package com.microsoft.identity.common.internal.platform;

import android.annotation.SuppressLint;
import android.content.Context;
import android.os.Build;
import android.security.KeyPairGeneratorSpec;
import android.security.keystore.KeyGenParameterSpec;
import android.security.keystore.KeyInfo;
import android.security.keystore.StrongBoxUnavailableException;
import android.text.TextUtils;
import android.util.Base64;
import android.util.Base64InputStream;
import android.util.Base64OutputStream;
import com.microsoft.identity.common.adal.internal.cache.StorageHelper;
import com.microsoft.identity.common.exception.ClientException;
import com.microsoft.identity.common.internal.controllers.TaskCompletedCallbackWithError;
import com.microsoft.identity.common.internal.logging.Logger;
import com.microsoft.identity.common.internal.platform.IDevicePopManager;
import com.microsoft.identity.common.internal.util.DateUtilities;
import com.nimbusds.jose.JOSEException;
import com.nimbusds.jose.JWSAlgorithm;
import com.nimbusds.jose.JWSHeader;
import com.nimbusds.jose.crypto.RSASSASigner;
import com.nimbusds.jose.crypto.impl.RSAKeyUtils;
import com.nimbusds.jose.jwk.RSAKey;
import com.nimbusds.jwt.JWTClaimsSet;
import com.nimbusds.jwt.SignedJWT;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.Closeable;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.UnsupportedEncodingException;
import java.math.BigInteger;
import java.net.URL;
import java.security.InvalidAlgorithmParameterException;
import java.security.InvalidKeyException;
import java.security.KeyFactory;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.Signature;
import java.security.SignatureException;
import java.security.UnrecoverableEntryException;
import java.security.cert.CertificateException;
import java.security.interfaces.RSAPublicKey;
import java.security.spec.InvalidKeySpecException;
import java.security.spec.RSAKeyGenParameterSpec;
import java.util.Calendar;
import java.util.Date;
import java.util.Locale;
import java.util.concurrent.CountDownLatch;
import java.util.concurrent.ExecutorService;
import java.util.concurrent.Executors;
import javax.crypto.Cipher;
import javax.crypto.CipherInputStream;
import javax.crypto.CipherOutputStream;
import javax.crypto.NoSuchPaddingException;
import javax.security.auth.x500.X500Principal;
import obfuse.NPStringFog;
import org.json.JSONException;
import org.json.JSONObject;
import u3.c.b.d;

/* loaded from: classes4.dex */
public class DevicePopManager implements IDevicePopManager {
    private static final String ANDROID_KEYSTORE = "AndroidKeyStore";
    private static final String DEFAULT_KEYSTORE_ENTRY_ALIAS = "microsoft-device-pop";
    private static final String PRIVATE_KEY_NOT_FOUND = "Not an instance of a PrivateKeyEntry";
    private static final int RSA_KEY_SIZE = 2048;
    private static final String TAG = "DevicePopManager";
    private static final ExecutorService sThreadExecutor = Executors.newCachedThreadPool();
    private final String mKeyAlias;
    private final KeyStore mKeyStore;

    /* renamed from: com.microsoft.identity.common.internal.platform.DevicePopManager$4, reason: invalid class name */
    /* loaded from: classes4.dex */
    public static /* synthetic */ class AnonymousClass4 {
        public static final /* synthetic */ int[] $SwitchMap$com$microsoft$identity$common$internal$platform$IDevicePopManager$PublicKeyFormat;

        static {
            IDevicePopManager.PublicKeyFormat.values();
            int[] iArr = new int[2];
            $SwitchMap$com$microsoft$identity$common$internal$platform$IDevicePopManager$PublicKeyFormat = iArr;
            try {
                IDevicePopManager.PublicKeyFormat publicKeyFormat = IDevicePopManager.PublicKeyFormat.X_509_SubjectPublicKeyInfo_ASN_1;
                iArr[0] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                int[] iArr2 = $SwitchMap$com$microsoft$identity$common$internal$platform$IDevicePopManager$PublicKeyFormat;
                IDevicePopManager.PublicKeyFormat publicKeyFormat2 = IDevicePopManager.PublicKeyFormat.JWK;
                iArr2[1] = 2;
            } catch (NoSuchFieldError unused2) {
            }
        }
    }

    /* loaded from: classes4.dex */
    public static final class CertificateProperties {
        public static final int CERTIFICATE_VALIDITY_YEARS = 99;
        public static final String COMMON_NAME = "CN=device-pop";
        public static final BigInteger SERIAL_NUMBER = BigInteger.ONE;

        private CertificateProperties() {
        }
    }

    /* loaded from: classes4.dex */
    public static final class KeyPairGeneratorAlgorithms {
        public static final String RSA = "RSA";
    }

    /* loaded from: classes4.dex */
    public static final class SignedHttpRequestJwtClaims {
        private static final String ACCESS_TOKEN = "at";
        private static final String CLIENT_CLAIMS = "client_claims";
        private static final String CNF = "cnf";
        private static final String HTTP_HOST = "u";
        private static final String HTTP_METHOD = "m";
        private static final String HTTP_PATH = "p";
        public static final String JWK = "jwk";
        private static final String NONCE = "nonce";
        private static final String TIMESTAMP = "ts";

        private SignedHttpRequestJwtClaims() {
        }
    }

    public DevicePopManager() throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException {
        KeyStore keyStore = KeyStore.getInstance(NPStringFog.decode("2F1E09130108032E171723190E1C04"));
        this.mKeyStore = keyStore;
        keyStore.load(null);
        this.mKeyAlias = DEFAULT_KEYSTORE_ENTRY_ALIAS;
    }

    public DevicePopManager(String str) throws KeyStoreException, CertificateException, NoSuchAlgorithmException, IOException {
        KeyStore keyStore = KeyStore.getInstance(NPStringFog.decode("2F1E09130108032E171723190E1C04"));
        this.mKeyStore = keyStore;
        keyStore.load(null);
        this.mKeyAlias = str;
    }

    @SuppressLint({"NewApi"})
    private static KeyGenParameterSpec.Builder applyHardwareIsolation(KeyGenParameterSpec.Builder builder) {
        return builder.setIsStrongBoxBacked(true);
    }

    private static String base64UrlEncode(String str) {
        try {
            return Base64.encodeToString(str.getBytes(NPStringFog.decode("3B242B4C56")), 11);
        } catch (UnsupportedEncodingException e) {
            e.printStackTrace();
            return null;
        }
    }

    private static void closeStream(Closeable closeable) {
        if (closeable != null) {
            try {
                closeable.close();
            } catch (IOException e) {
                Logger.error(TAG + NPStringFog.decode("5413010E1D043411000B1100"), NPStringFog.decode("2B080E041E150E0A1C4E0405130116094505061901044E020B0A01071E0A411D15150013035E"), e);
            }
        }
    }

    private KeyPair generateNewKeyPair(Context context, boolean z) throws InvalidAlgorithmParameterException, NoSuchAlgorithmException, NoSuchProviderException, StrongBoxUnavailableException {
        KeyPair generateKeyPair;
        synchronized ((DateUtilities.isLocaleCalendarNonGregorian(Locale.getDefault()) ? DateUtilities.LOCALE_CHANGE_LOCK : new Object())) {
            Locale locale = Locale.getDefault();
            StorageHelper.applyKeyStoreLocaleWorkarounds(locale);
            try {
                generateKeyPair = getInitializedRsaKeyPairGenerator(context, 2048, z).generateKeyPair();
            } finally {
                Locale.setDefault(locale);
            }
        }
        return generateKeyPair;
    }

    @SuppressLint({"NewApi"})
    private KeyPair generateNewRsaKeyPair(Context context, int i) throws UnsupportedOperationException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, NoSuchProviderException {
        KeyPair generateNewKeyPair;
        for (int i2 = 0; i2 < 4; i2++) {
            try {
                generateNewKeyPair = generateNewKeyPair(context, true);
            } catch (StrongBoxUnavailableException e) {
                Logger.error(TAG, NPStringFog.decode("3D041F0E0006250A0A4E0503121B11170A001A1509414341140E1B1E00040F09410F04000A070C130B41010913090343"), e);
                generateNewKeyPair = generateNewKeyPair(context, false);
            }
            int keyBitLength = RSAKeyUtils.keyBitLength(generateNewKeyPair.getPrivate());
            if (keyBitLength >= i || keyBitLength < 0) {
                getSecureHardwareState(generateNewKeyPair);
                return generateNewKeyPair;
            }
        }
        clearAsymmetricKey();
        throw new UnsupportedOperationException(NPStringFog.decode("2811040D0B0547111D4E17080F0B130611174E060C0D0705472E1717200C081C4F4724061A1500111A040345464E04040C0B1249"));
    }

    private d getDevicePopJwkMinifiedJson() throws UnrecoverableEntryException, NoSuchAlgorithmException, KeyStoreException {
        d jSONObject = getRsaKeyForKeyPair(getKeyPairForEntry(this.mKeyStore.getEntry(this.mKeyAlias, null))).toPublicJWK().toJSONObject();
        d dVar = new d();
        dVar.put(NPStringFog.decode("040706"), jSONObject);
        return dVar;
    }

    private KeyPairGenerator getInitializedRsaKeyPairGenerator(Context context, int i, boolean z) throws InvalidAlgorithmParameterException, NoSuchProviderException, NoSuchAlgorithmException {
        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(NPStringFog.decode("3C232C"), ANDROID_KEYSTORE);
        initialize(context, keyPairGenerator, i, z);
        return keyPairGenerator;
    }

    private String getJwkPublicKey() throws ClientException {
        String str;
        try {
            Object obj = getDevicePopJwkMinifiedJson().get(NPStringFog.decode("040706"));
            if (obj == null) {
                return null;
            }
            return obj.toString();
        } catch (KeyStoreException e) {
            e = e;
            str = NPStringFog.decode("051514121A0E15002D001F193E070F0E111B0F1C041B0B05");
            ClientException clientException = new ClientException(str, e.getMessage(), e);
            Logger.error(TAG, clientException.getMessage(), clientException);
            throw clientException;
        } catch (NoSuchAlgorithmException e2) {
            e = e2;
            str = "no_such_algorithm";
            ClientException clientException2 = new ClientException(str, e.getMessage(), e);
            Logger.error(TAG, clientException2.getMessage(), clientException2);
            throw clientException2;
        } catch (UnrecoverableEntryException e3) {
            e = e3;
            str = ClientException.INVALID_PROTECTION_PARAMS;
            ClientException clientException22 = new ClientException(str, e.getMessage(), e);
            Logger.error(TAG, clientException22.getMessage(), clientException22);
            throw clientException22;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static KeyPair getKeyPairForEntry(KeyStore.Entry entry) {
        KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) entry;
        return new KeyPair(privateKeyEntry.getCertificate().getPublicKey(), privateKeyEntry.getPrivateKey());
    }

    private static Date getNow(Calendar calendar) {
        return calendar.getTime();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static String getReqCnfForRsaKey(RSAKey rSAKey) throws JOSEException, JSONException {
        return base64UrlEncode(new JSONObject().put(NPStringFog.decode("051909"), getThumbprintForRsaKey(rSAKey)).toString());
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static RSAKey getRsaKeyForKeyPair(KeyPair keyPair) {
        return new RSAKey.Builder((RSAPublicKey) keyPair.getPublic()).keyUse(null).build();
    }

    private SecureHardwareState getSecureHardwareState(KeyPair keyPair) {
        if (Build.VERSION.SDK_INT < 23) {
            Logger.info(TAG, NPStringFog.decode("2D11030F01154714070B0214411D040410000B5005001C051004000B501E150F1502455A2F2024411B0F061313071C0C0302044759405D59"));
            return SecureHardwareState.UNKNOWN_DOWNLEVEL;
        }
        try {
            PrivateKey privateKey = keyPair.getPrivate();
            boolean isInsideSecureHardware = ((KeyInfo) KeyFactory.getInstance(privateKey.getAlgorithm(), NPStringFog.decode("2F1E09130108032E171723190E1C04")).getKeySpec(privateKey, KeyInfo.class)).isInsideSecureHardware();
            Logger.info(TAG, NPStringFog.decode("3D150E130B152C000B4E191E411D040410000B5005001C051004000B500F000D0A02014D4E") + isInsideSecureHardware);
            return isInsideSecureHardware ? SecureHardwareState.TRUE_UNATTESTED : SecureHardwareState.FALSE;
        } catch (NoSuchAlgorithmException | NoSuchProviderException | InvalidKeySpecException e) {
            Logger.error(TAG, NPStringFog.decode("2811040D0B0547111D4E0118041C184716170D051F044E0906171619111F044E121304060B5E"), e);
            return SecureHardwareState.UNKNOWN_QUERY_ERROR;
        }
    }

    private static String getThumbprintForRsaKey(RSAKey rSAKey) throws JOSEException {
        return rSAKey.computeThumbprint().toString();
    }

    private String getX509SubjectPublicKeyInfo() throws ClientException {
        String str;
        try {
            return new String(Base64.encode(getKeyPairForEntry(this.mKeyStore.getEntry(this.mKeyAlias, null)).getPublic().getEncoded(), 0));
        } catch (KeyStoreException e) {
            e = e;
            str = NPStringFog.decode("051514121A0E15002D001F193E070F0E111B0F1C041B0B05");
            ClientException clientException = new ClientException(str, e.getMessage(), e);
            Logger.error(TAG, clientException.getMessage(), clientException);
            throw clientException;
        } catch (NoSuchAlgorithmException e2) {
            e = e2;
            str = "no_such_algorithm";
            ClientException clientException2 = new ClientException(str, e.getMessage(), e);
            Logger.error(TAG, clientException2.getMessage(), clientException2);
            throw clientException2;
        } catch (UnrecoverableEntryException e3) {
            e = e3;
            str = ClientException.INVALID_PROTECTION_PARAMS;
            ClientException clientException22 = new ClientException(str, e.getMessage(), e);
            Logger.error(TAG, clientException22.getMessage(), clientException22);
            throw clientException22;
        }
    }

    private void initialize(Context context, KeyPairGenerator keyPairGenerator, int i, boolean z) throws InvalidAlgorithmParameterException {
        if (Build.VERSION.SDK_INT < 23) {
            initializePre23(context, keyPairGenerator, i);
        } else {
            initialize23(keyPairGenerator, i, z);
        }
    }

    @SuppressLint({"InlinedApi"})
    private void initialize23(KeyPairGenerator keyPairGenerator, int i, boolean z) throws InvalidAlgorithmParameterException {
        KeyGenParameterSpec.Builder encryptionPaddings = new KeyGenParameterSpec.Builder(this.mKeyAlias, 15).setKeySize(i).setSignaturePaddings(NPStringFog.decode("3E3B2E325F"), "PSS").setDigests(NPStringFog.decode("233458"), "NONE", NPStringFog.decode("3D382C4C5C5451"), "SHA-384", NPStringFog.decode("3D382C4C5B5055")).setEncryptionPaddings(NPStringFog.decode("213128313E0003011B0017"), "PKCS1Padding");
        if (Build.VERSION.SDK_INT >= 28 && z) {
            Logger.verbose(TAG, NPStringFog.decode("2F0419040311130C1C0950190E4E0017151E17503E151C0E09023001084D081D0E0B0406071F034F"));
            encryptionPaddings = applyHardwareIsolation(encryptionPaddings);
        }
        keyPairGenerator.initialize(encryptionPaddings.build());
    }

    @SuppressLint({"NewApi"})
    private void initializePre23(Context context, KeyPairGenerator keyPairGenerator, int i) throws InvalidAlgorithmParameterException {
        Calendar calendar = Calendar.getInstance();
        Date now = getNow(calendar);
        calendar.add(1, 99);
        KeyPairGeneratorSpec.Builder subject = new KeyPairGeneratorSpec.Builder(context).setAlias(this.mKeyAlias).setStartDate(now).setEndDate(calendar.getTime()).setSerialNumber(CertificateProperties.SERIAL_NUMBER).setSubject(new X500Principal(NPStringFog.decode("2D3E50050B170E061743000211")));
        subject.setAlgorithmParameterSpec(new RSAKeyGenParameterSpec(i, RSAKeyGenParameterSpec.F4));
        keyPairGenerator.initialize(subject.build());
    }

    private String mintSignedHttpRequestInternal(String str, long j, URL url, String str2, String str3, String str4) throws ClientException {
        String str5;
        try {
            JWTClaimsSet.Builder builder = new JWTClaimsSet.Builder();
            if (!TextUtils.isEmpty(str2)) {
                builder.claim(NPStringFog.decode("0F04"), str2);
            }
            builder.claim("ts", Long.valueOf(j));
            builder.claim("u", url.getAuthority());
            builder.claim(NPStringFog.decode("0D1E0B"), getDevicePopJwkMinifiedJson());
            if (!TextUtils.isEmpty(url.getPath())) {
                builder.claim("p", url.getPath());
            }
            if (!TextUtils.isEmpty(str)) {
                builder.claim(NPStringFog.decode("03"), str);
            }
            if (!TextUtils.isEmpty(str3)) {
                builder.claim("nonce", str3);
            }
            if (!TextUtils.isEmpty(str4)) {
                builder.claim(NPStringFog.decode("0D1C0404001538061E0F190012"), str4);
            }
            JWTClaimsSet build = builder.build();
            RSASSASigner rSASSASigner = new RSASSASigner(((KeyStore.PrivateKeyEntry) this.mKeyStore.getEntry(this.mKeyAlias, null)).getPrivateKey());
            SignedJWT signedJWT = new SignedJWT(new JWSHeader.Builder(JWSAlgorithm.RS256).keyID(getAsymmetricKeyThumbprint()).build(), build);
            signedJWT.sign(rSASSASigner);
            return signedJWT.serialize();
        } catch (JOSEException e) {
            e = e;
            str5 = NPStringFog.decode("0811040D0B0538111D31030406003E0D1206");
            ClientException clientException = new ClientException(str5, e.getMessage(), e);
            Logger.error(TAG, clientException.getMessage(), clientException);
            throw clientException;
        } catch (KeyStoreException e2) {
            e = e2;
            str5 = NPStringFog.decode("051514121A0E15002D001F193E070F0E111B0F1C041B0B05");
            ClientException clientException2 = new ClientException(str5, e.getMessage(), e);
            Logger.error(TAG, clientException2.getMessage(), clientException2);
            throw clientException2;
        } catch (NoSuchAlgorithmException e3) {
            e = e3;
            str5 = "no_such_algorithm";
            ClientException clientException22 = new ClientException(str5, e.getMessage(), e);
            Logger.error(TAG, clientException22.getMessage(), clientException22);
            throw clientException22;
        } catch (UnrecoverableEntryException e4) {
            e = e4;
            str5 = ClientException.INVALID_PROTECTION_PARAMS;
            ClientException clientException222 = new ClientException(str5, e.getMessage(), e);
            Logger.error(TAG, clientException222.getMessage(), clientException222);
            throw clientException222;
        }
    }

    @Override // com.microsoft.identity.common.internal.platform.IDevicePopManager
    public boolean asymmetricKeyExists() {
        try {
            return this.mKeyStore.containsAlias(this.mKeyAlias);
        } catch (KeyStoreException e) {
            Logger.error(TAG, NPStringFog.decode("2B021F0E1C41100D1B02154D101B04151C1B00174D2A0B1834111D1C15"), e);
            return false;
        }
    }

    @Override // com.microsoft.identity.common.internal.platform.IDevicePopManager
    public boolean asymmetricKeyExists(String str) {
        if (!asymmetricKeyExists()) {
            return false;
        }
        try {
            return getAsymmetricKeyThumbprint().equals(str);
        } catch (ClientException e) {
            Logger.error(TAG, NPStringFog.decode("2B021F0E1C41100D1B02154D02010C170400071E0A411A091208101E02040F1A1249"), e);
            return false;
        }
    }

    @Override // com.microsoft.identity.common.internal.platform.IDevicePopManager
    public boolean clearAsymmetricKey() {
        try {
            this.mKeyStore.deleteEntry(this.mKeyAlias);
            return true;
        } catch (KeyStoreException e) {
            Logger.error(TAG, NPStringFog.decode("2B021F0E1C41100D1B02154D02020406171B00174D2A0B1834111D1C15"), e);
            return false;
        }
    }

    @Override // com.microsoft.identity.common.internal.platform.IDevicePopManager
    public String decrypt(IDevicePopManager.Cipher cipher, String str) throws ClientException {
        String str2 = "no_such_algorithm";
        try {
            CipherInputStream cipherInputStream = null;
            PrivateKey privateKey = ((KeyStore.PrivateKeyEntry) this.mKeyStore.getEntry(this.mKeyAlias, null)).getPrivateKey();
            Cipher cipher2 = Cipher.getInstance(cipher.toString());
            cipher2.init(2, privateKey);
            try {
                CipherInputStream cipherInputStream2 = new CipherInputStream(new Base64InputStream(new ByteArrayInputStream(str.getBytes()), 0), cipher2);
                try {
                    char[] cArr = new char[1024];
                    StringBuilder sb = new StringBuilder();
                    InputStreamReader inputStreamReader = new InputStreamReader(cipherInputStream2, NPStringFog.decode("3B242B4C56"));
                    while (true) {
                        int read = inputStreamReader.read(cArr, 0, 1024);
                        if (read <= 0) {
                            String sb2 = sb.toString();
                            closeStream(cipherInputStream2);
                            return sb2;
                        }
                        sb.append(cArr, 0, read);
                    }
                } catch (Throwable th) {
                    th = th;
                    cipherInputStream = cipherInputStream2;
                    closeStream(cipherInputStream);
                    throw th;
                }
            } catch (Throwable th2) {
                th = th2;
            }
        } catch (UnsupportedEncodingException e) {
            e = e;
            str2 = "unsupported_encoding";
            ClientException clientException = new ClientException(str2, e.getMessage(), e);
            Logger.error(TAG + NPStringFog.decode("541408021C181711"), str2, e);
            throw clientException;
        } catch (IOException e2) {
            e = e2;
            str2 = NPStringFog.decode("071F32041C130817");
            ClientException clientException2 = new ClientException(str2, e.getMessage(), e);
            Logger.error(TAG + NPStringFog.decode("541408021C181711"), str2, e);
            throw clientException2;
        } catch (InvalidKeyException e3) {
            e = e3;
            str2 = NPStringFog.decode("071E1B000208033A190B09");
            ClientException clientException22 = new ClientException(str2, e.getMessage(), e);
            Logger.error(TAG + NPStringFog.decode("541408021C181711"), str2, e);
            throw clientException22;
        } catch (KeyStoreException e4) {
            e = e4;
            str2 = NPStringFog.decode("051514121A0E15002D001F193E070F0E111B0F1C041B0B05");
            ClientException clientException222 = new ClientException(str2, e.getMessage(), e);
            Logger.error(TAG + NPStringFog.decode("541408021C181711"), str2, e);
            throw clientException222;
        } catch (NoSuchAlgorithmException e5) {
            e = e5;
            ClientException clientException2222 = new ClientException(str2, e.getMessage(), e);
            Logger.error(TAG + NPStringFog.decode("541408021C181711"), str2, e);
            throw clientException2222;
        } catch (UnrecoverableEntryException e6) {
            e = e6;
            str2 = ClientException.INVALID_PROTECTION_PARAMS;
            ClientException clientException22222 = new ClientException(str2, e.getMessage(), e);
            Logger.error(TAG + NPStringFog.decode("541408021C181711"), str2, e);
            throw clientException22222;
        } catch (NoSuchPaddingException e7) {
            e = e7;
            ClientException clientException222222 = new ClientException(str2, e.getMessage(), e);
            Logger.error(TAG + NPStringFog.decode("541408021C181711"), str2, e);
            throw clientException222222;
        }
    }

    @Override // com.microsoft.identity.common.internal.platform.IDevicePopManager
    public String encrypt(IDevicePopManager.Cipher cipher, String str) throws ClientException {
        String str2;
        String decode = NPStringFog.decode("3B242B4C56");
        try {
            CipherOutputStream cipherOutputStream = null;
            PublicKey publicKey = ((KeyStore.PrivateKeyEntry) this.mKeyStore.getEntry(this.mKeyAlias, null)).getCertificate().getPublicKey();
            Cipher cipher2 = Cipher.getInstance(cipher.toString());
            cipher2.init(1, publicKey);
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            try {
                CipherOutputStream cipherOutputStream2 = new CipherOutputStream(new Base64OutputStream(byteArrayOutputStream, 0), cipher2);
                try {
                    cipherOutputStream2.write(str.getBytes(decode));
                    closeStream(cipherOutputStream2);
                    return new String(byteArrayOutputStream.toByteArray(), decode);
                } catch (Throwable th) {
                    th = th;
                    cipherOutputStream = cipherOutputStream2;
                    closeStream(cipherOutputStream);
                    throw th;
                }
            } catch (Throwable th2) {
                th = th2;
            }
        } catch (UnsupportedEncodingException e) {
            e = e;
            str2 = "unsupported_encoding";
            ClientException clientException = new ClientException(str2, e.getMessage(), e);
            Logger.error(TAG + NPStringFog.decode("541503021C181711"), str2, e);
            throw clientException;
        } catch (IOException e2) {
            e = e2;
            str2 = NPStringFog.decode("071F32041C130817");
            ClientException clientException2 = new ClientException(str2, e.getMessage(), e);
            Logger.error(TAG + NPStringFog.decode("541503021C181711"), str2, e);
            throw clientException2;
        } catch (InvalidKeyException e3) {
            e = e3;
            str2 = NPStringFog.decode("071E1B000208033A190B09");
            ClientException clientException22 = new ClientException(str2, e.getMessage(), e);
            Logger.error(TAG + NPStringFog.decode("541503021C181711"), str2, e);
            throw clientException22;
        } catch (KeyStoreException e4) {
            e = e4;
            str2 = NPStringFog.decode("051514121A0E15002D001F193E070F0E111B0F1C041B0B05");
            ClientException clientException222 = new ClientException(str2, e.getMessage(), e);
            Logger.error(TAG + NPStringFog.decode("541503021C181711"), str2, e);
            throw clientException222;
        } catch (NoSuchAlgorithmException e5) {
            e = e5;
            str2 = "no_such_algorithm";
            ClientException clientException2222 = new ClientException(str2, e.getMessage(), e);
            Logger.error(TAG + NPStringFog.decode("541503021C181711"), str2, e);
            throw clientException2222;
        } catch (UnrecoverableEntryException e6) {
            e = e6;
            str2 = ClientException.INVALID_PROTECTION_PARAMS;
            ClientException clientException22222 = new ClientException(str2, e.getMessage(), e);
            Logger.error(TAG + NPStringFog.decode("541503021C181711"), str2, e);
            throw clientException22222;
        } catch (NoSuchPaddingException e7) {
            e = e7;
            str2 = ClientException.NO_SUCH_PADDING;
            ClientException clientException222222 = new ClientException(str2, e.getMessage(), e);
            Logger.error(TAG + NPStringFog.decode("541503021C181711"), str2, e);
            throw clientException222222;
        }
    }

    @Override // com.microsoft.identity.common.internal.platform.IDevicePopManager
    public String generateAsymmetricKey(Context context) throws ClientException {
        String decode;
        try {
            return getThumbprintForRsaKey(getRsaKeyForKeyPair(generateNewRsaKeyPair(context, 2048)));
        } catch (JOSEException e) {
            e = e;
            decode = NPStringFog.decode("0811040D0B0538111D3113020C1E1413002D1A18180C0C11150C1C1A2F1A081A0938161A0F425857");
            ClientException clientException = new ClientException(decode, e.getMessage(), e);
            Logger.error(TAG, clientException.getMessage(), clientException);
            throw clientException;
        } catch (UnsupportedOperationException e2) {
            e = e2;
            decode = NPStringFog.decode("051514121A0E15002D1E0202051B0202012D071E1B000208033A110B0219");
            ClientException clientException2 = new ClientException(decode, e.getMessage(), e);
            Logger.error(TAG, clientException2.getMessage(), clientException2);
            throw clientException2;
        } catch (InvalidAlgorithmParameterException e3) {
            e = e3;
            decode = NPStringFog.decode("051514121A0E15002D071E041507000B0C080F04040E003E01041B021509");
            ClientException clientException22 = new ClientException(decode, e.getMessage(), e);
            Logger.error(TAG, clientException22.getMessage(), clientException22);
            throw clientException22;
        } catch (NoSuchAlgorithmException e4) {
            e = e4;
            decode = "no_such_algorithm";
            ClientException clientException222 = new ClientException(decode, e.getMessage(), e);
            Logger.error(TAG, clientException222.getMessage(), clientException222);
            throw clientException222;
        } catch (NoSuchProviderException e5) {
            e = e5;
            decode = NPStringFog.decode("0F1E09130108033A190B091E150113023A0700111B00070D06071E0B");
            ClientException clientException2222 = new ClientException(decode, e.getMessage(), e);
            Logger.error(TAG, clientException2222.getMessage(), clientException2222);
            throw clientException2222;
        }
    }

    @Override // com.microsoft.identity.common.internal.platform.IDevicePopManager
    public void generateAsymmetricKey(final Context context, final TaskCompletedCallbackWithError<String, ClientException> taskCompletedCallbackWithError) {
        sThreadExecutor.submit(new Runnable() { // from class: com.microsoft.identity.common.internal.platform.DevicePopManager.1
            @Override // java.lang.Runnable
            public void run() {
                try {
                    taskCompletedCallbackWithError.onTaskCompleted(DevicePopManager.this.generateAsymmetricKey(context));
                } catch (ClientException e) {
                    taskCompletedCallbackWithError.onError(e);
                }
            }
        });
    }

    @Override // com.microsoft.identity.common.internal.platform.IDevicePopManager
    public Date getAsymmetricKeyCreationDate() throws ClientException {
        try {
            return this.mKeyStore.getCreationDate(this.mKeyAlias);
        } catch (KeyStoreException e) {
            ClientException clientException = new ClientException(NPStringFog.decode("051514121A0E15002D001F193E070F0E111B0F1C041B0B05"), e.getMessage(), e);
            Logger.error(TAG, clientException.getMessage(), clientException);
            throw clientException;
        }
    }

    @Override // com.microsoft.identity.common.internal.platform.IDevicePopManager
    public String getAsymmetricKeyThumbprint() throws ClientException {
        String str;
        try {
            return getThumbprintForRsaKey(getRsaKeyForKeyPair(getKeyPairForEntry(this.mKeyStore.getEntry(this.mKeyAlias, null))));
        } catch (JOSEException e) {
            e = e;
            str = NPStringFog.decode("0811040D0B0538111D3113020C1E1413002D1A18180C0C11150C1C1A2F1A081A0938161A0F425857");
            throw new ClientException(str, e.getMessage(), e);
        } catch (KeyStoreException e2) {
            e = e2;
            str = NPStringFog.decode("051514121A0E15002D001F193E070F0E111B0F1C041B0B05");
            throw new ClientException(str, e.getMessage(), e);
        } catch (NoSuchAlgorithmException e3) {
            e = e3;
            str = "no_such_algorithm";
            throw new ClientException(str, e.getMessage(), e);
        } catch (UnrecoverableEntryException e4) {
            e = e4;
            str = ClientException.INVALID_PROTECTION_PARAMS;
            throw new ClientException(str, e.getMessage(), e);
        }
    }

    @Override // com.microsoft.identity.common.internal.platform.IDevicePopManager
    public String getPublicKey(IDevicePopManager.PublicKeyFormat publicKeyFormat) throws ClientException {
        int ordinal = publicKeyFormat.ordinal();
        if (ordinal == 0) {
            return getX509SubjectPublicKeyInfo();
        }
        if (ordinal == 1) {
            return getJwkPublicKey();
        }
        String str = NPStringFog.decode("3B1E1F040D0E000B1B14150941011347101C1D051D1101131300164E1B08184E0708171F0F045741") + publicKeyFormat;
        ClientException clientException = new ClientException(ClientException.UNKNOWN_EXPORT_FORMAT, str);
        Logger.error(TAG + NPStringFog.decode("541708153E1405091B0D3B0818"), str, clientException);
        throw clientException;
    }

    @Override // com.microsoft.identity.common.internal.platform.IDevicePopManager
    public String getRequestConfirmation() throws ClientException {
        final CountDownLatch countDownLatch = new CountDownLatch(1);
        final String[] strArr = new String[1];
        final ClientException[] clientExceptionArr = new ClientException[1];
        getRequestConfirmation(new TaskCompletedCallbackWithError<String, ClientException>() { // from class: com.microsoft.identity.common.internal.platform.DevicePopManager.2
            @Override // com.microsoft.identity.common.internal.controllers.TaskCompletedCallbackWithError
            public void onError(ClientException clientException) {
                clientExceptionArr[0] = clientException;
                countDownLatch.countDown();
            }

            @Override // com.microsoft.identity.common.internal.controllers.TaskCompletedCallback
            public void onTaskCompleted(String str) {
                strArr[0] = str;
                countDownLatch.countDown();
            }
        });
        try {
            countDownLatch.await();
            if (strArr[0] != null) {
                return strArr[0];
            }
            throw clientExceptionArr[0];
        } catch (InterruptedException e) {
            Logger.error(TAG, NPStringFog.decode("271E19041C131215060B144D1606080B005219110415070F00451D00500E00020D050411055E"), e);
            throw new ClientException(ClientException.INTERRUPTED_OPERATION, e.getMessage(), e);
        }
    }

    @Override // com.microsoft.identity.common.internal.platform.IDevicePopManager
    public void getRequestConfirmation(final TaskCompletedCallbackWithError<String, ClientException> taskCompletedCallbackWithError) {
        sThreadExecutor.submit(new Runnable() { // from class: com.microsoft.identity.common.internal.platform.DevicePopManager.3
            @Override // java.lang.Runnable
            public void run() {
                String decode;
                try {
                    taskCompletedCallbackWithError.onTaskCompleted(DevicePopManager.getReqCnfForRsaKey(DevicePopManager.getRsaKeyForKeyPair(DevicePopManager.getKeyPairForEntry(DevicePopManager.this.mKeyStore.getEntry(DevicePopManager.this.mKeyAlias, null)))));
                } catch (JOSEException e) {
                    e = e;
                    decode = NPStringFog.decode("0811040D0B0538111D3113020C1E1413002D1A18180C0C11150C1C1A2F1A081A0938161A0F425857");
                    ClientException clientException = new ClientException(decode, e.getMessage(), e);
                    Logger.error(DevicePopManager.TAG, clientException.getMessage(), clientException);
                    taskCompletedCallbackWithError.onError(clientException);
                } catch (KeyStoreException e2) {
                    e = e2;
                    decode = NPStringFog.decode("051514121A0E15002D001F193E070F0E111B0F1C041B0B05");
                    ClientException clientException2 = new ClientException(decode, e.getMessage(), e);
                    Logger.error(DevicePopManager.TAG, clientException2.getMessage(), clientException2);
                    taskCompletedCallbackWithError.onError(clientException2);
                } catch (NoSuchAlgorithmException e3) {
                    e = e3;
                    decode = "no_such_algorithm";
                    ClientException clientException22 = new ClientException(decode, e.getMessage(), e);
                    Logger.error(DevicePopManager.TAG, clientException22.getMessage(), clientException22);
                    taskCompletedCallbackWithError.onError(clientException22);
                } catch (UnrecoverableEntryException e4) {
                    e = e4;
                    decode = ClientException.INVALID_PROTECTION_PARAMS;
                    ClientException clientException222 = new ClientException(decode, e.getMessage(), e);
                    Logger.error(DevicePopManager.TAG, clientException222.getMessage(), clientException222);
                    taskCompletedCallbackWithError.onError(clientException222);
                } catch (JSONException e5) {
                    e = e5;
                    decode = NPStringFog.decode("0403020F3102080B011A0218021A08080B2D0811040D0B05");
                    ClientException clientException2222 = new ClientException(decode, e.getMessage(), e);
                    Logger.error(DevicePopManager.TAG, clientException2222.getMessage(), clientException2222);
                    taskCompletedCallbackWithError.onError(clientException2222);
                }
            }
        });
    }

    @Override // com.microsoft.identity.common.internal.platform.IDevicePopManager
    public SecureHardwareState getSecureHardwareState() throws ClientException {
        String str;
        try {
            return getSecureHardwareState(getKeyPairForEntry(this.mKeyStore.getEntry(this.mKeyAlias, null)));
        } catch (KeyStoreException e) {
            e = e;
            str = NPStringFog.decode("051514121A0E15002D001F193E070F0E111B0F1C041B0B05");
            ClientException clientException = new ClientException(str, e.getMessage(), e);
            Logger.error(TAG + NPStringFog.decode("541708153D040410000B380C130A160617173D040C150B"), str, e);
            throw clientException;
        } catch (NoSuchAlgorithmException e2) {
            e = e2;
            str = "no_such_algorithm";
            ClientException clientException2 = new ClientException(str, e.getMessage(), e);
            Logger.error(TAG + NPStringFog.decode("541708153D040410000B380C130A160617173D040C150B"), str, e);
            throw clientException2;
        } catch (UnrecoverableEntryException e3) {
            e = e3;
            str = ClientException.INVALID_PROTECTION_PARAMS;
            ClientException clientException22 = new ClientException(str, e.getMessage(), e);
            Logger.error(TAG + NPStringFog.decode("541708153D040410000B380C130A160617173D040C150B"), str, e);
            throw clientException22;
        }
    }

    @Override // com.microsoft.identity.common.internal.platform.IDevicePopManager
    public String mintSignedAccessToken(String str, long j, URL url, String str2, String str3) throws ClientException {
        return mintSignedAccessToken(str, j, url, str2, str3, null);
    }

    @Override // com.microsoft.identity.common.internal.platform.IDevicePopManager
    public String mintSignedAccessToken(String str, long j, URL url, String str2, String str3, String str4) throws ClientException {
        return mintSignedHttpRequestInternal(str, j, url, str2, str3, str4);
    }

    @Override // com.microsoft.identity.common.internal.platform.IDevicePopManager
    public String mintSignedHttpRequest(String str, long j, URL url, String str2, String str3) throws ClientException {
        return mintSignedHttpRequestInternal(str, j, url, null, str2, str3);
    }

    @Override // com.microsoft.identity.common.internal.platform.IDevicePopManager
    public String sign(IDevicePopManager.SigningAlgorithm signingAlgorithm, String str) throws ClientException {
        String str2;
        try {
            byte[] bytes = str.getBytes(NPStringFog.decode("3B242B4C56"));
            KeyStore.Entry entry = this.mKeyStore.getEntry(this.mKeyAlias, null);
            if (entry instanceof KeyStore.PrivateKeyEntry) {
                Signature signature = Signature.getInstance(signingAlgorithm.toString());
                signature.initSign(((KeyStore.PrivateKeyEntry) entry).getPrivateKey());
                signature.update(bytes);
                return Base64.encodeToString(signature.sign(), 2);
            }
            Logger.warn(TAG + NPStringFog.decode("5403040600"), NPStringFog.decode("201F19410F0F470C1C1D040C0F0D04470A144E114D311C081104060B3B08182B0F13170B"));
            throw new ClientException(NPStringFog.decode("071E1B000208033A190B0932111C081104060B2F0604173E0A0C011D190306"));
        } catch (UnsupportedEncodingException e) {
            e = e;
            str2 = "unsupported_encoding";
            ClientException clientException = new ClientException(str2, e.getMessage(), e);
            Logger.error(TAG, clientException.getMessage(), clientException);
            throw clientException;
        } catch (InvalidKeyException e2) {
            e = e2;
            str2 = NPStringFog.decode("071E1B000208033A190B09");
            ClientException clientException2 = new ClientException(str2, e.getMessage(), e);
            Logger.error(TAG, clientException2.getMessage(), clientException2);
            throw clientException2;
        } catch (KeyStoreException e3) {
            e = e3;
            str2 = NPStringFog.decode("051514121A0E15002D001F193E070F0E111B0F1C041B0B05");
            ClientException clientException22 = new ClientException(str2, e.getMessage(), e);
            Logger.error(TAG, clientException22.getMessage(), clientException22);
            throw clientException22;
        } catch (NoSuchAlgorithmException e4) {
            e = e4;
            str2 = "no_such_algorithm";
            ClientException clientException222 = new ClientException(str2, e.getMessage(), e);
            Logger.error(TAG, clientException222.getMessage(), clientException222);
            throw clientException222;
        } catch (SignatureException e5) {
            e = e5;
            str2 = NPStringFog.decode("0811040D0B0538111D3103040600");
            ClientException clientException2222 = new ClientException(str2, e.getMessage(), e);
            Logger.error(TAG, clientException2222.getMessage(), clientException2222);
            throw clientException2222;
        } catch (UnrecoverableEntryException e6) {
            e = e6;
            str2 = ClientException.INVALID_PROTECTION_PARAMS;
            ClientException clientException22222 = new ClientException(str2, e.getMessage(), e);
            Logger.error(TAG, clientException22222.getMessage(), clientException22222);
            throw clientException22222;
        }
    }

    @Override // com.microsoft.identity.common.internal.platform.IDevicePopManager
    public boolean verify(IDevicePopManager.SigningAlgorithm signingAlgorithm, String str, String str2) {
        String str3;
        String decode = NPStringFog.decode("5406081307071E");
        try {
            byte[] bytes = str.getBytes(NPStringFog.decode("3B242B4C56"));
            KeyStore.Entry entry = this.mKeyStore.getEntry(this.mKeyAlias, null);
            if (entry instanceof KeyStore.PrivateKeyEntry) {
                Signature signature = Signature.getInstance(signingAlgorithm.toString());
                signature.initVerify(((KeyStore.PrivateKeyEntry) entry).getCertificate());
                signature.update(bytes);
                return signature.verify(Base64.decode(str2, 2));
            }
            Logger.warn(TAG + decode, NPStringFog.decode("201F19410F0F470C1C1D040C0F0D04470A144E114D311C081104060B3B08182B0F13170B"));
            return false;
        } catch (UnsupportedEncodingException e) {
            e = e;
            str3 = "unsupported_encoding";
            Logger.error(TAG + decode, str3, e);
            return false;
        } catch (InvalidKeyException e2) {
            e = e2;
            str3 = NPStringFog.decode("071E1B000208033A190B09");
            Logger.error(TAG + decode, str3, e);
            return false;
        } catch (KeyStoreException e3) {
            e = e3;
            str3 = NPStringFog.decode("051514121A0E15002D001F193E070F0E111B0F1C041B0B05");
            Logger.error(TAG + decode, str3, e);
            return false;
        } catch (NoSuchAlgorithmException e4) {
            e = e4;
            str3 = "no_such_algorithm";
            Logger.error(TAG + decode, str3, e);
            return false;
        } catch (SignatureException e5) {
            e = e5;
            str3 = NPStringFog.decode("0811040D0B0538111D3103040600");
            Logger.error(TAG + decode, str3, e);
            return false;
        } catch (UnrecoverableEntryException e6) {
            e = e6;
            str3 = ClientException.INVALID_PROTECTION_PARAMS;
            Logger.error(TAG + decode, str3, e);
            return false;
        }
    }
}
