package d.h.b.a.g.j.b.f;

import android.annotation.TargetApi;
import android.app.Activity;
import android.security.KeyChain;
import android.security.KeyChainAliasCallback;
import android.security.KeyChainException;
import android.webkit.ClientCertRequest;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;

/* compiled from: ClientCertAuthChallengeHandler.java */
/* loaded from: classes.dex */
public final class a {

    /* renamed from: a, reason: collision with root package name */
    public Activity f11743a;

    /* compiled from: ClientCertAuthChallengeHandler.java */
    /* renamed from: d.h.b.a.g.j.b.f.a$a, reason: collision with other inner class name */
    /* loaded from: classes.dex */
    public class C0204a implements KeyChainAliasCallback {

        /* renamed from: a, reason: collision with root package name */
        public final /* synthetic */ String f11744a;

        /* renamed from: b, reason: collision with root package name */
        public final /* synthetic */ ClientCertRequest f11745b;

        public C0204a(String str, ClientCertRequest clientCertRequest) {
            this.f11744a = str;
            this.f11745b = clientCertRequest;
        }

        @Override // android.security.KeyChainAliasCallback
        public void alias(String str) {
            if (str == null) {
                d.h.b.a.i.b.d(this.f11744a, "No certificate chosen by user, cancelling the TLS request.");
                this.f11745b.cancel();
                return;
            }
            try {
                X509Certificate[] certificateChain = KeyChain.getCertificateChain(a.this.f11743a.getApplicationContext(), str);
                PrivateKey privateKey = KeyChain.getPrivateKey(a.this.f11743a, str);
                d.h.b.a.i.b.d(this.f11744a, "Certificate is chosen by user, proceed with TLS request.");
                this.f11745b.proceed(privateKey, certificateChain);
            } catch (KeyChainException e2) {
                d.h.b.a.i.b.c(this.f11744a, "KeyChain exception", e2);
                this.f11745b.cancel();
            } catch (InterruptedException e3) {
                d.h.b.a.i.b.c(this.f11744a, "InterruptedException exception", e3);
                this.f11745b.cancel();
            }
        }
    }

    public a(Activity activity) {
        this.f11743a = activity;
    }

    @TargetApi(21)
    public Void a(ClientCertRequest clientCertRequest) {
        String j2 = d.a.c.a.a.j("a", ":processChallenge");
        Principal[] principals = clientCertRequest.getPrincipals();
        if (principals != null) {
            for (Principal principal : principals) {
                if (principal.getName().contains("CN=MS-Organization-Access")) {
                    d.h.b.a.i.b.d(j2, "Cancelling the TLS request, not respond to TLS challenge triggered by device authentication.");
                    clientCertRequest.cancel();
                    return null;
                }
            }
        }
        KeyChain.choosePrivateKeyAlias(this.f11743a, new C0204a(j2, clientCertRequest), clientCertRequest.getKeyTypes(), clientCertRequest.getPrincipals(), clientCertRequest.getHost(), clientCertRequest.getPort(), null);
        return null;
    }
}
