package com.thursby.pkard.sdk;

import com.thursby.pkard.conscrypt.OpenSSLEngine;
import com.thursby.pkard.sdk.PKardSDK;
import com.thursby.pkard.util.Log;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.KeyStoreSpi;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.Date;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Set;

/* loaded from: classes3.dex */
public class PKClientKeyStore extends KeyStoreSpi implements PKardSDK.PKardSDKEvents {
    public static final String NAME = "PKardClient";
    private static final String c = "PKClientKeyStore";
    private PKardSDK a;
    private boolean b;

    public PKClientKeyStore() throws IOException {
        PKardSDK currentInstance = PKardSDK.getCurrentInstance();
        this.a = currentInstance;
        if (currentInstance == null) {
            throw new IOException("PKard SDK is not initialized");
        }
        currentInstance.addEventListener(this);
    }

    private static X509Certificate a(byte[] bArr) {
        try {
            return (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(bArr));
        } catch (CertificateException e) {
            Log.w(NAME, "Couldn't parse certificate in keystore", e);
            return null;
        }
    }

    private Date a(String str) {
        return null;
    }

    private Set<String> a() {
        String[] strArr;
        PKardSDK pKardSDK = this.a;
        if (pKardSDK != null) {
            strArr = pKardSDK.getObjectAliases(-1);
            if (strArr != null) {
                Log.d(c, "getUniqueAliases: got " + strArr.length + " references from service");
            }
        } else {
            Log.e(c, "service binder is NULL");
            strArr = null;
        }
        if (this.a == null || strArr == null) {
            Log.e(c, "No aliases received from service");
            return new HashSet();
        }
        HashSet hashSet = new HashSet(strArr.length);
        for (String str : strArr) {
            Log.i(c, "returning alias = " + str);
            if (str != null) {
                hashSet.add(str);
            }
        }
        return hashSet;
    }

    private static Collection<X509Certificate> b(byte[] bArr) {
        try {
            return CertificateFactory.getInstance("X.509").generateCertificates(new ByteArrayInputStream(bArr));
        } catch (CertificateException e) {
            Log.w(NAME, "Couldn't parse certificates in keystore", e);
            return new ArrayList();
        }
    }

    private boolean b(String str) {
        return false;
    }

    private boolean c(String str) {
        if (str != null) {
            return this.a.exist(str);
        }
        throw new NullPointerException("alias == null");
    }

    @Override // java.security.KeyStoreSpi
    public Enumeration<String> engineAliases() {
        return Collections.enumeration(a());
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineContainsAlias(String str) {
        if (str != null) {
            return this.a.exist(str);
        }
        throw new NullPointerException("alias == null");
    }

    @Override // java.security.KeyStoreSpi
    public void engineDeleteEntry(String str) throws KeyStoreException {
        throw new KeyStoreException("Con not delete " + str + " from hw token");
    }

    @Override // java.security.KeyStoreSpi
    public Certificate engineGetCertificate(String str) {
        if (str == null) {
            throw new NullPointerException("alias == null");
        }
        Log.v(c, "Getting certificate for " + str);
        byte[] certificate = this.a.getCertificate(str);
        if (certificate != null) {
            return a(certificate);
        }
        return null;
    }

    @Override // java.security.KeyStoreSpi
    public String engineGetCertificateAlias(Certificate certificate) {
        if (certificate == null) {
            return null;
        }
        HashSet hashSet = new HashSet();
        String[] objectAliases = this.a.getObjectAliases(-1);
        if (objectAliases != null) {
            for (String str : objectAliases) {
                byte[] certificate2 = this.a.getCertificate(str);
                if (certificate2 != null) {
                    X509Certificate a = a(certificate2);
                    hashSet.add(str);
                    if (certificate.equals(a)) {
                        return str;
                    }
                }
            }
        }
        return null;
    }

    @Override // java.security.KeyStoreSpi
    public Certificate[] engineGetCertificateChain(String str) {
        Certificate[] certificateArr;
        if (str == null) {
            throw new NullPointerException("alias == null");
        }
        X509Certificate x509Certificate = (X509Certificate) engineGetCertificate(str);
        if (x509Certificate == null) {
            return null;
        }
        byte[] certificate = this.a.getCertificate(str);
        int i = 1;
        if (certificate != null) {
            Collection<X509Certificate> b = b(certificate);
            certificateArr = new Certificate[b.size() + 1];
            Iterator<X509Certificate> it = b.iterator();
            while (it.hasNext()) {
                certificateArr[i] = it.next();
                i++;
            }
        } else {
            certificateArr = new Certificate[1];
        }
        certificateArr[0] = x509Certificate;
        return certificateArr;
    }

    @Override // java.security.KeyStoreSpi
    public Date engineGetCreationDate(String str) {
        if (str == null) {
            throw new NullPointerException("alias == null");
        }
        Date a = a(str);
        if (a != null) {
            return a;
        }
        Date a2 = a(str);
        return a2 != null ? a2 : a(str);
    }

    @Override // java.security.KeyStoreSpi
    public Key engineGetKey(String str, char[] cArr) throws NoSuchAlgorithmException, UnrecoverableKeyException {
        if (!c(str)) {
            return null;
        }
        try {
            return OpenSSLEngine.getInstance("pkard").getPrivateKeyById(str);
        } catch (Exception e) {
            UnrecoverableKeyException unrecoverableKeyException = new UnrecoverableKeyException("Can't get key");
            unrecoverableKeyException.initCause(e);
            throw unrecoverableKeyException;
        }
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineIsCertificateEntry(String str) {
        return b(str) && !c(str);
    }

    @Override // java.security.KeyStoreSpi
    public boolean engineIsKeyEntry(String str) {
        return c(str);
    }

    @Override // java.security.KeyStoreSpi
    public void engineLoad(InputStream inputStream, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
        if (inputStream != null) {
            throw new IllegalArgumentException("InputStream not supported");
        }
        if (cArr != null) {
            throw new IllegalArgumentException("password not supported");
        }
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetCertificateEntry(String str, Certificate certificate) throws KeyStoreException {
        throw new KeyStoreException("Operation not supported, can not write to hardware token");
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetEntry(String str, KeyStore.Entry entry, KeyStore.ProtectionParameter protectionParameter) throws KeyStoreException {
        throw new KeyStoreException("SetEntry not supported, only pkard backed keys supported");
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, Key key, char[] cArr, Certificate[] certificateArr) throws KeyStoreException {
        throw new KeyStoreException("Only hw backed private keys are supported");
    }

    @Override // java.security.KeyStoreSpi
    public void engineSetKeyEntry(String str, byte[] bArr, Certificate[] certificateArr) throws KeyStoreException {
        throw new KeyStoreException("Operation not supported because key encoding is unknown");
    }

    @Override // java.security.KeyStoreSpi
    public int engineSize() {
        return a().size();
    }

    @Override // java.security.KeyStoreSpi
    public void engineStore(OutputStream outputStream, char[] cArr) throws IOException, NoSuchAlgorithmException, CertificateException {
        throw new UnsupportedOperationException("Can not serialize PKard hw to OutputStream");
    }

    public boolean isReady() {
        return this.b;
    }

    @Override // com.thursby.pkard.sdk.PKardSDK.PKardSDKEvents
    public void onKeyStorageChanged(boolean z, String str) {
    }

    @Override // com.thursby.pkard.sdk.PKardSDK.PKardSDKEvents
    public void onPKardConnected() {
        this.b = true;
    }

    @Override // com.thursby.pkard.sdk.PKardSDK.PKardSDKEvents
    public void onPKardDisconnected() {
        this.b = false;
        this.a.removeEventListener(this);
    }
}
