package com.sec.smartcard.openssl;

import android.os.RemoteException;
import android.os.ServiceManager;
import android.sec.enterprise.ClientCertificateManager;
import android.sec.enterprise.EnterpriseDeviceManager;
import android.util.Log;
import com.samsung.android.knox.keystore.IClientCertificateManager;
import com.sec.enterprise.jce.provider.pkcs11.OpenSSLEnginePrivateKeyHelper;
import java.io.IOException;
import java.security.InvalidKeyException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.UnrecoverableEntryException;
import java.security.cert.CertificateException;

/* loaded from: classes5.dex */
public class OpenSSLHelper {
    private static final String FUNCTION_LIST_NAME = "TZ_CCM_C_GetFunctionList";
    private static final String LIBRARY_NAME = "libtlc_tz_ccm.so";
    static final String TAG = "OpenSSLHelper";
    private static Object mLock = new Object();
    private PrivateKey pkey = null;

    static {
        System.loadLibrary("secopenssl_engine");
    }

    public static PrivateKey getPrivateKeyFromKnoxKeyStore(String str) {
        KeyStore keyStore;
        if (!isUKS()) {
            return null;
        }
        Log.d(TAG, "getPrivateKeyFromTimaKeyStore called");
        synchronized (mLock) {
            PrivateKey privateKey = null;
            try {
                try {
                    try {
                        keyStore = KeyStore.getInstance("KnoxAndroidKeyStore");
                        keyStore.load(null);
                    } catch (RemoteException e10) {
                        e10.printStackTrace();
                    } catch (KeyStoreException e11) {
                        Log.e(TAG, "KeyStoreException", e11);
                    }
                } catch (NoSuchAlgorithmException e12) {
                    Log.e(TAG, "NoSuchAlgorithmException", e12);
                } catch (CertificateException e13) {
                    Log.e(TAG, "CertificateException", e13);
                }
            } catch (IOException e14) {
                Log.e(TAG, "IOException", e14);
            } catch (UnrecoverableEntryException e15) {
                e15.printStackTrace();
            }
            if (str != null && !"".equals(str)) {
                IClientCertificateManager asInterface = IClientCertificateManager.Stub.asInterface(ServiceManager.getService("knox_ccm_policy"));
                if (asInterface == null) {
                    Log.e(TAG, "Unable start CCMservice");
                    return null;
                }
                if (!asInterface.hasGrant(str)) {
                    Log.d(TAG, "ccmService: do not have grant for " + str);
                    return null;
                }
                KeyStore.Entry entry = keyStore.getEntry(str, null);
                if (entry == null || !(entry instanceof KeyStore.PrivateKeyEntry)) {
                    Log.e(TAG, "Unable to get private key " + str);
                    if (entry == null) {
                        Log.e(TAG, "key entry is null ");
                    } else if (!(entry instanceof KeyStore.PrivateKeyEntry)) {
                        Log.e(TAG, "key entry is not private key: " + entry.getClass().getName().toString());
                    }
                } else {
                    privateKey = ((KeyStore.PrivateKeyEntry) entry).getPrivateKey();
                }
                return privateKey;
            }
            Log.e(TAG, "getPrivateKeyFromTimaKeyStore received empty/null alias");
            return privateKey;
        }
    }

    public static PrivateKey getPrivateKeyFromTimaKeyStore(String str) {
        if (isUKS()) {
            return getPrivateKeyFromKnoxKeyStore(str);
        }
        return null;
    }

    private static boolean isUKS() {
        return true;
    }

    public native int deregisterEngineKeychain();

    public boolean deregister_engine() {
        Log.d(TAG, "deregister_engine function");
        if (new OpenSSLHelper().deregisterEngineKeychain() != 0) {
            return false;
        }
        Log.e(TAG, "DeRegister engine success");
        return true;
    }

    public PrivateKey getPrivateKey(String str) {
        Log.d(TAG, "getPrivateKey function");
        Log.d(TAG, "getPrivateKey function getPrivateKeyFromTimaKeyStore");
        if (isUKS()) {
            return getPrivateKeyFromTimaKeyStore(str);
        }
        if (str == null) {
            return null;
        }
        try {
            this.pkey = OpenSSLEnginePrivateKeyHelper.ccmGetPrivateKeyById(str);
        } catch (InvalidKeyException e10) {
            Log.d(TAG, "InvalidKeyException");
        }
        return this.pkey;
    }

    protected long getSlotID(String str) {
        Log.d(TAG, "getSlotID function");
        ClientCertificateManager clientCertificateManager = EnterpriseDeviceManager.getInstance().getClientCertificateManager();
        if (clientCertificateManager != null) {
            return clientCertificateManager.getSlotIdForCaller(str);
        }
        return -1L;
    }

    public boolean registerEngine(String str) {
        Log.d(TAG, "registerEngine function");
        long slotID = getSlotID(str);
        if (0 <= slotID) {
            if (new OpenSSLHelper().registerEngineKeychain(LIBRARY_NAME, FUNCTION_LIST_NAME, slotID) != 0) {
                return false;
            }
            Log.e(TAG, "Register engine success");
            return true;
        }
        Log.d(TAG, "registerEngine - getSlotID returned invalid slotid = " + slotID);
        return false;
    }

    public native int registerEngineKeychain(String str, String str2, long j6);
}
