey(str, null)), provider, this.mKeyStore.getCreationDate(str)), null);
            } catch (KeyStoreException e10) {
                return fail(507822147, StatusInternal.UNEXPECTED, "Failed to read private key with id ".concat(str), e10);
            } catch (NoSuchAlgorithmException e11) {
                return fail(507822146, StatusInternal.UNEXPECTED, "Failed to read private key with id ".concat(str), e11);
            } catch (UnrecoverableKeyException e12) {
                return fail(507822148, StatusInternal.UNEXPECTED, "Failed to read private key with id ".concat(str), e12);
            }
        } catch (KeyStoreException e13) {
            return fail(507822149, StatusInternal.UNEXPECTED, "Failed to read key with id ".concat(str), e13);
        }
    }
}
