package com.microsoft.authenticator.securekeystore.businessLogic;

import com.microsoft.authenticator.core.logging.BaseLogger;
import com.microsoft.authenticator.securekeystore.entities.HardwareBackedKeystoreWrapper;
import com.microsoft.authenticator.securekeystore.entities.KeystoreInitializationException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.UnrecoverableEntryException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import kotlin.Metadata;
import kotlin.jvm.internal.C12674t;

@Metadata(d1 = {"\u0000J\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0010\u000e\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0010\u000b\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u0011\n\u0002\u0018\u0002\n\u0002\b\u0005\u0018\u0000 \u001d2\u00020\u0001:\u0001\u001dB\u0011\b\u0007\u0012\u0006\u0010\u0003\u001a\u00020\u0002¢\u0006\u0004\b\u0004\u0010\u0005J\u0019\u0010\t\u001a\u0004\u0018\u00010\b2\u0006\u0010\u0007\u001a\u00020\u0006H\u0002¢\u0006\u0004\b\t\u0010\nJ\u0017\u0010\f\u001a\u0004\u0018\u00010\u000b2\u0006\u0010\u0007\u001a\u00020\u0006¢\u0006\u0004\b\f\u0010\rJ\u0017\u0010\u000f\u001a\u0004\u0018\u00010\u000e2\u0006\u0010\u0007\u001a\u00020\u0006¢\u0006\u0004\b\u000f\u0010\u0010J\u0015\u0010\u0013\u001a\u00020\u00122\u0006\u0010\u0011\u001a\u00020\u0006¢\u0006\u0004\b\u0013\u0010\u0014J\u0015\u0010\u0016\u001a\u00020\u00152\u0006\u0010\u0011\u001a\u00020\u0006¢\u0006\u0004\b\u0016\u0010\u0017J\u001d\u0010\u001a\u001a\n\u0012\u0004\u0012\u00020\u0019\u0018\u00010\u00182\u0006\u0010\u0011\u001a\u00020\u0006¢\u0006\u0004\b\u001a\u0010\u001bR\u0014\u0010\u0003\u001a\u00020\u00028\u0002X\u0082\u0004¢\u0006\u0006\n\u0004\b\u0003\u0010\u001c¨\u0006\u001e"}, d2 = {"Lcom/microsoft/authenticator/securekeystore/businessLogic/SecureKeystoreAccessor;", "", "Lcom/microsoft/authenticator/securekeystore/entities/HardwareBackedKeystoreWrapper;", "ngcKeyStoreWrapper", "<init>", "(Lcom/microsoft/authenticator/securekeystore/entities/HardwareBackedKeystoreWrapper;)V", "", "keyPairAlias", "Ljava/security/KeyStore$PrivateKeyEntry;", "getKeyPair", "(Ljava/lang/String;)Ljava/security/KeyStore$PrivateKeyEntry;", "Ljava/security/PrivateKey;", "getSigningKey", "(Ljava/lang/String;)Ljava/security/PrivateKey;", "Ljava/security/PublicKey;", "getPublicKey", "(Ljava/lang/String;)Ljava/security/PublicKey;", "alias", "", "containsKey", "(Ljava/lang/String;)Z", "LNt/I;", "deleteKey", "(Ljava/lang/String;)V", "", "Ljava/security/cert/Certificate;", "getAliasCertificateChain", "(Ljava/lang/String;)[Ljava/security/cert/Certificate;", "Lcom/microsoft/authenticator/securekeystore/entities/HardwareBackedKeystoreWrapper;", "Companion", "SecureKeystoreLibrary_release"}, k = 1, mv = {1, 8, 0}, xi = 48)
/* loaded from: classes6.dex */
public final class SecureKeystoreAccessor {
    private static final String KEY_NOT_FOUND_ERROR_MESSAGE = "The requested key was not found in the keystore.";
    private final HardwareBackedKeystoreWrapper ngcKeyStoreWrapper;

    public SecureKeystoreAccessor(HardwareBackedKeystoreWrapper ngcKeyStoreWrapper) {
        C12674t.j(ngcKeyStoreWrapper, "ngcKeyStoreWrapper");
        this.ngcKeyStoreWrapper = ngcKeyStoreWrapper;
    }

    private final KeyStore.PrivateKeyEntry getKeyPair(String keyPairAlias) throws UnrecoverableEntryException {
        KeyStore.Entry entry;
        if (!containsKey(keyPairAlias)) {
            BaseLogger.e("Keystore does not contain a key pair with the expected alias.");
            return null;
        }
        try {
            entry = this.ngcKeyStoreWrapper.getKeyStore().getEntry(keyPairAlias, null);
        } catch (UnrecoverableEntryException e10) {
            BaseLogger.e("PrivateKey is unrecoverable.", e10);
            throw e10;
        } catch (Exception e11) {
            BaseLogger.e("Exception during attempt to get key entry. See exception type for details.", e11);
            entry = null;
        }
        if (entry instanceof KeyStore.PrivateKeyEntry) {
            return (KeyStore.PrivateKeyEntry) entry;
        }
        BaseLogger.e("Key pair with expected alias exists, but isn't of the correct entry type.");
        return null;
    }

    public final boolean containsKey(String alias) {
        C12674t.j(alias, "alias");
        try {
            return this.ngcKeyStoreWrapper.getKeyStore().containsAlias(alias);
        } catch (KeystoreInitializationException e10) {
            BaseLogger.e("Keystore was initialized with an error.", e10);
            return false;
        } catch (KeyStoreException e11) {
            BaseLogger.e("Keystore in invalid state", e11);
            return false;
        } catch (CertificateException e12) {
            BaseLogger.e("Certificate for keystore invalid.", e12);
            return false;
        }
    }

    public final void deleteKey(String alias) {
        C12674t.j(alias, "alias");
        try {
            this.ngcKeyStoreWrapper.getKeyStore().deleteEntry(alias);
        } catch (Exception e10) {
            boolean z10 = e10 instanceof KeyStoreException;
            if (z10 && C12674t.e(e10.getMessage(), KEY_NOT_FOUND_ERROR_MESSAGE)) {
                BaseLogger.e("Key Not Found, so cannot delete.", e10);
            } else if (z10 || (e10 instanceof CertificateException) || (e10 instanceof KeystoreInitializationException)) {
                BaseLogger.e("Could not access keystore for deletion of NGC credentials.", e10);
            } else {
                BaseLogger.e("Unknown unhandled Exception during deletion. If happens - needs to be investigated and fixed.");
                throw e10;
            }
        }
    }

    public final Certificate[] getAliasCertificateChain(String alias) {
        C12674t.j(alias, "alias");
        try {
            return this.ngcKeyStoreWrapper.getKeyStore().getCertificateChain(alias);
        } catch (KeyStoreException e10) {
            BaseLogger.e("KeyStore is not initialized", e10);
            throw e10;
        }
    }

    public final PublicKey getPublicKey(String keyPairAlias) throws UnrecoverableEntryException {
        Certificate certificate;
        C12674t.j(keyPairAlias, "keyPairAlias");
        KeyStore.PrivateKeyEntry keyPair = getKeyPair(keyPairAlias);
        if (keyPair == null || (certificate = keyPair.getCertificate()) == null) {
            return null;
        }
        return certificate.getPublicKey();
    }

    public final PrivateKey getSigningKey(String keyPairAlias) throws UnrecoverableEntryException {
        C12674t.j(keyPairAlias, "keyPairAlias");
        KeyStore.PrivateKeyEntry keyPair = getKeyPair(keyPairAlias);
        if (keyPair != null) {
            return keyPair.getPrivateKey();
        }
        return null;
    }
}
