package com.microsoft.identity.broker4j.workplacejoin;

import com.microsoft.identity.broker4j.broker.crypto.keyaccessors.IAsymmetricKeyEntryAccessor;
import com.microsoft.identity.broker4j.broker.crypto.keyaccessors.RawAsymmetricKeyEntryAccessor;
import com.microsoft.identity.broker4j.workplacejoin.data.WorkplaceJoinData;
import com.microsoft.identity.common.java.AuthenticationSettings;
import com.microsoft.identity.common.java.challengehandlers.IDeviceCertificate;
import com.microsoft.identity.common.java.logging.Logger;
import java.security.KeyPair;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.List;

/* loaded from: classes4.dex */
public class DeviceCertProxy implements IDeviceCertificate {
    private static final String TAG = DeviceCertProxy.class.getSimpleName();
    private static X509Certificate sCertificate = null;
    private static PrivateKey sPrivateKey = null;
    private static PublicKey sPublicKey = null;
    private static String sThumbPrint = null;
    private static boolean sValidIssuer = false;

    public static void clearDeviceCert() {
        synchronized (DeviceCertProxy.class) {
            sPublicKey = null;
            sPrivateKey = null;
            sThumbPrint = null;
            sCertificate = null;
            AuthenticationSettings.INSTANCE.removeDeviceCertificateProxy();
        }
    }

    public static void loadDeviceCert(WorkplaceJoinData workplaceJoinData) {
        synchronized (DeviceCertProxy.class) {
            if (workplaceJoinData == null) {
                throw new NullPointerException("wpjData is marked non-null but is null");
            }
            X509Certificate x509Cert = workplaceJoinData.getCertificateData().getX509Cert();
            sValidIssuer = true;
            IAsymmetricKeyEntryAccessor deviceKey = workplaceJoinData.getCertificateData().getDeviceKey();
            if (!(deviceKey instanceof RawAsymmetricKeyEntryAccessor)) {
                Logger.error(TAG + ":loadDeviceCert", "Do not have an access to device private key.", null);
                return;
            }
            KeyPair keyPair = ((RawAsymmetricKeyEntryAccessor) deviceKey).getKeyEntry().getKeyPair();
            sPrivateKey = keyPair.getPrivate();
            sPublicKey = keyPair.getPublic();
            try {
                try {
                    sThumbPrint = WorkplaceJoinCertHelper.obtainThumbPrintFromCert(x509Cert);
                } catch (CertificateEncodingException e) {
                    Logger.error(TAG + ":loadDeviceCert", "Certificate Encoding error" + WorkplaceJoinFailure.CERTIFICATE.toString(), e);
                }
            } catch (NoSuchAlgorithmException e2) {
                Logger.error(TAG + ":loadDeviceCert", "No such algorithm for cert digest" + WorkplaceJoinFailure.CERTIFICATE.toString(), e2);
            }
            sCertificate = x509Cert;
            AuthenticationSettings.INSTANCE.setDeviceCertificateProxyClass(DeviceCertProxy.class);
        }
    }

    public static void reset() {
        sCertificate = null;
        sPrivateKey = null;
        sPublicKey = null;
        sThumbPrint = null;
        sValidIssuer = false;
    }

    @Override // com.microsoft.identity.common.java.challengehandlers.IDeviceCertificate
    public X509Certificate getCertificate() {
        return sCertificate;
    }

    @Override // com.microsoft.identity.common.java.challengehandlers.IDeviceCertificate
    public PrivateKey getPrivateKey() {
        return sPrivateKey;
    }

    @Override // com.microsoft.identity.common.java.challengehandlers.IDeviceCertificate
    public PublicKey getPublicKey() {
        return sPublicKey;
    }

    @Override // com.microsoft.identity.common.java.challengehandlers.IDeviceCertificate
    public String getThumbPrint() {
        return sThumbPrint;
    }

    @Override // com.microsoft.identity.common.java.challengehandlers.IDeviceCertificate
    public boolean isValidIssuer(List<String> list) {
        return sValidIssuer;
    }
}
