package com.samsung.android.knox.dai.framework.keystore.engine;

import com.samsung.android.knox.dai.framework.keystore.util.KeyPairGenerator;
import com.samsung.android.knox.dai.framework.logging.Log;
import com.samsung.android.knox.dai.framework.security.SecurityDefinitions;
import java.io.IOException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.inject.Inject;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.TrustManager;

/* loaded from: classes2.dex */
public class AndroidKeystoreEngine extends BaseKeystoreEngine implements KeystoreEngine {
    @Inject
    public AndroidKeystoreEngine() {
    }

    private boolean certificateExists() {
        try {
            KeyStore keyStore = KeyStore.getInstance(algorithm());
            keyStore.load(null);
            Certificate[] certificateChain = keyStore.getCertificateChain(certificateAlias());
            if (certificateChain != null) {
                return certificateChain.length > 0;
            }
            return false;
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            Log.e(this.tag(), "Error retrieving cert chain: " + e.getMessage());
            return false;
        }
    }

    @Override // com.samsung.android.knox.dai.framework.keystore.engine.BaseKeystoreEngine
    protected String algorithm() {
        return SecurityDefinitions.KeyStoreAlgorithm.ANDROID_KEYSTORE;
    }

    @Override // com.samsung.android.knox.dai.framework.keystore.engine.BaseKeystoreEngine
    protected String certificateAlias() {
        return "com.samsung.android.knox.dai::KAI";
    }

    @Override // com.samsung.android.knox.dai.framework.keystore.engine.BaseKeystoreEngine, com.samsung.android.knox.dai.framework.keystore.engine.KeystoreEngine
    public X509Certificate[] getCertificateChain() {
        return super.getCertificateChain();
    }

    @Override // com.samsung.android.knox.dai.framework.keystore.engine.KeystoreEngine
    public KeyManager[] getKeyManagers() {
        try {
            KeyStore keyStore = getKeyStore(algorithm());
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            keyManagerFactory.init(keyStore, null);
            return keyManagerFactory.getKeyManagers();
        } catch (IllegalArgumentException | NullPointerException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException e) {
            Log.e(this.tag(), "Failed to retrieve key managers " + e.getMessage());
            return null;
        }
    }

    @Override // com.samsung.android.knox.dai.framework.keystore.engine.BaseKeystoreEngine, com.samsung.android.knox.dai.framework.keystore.engine.KeystoreEngine
    public TrustManager[] getTrustManagers() {
        return super.getTrustManagers();
    }

    @Override // com.samsung.android.knox.dai.framework.keystore.engine.KeystoreEngine
    public void init() {
        if (certificateExists()) {
            Log.d(tag(), "Certificate exists, skipping");
        } else {
            Log.i(tag(), "certificate not found, creating key pair");
            KeyPairGenerator.getInstance(certificateAlias()).createKeyPair();
        }
    }

    @Override // com.samsung.android.knox.dai.framework.keystore.engine.KeystoreEngine
    public void reinitialize() {
        KeyPairGenerator.getInstance(certificateAlias()).createKeyPair();
    }

    @Override // com.samsung.android.knox.dai.framework.keystore.engine.BaseKeystoreEngine
    protected String tag() {
        return "AndroidKeystoreEngine";
    }
}
