package com.airwatch.login.tasks;

import android.content.Context;
import android.text.TextUtils;
import com.airwatch.sdk.certificate.CertificateFetchResponse;
import com.airwatch.sdk.certificate.CertificateFetchResult;
import com.airwatch.sdk.context.SDKContext;
import com.airwatch.storage.SDKSecurePreferencesKeys;
import com.airwatch.util.Logger;
import com.workspaceone.credentialext.spi.provider.DerivedCredentialsKeyStoreProvider;
import java.io.IOException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.Security;
import java.security.cert.CertificateException;

/* loaded from: classes4.dex */
public class DerivedCredentialsCertificateFetcher {
    public static final String TAG = "DerivedCredentialsCertificateFetcher";
    protected final Context context;
    private final String identifier;
    private DerivedCredentialsKeyStoreProvider provider;

    public DerivedCredentialsCertificateFetcher(SDKContext sDKContext, String str) throws IllegalArgumentException {
        this.context = sDKContext.getContext();
        DerivedCredentialsKeyStoreProvider derivedCredentialsKeyStoreProvider = new DerivedCredentialsKeyStoreProvider();
        this.provider = derivedCredentialsKeyStoreProvider;
        Security.insertProviderAt(derivedCredentialsKeyStoreProvider, 1);
        this.identifier = str;
    }

    private static String getProvider(String str) {
        str.hashCode();
        return !str.equals(SDKSecurePreferencesKeys.SMIME_SIGNING_CERT_ALIAS) ? !str.equals(SDKSecurePreferencesKeys.SMIME_ENCRYPTION_CERT_ALIAS) ? DerivedCredentialsKeyStoreProvider.DERIVED_CREDENTIAL_AUTHENTICATION : DerivedCredentialsKeyStoreProvider.DERIVED_CREDENTIAL_ENCRYPTION : DerivedCredentialsKeyStoreProvider.DERIVED_CREDENTIAL_SIGNATURE;
    }

    public CertificateFetchResult fetchCertificate() {
        DerivedCredentialsKeyStoreProvider.setAppContext(this.context);
        if (!this.provider.isConfigured()) {
            return new CertificateFetchResult(CertificateFetchResult.Status.FAILURE, null, -12, null, null);
        }
        String keyStorePassword = this.provider.getKeyStorePassword();
        if (TextUtils.isEmpty(keyStorePassword)) {
            return new CertificateFetchResult(CertificateFetchResult.Status.FAILURE, null, -13, null, null);
        }
        try {
            KeyStore andLoadKeyStore = getAndLoadKeyStore(keyStorePassword);
            if (andLoadKeyStore != null && andLoadKeyStore.aliases() != null && andLoadKeyStore.aliases().hasMoreElements()) {
                Logger.i(TAG, "Successfully fetched Certificate " + this.identifier + " from PIVD app");
                return new CertificateFetchResult(CertificateFetchResult.Status.SUCCESS, null, 0, null, new CertificateFetchResponse.KeyStoreResponse(this.identifier, andLoadKeyStore));
            }
            return new CertificateFetchResult(CertificateFetchResult.Status.FAILURE, null, -13, null, null);
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            Logger.e(TAG, "Exception in fetching p12 ", e);
            return new CertificateFetchResult(CertificateFetchResult.Status.FAILURE, null, -13, null, null);
        }
    }

    protected KeyStore getAndLoadKeyStore(String str) throws IOException, NoSuchAlgorithmException, CertificateException, KeyStoreException {
        KeyStore keyStore = KeyStore.getInstance(getProvider(this.identifier));
        keyStore.load(null, str.toCharArray());
        return keyStore;
    }

    public void setProvider(DerivedCredentialsKeyStoreProvider derivedCredentialsKeyStoreProvider) {
        this.provider = derivedCredentialsKeyStoreProvider;
    }
}
