package com.microsoft.workaccount.workplacejoin.core;

import android.app.Activity;
import android.content.ActivityNotFoundException;
import android.content.Intent;
import android.security.KeyChain;
import android.text.TextUtils;
import com.microsoft.identity.broker4j.broker.crypto.keyaccessors.IAsymmetricKeyEntryAccessor;
import com.microsoft.identity.broker4j.broker.crypto.keyaccessors.RawAsymmetricKeyEntryAccessor;
import com.microsoft.identity.broker4j.workplacejoin.WorkplaceJoinCertHelper;
import com.microsoft.identity.broker4j.workplacejoin.WorkplaceJoinFailure;
import com.microsoft.identity.broker4j.workplacejoin.data.CertificateData;
import com.microsoft.identity.common.logging.Logger;
import com.samsung.android.knox.keystore.CertificateProvisioning;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;

/* loaded from: classes5.dex */
public class AndroidWorkplaceJoinCertHelper {
    public static final String EXTRA_PRIVATE_KEY = "PKEY";
    public static final String EXTRA_PUBLIC_KEY = "KEY";
    public static final String ISSUER_CN_VALUE = "MS-Organization-Access";
    private static final String TAG = WorkplaceJoinCertHelper.class.getSimpleName() + "#";
    private static final char[] EMPTY_PASSWORD_BYTE_ARRAY = new char[0];

    private static byte[] getPkcs12WithEmptyPassword(CertificateData certificateData) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
        String pkcs12Password = certificateData.getPkcs12Password();
        if (TextUtils.isEmpty(pkcs12Password)) {
            return certificateData.getPkcs12();
        }
        KeyStore keyStore = KeyStore.getInstance(CertificateProvisioning.TYPE_PKCS12);
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(certificateData.getPkcs12());
        try {
            keyStore.load(byteArrayInputStream, pkcs12Password.toCharArray());
            byteArrayInputStream.close();
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            keyStore.store(byteArrayOutputStream, EMPTY_PASSWORD_BYTE_ARRAY);
            return byteArrayOutputStream.toByteArray();
        } catch (Throwable th) {
            byteArrayInputStream.close();
            throw th;
        }
    }

    public static void installWPJCertToDeviceUsingPublicIntentExtras(Activity activity, CertificateData certificateData) {
        Intent createInstallIntent = KeyChain.createInstallIntent();
        try {
            createInstallIntent.putExtra(CertificateProvisioning.TYPE_PKCS12, getPkcs12WithEmptyPassword(certificateData));
            createInstallIntent.putExtra("name", WorkplaceJoinCertHelper.getCertName());
            activity.startActivityForResult(createInstallIntent, 0);
        } catch (IOException e) {
            Logger.error(TAG + "installPKCS12CertUsingPublicIntentExtras", "IOException, certificate could not be loaded into the keystore. " + WorkplaceJoinFailure.INTERNAL, e);
        } catch (KeyStoreException e2) {
            Logger.error(TAG + "installPKCS12CertUsingPublicIntentExtras", "KeyStoreException, key store could not be loaded. " + WorkplaceJoinFailure.INTERNAL, e2);
        } catch (NoSuchAlgorithmException e3) {
            Logger.error(TAG + "installPKCS12CertUsingPublicIntentExtras", "NoSuchAlgorithmException, certificate could not be loaded into the keystore. " + WorkplaceJoinFailure.INTERNAL, e3);
        } catch (CertificateException e4) {
            Logger.error(TAG + "installPKCS12CertUsingPublicIntentExtras", "CertificateException, certificate could not be loaded into the keystore." + WorkplaceJoinFailure.INTERNAL, e4);
        }
    }

    public static void installWPJCertToDeviceUsingUndocumentedIntentExtras(Activity activity, CertificateData certificateData) {
        try {
            Intent createInstallIntent = KeyChain.createInstallIntent();
            IAsymmetricKeyEntryAccessor deviceKey = certificateData.getDeviceKey();
            if (!(deviceKey instanceof RawAsymmetricKeyEntryAccessor)) {
                Logger.error(TAG + "installPKCS12CertDefault", "Do not have an access to device private key.", null);
                return;
            }
            KeyPair keyPair = ((RawAsymmetricKeyEntryAccessor) deviceKey).getKeyEntry().getKeyPair();
            createInstallIntent.putExtra(EXTRA_PRIVATE_KEY, keyPair.getPrivate().getEncoded());
            createInstallIntent.putExtra(EXTRA_PUBLIC_KEY, keyPair.getPublic().getEncoded());
            createInstallIntent.putExtra("name", WorkplaceJoinCertHelper.getCertName());
            activity.startActivityForResult(createInstallIntent, 2);
            Intent createInstallIntent2 = KeyChain.createInstallIntent();
            createInstallIntent2.putExtra("name", WorkplaceJoinCertHelper.getCertName());
            createInstallIntent2.putExtra(CertificateProvisioning.TYPE_CERTIFICATE, certificateData.getX509Cert().getEncoded());
            WorkplaceJoinApplication.InstallIntent = createInstallIntent2;
        } catch (ActivityNotFoundException e) {
            Logger.error(TAG + "installPKCS12CertDefault", "KeyChain installer activity is not found" + WorkplaceJoinFailure.INTERNAL, e);
        } catch (CertificateEncodingException e2) {
            Logger.error(TAG + "installPKCS12CertDefault", "Certificate encoding exception " + WorkplaceJoinFailure.INTERNAL, e2);
        }
    }
}
