package com.microsoft.identity.common.java.platform;

import androidx.activity.ComponentActivity$2$$ExternalSyntheticOutline0;
import com.google.gson.Gson;
import com.google.gson.reflect.TypeToken;
import com.microsoft.identity.common.java.AuthenticationConstants;
import com.microsoft.identity.common.java.crypto.IDevicePopManager;
import com.microsoft.identity.common.java.crypto.IKeyStoreKeyManager;
import com.microsoft.identity.common.java.crypto.SecureHardwareState;
import com.microsoft.identity.common.java.crypto.SigningAlgorithm;
import com.microsoft.identity.common.java.exception.ClientException;
import com.microsoft.identity.common.java.logging.Logger;
import com.microsoft.identity.common.java.marker.CodeMarkerManager;
import com.nimbusds.jose.Algorithm;
import com.nimbusds.jose.JOSEException;
import com.nimbusds.jose.jwk.KeyOperation;
import com.nimbusds.jose.jwk.KeyUse;
import com.nimbusds.jose.jwk.RSAKey;
import com.nimbusds.jose.util.Base64;
import com.nimbusds.jose.util.Base64URL;
import edu.umd.cs.findbugs.annotations.Nullable;
import java.io.IOException;
import java.lang.reflect.Type;
import java.net.URI;
import java.nio.charset.Charset;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Signature;
import java.security.SignatureException;
import java.security.UnrecoverableEntryException;
import java.security.cert.CertificateException;
import java.util.Collections;
import java.util.Date;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Set;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import lombok.NonNull;

/* loaded from: classes.dex */
public abstract class AbstractDevicePopManager implements IDevicePopManager {
    private static final String TAG = "AbstractDevicePopManager";
    protected final IKeyStoreKeyManager<KeyStore.PrivateKeyEntry> mKeyManager;
    private static final Charset UTF8 = Charset.forName("UTF-8");
    public static final Type MAP_STRING_STRING_TYPE = TypeToken.getParameterized(Map.class, String.class, String.class).getType();
    public static final Gson GSON = new Gson();
    private static final ExecutorService sThreadExecutor = Executors.newFixedThreadPool(5);
    private static final CodeMarkerManager sCodeMarkerManager = CodeMarkerManager.getInstance();

    /* renamed from: com.microsoft.identity.common.java.platform.AbstractDevicePopManager$4, reason: invalid class name */
    /* loaded from: classes.dex */
    public static /* synthetic */ class AnonymousClass4 {
        static final /* synthetic */ int[] $SwitchMap$com$microsoft$identity$common$java$crypto$IDevicePopManager$PublicKeyFormat;

        static {
            int[] iArr = new int[IDevicePopManager.PublicKeyFormat.values().length];
            $SwitchMap$com$microsoft$identity$common$java$crypto$IDevicePopManager$PublicKeyFormat = iArr;
            try {
                iArr[IDevicePopManager.PublicKeyFormat.X_509_SubjectPublicKeyInfo_ASN_1.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                $SwitchMap$com$microsoft$identity$common$java$crypto$IDevicePopManager$PublicKeyFormat[IDevicePopManager.PublicKeyFormat.JWK.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
        }
    }

    public AbstractDevicePopManager(@NonNull IKeyStoreKeyManager<KeyStore.PrivateKeyEntry> iKeyStoreKeyManager) throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException {
        if (iKeyStoreKeyManager == null) {
            throw new NullPointerException("keyManager is marked non-null but is null");
        }
        this.mKeyManager = iKeyStoreKeyManager;
    }

    private Map<String, Object> getDevicePopJwkMinifiedJson() throws UnrecoverableEntryException, NoSuchAlgorithmException, KeyStoreException {
        RSAKey rsaKeyForKeyPair = AbstractKeyStoreKeyManager.getRsaKeyForKeyPair(AbstractKeyStoreKeyManager.getKeyPairForEntry(this.mKeyManager.getEntry()));
        Base64URL base64URL = rsaKeyForKeyPair.n;
        Base64URL base64URL2 = rsaKeyForKeyPair.e;
        KeyUse keyUse = rsaKeyForKeyPair.use;
        Set<KeyOperation> set = rsaKeyForKeyPair.ops;
        Algorithm algorithm = rsaKeyForKeyPair.alg;
        String str = rsaKeyForKeyPair.kid;
        URI uri = rsaKeyForKeyPair.x5u;
        Base64URL base64URL3 = rsaKeyForKeyPair.x5t;
        Base64URL base64URL4 = rsaKeyForKeyPair.x5t256;
        List<Base64> list = rsaKeyForKeyPair.x5c;
        HashMap jSONObject = new RSAKey(base64URL, base64URL2, null, null, null, null, null, null, null, keyUse, set, algorithm, str, uri, base64URL3, base64URL4, list == null ? null : Collections.unmodifiableList(list), rsaKeyForKeyPair.keyStore).toJSONObject();
        HashMap hashMap = new HashMap();
        hashMap.put("jwk", jSONObject);
        return hashMap;
    }

    @NonNull
    private String getJwkPublicKey() throws ClientException {
        String str;
        String m = ComponentActivity$2$$ExternalSyntheticOutline0.m(new StringBuilder(), TAG, ":getJwkPublicKey");
        try {
            return GSON.toJson(getDevicePopJwkMinifiedJson().get("jwk"), MAP_STRING_STRING_TYPE);
        } catch (KeyStoreException e) {
            e = e;
            str = "keystore_not_initialized";
            ClientException clientException = new ClientException(str, e.getMessage(), e);
            Logger.error(m, clientException.getMessage(), clientException);
            throw clientException;
        } catch (NoSuchAlgorithmException e2) {
            e = e2;
            str = "no_such_algorithm";
            ClientException clientException2 = new ClientException(str, e.getMessage(), e);
            Logger.error(m, clientException2.getMessage(), clientException2);
            throw clientException2;
        } catch (UnrecoverableEntryException e3) {
            e = e3;
            str = "protection_params_invalid";
            ClientException clientException22 = new ClientException(str, e.getMessage(), e);
            Logger.error(m, clientException22.getMessage(), clientException22);
            throw clientException22;
        }
    }

    private String getX509SubjectPublicKeyInfo() throws ClientException {
        String str;
        String m = ComponentActivity$2$$ExternalSyntheticOutline0.m(new StringBuilder(), TAG, ":getX509SubjectPublicKeyInfo");
        try {
            return new String(cz.msebera.android.httpclient.extras.Base64.encode(AbstractKeyStoreKeyManager.getKeyPairForEntry(this.mKeyManager.getEntry()).getPublic().getEncoded(), 0), AuthenticationConstants.CHARSET_UTF8);
        } catch (KeyStoreException e) {
            e = e;
            str = "keystore_not_initialized";
            ClientException clientException = new ClientException(str, e.getMessage(), e);
            Logger.error(m, clientException.getMessage(), clientException);
            throw clientException;
        } catch (NoSuchAlgorithmException e2) {
            e = e2;
            str = "no_such_algorithm";
            ClientException clientException2 = new ClientException(str, e.getMessage(), e);
            Logger.error(m, clientException2.getMessage(), clientException2);
            throw clientException2;
        } catch (UnrecoverableEntryException e3) {
            e = e3;
            str = "protection_params_invalid";
            ClientException clientException22 = new ClientException(str, e.getMessage(), e);
            Logger.error(m, clientException22.getMessage(), clientException22);
            throw clientException22;
        }
    }

    @Override // com.microsoft.identity.common.java.crypto.IDevicePopManager
    public boolean asymmetricKeyExists() {
        return this.mKeyManager.exists();
    }

    @Override // com.microsoft.identity.common.java.crypto.IDevicePopManager
    public boolean clearAsymmetricKey() {
        return this.mKeyManager.clear();
    }

    @Override // com.microsoft.identity.common.java.crypto.IDevicePopManager
    public String generateAsymmetricKey() throws ClientException {
        String str;
        String m = ComponentActivity$2$$ExternalSyntheticOutline0.m(new StringBuilder(), TAG, ":generateAsymmetricKey");
        try {
            CodeMarkerManager codeMarkerManager = sCodeMarkerManager;
            codeMarkerManager.markCode("30001");
            String thumbprintForRsaKey = AbstractKeyStoreKeyManager.getThumbprintForRsaKey(AbstractKeyStoreKeyManager.getRsaKeyForKeyPair(generateNewRsaKeyPair(2048)));
            codeMarkerManager.markCode("30002");
            return thumbprintForRsaKey;
        } catch (JOSEException e) {
            e = e;
            str = "failed_to_compute_thumbprint_with_sha256";
            sCodeMarkerManager.markCode("30002");
            ClientException clientException = new ClientException(str, e.getMessage(), e);
            Logger.error(m, clientException.getMessage(), clientException);
            throw clientException;
        } catch (UnsupportedOperationException e2) {
            e = e2;
            str = "keystore_produced_invalid_cert";
            sCodeMarkerManager.markCode("30002");
            ClientException clientException2 = new ClientException(str, e.getMessage(), e);
            Logger.error(m, clientException2.getMessage(), clientException2);
            throw clientException2;
        } catch (InvalidAlgorithmParameterException e3) {
            e = e3;
            str = "keystore_initialization_failed";
            sCodeMarkerManager.markCode("30002");
            ClientException clientException22 = new ClientException(str, e.getMessage(), e);
            Logger.error(m, clientException22.getMessage(), clientException22);
            throw clientException22;
        } catch (KeyStoreException e4) {
            e = e4;
            str = "keystore_not_initialized";
            sCodeMarkerManager.markCode("30002");
            ClientException clientException222 = new ClientException(str, e.getMessage(), e);
            Logger.error(m, clientException222.getMessage(), clientException222);
            throw clientException222;
        } catch (NoSuchAlgorithmException e5) {
            e = e5;
            str = "no_such_algorithm";
            sCodeMarkerManager.markCode("30002");
            ClientException clientException2222 = new ClientException(str, e.getMessage(), e);
            Logger.error(m, clientException2222.getMessage(), clientException2222);
            throw clientException2222;
        } catch (NoSuchProviderException e6) {
            e = e6;
            str = "android_keystore_unavailable";
            sCodeMarkerManager.markCode("30002");
            ClientException clientException22222 = new ClientException(str, e.getMessage(), e);
            Logger.error(m, clientException22222.getMessage(), clientException22222);
            throw clientException22222;
        } catch (Throwable th) {
            sCodeMarkerManager.markCode("30002");
            throw th;
        }
    }

    public abstract KeyPair generateNewRsaKeyPair(int i) throws UnsupportedOperationException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, NoSuchProviderException, ClientException, KeyStoreException;

    @Override // com.microsoft.identity.common.java.crypto.IDevicePopManager
    @Nullable
    public Date getAsymmetricKeyCreationDate() throws ClientException {
        return this.mKeyManager.getCreationDate();
    }

    @Override // com.microsoft.identity.common.java.crypto.IDevicePopManager
    public String getAsymmetricKeyThumbprint() throws ClientException {
        return new String(this.mKeyManager.getThumbprint(), UTF8);
    }

    @Override // com.microsoft.identity.common.java.crypto.IDevicePopManager
    @NonNull
    public String getPublicKey(@NonNull IDevicePopManager.PublicKeyFormat publicKeyFormat) throws ClientException {
        if (publicKeyFormat == null) {
            throw new NullPointerException("format is marked non-null but is null");
        }
        String m = ComponentActivity$2$$ExternalSyntheticOutline0.m(new StringBuilder(), TAG, ":getPublicKey");
        int i = AnonymousClass4.$SwitchMap$com$microsoft$identity$common$java$crypto$IDevicePopManager$PublicKeyFormat[publicKeyFormat.ordinal()];
        if (i == 1) {
            return getX509SubjectPublicKeyInfo();
        }
        if (i == 2) {
            return getJwkPublicKey();
        }
        String str = "Unrecognized or unsupported key format: " + publicKeyFormat;
        ClientException clientException = new ClientException("unknown_public_key_export_format", str);
        Logger.error(m, str, clientException);
        throw clientException;
    }

    @Override // com.microsoft.identity.common.java.crypto.IDevicePopManager
    public SecureHardwareState getSecureHardwareState() throws ClientException {
        String str;
        String m = ComponentActivity$2$$ExternalSyntheticOutline0.m(new StringBuilder(), TAG, ":getSecureHardwareState");
        try {
            return getSecureHardwareState(AbstractKeyStoreKeyManager.getKeyPairForEntry(this.mKeyManager.getEntry()));
        } catch (KeyStoreException e) {
            e = e;
            str = "keystore_not_initialized";
            ClientException clientException = new ClientException(str, e.getMessage(), e);
            Logger.error(m, str, e);
            throw clientException;
        } catch (NoSuchAlgorithmException e2) {
            e = e2;
            str = "no_such_algorithm";
            ClientException clientException2 = new ClientException(str, e.getMessage(), e);
            Logger.error(m, str, e);
            throw clientException2;
        } catch (UnrecoverableEntryException e3) {
            e = e3;
            str = "protection_params_invalid";
            ClientException clientException22 = new ClientException(str, e.getMessage(), e);
            Logger.error(m, str, e);
            throw clientException22;
        }
    }

    public abstract SecureHardwareState getSecureHardwareState(@NonNull KeyPair keyPair);

    @Override // com.microsoft.identity.common.java.crypto.IDevicePopManager
    @NonNull
    public String sign(@NonNull SigningAlgorithm signingAlgorithm, @NonNull String str) throws ClientException {
        if (signingAlgorithm == null) {
            throw new NullPointerException("alg is marked non-null but is null");
        }
        if (str != null) {
            return cz.msebera.android.httpclient.extras.Base64.encodeToString(sign(signingAlgorithm, str.getBytes(UTF8)), 2);
        }
        throw new NullPointerException("input is marked non-null but is null");
    }

    public byte[] sign(@NonNull SigningAlgorithm signingAlgorithm, @NonNull byte[] bArr) throws ClientException {
        String str;
        if (signingAlgorithm == null) {
            throw new NullPointerException("alg is marked non-null but is null");
        }
        if (bArr == null) {
            throw new NullPointerException("inputBytesToSign is marked non-null but is null");
        }
        String m = ComponentActivity$2$$ExternalSyntheticOutline0.m(new StringBuilder(), TAG, ":sign");
        try {
            KeyStore.PrivateKeyEntry entry = this.mKeyManager.getEntry();
            if (!(entry instanceof KeyStore.PrivateKeyEntry)) {
                Logger.warn(m, "Not an instance of a PrivateKeyEntry");
                throw new ClientException("invalid_key_private_key_missing");
            }
            Signature signature = Signature.getInstance(signingAlgorithm.toString());
            signature.initSign(entry.getPrivateKey());
            signature.update(bArr);
            return signature.sign();
        } catch (InvalidKeyException e) {
            e = e;
            str = "invalid_key";
            ClientException clientException = new ClientException(str, e.getMessage(), e);
            Logger.error(m, clientException.getMessage(), clientException);
            throw clientException;
        } catch (KeyStoreException e2) {
            e = e2;
            str = "keystore_not_initialized";
            ClientException clientException2 = new ClientException(str, e.getMessage(), e);
            Logger.error(m, clientException2.getMessage(), clientException2);
            throw clientException2;
        } catch (NoSuchAlgorithmException e3) {
            e = e3;
            str = "no_such_algorithm";
            ClientException clientException22 = new ClientException(str, e.getMessage(), e);
            Logger.error(m, clientException22.getMessage(), clientException22);
            throw clientException22;
        } catch (SignatureException e4) {
            e = e4;
            str = "failed_to_sign";
            ClientException clientException222 = new ClientException(str, e.getMessage(), e);
            Logger.error(m, clientException222.getMessage(), clientException222);
            throw clientException222;
        } catch (UnrecoverableEntryException e5) {
            e = e5;
            str = "protection_params_invalid";
            ClientException clientException2222 = new ClientException(str, e.getMessage(), e);
            Logger.error(m, clientException2222.getMessage(), clientException2222);
            throw clientException2222;
        }
    }
}
