package com.samsung.android.service.health.security;

import android.content.Context;
import com.samsung.android.app.shealth.runtime.wrapper.FloatingFeatureImpl;
import com.samsung.android.database.sqlite.SecSQLiteDatabase;
import com.samsung.android.knox.EnterpriseKnoxManager;
import com.samsung.android.knox.keystore.TimaKeystore;
import com.samsung.android.sdk.healthdata.privileged.util.LogUtil;
import java.io.IOException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.spec.InvalidKeySpecException;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes8.dex */
public class KnoxTimaKeystoreManager {
    private final Context mContext;
    private KeyStore mTimaKeystore;
    private static final String TAG = LogUtil.makeTag("KnoxTimaKeystoreManager");
    private static final char[] TIMA_PASSWORD = "TimaPassword".toCharArray();
    private static int SUCCESS = 0;
    private static int IO_EXCEPTION = 1;
    private static int NO_SUCH_ALGO_EXCEPTION = 2;
    private static int INVALID_KEY_EXCEPTION = 3;
    private static int UKNOWN_THROWABLE_NEW = 15;
    private static int ILLEGALSTATE_EXCEPTION = 16;
    private static int KEY_STORE_EXCEPTION = 32;
    private static int UKNOWN_THROWABLE_SET = 240;
    private static int EMPTY_KEY = SecSQLiteDatabase.OPEN_FULLMUTEX;
    private static int ILLEGALSTATE_EXCEPTION2 = SecSQLiteDatabase.OPEN_SECURE;
    private static int GET_KEY_EXCEPTION = 768;
    private static int KEY_STORE_EXCEPTION2 = 1024;
    private static int UKNOWN_THROWABLE_GET = 3840;

    /* JADX INFO: Access modifiers changed from: package-private */
    public KnoxTimaKeystoreManager(Context context) {
        this.mContext = context;
    }

    private Key getKeyFromTimaKeystore(String str) throws Exception {
        try {
            loadTimaKeyStore();
            return this.mTimaKeystore.getKey(str, TIMA_PASSWORD);
        } catch (Exception e) {
            KnoxLogger.doKnoxLogging(this.mContext, "KX_TM_GETKEY_ERR", "MSG=" + e.getClass().getSimpleName() + " " + e.getMessage(), null);
            throw e;
        }
    }

    private Key getTestKeyFromTimaKeystore() throws Exception {
        return getKeyFromTimaKeystore("TimaTestAlias");
    }

    static boolean isUksSupported() {
        return FloatingFeatureImpl.getBoolean("SEC_FLOATING_FEATURE_KNOX_SUPPORT_UKS") && !FloatingFeatureImpl.getBoolean("SEC_FLOATING_FEATURE_KNOX_SUPPORT_TKS");
    }

    private void storeKeyToTimaKeystore(Key key, String str) throws Exception {
        try {
            loadTimaKeyStore();
            this.mTimaKeystore.setKeyEntry(str, key, TIMA_PASSWORD, null);
        } catch (Exception e) {
            KnoxLogger.doKnoxLogging(this.mContext, "KX_TM_SETKEY_ERR", "MSG=" + e.getClass().getSimpleName() + " " + e.getMessage(), null);
            throw e;
        }
    }

    private void storeTestKeyToTimaKeystore(Key key) throws Exception {
        storeKeyToTimaKeystore(key, "TimaTestAlias");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public int checkIntegrity() {
        try {
            try {
                storeTestKeyToTimaKeystore(createNewKeyForTima());
                try {
                    return getTestKeyFromTimaKeystore() != null ? SUCCESS : EMPTY_KEY;
                } catch (IllegalStateException unused) {
                    return ILLEGALSTATE_EXCEPTION2;
                } catch (KeyStoreException | NoSuchAlgorithmException unused2) {
                    return KEY_STORE_EXCEPTION2;
                } catch (UnrecoverableKeyException unused3) {
                    return GET_KEY_EXCEPTION;
                } catch (Throwable unused4) {
                    return UKNOWN_THROWABLE_GET;
                }
            } catch (IllegalStateException unused5) {
                return ILLEGALSTATE_EXCEPTION;
            } catch (KeyStoreException unused6) {
                return KEY_STORE_EXCEPTION;
            } catch (Throwable unused7) {
                return UKNOWN_THROWABLE_SET;
            }
        } catch (IOException unused8) {
            return IO_EXCEPTION;
        } catch (NoSuchAlgorithmException unused9) {
            return NO_SUCH_ALGO_EXCEPTION;
        } catch (InvalidKeySpecException unused10) {
            return INVALID_KEY_EXCEPTION;
        } catch (Throwable unused11) {
            return UKNOWN_THROWABLE_NEW;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Key createNewKeyForTima() throws IOException, NoSuchAlgorithmException, InvalidKeySpecException {
        return isUksSupported() ? KeyOperation.createNewDbKeyForKeystore() : KeyOperation.createNewDbKey();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean enableTimaKeystore() {
        try {
            EnterpriseKnoxManager enterpriseKnoxManager = EnterpriseKnoxManager.getInstance(this.mContext);
            if (enterpriseKnoxManager == null) {
                KnoxLogger.doKnoxLogging(this.mContext, "KX_TM_EKM_FAIL", null, null);
                return false;
            }
            try {
                TimaKeystore timaKeystorePolicy = enterpriseKnoxManager.getTimaKeystorePolicy();
                if (timaKeystorePolicy == null) {
                    KnoxLogger.doKnoxLogging(this.mContext, "KX_TM_POLICY_FAIL", null, null);
                    LogUtil.LOGD(TAG, "fail to get Tima keystore");
                    return false;
                }
                try {
                    if (!timaKeystorePolicy.isTimaKeystoreEnabled()) {
                        LogUtil.LOGD(TAG, "not yet isTimaKeystoreEnabled");
                        try {
                            if (!timaKeystorePolicy.enableTimaKeystorePerApp(true)) {
                                KnoxLogger.doKnoxLogging(this.mContext, "KX_TM_ENABLE_FAIL", null, null);
                                return false;
                            }
                        } catch (Exception e) {
                            KnoxLogger.doKnoxLogging(this.mContext, "KX_TM_ENABLE_ERR", "MSG=" + e.getClass().getSimpleName() + " " + e.getMessage(), null);
                            return false;
                        }
                    }
                    LogUtil.LOGD(TAG, "isTimaKeystoreEnabled");
                    return true;
                } catch (Exception e2) {
                    KnoxLogger.doKnoxLogging(this.mContext, "KX_TM_ENABLED_ERR", "MSG=" + e2.getClass().getSimpleName() + " " + e2.getMessage(), null);
                    return false;
                }
            } catch (Exception e3) {
                KnoxLogger.doKnoxLogging(this.mContext, "KX_TM_POLICY_ERR", "MSG=" + e3.getClass().getSimpleName() + " " + e3.getMessage(), null);
                return false;
            }
        } catch (Exception e4) {
            KnoxLogger.doKnoxLogging(this.mContext, "KX_TM_EKM_ERR", "MSG=" + e4.getClass().getSimpleName() + " " + e4.getMessage(), null);
            return false;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Key getKeyFromTimaKeystore() throws Exception {
        return getKeyFromTimaKeystore("TimaAlias");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public TimaKeystoreKeyRepository getTimaKeyRepository() {
        return isUksSupported() ? new UksKeyRepository(this.mContext, this) : new TimaKeystoreKeyRepository(this.mContext, this);
    }

    KeyStore loadTimaKeyStore() {
        KeyStore keyStore = this.mTimaKeystore;
        if (keyStore != null) {
            return keyStore;
        }
        try {
            KeyStore keyStore2 = KeyStore.getInstance("TimaKeyStore");
            try {
                keyStore2.load(null);
                this.mTimaKeystore = keyStore2;
                return this.mTimaKeystore;
            } catch (Exception e) {
                KnoxLogger.doKnoxLogging(this.mContext, "KX_TM_LOAD_ERR", "MSG=" + e.getClass().getSimpleName() + " " + e.getMessage(), null);
                throw new IllegalStateException(e);
            }
        } catch (Exception e2) {
            KnoxLogger.doKnoxLogging(this.mContext, "KX_TM_GETINS_ERR", "MSG=" + e2.getClass().getSimpleName() + " " + e2.getMessage(), null);
            throw new IllegalStateException(e2);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void storeKeyToTimaKeystore(Key key) throws Exception {
        storeKeyToTimaKeystore(key, "TimaAlias");
    }
}
