package com.microsoft.identity.common.java.platform;

import com.google.gson.Gson;
import com.google.gson.reflect.TypeToken;
import com.microsoft.identity.common.java.AuthenticationConstants;
import com.microsoft.identity.common.java.authscheme.PopAuthenticationSchemeInternal;
import com.microsoft.identity.common.java.crypto.IDevicePopManager;
import com.microsoft.identity.common.java.crypto.IKeyStoreKeyManager;
import com.microsoft.identity.common.java.crypto.SecureHardwareState;
import com.microsoft.identity.common.java.crypto.SigningAlgorithm;
import com.microsoft.identity.common.java.exception.ClientException;
import com.microsoft.identity.common.java.logging.Logger;
import com.microsoft.identity.common.java.marker.CodeMarkerManager;
import com.microsoft.identity.common.java.marker.PerfConstants;
import com.microsoft.identity.common.java.util.StringUtil;
import com.microsoft.identity.common.java.util.TaskCompletedCallbackWithError;
import com.nimbusds.jose.jwk.RSAKey;
import defpackage.a55;
import defpackage.ae2;
import defpackage.ge2;
import defpackage.me4;
import defpackage.uc2;
import defpackage.zd2;
import defpackage.zh;
import edu.umd.cs.findbugs.annotations.Nullable;
import java.io.IOException;
import java.lang.reflect.Type;
import java.math.BigInteger;
import java.net.URL;
import java.nio.charset.Charset;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.UnrecoverableEntryException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.util.Calendar;
import java.util.Date;
import java.util.HashMap;
import java.util.Map;
import java.util.concurrent.CountDownLatch;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import javax.crypto.BadPaddingException;
import javax.crypto.Cipher;
import javax.crypto.IllegalBlockSizeException;
import javax.crypto.NoSuchPaddingException;
import lombok.NonNull;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: classes2.dex */
public abstract class AbstractDevicePopManager implements IDevicePopManager {
    private static final String ANDROID_KEYSTORE = "AndroidKeyStore";
    public static final String DEFAULT_KEYSTORE_ENTRY_ALIAS = "microsoft-device-pop";
    private static final String PRIVATE_KEY_NOT_FOUND = "Not an instance of a PrivateKeyEntry";
    private static final int RSA_KEY_SIZE = 2048;
    public static final String STRONG_BOX_UNAVAILABLE_EXCEPTION = "StrongBoxUnavailableException";
    private static final String TAG = "AbstractDevicePopManager";
    public final IKeyStoreKeyManager<KeyStore.PrivateKeyEntry> mKeyManager;
    private static final Charset UTF8 = Charset.forName("UTF-8");
    public static final Type MAP_STRING_STRING_TYPE = TypeToken.getParameterized(Map.class, String.class, String.class).getType();
    public static final Gson GSON = new Gson();
    private static final ExecutorService sThreadExecutor = Executors.newFixedThreadPool(5);
    private static final CodeMarkerManager sCodeMarkerManager = CodeMarkerManager.getInstance();

    /* renamed from: com.microsoft.identity.common.java.platform.AbstractDevicePopManager$4, reason: invalid class name */
    /* loaded from: classes2.dex */
    public static /* synthetic */ class AnonymousClass4 {
        public static final /* synthetic */ int[] $SwitchMap$com$microsoft$identity$common$java$crypto$IDevicePopManager$PublicKeyFormat;

        static {
            int[] iArr = new int[IDevicePopManager.PublicKeyFormat.values().length];
            $SwitchMap$com$microsoft$identity$common$java$crypto$IDevicePopManager$PublicKeyFormat = iArr;
            try {
                iArr[IDevicePopManager.PublicKeyFormat.X_509_SubjectPublicKeyInfo_ASN_1.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                $SwitchMap$com$microsoft$identity$common$java$crypto$IDevicePopManager$PublicKeyFormat[IDevicePopManager.PublicKeyFormat.JWK.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
        }
    }

    /* loaded from: classes2.dex */
    public static final class CertificateProperties {
        public static final int CERTIFICATE_VALIDITY_YEARS = 99;
        public static final String COMMON_NAME = "CN=device-pop";
        public static final String COUNTRY = "US";
        public static final String ORGANIZATION_NAME = "Microsoft Corporation";
        public static final String ORGANIZATION_UNIT = "Identity";
        public static final BigInteger SERIAL_NUMBER = BigInteger.ONE;
    }

    /* loaded from: classes2.dex */
    public static final class KeyPairGeneratorAlgorithms {
        public static final String RSA = "RSA";
    }

    /* loaded from: classes2.dex */
    public static final class SignedHttpRequestJwtClaims {
        private static final String ACCESS_TOKEN = "at";
        private static final String CLIENT_CLAIMS = "client_claims";
        private static final String CNF = "cnf";
        private static final String HTTP_HOST = "u";
        private static final String HTTP_METHOD = "m";
        private static final String HTTP_PATH = "p";
        public static final String JWK = "jwk";
        private static final String NONCE = "nonce";
        private static final String TIMESTAMP = "ts";

        private SignedHttpRequestJwtClaims() {
        }
    }

    public AbstractDevicePopManager(@NonNull IKeyStoreKeyManager<KeyStore.PrivateKeyEntry> iKeyStoreKeyManager) throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException {
        if (iKeyStoreKeyManager == null) {
            throw new NullPointerException("keyManager is marked non-null but is null");
        }
        this.mKeyManager = iKeyStoreKeyManager;
    }

    private static String base64UrlEncode(@NonNull String str) {
        if (str != null) {
            return zh.f(str.getBytes(UTF8), 11);
        }
        throw new NullPointerException("input is marked non-null but is null");
    }

    private Map<String, Object> getDevicePopJwkMinifiedJson() throws UnrecoverableEntryException, NoSuchAlgorithmException, KeyStoreException {
        Map<String, Object> s = AbstractKeyStoreKeyManager.getRsaKeyForKeyPair(AbstractKeyStoreKeyManager.getKeyPairForEntry(this.mKeyManager.getEntry())).x().s();
        HashMap hashMap = new HashMap();
        hashMap.put(SignedHttpRequestJwtClaims.JWK, s);
        return hashMap;
    }

    @NonNull
    private String getJwkPublicKey() throws ClientException {
        String str;
        String str2 = TAG + ":getJwkPublicKey";
        try {
            return GSON.u(getDevicePopJwkMinifiedJson().get(SignedHttpRequestJwtClaims.JWK), MAP_STRING_STRING_TYPE);
        } catch (KeyStoreException e) {
            e = e;
            str = ClientException.KEYSTORE_NOT_INITIALIZED;
            ClientException clientException = new ClientException(str, e.getMessage(), e);
            Logger.error(str2, clientException.getMessage(), clientException);
            throw clientException;
        } catch (NoSuchAlgorithmException e2) {
            e = e2;
            str = "no_such_algorithm";
            ClientException clientException2 = new ClientException(str, e.getMessage(), e);
            Logger.error(str2, clientException2.getMessage(), clientException2);
            throw clientException2;
        } catch (UnrecoverableEntryException e3) {
            e = e3;
            str = ClientException.INVALID_PROTECTION_PARAMS;
            ClientException clientException22 = new ClientException(str, e.getMessage(), e);
            Logger.error(str2, clientException22.getMessage(), clientException22);
            throw clientException22;
        }
    }

    public static Date getNow(@NonNull Calendar calendar) {
        if (calendar != null) {
            return calendar.getTime();
        }
        throw new NullPointerException("calendar is marked non-null but is null");
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static String getReqCnfForRsaKey(@NonNull RSAKey rSAKey) throws uc2, JSONException {
        if (rSAKey == null) {
            throw new NullPointerException("rsaKey is marked non-null but is null");
        }
        return base64UrlEncode(new JSONObject().put("kid", AbstractKeyStoreKeyManager.getThumbprintForRsaKey(rSAKey)).toString());
    }

    private String getX509SubjectPublicKeyInfo() throws ClientException {
        String str;
        String str2 = TAG + ":getX509SubjectPublicKeyInfo";
        try {
            return new String(zh.d(AbstractKeyStoreKeyManager.getKeyPairForEntry(this.mKeyManager.getEntry()).getPublic().getEncoded(), 0), AuthenticationConstants.CHARSET_UTF8);
        } catch (KeyStoreException e) {
            e = e;
            str = ClientException.KEYSTORE_NOT_INITIALIZED;
            ClientException clientException = new ClientException(str, e.getMessage(), e);
            Logger.error(str2, clientException.getMessage(), clientException);
            throw clientException;
        } catch (NoSuchAlgorithmException e2) {
            e = e2;
            str = "no_such_algorithm";
            ClientException clientException2 = new ClientException(str, e.getMessage(), e);
            Logger.error(str2, clientException2.getMessage(), clientException2);
            throw clientException2;
        } catch (UnrecoverableEntryException e3) {
            e = e3;
            str = ClientException.INVALID_PROTECTION_PARAMS;
            ClientException clientException22 = new ClientException(str, e.getMessage(), e);
            Logger.error(str2, clientException22.getMessage(), clientException22);
            throw clientException22;
        }
    }

    private String mintSignedHttpRequestInternal(@Nullable String str, long j, @NonNull URL url, @Nullable String str2, @Nullable String str3, @Nullable String str4) throws ClientException {
        String str5;
        if (url == null) {
            throw new NullPointerException("requestUrl is marked non-null but is null");
        }
        String str6 = TAG + ":mintSignedHttpRequestInternal";
        try {
            ge2.b bVar = new ge2.b();
            if (!StringUtil.isNullOrEmpty(str2)) {
                bVar.d("at", str2);
            }
            bVar.d("ts", Long.valueOf(j));
            bVar.d("u", url.getAuthority());
            bVar.d("cnf", getDevicePopJwkMinifiedJson());
            if (!StringUtil.isNullOrEmpty(url.getPath())) {
                bVar.d("p", url.getPath());
            }
            if (!StringUtil.isNullOrEmpty(str)) {
                bVar.d("m", str);
            }
            if (!StringUtil.isNullOrEmpty(str3)) {
                bVar.d("nonce", str3);
            }
            if (!StringUtil.isNullOrEmpty(str4)) {
                bVar.d(PopAuthenticationSchemeInternal.SerializedNames.CLIENT_CLAIMS, str4);
            }
            ge2 c = bVar.c();
            me4 me4Var = new me4(this.mKeyManager.getEntry().getPrivateKey());
            a55 a55Var = new a55(new ae2.a(zd2.m).h(getAsymmetricKeyThumbprint()).b(), c);
            a55Var.m(me4Var);
            return a55Var.serialize();
        } catch (KeyStoreException e) {
            e = e;
            str5 = ClientException.KEYSTORE_NOT_INITIALIZED;
            this.performCleanupIfMintShrFails(e);
            ClientException clientException = new ClientException(str5, e.getMessage(), e);
            Logger.error(str6, clientException.getMessage(), clientException);
            throw clientException;
        } catch (NoSuchAlgorithmException e2) {
            e = e2;
            str5 = "no_such_algorithm";
            this.performCleanupIfMintShrFails(e);
            ClientException clientException2 = new ClientException(str5, e.getMessage(), e);
            Logger.error(str6, clientException2.getMessage(), clientException2);
            throw clientException2;
        } catch (UnrecoverableEntryException e3) {
            e = e3;
            str5 = ClientException.INVALID_PROTECTION_PARAMS;
            this.performCleanupIfMintShrFails(e);
            ClientException clientException22 = new ClientException(str5, e.getMessage(), e);
            Logger.error(str6, clientException22.getMessage(), clientException22);
            throw clientException22;
        } catch (uc2 e4) {
            e = e4;
            str5 = ClientException.JWT_SIGNING_FAILURE;
            this.performCleanupIfMintShrFails(e);
            ClientException clientException222 = new ClientException(str5, e.getMessage(), e);
            Logger.error(str6, clientException222.getMessage(), clientException222);
            throw clientException222;
        }
    }

    @Override // com.microsoft.identity.common.java.crypto.IDevicePopManager
    public boolean asymmetricKeyExists() {
        return this.mKeyManager.exists();
    }

    @Override // com.microsoft.identity.common.java.crypto.IDevicePopManager
    public boolean asymmetricKeyExists(@NonNull String str) {
        if (str != null) {
            return this.mKeyManager.hasThumbprint(str.getBytes(UTF8));
        }
        throw new NullPointerException("thumbprint is marked non-null but is null");
    }

    @Override // com.microsoft.identity.common.java.crypto.IDevicePopManager
    public boolean clearAsymmetricKey() {
        return this.mKeyManager.clear();
    }

    @Override // com.microsoft.identity.common.java.crypto.IDevicePopManager
    public String decrypt(@NonNull IDevicePopManager.Cipher cipher, @NonNull String str) throws ClientException {
        if (cipher == null) {
            throw new NullPointerException("cipher is marked non-null but is null");
        }
        if (str != null) {
            return new String(decrypt(cipher, zh.a(str, 3)), UTF8);
        }
        throw new NullPointerException("ciphertext is marked non-null but is null");
    }

    @Override // com.microsoft.identity.common.java.crypto.IDevicePopManager
    public byte[] decrypt(@NonNull IDevicePopManager.Cipher cipher, byte[] bArr) throws ClientException {
        String str = "no_such_algorithm";
        if (cipher == null) {
            throw new NullPointerException("cipher is marked non-null but is null");
        }
        String str2 = TAG + ":decrypt";
        try {
            PrivateKey privateKey = this.mKeyManager.getEntry().getPrivateKey();
            Cipher cipher2 = Cipher.getInstance(cipher.toString());
            if (cipher.getParameters() != null) {
                cipher2.init(2, privateKey, cipher.getParameters());
            } else {
                cipher2.init(2, privateKey);
            }
            return cipher2.doFinal(bArr);
        } catch (InvalidAlgorithmParameterException e) {
            e = e;
            str = ClientException.INVALID_ALG_PARAMETER;
            ClientException clientException = new ClientException(str, e.getMessage(), e);
            Logger.error(str2, str, e);
            throw clientException;
        } catch (InvalidKeyException e2) {
            e = e2;
            str = ClientException.INVALID_KEY;
            ClientException clientException2 = new ClientException(str, e.getMessage(), e);
            Logger.error(str2, str, e);
            throw clientException2;
        } catch (KeyStoreException e3) {
            e = e3;
            str = ClientException.KEYSTORE_NOT_INITIALIZED;
            ClientException clientException22 = new ClientException(str, e.getMessage(), e);
            Logger.error(str2, str, e);
            throw clientException22;
        } catch (NoSuchAlgorithmException | NoSuchPaddingException e4) {
            e = e4;
            ClientException clientException222 = new ClientException(str, e.getMessage(), e);
            Logger.error(str2, str, e);
            throw clientException222;
        } catch (UnrecoverableEntryException e5) {
            e = e5;
            str = ClientException.INVALID_PROTECTION_PARAMS;
            ClientException clientException2222 = new ClientException(str, e.getMessage(), e);
            Logger.error(str2, str, e);
            throw clientException2222;
        } catch (BadPaddingException e6) {
            e = e6;
            str = ClientException.BAD_PADDING;
            ClientException clientException22222 = new ClientException(str, e.getMessage(), e);
            Logger.error(str2, str, e);
            throw clientException22222;
        } catch (IllegalBlockSizeException e7) {
            e = e7;
            str = ClientException.INVALID_BLOCK_SIZE;
            ClientException clientException222222 = new ClientException(str, e.getMessage(), e);
            Logger.error(str2, str, e);
            throw clientException222222;
        }
    }

    @Override // com.microsoft.identity.common.java.crypto.IDevicePopManager
    public String encrypt(@NonNull IDevicePopManager.Cipher cipher, @NonNull String str) throws ClientException {
        if (cipher == null) {
            throw new NullPointerException("cipher is marked non-null but is null");
        }
        if (str != null) {
            return zh.f(encrypt(cipher, str.getBytes(UTF8)), 3);
        }
        throw new NullPointerException("plaintext is marked non-null but is null");
    }

    @Override // com.microsoft.identity.common.java.crypto.IDevicePopManager
    public byte[] encrypt(@NonNull IDevicePopManager.Cipher cipher, @NonNull byte[] bArr) throws ClientException {
        String str;
        if (cipher == null) {
            throw new NullPointerException("cipher is marked non-null but is null");
        }
        if (bArr == null) {
            throw new NullPointerException("plaintext is marked non-null but is null");
        }
        String str2 = TAG + ":encrypt";
        try {
            PublicKey publicKey = this.mKeyManager.getEntry().getCertificate().getPublicKey();
            Cipher cipher2 = Cipher.getInstance(cipher.toString());
            if (cipher.getParameters() != null) {
                cipher2.init(1, publicKey, cipher.getParameters());
            } else {
                cipher2.init(1, publicKey);
            }
            return cipher2.doFinal(bArr);
        } catch (InvalidAlgorithmParameterException e) {
            e = e;
            str = ClientException.INVALID_ALG_PARAMETER;
            ClientException clientException = new ClientException(str, e.getMessage(), e);
            Logger.error(str2, str, e);
            throw clientException;
        } catch (InvalidKeyException e2) {
            e = e2;
            str = ClientException.INVALID_KEY;
            ClientException clientException2 = new ClientException(str, e.getMessage(), e);
            Logger.error(str2, str, e);
            throw clientException2;
        } catch (KeyStoreException e3) {
            e = e3;
            str = ClientException.KEYSTORE_NOT_INITIALIZED;
            ClientException clientException22 = new ClientException(str, e.getMessage(), e);
            Logger.error(str2, str, e);
            throw clientException22;
        } catch (NoSuchAlgorithmException e4) {
            e = e4;
            str = "no_such_algorithm";
            ClientException clientException222 = new ClientException(str, e.getMessage(), e);
            Logger.error(str2, str, e);
            throw clientException222;
        } catch (UnrecoverableEntryException e5) {
            e = e5;
            str = ClientException.INVALID_PROTECTION_PARAMS;
            ClientException clientException2222 = new ClientException(str, e.getMessage(), e);
            Logger.error(str2, str, e);
            throw clientException2222;
        } catch (BadPaddingException e6) {
            e = e6;
            str = ClientException.BAD_PADDING;
            ClientException clientException22222 = new ClientException(str, e.getMessage(), e);
            Logger.error(str2, str, e);
            throw clientException22222;
        } catch (IllegalBlockSizeException e7) {
            e = e7;
            str = ClientException.INVALID_BLOCK_SIZE;
            ClientException clientException222222 = new ClientException(str, e.getMessage(), e);
            Logger.error(str2, str, e);
            throw clientException222222;
        } catch (NoSuchPaddingException e8) {
            e = e8;
            str = ClientException.NO_SUCH_PADDING;
            ClientException clientException2222222 = new ClientException(str, e.getMessage(), e);
            Logger.error(str2, str, e);
            throw clientException2222222;
        }
    }

    @Override // com.microsoft.identity.common.java.crypto.IDevicePopManager
    public String generateAsymmetricKey() throws ClientException {
        String str;
        String str2 = TAG + ":generateAsymmetricKey";
        try {
            CodeMarkerManager codeMarkerManager = sCodeMarkerManager;
            codeMarkerManager.markCode(PerfConstants.CodeMarkerConstants.GENERATE_AT_POP_ASYMMETRIC_KEYPAIR_START);
            String thumbprintForRsaKey = AbstractKeyStoreKeyManager.getThumbprintForRsaKey(AbstractKeyStoreKeyManager.getRsaKeyForKeyPair(generateNewRsaKeyPair(RSA_KEY_SIZE)));
            codeMarkerManager.markCode(PerfConstants.CodeMarkerConstants.GENERATE_AT_POP_ASYMMETRIC_KEYPAIR_END);
            return thumbprintForRsaKey;
        } catch (UnsupportedOperationException e) {
            e = e;
            str = ClientException.BAD_KEY_SIZE;
            sCodeMarkerManager.markCode(PerfConstants.CodeMarkerConstants.GENERATE_AT_POP_ASYMMETRIC_KEYPAIR_END);
            ClientException clientException = new ClientException(str, e.getMessage(), e);
            Logger.error(str2, clientException.getMessage(), clientException);
            throw clientException;
        } catch (InvalidAlgorithmParameterException e2) {
            e = e2;
            str = ClientException.INVALID_ALG;
            sCodeMarkerManager.markCode(PerfConstants.CodeMarkerConstants.GENERATE_AT_POP_ASYMMETRIC_KEYPAIR_END);
            ClientException clientException2 = new ClientException(str, e.getMessage(), e);
            Logger.error(str2, clientException2.getMessage(), clientException2);
            throw clientException2;
        } catch (KeyStoreException e3) {
            e = e3;
            str = ClientException.KEYSTORE_NOT_INITIALIZED;
            sCodeMarkerManager.markCode(PerfConstants.CodeMarkerConstants.GENERATE_AT_POP_ASYMMETRIC_KEYPAIR_END);
            ClientException clientException22 = new ClientException(str, e.getMessage(), e);
            Logger.error(str2, clientException22.getMessage(), clientException22);
            throw clientException22;
        } catch (NoSuchAlgorithmException e4) {
            e = e4;
            str = "no_such_algorithm";
            sCodeMarkerManager.markCode(PerfConstants.CodeMarkerConstants.GENERATE_AT_POP_ASYMMETRIC_KEYPAIR_END);
            ClientException clientException222 = new ClientException(str, e.getMessage(), e);
            Logger.error(str2, clientException222.getMessage(), clientException222);
            throw clientException222;
        } catch (NoSuchProviderException e5) {
            e = e5;
            str = ClientException.ANDROID_KEYSTORE_UNAVAILABLE;
            sCodeMarkerManager.markCode(PerfConstants.CodeMarkerConstants.GENERATE_AT_POP_ASYMMETRIC_KEYPAIR_END);
            ClientException clientException2222 = new ClientException(str, e.getMessage(), e);
            Logger.error(str2, clientException2222.getMessage(), clientException2222);
            throw clientException2222;
        } catch (uc2 e6) {
            e = e6;
            str = ClientException.THUMBPRINT_COMPUTATION_FAILURE;
            sCodeMarkerManager.markCode(PerfConstants.CodeMarkerConstants.GENERATE_AT_POP_ASYMMETRIC_KEYPAIR_END);
            ClientException clientException22222 = new ClientException(str, e.getMessage(), e);
            Logger.error(str2, clientException22222.getMessage(), clientException22222);
            throw clientException22222;
        } catch (Throwable th) {
            sCodeMarkerManager.markCode(PerfConstants.CodeMarkerConstants.GENERATE_AT_POP_ASYMMETRIC_KEYPAIR_END);
            throw th;
        }
    }

    @Override // com.microsoft.identity.common.java.crypto.IDevicePopManager
    public void generateAsymmetricKey(@NonNull final TaskCompletedCallbackWithError<String, ClientException> taskCompletedCallbackWithError) {
        if (taskCompletedCallbackWithError == null) {
            throw new NullPointerException("callback is marked non-null but is null");
        }
        sThreadExecutor.submit(new Runnable() { // from class: com.microsoft.identity.common.java.platform.AbstractDevicePopManager.1
            @Override // java.lang.Runnable
            public void run() {
                try {
                    taskCompletedCallbackWithError.onTaskCompleted(AbstractDevicePopManager.this.generateAsymmetricKey());
                } catch (ClientException e) {
                    taskCompletedCallbackWithError.onError(e);
                }
            }
        });
    }

    public abstract KeyPair generateNewRsaKeyPair(int i) throws UnsupportedOperationException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, NoSuchProviderException, ClientException, KeyStoreException;

    @Override // com.microsoft.identity.common.java.crypto.IDevicePopManager
    @Nullable
    public Date getAsymmetricKeyCreationDate() throws ClientException {
        return this.mKeyManager.getCreationDate();
    }

    @Override // com.microsoft.identity.common.java.crypto.IDevicePopManager
    public String getAsymmetricKeyThumbprint() throws ClientException {
        return new String(this.mKeyManager.getThumbprint(), UTF8);
    }

    @Override // com.microsoft.identity.common.java.crypto.IDevicePopManager
    public Certificate[] getCertificateChain() throws ClientException {
        return this.mKeyManager.getCertificateChain();
    }

    @Override // com.microsoft.identity.common.java.crypto.IDevicePopManager
    public IKeyStoreKeyManager<KeyStore.PrivateKeyEntry> getKeyManager() {
        return this.mKeyManager;
    }

    @Override // com.microsoft.identity.common.java.crypto.IDevicePopManager
    @NonNull
    public String getPublicKey(@NonNull IDevicePopManager.PublicKeyFormat publicKeyFormat) throws ClientException {
        if (publicKeyFormat == null) {
            throw new NullPointerException("format is marked non-null but is null");
        }
        String str = TAG + ":getPublicKey";
        int i = AnonymousClass4.$SwitchMap$com$microsoft$identity$common$java$crypto$IDevicePopManager$PublicKeyFormat[publicKeyFormat.ordinal()];
        if (i == 1) {
            return getX509SubjectPublicKeyInfo();
        }
        if (i == 2) {
            return getJwkPublicKey();
        }
        String str2 = "Unrecognized or unsupported key format: " + publicKeyFormat;
        ClientException clientException = new ClientException(ClientException.UNKNOWN_EXPORT_FORMAT, str2);
        Logger.error(str, str2, clientException);
        throw clientException;
    }

    @Override // com.microsoft.identity.common.java.crypto.IDevicePopManager
    public PublicKey getPublicKey() throws UnrecoverableEntryException, NoSuchAlgorithmException, KeyStoreException {
        return this.mKeyManager.getEntry().getCertificate().getPublicKey();
    }

    @Override // com.microsoft.identity.common.java.crypto.IDevicePopManager
    public String getRequestConfirmation() throws ClientException {
        String str = TAG + ":getRequestConfirmation";
        final CountDownLatch countDownLatch = new CountDownLatch(1);
        final String[] strArr = new String[1];
        final ClientException[] clientExceptionArr = new ClientException[1];
        getRequestConfirmation(new TaskCompletedCallbackWithError<String, ClientException>() { // from class: com.microsoft.identity.common.java.platform.AbstractDevicePopManager.2
            @Override // com.microsoft.identity.common.java.util.TaskCompletedCallbackWithError
            public void onError(@NonNull ClientException clientException) {
                if (clientException == null) {
                    throw new NullPointerException("error is marked non-null but is null");
                }
                clientExceptionArr[0] = clientException;
                countDownLatch.countDown();
            }

            @Override // com.microsoft.identity.common.java.util.TaskCompletedCallback
            public void onTaskCompleted(@NonNull String str2) {
                if (str2 == null) {
                    throw new NullPointerException("reqCnf is marked non-null but is null");
                }
                strArr[0] = str2;
                countDownLatch.countDown();
            }
        });
        try {
            countDownLatch.await();
            String str2 = strArr[0];
            if (str2 != null) {
                return str2;
            }
            throw clientExceptionArr[0];
        } catch (InterruptedException e) {
            Logger.error(str, "Interrupted while waiting on callback.", e);
            throw new ClientException(ClientException.INTERRUPTED_OPERATION, e.getMessage(), e);
        }
    }

    @Override // com.microsoft.identity.common.java.crypto.IDevicePopManager
    public void getRequestConfirmation(@NonNull final TaskCompletedCallbackWithError<String, ClientException> taskCompletedCallbackWithError) {
        if (taskCompletedCallbackWithError == null) {
            throw new NullPointerException("callback is marked non-null but is null");
        }
        final String str = TAG + ":getRequestConfirmation";
        sThreadExecutor.submit(new Runnable() { // from class: com.microsoft.identity.common.java.platform.AbstractDevicePopManager.3
            @Override // java.lang.Runnable
            public void run() {
                String str2;
                try {
                    taskCompletedCallbackWithError.onTaskCompleted(AbstractDevicePopManager.getReqCnfForRsaKey(AbstractKeyStoreKeyManager.getRsaKeyForKeyPair(AbstractKeyStoreKeyManager.getKeyPairForEntry(AbstractDevicePopManager.this.mKeyManager.getEntry()))));
                } catch (KeyStoreException e) {
                    e = e;
                    str2 = ClientException.KEYSTORE_NOT_INITIALIZED;
                    ClientException clientException = new ClientException(str2, e.getMessage(), e);
                    Logger.error(str, clientException.getMessage(), clientException);
                    taskCompletedCallbackWithError.onError(clientException);
                } catch (NoSuchAlgorithmException e2) {
                    e = e2;
                    str2 = "no_such_algorithm";
                    ClientException clientException2 = new ClientException(str2, e.getMessage(), e);
                    Logger.error(str, clientException2.getMessage(), clientException2);
                    taskCompletedCallbackWithError.onError(clientException2);
                } catch (UnrecoverableEntryException e3) {
                    e = e3;
                    str2 = ClientException.INVALID_PROTECTION_PARAMS;
                    ClientException clientException22 = new ClientException(str2, e.getMessage(), e);
                    Logger.error(str, clientException22.getMessage(), clientException22);
                    taskCompletedCallbackWithError.onError(clientException22);
                } catch (JSONException e4) {
                    e = e4;
                    str2 = ClientException.JSON_CONSTRUCTION_FAILED;
                    ClientException clientException222 = new ClientException(str2, e.getMessage(), e);
                    Logger.error(str, clientException222.getMessage(), clientException222);
                    taskCompletedCallbackWithError.onError(clientException222);
                } catch (uc2 e5) {
                    e = e5;
                    str2 = ClientException.THUMBPRINT_COMPUTATION_FAILURE;
                    ClientException clientException2222 = new ClientException(str2, e.getMessage(), e);
                    Logger.error(str, clientException2222.getMessage(), clientException2222);
                    taskCompletedCallbackWithError.onError(clientException2222);
                }
            }
        });
    }

    @Override // com.microsoft.identity.common.java.crypto.IDevicePopManager
    public SecureHardwareState getSecureHardwareState() throws ClientException {
        String str;
        String str2 = TAG + ":getSecureHardwareState";
        try {
            return getSecureHardwareState(AbstractKeyStoreKeyManager.getKeyPairForEntry(this.mKeyManager.getEntry()));
        } catch (KeyStoreException e) {
            e = e;
            str = ClientException.KEYSTORE_NOT_INITIALIZED;
            ClientException clientException = new ClientException(str, e.getMessage(), e);
            Logger.error(str2, str, e);
            throw clientException;
        } catch (NoSuchAlgorithmException e2) {
            e = e2;
            str = "no_such_algorithm";
            ClientException clientException2 = new ClientException(str, e.getMessage(), e);
            Logger.error(str2, str, e);
            throw clientException2;
        } catch (UnrecoverableEntryException e3) {
            e = e3;
            str = ClientException.INVALID_PROTECTION_PARAMS;
            ClientException clientException22 = new ClientException(str, e.getMessage(), e);
            Logger.error(str2, str, e);
            throw clientException22;
        }
    }

    public abstract SecureHardwareState getSecureHardwareState(@NonNull KeyPair keyPair);

    @Override // com.microsoft.identity.common.java.crypto.IDevicePopManager
    public String mintSignedAccessToken(@Nullable String str, long j, @NonNull URL url, @NonNull String str2, @Nullable String str3) throws ClientException {
        if (url == null) {
            throw new NullPointerException("requestUrl is marked non-null but is null");
        }
        if (str2 != null) {
            return mintSignedAccessToken(str, j, url, str2, str3, null);
        }
        throw new NullPointerException("accessToken is marked non-null but is null");
    }

    @Override // com.microsoft.identity.common.java.crypto.IDevicePopManager
    public String mintSignedAccessToken(@Nullable String str, long j, @NonNull URL url, @NonNull String str2, @Nullable String str3, @Nullable String str4) throws ClientException {
        if (url == null) {
            throw new NullPointerException("requestUrl is marked non-null but is null");
        }
        if (str2 != null) {
            return mintSignedHttpRequestInternal(str, j, url, str2, str3, str4);
        }
        throw new NullPointerException("accessToken is marked non-null but is null");
    }

    @Override // com.microsoft.identity.common.java.crypto.IDevicePopManager
    public String mintSignedHttpRequest(@Nullable String str, long j, @NonNull URL url, @Nullable String str2, @Nullable String str3) throws ClientException {
        if (url != null) {
            return mintSignedHttpRequestInternal(str, j, url, null, str2, str3);
        }
        throw new NullPointerException("requestUrl is marked non-null but is null");
    }

    public abstract void performCleanupIfMintShrFails(@NonNull Exception exc);

    @Override // com.microsoft.identity.common.java.crypto.IDevicePopManager
    @NonNull
    public String sign(@NonNull SigningAlgorithm signingAlgorithm, @NonNull String str) throws ClientException {
        if (signingAlgorithm == null) {
            throw new NullPointerException("alg is marked non-null but is null");
        }
        if (str != null) {
            return zh.f(sign(signingAlgorithm, str.getBytes(UTF8)), 2);
        }
        throw new NullPointerException("input is marked non-null but is null");
    }

    @Override // com.microsoft.identity.common.java.crypto.IDevicePopManager
    public byte[] sign(@NonNull SigningAlgorithm signingAlgorithm, @NonNull byte[] bArr) throws ClientException {
        String str;
        if (signingAlgorithm == null) {
            throw new NullPointerException("alg is marked non-null but is null");
        }
        if (bArr == null) {
            throw new NullPointerException("inputBytesToSign is marked non-null but is null");
        }
        String str2 = TAG + ":sign";
        try {
            KeyStore.PrivateKeyEntry entry = this.mKeyManager.getEntry();
            if (!(entry instanceof KeyStore.PrivateKeyEntry)) {
                Logger.warn(str2, PRIVATE_KEY_NOT_FOUND);
                throw new ClientException(ClientException.INVALID_KEY_MISSING);
            }
            Signature signature = Signature.getInstance(signingAlgorithm.toString());
            signature.initSign(entry.getPrivateKey());
            signature.update(bArr);
            return signature.sign();
        } catch (InvalidKeyException e) {
            e = e;
            str = ClientException.INVALID_KEY;
            ClientException clientException = new ClientException(str, e.getMessage(), e);
            Logger.error(str2, clientException.getMessage(), clientException);
            throw clientException;
        } catch (KeyStoreException e2) {
            e = e2;
            str = ClientException.KEYSTORE_NOT_INITIALIZED;
            ClientException clientException2 = new ClientException(str, e.getMessage(), e);
            Logger.error(str2, clientException2.getMessage(), clientException2);
            throw clientException2;
        } catch (NoSuchAlgorithmException e3) {
            e = e3;
            str = "no_such_algorithm";
            ClientException clientException22 = new ClientException(str, e.getMessage(), e);
            Logger.error(str2, clientException22.getMessage(), clientException22);
            throw clientException22;
        } catch (SignatureException e4) {
            e = e4;
            str = ClientException.SIGNING_FAILURE;
            ClientException clientException222 = new ClientException(str, e.getMessage(), e);
            Logger.error(str2, clientException222.getMessage(), clientException222);
            throw clientException222;
        } catch (UnrecoverableEntryException e5) {
            e = e5;
            str = ClientException.INVALID_PROTECTION_PARAMS;
            ClientException clientException2222 = new ClientException(str, e.getMessage(), e);
            Logger.error(str2, clientException2222.getMessage(), clientException2222);
            throw clientException2222;
        }
    }

    @Override // com.microsoft.identity.common.java.crypto.IDevicePopManager
    public boolean verify(@NonNull SigningAlgorithm signingAlgorithm, @NonNull String str, @NonNull String str2) {
        if (signingAlgorithm == null) {
            throw new NullPointerException("alg is marked non-null but is null");
        }
        if (str == null) {
            throw new NullPointerException("plainText is marked non-null but is null");
        }
        if (str2 != null) {
            return verify(signingAlgorithm, str.getBytes(UTF8), zh.a(str2, 2));
        }
        throw new NullPointerException("signatureStr is marked non-null but is null");
    }

    @Override // com.microsoft.identity.common.java.crypto.IDevicePopManager
    public boolean verify(@NonNull SigningAlgorithm signingAlgorithm, @NonNull byte[] bArr, @NonNull byte[] bArr2) {
        String str;
        if (signingAlgorithm == null) {
            throw new NullPointerException("alg is marked non-null but is null");
        }
        if (bArr == null) {
            throw new NullPointerException("inputBytesToVerify is marked non-null but is null");
        }
        if (bArr2 == null) {
            throw new NullPointerException("signatureBytes is marked non-null but is null");
        }
        String str2 = TAG + ":verify";
        try {
            KeyStore.PrivateKeyEntry entry = this.mKeyManager.getEntry();
            if (entry == null) {
                Logger.warn(str2, PRIVATE_KEY_NOT_FOUND);
                return false;
            }
            Signature signature = Signature.getInstance(signingAlgorithm.toString());
            signature.initVerify(entry.getCertificate());
            signature.update(bArr);
            return signature.verify(bArr2);
        } catch (InvalidKeyException e) {
            e = e;
            str = ClientException.INVALID_KEY;
            Logger.error(str2, str, e);
            return false;
        } catch (KeyStoreException e2) {
            e = e2;
            str = ClientException.KEYSTORE_NOT_INITIALIZED;
            Logger.error(str2, str, e);
            return false;
        } catch (NoSuchAlgorithmException e3) {
            e = e3;
            str = "no_such_algorithm";
            Logger.error(str2, str, e);
            return false;
        } catch (SignatureException e4) {
            e = e4;
            str = ClientException.SIGNING_FAILURE;
            Logger.error(str2, str, e);
            return false;
        } catch (UnrecoverableEntryException e5) {
            e = e5;
            str = ClientException.INVALID_PROTECTION_PARAMS;
            Logger.error(str2, str, e);
            return false;
        }
    }
}
