package com.airwatch.bizlib.model;

import android.app.Activity;
import android.content.Context;
import android.content.Intent;
import android.text.TextUtils;
import com.airwatch.core.AWConstants;
import com.airwatch.core.Guard;
import com.airwatch.util.Logger;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableEntryException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Collections;
import java.util.Iterator;

/* loaded from: classes3.dex */
public class CertificateUtility {
    public static final String CA_CERTIFICATE = "CACERT_";
    public static final int CA_CERTIFICATE_INSTALL_REQUEST_CODE = 42;
    public static final String CERT = "CERT";
    public static final String CERT_NAME_KEY = "name";
    public static final String CREDENTIAL_INSTALL_ACTION = "android.credentials.INSTALL";
    public static final String EXTENSION_CER = ".cer";
    public static final String EXTENSION_CRT = ".crt";
    public static final String EXTENSION_P12 = ".p12";
    public static final String EXTENSION_PFX = ".pfx";
    public static final String PKCS12 = "PKCS12";
    public static final int REQUEST_SYSTEM_INSTALL_CODE = 1;
    public static final String SYSTEM_INSTALL_ACTION = "android.credentials.SYSTEM_INSTALL";
    private static final String TAG = "CertificateUtility";
    public static final String USER_CERTIFICATE = "USRCERT_";
    public static final int USER_CERTIFICATE_INSTALL_REQUEST_CODE = 41;
    public static final String USER_PRIVATE_KEY = "USRPKEY_";

    /* JADX INFO: Access modifiers changed from: private */
    public static Intent createSystemInstallIntent(CertificateDefinitionAnchorApp certificateDefinitionAnchorApp) {
        ByteArrayInputStream byteArrayInputStream;
        Intent intent = new Intent(CREDENTIAL_INSTALL_ACTION);
        intent.setClassName("com.android.certinstaller", "com.android.certinstaller.CertInstallerMain");
        ByteArrayInputStream byteArrayInputStream2 = null;
        try {
            try {
                try {
                    byteArrayInputStream = new ByteArrayInputStream(certificateDefinitionAnchorApp.getCertificateData());
                } catch (CertificateException e) {
                    e = e;
                }
            } catch (Throwable th) {
                th = th;
            }
        } catch (IOException unused) {
            Logger.w(TAG, "Error in closing input stream.");
        }
        try {
            X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X509").generateCertificate(byteArrayInputStream);
            intent.putExtra("name", certificateDefinitionAnchorApp.getName());
            intent.putExtra("CERT", x509Certificate.getEncoded());
            byteArrayInputStream.close();
        } catch (CertificateException e2) {
            e = e2;
            byteArrayInputStream2 = byteArrayInputStream;
            Logger.e(TAG, "The certificate from the console could not be cast as an X509. Failing to install cert.", (Throwable) e);
            if (byteArrayInputStream2 != null) {
                byteArrayInputStream2.close();
            }
            return intent;
        } catch (Throwable th2) {
            th = th2;
            byteArrayInputStream2 = byteArrayInputStream;
            if (byteArrayInputStream2 != null) {
                try {
                    byteArrayInputStream2.close();
                } catch (IOException unused2) {
                    Logger.w(TAG, "Error in closing input stream.");
                }
            }
            throw th;
        }
        return intent;
    }

    private static Intent createSystemInstallIntent(KeyStore keyStore, String str, String str2) {
        Intent intent = new Intent(CREDENTIAL_INSTALL_ACTION);
        intent.setClassName("com.android.certinstaller", "com.android.certinstaller.CertInstallerMain");
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        try {
            keyStore.store(byteArrayOutputStream, str2.toCharArray());
        } catch (IOException e) {
            Logger.e(TAG, "IOException during creation of System Install Intent" + e.getMessage());
        } catch (KeyStoreException e2) {
            Logger.e(TAG, "KeyStoreException during creation of System Install Intent" + e2.getMessage());
        } catch (NoSuchAlgorithmException e3) {
            Logger.e(TAG, "NoSuchAlgorithmException during creation of System Install Intent" + e3.getMessage());
        } catch (CertificateException e4) {
            Logger.e(TAG, "CertificateException during creation of System Install Intent" + e4.getMessage());
        }
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        try {
            byteArrayOutputStream.close();
        } catch (IOException e5) {
            Logger.e(TAG, "IOException during close of baos in System Install Intent" + e5.getMessage());
        }
        Logger.d(TAG, "PKCS12 cert name " + str);
        intent.putExtra("name", str);
        intent.putExtra("PKCS12", byteArray);
        return intent;
    }

    public static String getDefaultName(String str) {
        if (TextUtils.isEmpty(str)) {
            return null;
        }
        int lastIndexOf = str.lastIndexOf(".");
        if (lastIndexOf > 0) {
            str = str.substring(0, lastIndexOf);
        }
        String replaceAll = str.replaceAll(AWConstants.DOT, "");
        return replaceAll.length() > 32 ? replaceAll.substring(0, 32).trim() : replaceAll;
    }

    private static void installCRTInBackground(final Activity activity, final CertificateDefinitionAnchorApp certificateDefinitionAnchorApp) {
        new Thread(new Runnable() { // from class: com.airwatch.bizlib.model.CertificateUtility.4
            @Override // java.lang.Runnable
            public void run() {
                Intent createSystemInstallIntent = CertificateUtility.createSystemInstallIntent(CertificateDefinitionAnchorApp.this);
                if (createSystemInstallIntent != null) {
                    activity.startActivityForResult(createSystemInstallIntent, 42);
                }
            }
        }).start();
    }

    private static void installCRTInBackground(final Context context, final CertificateDefinitionAnchorApp certificateDefinitionAnchorApp) {
        new Thread(new Runnable() { // from class: com.airwatch.bizlib.model.CertificateUtility.2
            @Override // java.lang.Runnable
            public void run() {
                Intent createSystemInstallIntent = CertificateUtility.createSystemInstallIntent(CertificateDefinitionAnchorApp.this);
                if (createSystemInstallIntent != null) {
                    context.startActivity(createSystemInstallIntent);
                }
            }
        }).start();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static Intent installFromKeystore(Context context, CertificateDefinitionAnchorApp certificateDefinitionAnchorApp, String str) {
        if (certificateDefinitionAnchorApp == null) {
            return null;
        }
        try {
            KeyStore keyStore = KeyStore.getInstance("PKCS12");
            keyStore.load(new ByteArrayInputStream(certificateDefinitionAnchorApp.getCertificateData()), certificateDefinitionAnchorApp.getPassword().toCharArray());
            KeyStore parseCertKeys = parseCertKeys(keyStore, certificateDefinitionAnchorApp.getPassword().toCharArray(), certificateDefinitionAnchorApp.getThumbprint());
            if (parseCertKeys != null) {
                return createSystemInstallIntent(parseCertKeys, certificateDefinitionAnchorApp.getName(), str);
            }
        } catch (Exception unused) {
            Logger.d(TAG, "Could not install the keys from the keystore.");
        }
        return null;
    }

    public static void installInBackground(Activity activity, CertificateDefinitionAnchorApp certificateDefinitionAnchorApp, String str) {
        Guard.argumentIsNotNull(certificateDefinitionAnchorApp);
        Guard.argumentIsNotNull(activity);
        if (certificateDefinitionAnchorApp.getPassword() == null || certificateDefinitionAnchorApp.getPassword().trim().length() <= 0) {
            installCRTInBackground(activity, certificateDefinitionAnchorApp);
        } else {
            installPKCS12InBackground(activity, certificateDefinitionAnchorApp, str);
        }
    }

    public static void installInBackground(Context context, CertificateDefinitionAnchorApp certificateDefinitionAnchorApp, String str) {
        Guard.argumentIsNotNull(certificateDefinitionAnchorApp);
        Guard.argumentIsNotNull(context);
        if (certificateDefinitionAnchorApp.getPassword() == null || certificateDefinitionAnchorApp.getPassword().trim().length() <= 0) {
            installCRTInBackground(context, certificateDefinitionAnchorApp);
        } else {
            installPKCS12InBackground(context, certificateDefinitionAnchorApp, str);
        }
    }

    private static void installPKCS12InBackground(final Activity activity, final CertificateDefinitionAnchorApp certificateDefinitionAnchorApp, final String str) {
        new Thread(new Runnable() { // from class: com.airwatch.bizlib.model.CertificateUtility.3
            @Override // java.lang.Runnable
            public void run() {
                Intent installFromKeystore = CertificateUtility.installFromKeystore(activity, certificateDefinitionAnchorApp, str);
                if (installFromKeystore != null) {
                    activity.startActivityForResult(installFromKeystore, 41);
                }
            }
        }).start();
    }

    private static void installPKCS12InBackground(final Context context, final CertificateDefinitionAnchorApp certificateDefinitionAnchorApp, final String str) {
        new Thread(new Runnable() { // from class: com.airwatch.bizlib.model.CertificateUtility.1
            @Override // java.lang.Runnable
            public void run() {
                Intent installFromKeystore = CertificateUtility.installFromKeystore(context, certificateDefinitionAnchorApp, str);
                if (installFromKeystore != null) {
                    context.startActivity(installFromKeystore);
                }
            }
        }).start();
    }

    private static KeyStore parseCertKeys(KeyStore keyStore, char[] cArr, String str) throws KeyStoreException, NoSuchAlgorithmException, UnrecoverableKeyException, CertificateException, IOException {
        KeyStore.PasswordProtection passwordProtection = new KeyStore.PasswordProtection(cArr);
        KeyStore keyStore2 = KeyStore.getInstance("PKCS12");
        keyStore2.load(null, null);
        Iterator it = Collections.list(keyStore.aliases()).iterator();
        while (it.hasNext()) {
            String str2 = (String) it.next();
            Logger.d(TAG, "The following alias exists in the keystore: " + str2);
            try {
                try {
                    setKeystoreEntry(str, passwordProtection, keyStore2, keyStore.getEntry(str2, passwordProtection), true);
                } catch (UnsupportedOperationException unused) {
                    setKeystoreEntry(str, passwordProtection, keyStore2, keyStore.getEntry(str2, null), false);
                }
            } catch (UnrecoverableEntryException e) {
                Logger.e(TAG, "The keystore entry was not found.", (Throwable) e);
                keyStore2 = null;
            }
        }
        return keyStore2;
    }

    private static void setKeystoreEntry(String str, KeyStore.PasswordProtection passwordProtection, KeyStore keyStore, KeyStore.Entry entry, boolean z) throws KeyStoreException {
        if (entry instanceof KeyStore.PrivateKeyEntry) {
            keyStore.setEntry("USRPKEY_" + str, entry, passwordProtection);
            Logger.d(TAG, "Added the private key to the keystore USRPKEY_" + str);
            return;
        }
        if (entry instanceof KeyStore.TrustedCertificateEntry) {
            keyStore.setEntry((z ? "USRCERT_" : "CACERT_") + str, entry, passwordProtection);
            Logger.d(TAG, "Added the certificate to the keystore USRCERT_" + str);
        }
    }
}
