package com.microsoft.identity.common.internal.providers.keys;

import java.io.IOException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.PrivateKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;

/* loaded from: classes11.dex */
public final class CertificateCredential {
    private static final int MIN_KEYSIZE_IN_BITS = 2048;
    private final String mClientId;
    private final PrivateKey mPrivateKey;
    private final X509Certificate mPublicCertificate;

    /* loaded from: classes11.dex */
    public static class CertificateCredentialBuilder {
        private X509Certificate mCertificate;
        private ClientCertificateMetadata mClientCertificateMetdata;
        private String mClientId;
        private KeyStoreConfiguration mKeyStoreConfiguration;
        private PrivateKey mPrivateKey;

        public CertificateCredentialBuilder(String str) {
            this.mClientId = str;
        }

        private void getCertificateInfoFromStore(KeyStoreConfiguration keyStoreConfiguration, ClientCertificateMetadata clientCertificateMetadata) throws NoSuchProviderException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException, IOException, CertificateException {
            KeyStore keyStore = KeyStore.getInstance(keyStoreConfiguration.getKeyStoreType(), keyStoreConfiguration.getKeyStoreProvider());
            keyStore.load(null, null);
            PrivateKey privateKey = clientCertificateMetadata.getPassword() == null ? (PrivateKey) keyStore.getKey(clientCertificateMetadata.getAlias(), null) : (PrivateKey) keyStore.getKey(clientCertificateMetadata.getAlias(), clientCertificateMetadata.getPassword());
            X509Certificate x509Certificate = (X509Certificate) keyStore.getCertificate(clientCertificateMetadata.getAlias());
            this.mPrivateKey = privateKey;
            this.mCertificate = x509Certificate;
        }

        private void validateCertificateCredential(CertificateCredential certificateCredential) {
            if (certificateCredential == null) {
                throw new IllegalArgumentException("Client ID, Certificate and PrivateKey OR KeyStoreConfiguration and Certificate Metadata are required");
            }
        }

        /* JADX WARN: Multi-variable type inference failed */
        /* JADX WARN: Type inference failed for: r1v0, types: [com.microsoft.identity.common.internal.providers.keys.CertificateCredential$1] */
        /* JADX WARN: Type inference failed for: r1v2 */
        /* JADX WARN: Type inference failed for: r1v3 */
        /* JADX WARN: Type inference failed for: r1v4 */
        public CertificateCredential build() throws NoSuchProviderException, KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException, IOException, CertificateException {
            KeyStoreConfiguration keyStoreConfiguration;
            CertificateCredential certificateCredential;
            CertificateCredential certificateCredential2 = 0;
            certificateCredential2 = 0;
            certificateCredential2 = 0;
            if (this.mClientId != null) {
                if (this.mCertificate == null || this.mPrivateKey == null) {
                    ClientCertificateMetadata clientCertificateMetadata = this.mClientCertificateMetdata;
                    if (clientCertificateMetadata != null && (keyStoreConfiguration = this.mKeyStoreConfiguration) != null) {
                        getCertificateInfoFromStore(keyStoreConfiguration, clientCertificateMetadata);
                        certificateCredential = new CertificateCredential(this);
                    }
                } else {
                    certificateCredential = new CertificateCredential(this);
                }
                certificateCredential2 = certificateCredential;
            }
            validateCertificateCredential(certificateCredential2);
            return certificateCredential2;
        }

        public CertificateCredentialBuilder certificate(X509Certificate x509Certificate) {
            this.mCertificate = x509Certificate;
            return this;
        }

        public CertificateCredentialBuilder clientCertificateMetadata(ClientCertificateMetadata clientCertificateMetadata) {
            this.mClientCertificateMetdata = clientCertificateMetadata;
            return this;
        }

        public CertificateCredentialBuilder keyStoreConfiguration(KeyStoreConfiguration keyStoreConfiguration) {
            this.mKeyStoreConfiguration = keyStoreConfiguration;
            return this;
        }

        public CertificateCredentialBuilder privateKey(PrivateKey privateKey) {
            this.mPrivateKey = privateKey;
            return this;
        }
    }

    private CertificateCredential(CertificateCredentialBuilder certificateCredentialBuilder) {
        this.mClientId = certificateCredentialBuilder.mClientId;
        this.mPublicCertificate = certificateCredentialBuilder.mCertificate;
        this.mPrivateKey = certificateCredentialBuilder.mPrivateKey;
    }

    public String getClientId() {
        return this.mClientId;
    }

    public PrivateKey getPrivateKey() {
        return this.mPrivateKey;
    }

    public X509Certificate getPublicCertificate() {
        return this.mPublicCertificate;
    }
}
