package com.android.certinstaller;

import android.app.Activity;
import android.app.AlertDialog;
import android.app.Dialog;
import android.app.ProgressDialog;
import android.content.ActivityNotFoundException;
import android.content.Context;
import android.content.Intent;
import android.content.pm.PackageManager;
import android.os.AsyncTask;
import android.os.Bundle;
import android.security.KeyChain;
import android.text.TextUtils;
import android.util.Log;
import android.util.Slog;
import android.view.View;
import android.view.ViewGroup;
import android.widget.EditText;
import android.widget.RadioGroup;
import android.widget.Toast;
import com.android.internal.annotations.VisibleForTesting;
import java.io.Serializable;
import java.util.HashMap;

/* loaded from: input_file:com/android/certinstaller/CertInstaller.class */
public class CertInstaller extends Activity {
    private static final String TAG = "CertInstaller";
    private static final int STATE_INIT = 1;
    private static final int STATE_RUNNING = 2;
    private static final int STATE_PAUSED = 3;
    private static final int NAME_CREDENTIAL_DIALOG = 1;
    private static final int PKCS12_PASSWORD_DIALOG = 2;
    private static final int PROGRESS_BAR_DIALOG = 3;
    private static final int REDIRECT_CA_CERTIFICATE_DIALOG = 4;
    private static final int SELECT_CERTIFICATE_USAGE_DIALOG = 5;
    private static final int INVALID_CERTIFICATE_DIALOG = 6;
    private static final int REQUEST_SYSTEM_INSTALL_CODE = 1;
    private static final String NEXT_ACTION_KEY = "na";
    private final ViewHelper mView = new ViewHelper();
    private int mState;
    private CredentialHelper mCredentials;
    private MyAction mNextAction;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/android/certinstaller/CertInstaller$InstallOthersAction.class */
    public static class InstallOthersAction implements MyAction {
        private InstallOthersAction() {
        }

        @Override // com.android.certinstaller.CertInstaller.MyAction
        public void run(CertInstaller certInstaller) {
            certInstaller.mNextAction = null;
            certInstaller.installOthers();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/android/certinstaller/CertInstaller$InstallVpnAndAppsTrustAnchorsTask.class */
    public class InstallVpnAndAppsTrustAnchorsTask extends AsyncTask<Void, Void, Boolean> {
        private InstallVpnAndAppsTrustAnchorsTask() {
        }

        /* JADX INFO: Access modifiers changed from: protected */
        @Override // android.os.AsyncTask
        public Boolean doInBackground(Void... voidArr) {
            try {
                KeyChain.KeyChainConnection bind = KeyChain.bind(CertInstaller.this);
                try {
                    Boolean valueOf = Boolean.valueOf(CertInstaller.this.mCredentials.installVpnAndAppsTrustAnchors(CertInstaller.this, bind.getService()));
                    if (bind != null) {
                        bind.close();
                    }
                    return valueOf;
                } finally {
                }
            } catch (InterruptedException e) {
                Thread.currentThread().interrupt();
                return false;
            }
        }

        /* JADX INFO: Access modifiers changed from: protected */
        @Override // android.os.AsyncTask
        public void onPostExecute(Boolean bool) {
            if (bool.booleanValue()) {
                Toast.makeText(CertInstaller.this.getApplicationContext(), R.string.ca_cert_is_added, 1).show();
                CertInstaller.this.setResult(-1);
            }
            CertInstaller.this.finish();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/android/certinstaller/CertInstaller$MyAction.class */
    public interface MyAction extends Serializable {
        void run(CertInstaller certInstaller);
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/android/certinstaller/CertInstaller$OnExtractionDoneAction.class */
    public static class OnExtractionDoneAction implements MyAction {
        private final boolean mSuccess;

        OnExtractionDoneAction(boolean z) {
            this.mSuccess = z;
        }

        @Override // com.android.certinstaller.CertInstaller.MyAction
        public void run(CertInstaller certInstaller) {
            certInstaller.onExtractionDone(this.mSuccess);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: input_file:com/android/certinstaller/CertInstaller$Pkcs12ExtractAction.class */
    public static class Pkcs12ExtractAction implements MyAction {
        private final String mPassword;
        private transient boolean hasRun;

        Pkcs12ExtractAction(String str) {
            this.mPassword = str;
        }

        @Override // com.android.certinstaller.CertInstaller.MyAction
        public void run(CertInstaller certInstaller) {
            if (this.hasRun) {
                return;
            }
            this.hasRun = true;
            certInstaller.extractPkcs12InBackground(this.mPassword);
        }
    }

    private CredentialHelper createCredentialHelper(Intent intent) {
        try {
            Bundle extras = intent.getExtras();
            if (extras == null) {
                return new CredentialHelper();
            }
            Log.d(TAG, "# extras: " + extras.size());
            String string = extras.getString("name");
            extras.remove("name");
            String string2 = extras.getString("android.intent.extra.REFERRER");
            extras.remove("android.intent.extra.REFERRER");
            String string3 = extras.getString("certificate_install_usage");
            extras.remove("certificate_install_usage");
            int i = extras.getInt("install_as_uid", -1);
            extras.remove("install_as_uid");
            HashMap hashMap = new HashMap();
            for (String str : extras.keySet()) {
                hashMap.put(str, extras.getByteArray(str));
            }
            return new CredentialHelper(hashMap, string, string2, string3, i);
        } catch (Throwable th) {
            Log.w(TAG, "createCredentialHelper", th);
            toastErrorAndFinish(R.string.invalid_cert);
            return new CredentialHelper();
        }
    }

    @Override // android.app.Activity
    protected void onCreate(Bundle bundle) {
        super.onCreate(bundle);
        getWindow().addSystemFlags(524288);
        this.mCredentials = createCredentialHelper(getIntent());
        this.mState = bundle == null ? 1 : 2;
        if (this.mState != 1) {
            this.mCredentials.onRestoreStates(bundle);
            this.mNextAction = (MyAction) bundle.getSerializable(NEXT_ACTION_KEY);
            return;
        }
        if (!this.mCredentials.containsAnyRawData()) {
            toastErrorAndFinish(R.string.no_cert_to_saved);
            finish();
            return;
        }
        if (installingCaCertificate()) {
            extractPkcs12OrInstall();
            return;
        }
        if (this.mCredentials.hasUserCertificate() && !this.mCredentials.hasPrivateKey()) {
            toastErrorAndFinish(R.string.action_missing_private_key);
        } else if (!this.mCredentials.hasPrivateKey() || this.mCredentials.hasUserCertificate()) {
            extractPkcs12OrInstall();
        } else {
            toastErrorAndFinish(R.string.action_missing_user_cert);
        }
    }

    private boolean installingCaCertificate() {
        return (!this.mCredentials.hasCaCerts() || this.mCredentials.hasPrivateKey() || this.mCredentials.hasUserCertificate()) ? false : true;
    }

    @Override // android.app.Activity
    protected void onResume() {
        super.onResume();
        if (this.mState == 1) {
            this.mState = 2;
        } else if (this.mNextAction != null) {
            this.mNextAction.run(this);
        }
    }

    @Override // android.app.Activity
    protected void onPause() {
        super.onPause();
        this.mState = 3;
    }

    @Override // android.app.Activity
    protected void onSaveInstanceState(Bundle bundle) {
        super.onSaveInstanceState(bundle);
        this.mCredentials.onSaveStates(bundle);
        if (this.mNextAction != null) {
            bundle.putSerializable(NEXT_ACTION_KEY, this.mNextAction);
        }
    }

    @Override // android.app.Activity
    protected Dialog onCreateDialog(int i) {
        switch (i) {
            case 1:
                return createNameCertificateDialog();
            case 2:
                return createPkcs12PasswordDialog();
            case 3:
                ProgressDialog progressDialog = new ProgressDialog(this);
                progressDialog.setMessage(getString(R.string.extracting_pkcs12));
                progressDialog.setIndeterminate(true);
                progressDialog.setCancelable(false);
                return progressDialog;
            case 4:
                return createRedirectCaCertificateDialog();
            case 5:
                return createSelectCertificateUsageDialog();
            case 6:
                return createInvalidCertificateDialog();
            default:
                return null;
        }
    }

    @Override // android.app.Activity
    protected void onActivityResult(int i, int i2, Intent intent) {
        switch (i) {
            case 1:
                if (i2 != -1) {
                    Log.d(TAG, "credential not saved, err: " + i2);
                    toastErrorAndFinish(R.string.cert_not_saved);
                    return;
                }
                Log.d(TAG, "credential is added: " + this.mCredentials.getName());
                if (this.mCredentials.getCertUsageSelected().equals("wifi")) {
                    Toast.makeText(this, R.string.wifi_cert_is_added, 1).show();
                } else {
                    Toast.makeText(this, R.string.user_cert_is_added, 1).show();
                }
                setResult(-1);
                finish();
                return;
            default:
                Log.w(TAG, "unknown request code: " + i);
                finish();
                return;
        }
    }

    private void extractPkcs12OrInstall() {
        if (this.mCredentials.hasPkcs12KeyStore()) {
            if (this.mCredentials.hasPassword()) {
                showDialog(2);
                return;
            } else {
                new Pkcs12ExtractAction("").run(this);
                return;
            }
        }
        if (this.mCredentials.calledBySettings()) {
            new InstallOthersAction().run(this);
        } else {
            createRedirectOrSelectUsageDialog();
        }
    }

    private void installOthers() {
        boolean z = this.mCredentials.hasPrivateKey() && this.mCredentials.hasUserCertificate();
        boolean hasCaCerts = this.mCredentials.hasCaCerts();
        Log.d(TAG, String.format("Attempting credentials installation, has ca cert? %b, has user cert? %b", Boolean.valueOf(hasCaCerts), Boolean.valueOf(z)));
        if (!z && !hasCaCerts) {
            finish();
        } else if (validCertificateSelected()) {
            installCertificateOrShowNameDialog();
        } else {
            showDialog(6);
        }
    }

    private boolean validCertificateSelected() {
        String certUsageSelected = this.mCredentials.getCertUsageSelected();
        boolean z = -1;
        switch (certUsageSelected.hashCode()) {
            case 3166:
                if (certUsageSelected.equals("ca")) {
                    z = false;
                    break;
                }
                break;
            case 3599307:
                if (certUsageSelected.equals("user")) {
                    z = true;
                    break;
                }
                break;
            case 3649301:
                if (certUsageSelected.equals("wifi")) {
                    z = 2;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                return this.mCredentials.hasOnlyVpnAndAppsTrustAnchors();
            case true:
                return this.mCredentials.hasUserCertificate() && !this.mCredentials.hasOnlyVpnAndAppsTrustAnchors();
            case true:
                return true;
            default:
                return false;
        }
    }

    private void installCertificateOrShowNameDialog() {
        if (!this.mCredentials.hasAnyForSystemInstall()) {
            toastErrorAndFinish(R.string.no_cert_to_saved);
        } else if (this.mCredentials.hasOnlyVpnAndAppsTrustAnchors()) {
            new InstallVpnAndAppsTrustAnchorsTask().execute(new Void[0]);
        } else {
            showDialog(1);
        }
    }

    /* JADX WARN: Type inference failed for: r0v1, types: [com.android.certinstaller.CertInstaller$1] */
    private void extractPkcs12InBackground(final String str) {
        showDialog(3);
        new AsyncTask<Void, Void, Boolean>() { // from class: com.android.certinstaller.CertInstaller.1
            /* JADX INFO: Access modifiers changed from: protected */
            @Override // android.os.AsyncTask
            public Boolean doInBackground(Void... voidArr) {
                return Boolean.valueOf(CertInstaller.this.mCredentials.extractPkcs12(str));
            }

            /* JADX INFO: Access modifiers changed from: protected */
            @Override // android.os.AsyncTask
            public void onPostExecute(Boolean bool) {
                OnExtractionDoneAction onExtractionDoneAction = new OnExtractionDoneAction(bool.booleanValue());
                if (CertInstaller.this.mState == 3) {
                    CertInstaller.this.mNextAction = onExtractionDoneAction;
                } else {
                    onExtractionDoneAction.run(CertInstaller.this);
                }
            }
        }.execute(new Void[0]);
    }

    private void onExtractionDone(boolean z) {
        this.mNextAction = null;
        removeDialog(3);
        if (!z) {
            showDialog(2);
            this.mView.setText(R.id.credential_password, "");
            this.mView.showError(R.string.password_error);
            return;
        }
        removeDialog(2);
        if (!this.mCredentials.calledBySettings()) {
            createRedirectOrSelectUsageDialog();
        } else if (validCertificateSelected()) {
            installCertificateOrShowNameDialog();
        } else {
            showDialog(6);
        }
    }

    private void createRedirectOrSelectUsageDialog() {
        if (this.mCredentials.hasOnlyVpnAndAppsTrustAnchors()) {
            showDialog(4);
        } else {
            showDialog(5);
        }
    }

    public CharSequence getCallingAppLabel() {
        String referrer = this.mCredentials.getReferrer();
        if (referrer == null) {
            Log.e(TAG, "Cannot get calling calling AppPackage");
            return null;
        }
        PackageManager packageManager = getPackageManager();
        try {
            return packageManager.getApplicationInfo(referrer, 512).loadLabel(packageManager);
        } catch (PackageManager.NameNotFoundException e) {
            Log.e(TAG, "Unable to find info for package: " + referrer);
            return null;
        }
    }

    private Dialog createRedirectCaCertificateDialog() {
        AlertDialog create = new AlertDialog.Builder(this).setTitle(R.string.redirect_ca_certificate_title).setMessage(getString(R.string.redirect_ca_certificate_with_app_info_message, new Object[]{getCallingAppLabel()})).setPositiveButton(R.string.redirect_ca_certificate_close_button, (dialogInterface, i) -> {
            toastErrorAndFinish(R.string.cert_not_saved);
        }).create();
        create.setOnCancelListener(dialogInterface2 -> {
            toastErrorAndFinish(R.string.cert_not_saved);
        });
        return create;
    }

    private Dialog createSelectCertificateUsageDialog() {
        ViewGroup viewGroup = (ViewGroup) View.inflate(this, R.layout.select_certificate_usage_dialog, null);
        this.mView.setView(viewGroup);
        ((RadioGroup) viewGroup.findViewById(R.id.certificate_usage)).setOnCheckedChangeListener((radioGroup, i) -> {
            switch (i) {
                case R.id.user_certificate /* 2131034118 */:
                    this.mCredentials.setCertUsageSelectedAndUid("user");
                    return;
                case R.id.wifi_certificate /* 2131034119 */:
                    this.mCredentials.setCertUsageSelectedAndUid("wifi");
                default:
                    Slog.i(TAG, "Unknown selection for scope");
                    return;
            }
        });
        getApplicationContext();
        AlertDialog create = new AlertDialog.Builder(this).setView(viewGroup).setPositiveButton(android.R.string.ok, (dialogInterface, i2) -> {
            showDialog(1);
        }).setNegativeButton(android.R.string.cancel, (dialogInterface2, i3) -> {
            toastErrorAndFinish(R.string.cert_not_saved);
        }).create();
        create.setOnCancelListener(dialogInterface3 -> {
            toastErrorAndFinish(R.string.cert_not_saved);
        });
        return create;
    }

    private Dialog createInvalidCertificateDialog() {
        AlertDialog create = new AlertDialog.Builder(this).setTitle(R.string.invalid_certificate_title).setMessage(getString(R.string.invalid_certificate_message, new Object[]{getCertificateUsageName()})).setPositiveButton(R.string.invalid_certificate_close_button, (dialogInterface, i) -> {
            toastErrorAndFinish(R.string.cert_not_saved);
        }).create();
        create.setOnCancelListener(dialogInterface2 -> {
            finish();
        });
        return create;
    }

    String getCertificateUsageName() {
        String certUsageSelected = this.mCredentials.getCertUsageSelected();
        boolean z = -1;
        switch (certUsageSelected.hashCode()) {
            case 3166:
                if (certUsageSelected.equals("ca")) {
                    z = false;
                    break;
                }
                break;
            case 3599307:
                if (certUsageSelected.equals("user")) {
                    z = true;
                    break;
                }
                break;
            case 3649301:
                if (certUsageSelected.equals("wifi")) {
                    z = 2;
                    break;
                }
                break;
        }
        switch (z) {
            case false:
                return getString(R.string.ca_certificate);
            case true:
                return getString(R.string.user_certificate);
            case true:
                return getString(R.string.wifi_certificate);
            default:
                return getString(R.string.certificate);
        }
    }

    private Dialog createPkcs12PasswordDialog() {
        View inflate = View.inflate(this, R.layout.password_dialog, null);
        this.mView.setView(inflate);
        if (this.mView.getHasEmptyError()) {
            this.mView.showError(R.string.password_empty_error);
            this.mView.setHasEmptyError(false);
        }
        String name = this.mCredentials.getName();
        AlertDialog create = new AlertDialog.Builder(this).setView(inflate).setTitle(TextUtils.isEmpty(name) ? getString(R.string.pkcs12_password_dialog_title) : getString(R.string.pkcs12_file_password_dialog_title, new Object[]{name})).setPositiveButton(android.R.string.ok, (dialogInterface, i) -> {
            this.mNextAction = new Pkcs12ExtractAction(this.mView.getText(R.id.credential_password));
            this.mNextAction.run(this);
        }).setNegativeButton(android.R.string.cancel, (dialogInterface2, i2) -> {
            toastErrorAndFinish(R.string.cert_not_saved);
        }).create();
        create.setOnCancelListener(dialogInterface3 -> {
            toastErrorAndFinish(R.string.cert_not_saved);
        });
        return create;
    }

    private Dialog createNameCertificateDialog() {
        ViewGroup viewGroup = (ViewGroup) View.inflate(this, R.layout.name_certificate_dialog, null);
        this.mView.setView(viewGroup);
        if (this.mView.getHasEmptyError()) {
            this.mView.showError(R.string.name_empty_error);
            this.mView.setHasEmptyError(false);
        }
        EditText editText = (EditText) viewGroup.findViewById(R.id.certificate_name);
        editText.setText(getDefaultName());
        editText.selectAll();
        Context applicationContext = getApplicationContext();
        AlertDialog create = new AlertDialog.Builder(this).setView(viewGroup).setTitle(R.string.name_credential_dialog_title).setPositiveButton(android.R.string.ok, (dialogInterface, i) -> {
            String text = this.mView.getText(R.id.certificate_name);
            if (TextUtils.isEmpty(text)) {
                this.mView.setHasEmptyError(true);
                removeDialog(1);
                showDialog(1);
            } else {
                removeDialog(1);
                this.mCredentials.setName(text);
                installCertificateToKeystore(applicationContext);
            }
        }).setNegativeButton(android.R.string.cancel, (dialogInterface2, i2) -> {
            toastErrorAndFinish(R.string.cert_not_saved);
        }).create();
        create.setOnCancelListener(dialogInterface3 -> {
            toastErrorAndFinish(R.string.cert_not_saved);
        });
        return create;
    }

    private void installCertificateToKeystore(Context context) {
        try {
            startActivityForResult(this.mCredentials.createSystemInstallIntent(context), 1);
        } catch (ActivityNotFoundException e) {
            Log.w(TAG, "installCertificateToKeystore(): ", e);
            toastErrorAndFinish(R.string.cert_not_saved);
        }
    }

    private String getDefaultName() {
        String name = this.mCredentials.getName();
        if (TextUtils.isEmpty(name)) {
            return null;
        }
        int lastIndexOf = name.lastIndexOf(".");
        if (lastIndexOf > 0) {
            name = name.substring(0, lastIndexOf);
        }
        return name;
    }

    private void toastErrorAndFinish(int i) {
        Toast.makeText(this, i, 0).show();
        finish();
    }

    @VisibleForTesting
    public CredentialHelper getCredentials() {
        return this.mCredentials;
    }
}
