package com.isec7.android.sap.security;

import android.content.Context;
import android.security.KeyChain;
import android.security.KeyChainException;
import com.isec7.android.sap.logging.Logger;
import com.isec7.android.sap.util.IOUtils;
import java.net.Socket;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.X509ExtendedKeyManager;

/* loaded from: classes3.dex */
public class KeyChainKeyManager extends X509ExtendedKeyManager {
    private static final String LOG_TAG = "KeyChainKeyManager";
    private final X509Certificate[] mCertificateChain;
    private final String mClientAlias;
    private final PrivateKey mPrivateKey;

    private KeyChainKeyManager(String str, X509Certificate[] x509CertificateArr, PrivateKey privateKey) {
        this.mClientAlias = str;
        this.mCertificateChain = x509CertificateArr;
        this.mPrivateKey = privateKey;
    }

    public static KeyChainKeyManager fromAlias(Context context, String str) throws CertificateException {
        try {
            if (IOUtils.getKeyStore().isKeyEntry(str)) {
                PrivateKey privateKey = (PrivateKey) IOUtils.getKeyStore().getKey(str, null);
                Certificate[] certificateChain = IOUtils.getKeyStore().getCertificateChain(str);
                X509Certificate[] x509CertificateArr = new X509Certificate[certificateChain.length];
                for (int i = 0; i < certificateChain.length; i++) {
                    x509CertificateArr[i] = (X509Certificate) certificateChain[i];
                }
                return new KeyChainKeyManager(str, x509CertificateArr, privateKey);
            }
        } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException unused) {
            Logger.e(LOG_TAG, "Failed to access authentication certificate from Android app keystore");
        }
        try {
            PrivateKey privateKey2 = KeyChain.getPrivateKey(context, str);
            X509Certificate[] certificateChain2 = KeyChain.getCertificateChain(context, str);
            if (certificateChain2 == null || privateKey2 == null) {
                throw new CertificateException("Can't access certificate from keystore");
            }
            return new KeyChainKeyManager(str, certificateChain2, privateKey2);
        } catch (KeyChainException | InterruptedException e) {
            throw new CertificateException(e);
        }
    }

    @Override // javax.net.ssl.X509KeyManager
    public String chooseClientAlias(String[] strArr, Principal[] principalArr, Socket socket) {
        return this.mClientAlias;
    }

    @Override // javax.net.ssl.X509KeyManager
    public final String chooseServerAlias(String str, Principal[] principalArr, Socket socket) {
        throw new UnsupportedOperationException();
    }

    @Override // javax.net.ssl.X509KeyManager
    public X509Certificate[] getCertificateChain(String str) {
        return this.mCertificateChain;
    }

    @Override // javax.net.ssl.X509KeyManager
    public final String[] getClientAliases(String str, Principal[] principalArr) {
        throw new UnsupportedOperationException();
    }

    @Override // javax.net.ssl.X509KeyManager
    public PrivateKey getPrivateKey(String str) {
        return this.mPrivateKey;
    }

    @Override // javax.net.ssl.X509KeyManager
    public final String[] getServerAliases(String str, Principal[] principalArr) {
        throw new UnsupportedOperationException();
    }
}
