package com.microsoft.identity.common.internal.m.b.a;

import android.annotation.TargetApi;
import android.app.Activity;
import android.security.KeyChain;
import android.security.KeyChainAliasCallback;
import android.security.KeyChainException;
import android.webkit.ClientCertRequest;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;

/* compiled from: ClientCertAuthChallengeHandler.java */
/* loaded from: classes.dex */
public final class b implements d<ClientCertRequest, Void> {
    private static final String ACCEPTABLE_ISSUER = "CN=MS-Organization-Access";
    private static final String TAG = "b";
    private Activity mActivity;

    public b(Activity activity) {
        this.mActivity = activity;
    }

    @Override // com.microsoft.identity.common.internal.m.b.a.d
    @TargetApi(21)
    public Void a(final ClientCertRequest clientCertRequest) {
        Principal[] principals = clientCertRequest.getPrincipals();
        if (principals != null) {
            for (Principal principal : principals) {
                if (principal.getName().contains(ACCEPTABLE_ISSUER)) {
                    com.microsoft.identity.common.internal.g.d.c(TAG, "Cancelling the TLS request, not respond to TLS challenge triggered by device authentication.");
                    clientCertRequest.cancel();
                    return null;
                }
            }
        }
        KeyChain.choosePrivateKeyAlias(this.mActivity, new KeyChainAliasCallback() { // from class: com.microsoft.identity.common.internal.m.b.a.b.1
            @Override // android.security.KeyChainAliasCallback
            public void alias(String str) {
                if (str == null) {
                    com.microsoft.identity.common.internal.g.d.c(b.TAG, "No certificate chosen by user, cancelling the TLS request.");
                    clientCertRequest.cancel();
                    return;
                }
                try {
                    X509Certificate[] certificateChain = KeyChain.getCertificateChain(b.this.mActivity.getApplicationContext(), str);
                    PrivateKey privateKey = KeyChain.getPrivateKey(b.this.mActivity, str);
                    com.microsoft.identity.common.internal.g.d.c(b.TAG, "Certificate is chosen by user, proceed with TLS request.");
                    clientCertRequest.proceed(privateKey, certificateChain);
                } catch (KeyChainException e) {
                    com.microsoft.identity.common.internal.g.d.b(b.TAG, "KeyChain exception", e);
                    clientCertRequest.cancel();
                } catch (InterruptedException e2) {
                    com.microsoft.identity.common.internal.g.d.b(b.TAG, "InterruptedException exception", e2);
                    clientCertRequest.cancel();
                }
            }
        }, clientCertRequest.getKeyTypes(), clientCertRequest.getPrincipals(), clientCertRequest.getHost(), clientCertRequest.getPort(), null);
        return null;
    }
}
