package com.amazon.whisperlink.feature.security.android;

import android.content.Context;
import com.amazon.whisperlink.plugin.config.SecurityConfig;
import com.amazon.whisperlink.security.service.AuthDaemonInternal;
import com.amazon.whisperlink.util.Connection;
import com.amazon.whisperlink.util.Log;
import com.amazon.whisperlink.util.WhisperLinkUtil;
import com.amazon.whisperplay.thrift.TException;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.InvalidKeyException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.SignatureException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;

/* loaded from: classes2.dex */
public final class CertificateSourceClientImplementation extends AbstractCertificateSource {
    private static final String DEFAULT_CERT_TYPE = "X.509";
    private static final String TAG = "CertificateSourceClientImplementation";

    @Override // com.amazon.whisperplay.feature.security.CertificateSourceFeature
    public void clearCertificate(Context context) {
        try {
            clearKeyStore(context);
            fireCertChanged();
        } catch (IOException e) {
            Log.warning(TAG, "Error clearing certs", e);
        }
    }

    @Override // com.amazon.whisperlink.feature.security.android.AbstractCertificateSource
    public Certificate createCertificate(Context context, PrivateKey privateKey, PublicKey publicKey, String str, String str2) throws CertificateEncodingException, InvalidKeyException, IllegalStateException, NoSuchAlgorithmException, SignatureException {
        Connection<AuthDaemonInternal.Iface, AuthDaemonInternal.Client> createConnection = createConnection();
        try {
            try {
                AuthDaemonInternal.Iface connect = createConnection.connect();
                Log.debug(TAG, "Getting App-level cert, signed by core");
                Certificate generateCertificate = CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(connect.getCertData(getPublicKeyString(publicKey), str2)));
                if (createConnection == null) {
                    return generateCertificate;
                }
                createConnection.close();
                return generateCertificate;
            } catch (TException e) {
                Log.error(TAG, "Exception when get current auths from internal service");
                if (createConnection != null) {
                    createConnection.close();
                }
                return null;
            } catch (CertificateException e2) {
                Log.error(TAG, "Error creating Certificate from core data");
                if (createConnection != null) {
                    createConnection.close();
                }
                return null;
            }
        } catch (Throwable th) {
            if (createConnection != null) {
                createConnection.close();
            }
            throw th;
        }
    }

    protected Connection<AuthDaemonInternal.Iface, AuthDaemonInternal.Client> createConnection() {
        return new Connection<>(WhisperLinkUtil.getLocalDevice(false), SecurityConfig.getAuthDaemonInternalDescription(), new AuthDaemonInternal.Client.Factory());
    }

    @Override // com.amazon.whisperplay.feature.security.CertificateSourceFeature
    public Certificate generateCertificate(String str, String str2) {
        return null;
    }

    @Override // com.amazon.whisperplay.feature.security.CertificateSourceFeature
    public String getPrivateKeyString() {
        return null;
    }

    @Override // com.amazon.whisperplay.feature.security.CertificateSourceFeature
    public boolean verifyLoadedCertificate() {
        Connection<AuthDaemonInternal.Iface, AuthDaemonInternal.Client> createConnection = createConnection();
        Certificate certificate = getCertificate();
        try {
            if (certificate == null) {
                return false;
            }
            try {
                try {
                    certificate.verify(getPublicKeyFromString(createConnection.connect().getKeyDataFor(WhisperLinkUtil.getLocalDeviceUUID())));
                    if (createConnection == null) {
                        return true;
                    }
                    createConnection.close();
                    return true;
                } catch (GeneralSecurityException e) {
                    Log.warning(TAG, "Cert not verified - must have changed:" + e.getMessage());
                    if (createConnection != null) {
                        createConnection.close();
                    }
                    return false;
                }
            } catch (TException e2) {
                Log.error(TAG, "Exception when get current auths from internal service :" + e2.getMessage());
                if (createConnection != null) {
                    createConnection.close();
                }
                return false;
            }
        } catch (Throwable th) {
            if (createConnection != null) {
                createConnection.close();
            }
            throw th;
        }
    }
}
