package com.microsoft.identity.broker.crypto.keymanagers;

import com.microsoft.identity.broker.crypto.AndroidKeyStoreCryptoFactory;
import com.microsoft.identity.broker4j.broker.crypto.IBrokerCryptoFactory;
import com.microsoft.identity.broker4j.broker.crypto.IRawAsymmetricKeyEntry;
import com.microsoft.identity.broker4j.broker.crypto.RawAsymmetricKeyEntry;
import com.microsoft.identity.broker4j.opentelemetry.AttributeName;
import com.microsoft.identity.broker4j.workplacejoin.ProviderUtil;
import com.microsoft.identity.common.java.controllers.ExceptionAdapter;
import com.microsoft.identity.common.java.exception.ClientException;
import com.microsoft.identity.common.java.opentelemetry.OTelUtility;
import com.microsoft.identity.common.java.util.ThrowableUtil;
import com.microsoft.identity.common.logging.Logger;
import io.opentelemetry.api.common.Attributes;
import io.opentelemetry.api.metrics.LongCounter;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SecureRandom;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;

/* loaded from: classes2.dex */
public class AndroidKeyStoreDeviceKeyManager extends AndroidKeyStoreKeyManager {
    private static final LongCounter sFailedAndroidKeyStoreDeviceKeyManagerOperationCount = OTelUtility.createLongCounter("failed_keystore_device_key_manager_operation_count", "Number of failed Android KeyStore DeviceKeyManager operations");
    private final String TAG;

    public AndroidKeyStoreDeviceKeyManager(IBrokerCryptoFactory iBrokerCryptoFactory, boolean z) {
        super(iBrokerCryptoFactory, z);
        this.TAG = AndroidKeyStoreDeviceKeyManager.class.getSimpleName();
    }

    @Override // com.microsoft.identity.broker.crypto.keymanagers.AndroidKeyStoreKeyManager, com.microsoft.identity.broker4j.broker.crypto.keymanagers.IKeyManager
    public IRawAsymmetricKeyEntry generateKeyPair(String str, String str2, int i) throws ClientException {
        String str3 = this.TAG + ":generateKeyPair";
        try {
            Logger.info(str3, "Generating key pair {algorithm: " + str2 + ", keySize: " + i + "}");
            StringBuilder sb = new StringBuilder();
            sb.append("Generating key pair with alias: ");
            sb.append(str);
            Logger.infoPII(str3, sb.toString());
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(str2);
            keyPairGenerator.initialize(i, new SecureRandom());
            return RawAsymmetricKeyEntry.builder().keyPair(keyPairGenerator.generateKeyPair()).alias(str).build();
        } catch (Throwable th) {
            Logger.error(str3, "Failed to generate keyPair " + th.getMessage(), th);
            sFailedAndroidKeyStoreDeviceKeyManagerOperationCount.add(1L, Attributes.builder().put(AttributeName.keystore_key_manager_operation.name(), "generateKeyPair").put(AttributeName.error_type.name(), th.getClass().getSimpleName()).put(AttributeName.keystore_key_manager_exception_stack_trace.name(), ThrowableUtil.getStackTraceAsString(th)).build());
            throw ExceptionAdapter.clientExceptionFromException(th);
        }
    }

    @Override // com.microsoft.identity.broker.crypto.keymanagers.AndroidKeyStoreKeyManager, com.microsoft.identity.broker4j.broker.crypto.keymanagers.IKeyManager
    public void saveCertificate(String str, KeyPair keyPair, byte[] bArr) throws ClientException {
        try {
            Certificate generateCertificate = ProviderUtil.getX509CertificateFactory().generateCertificate(new ByteArrayInputStream(bArr));
            KeyStore keyStore = KeyStore.getInstance(AndroidKeyStoreCryptoFactory.ANDROID_KEYSTORE);
            keyStore.load(null);
            keyStore.setKeyEntry(str, keyPair.getPrivate(), null, new Certificate[]{generateCertificate});
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | NoSuchProviderException | CertificateException e) {
            sFailedAndroidKeyStoreDeviceKeyManagerOperationCount.add(1L, Attributes.builder().put(AttributeName.keystore_key_manager_operation.name(), "saveCertificate").put(AttributeName.error_type.name(), e.getClass().getSimpleName()).put(AttributeName.keystore_key_manager_exception_stack_trace.name(), ThrowableUtil.getStackTraceAsString(e)).build());
            throw new ClientException(ClientException.CERTIFICATE_LOAD_FAILURE, e.getMessage(), e);
        }
    }
}
