package com.baramundi.android.mdm.controller;

import android.annotation.TargetApi;
import android.app.enterprise.SecurityPolicy;
import android.content.BroadcastReceiver;
import android.content.Context;
import android.content.Intent;
import android.content.IntentFilter;
import android.os.Build;
import android.security.KeyChain;
import android.util.Log;
import ch.qos.logback.classic.turbo.ReconfigureOnChangeFilter;
import ch.qos.logback.core.joran.action.Action;
import com.baramundi.android.mdm.R;
import com.baramundi.android.mdm.rest.parsedobjs.ErrorCode;
import com.baramundi.android.mdm.results.AndroidJobstepResult;
import com.baramundi.android.mdm.util.HelperUtils;
import com.baramundi.android.mdm.util.NotificationHelper;
import com.baramundi.android.mdm.util.StackTraceUtility;
import com.baramundi.android.sharedlib.DataTransferObjects.certificate.CertificateWithPW;
import com.baramundi.android.sharedlib.SharedCertificateHelper;
import java.security.KeyStore;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import java.util.concurrent.BrokenBarrierException;
import java.util.concurrent.CyclicBarrier;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: classes.dex */
public class CertificateController {
    private static final int NOTIFICATION_ID = 484848;
    public static final String SERIALIZED_CERT_EXTRA = "SerializedCert";
    private static final String TAG = "com.baramundi.android.mdm.controller.CertificateController";
    public static String USER_CLICKED_CERTIFICATE_INSTALLATION_ACTION = "com.baramundi.android.mdm.installcertificateaction";
    private static final Object lockObject = new Object();
    private static Logger logger = LoggerFactory.getLogger(CertificateController.class);
    private Context context;
    private AndroidJobstepResult currentResult;
    private IntentFilter intentFilter = new IntentFilter(USER_CLICKED_CERTIFICATE_INSTALLATION_ACTION);
    private BroadcastReceiver receiver;

    /* loaded from: classes.dex */
    private class DialogTouchedReceiver extends BroadcastReceiver {
        private CyclicBarrier barrier;

        public DialogTouchedReceiver(CyclicBarrier cyclicBarrier) {
            this.barrier = cyclicBarrier;
        }

        @Override // android.content.BroadcastReceiver
        public void onReceive(Context context, Intent intent) {
            Log.v(CertificateController.TAG, "onReceive()");
            if (intent.getAction().equals(CertificateController.USER_CLICKED_CERTIFICATE_INSTALLATION_ACTION)) {
                NotificationHelper.removeNotificationIcon(context, CertificateController.NOTIFICATION_ID);
                Log.i(CertificateController.TAG, "user touched install certificate notification");
                CertificateController.this.launchInstallationIntent((CertificateWithPW) intent.getSerializableExtra(CertificateController.SERIALIZED_CERT_EXTRA));
                try {
                    Log.d(CertificateController.TAG, "barrier in receiver reached");
                    this.barrier.await();
                } catch (InterruptedException e) {
                    Log.e(CertificateController.TAG, "error while waiting at barrier", e);
                    CertificateController.logger.error("Barrier interrupted, exception details follow:");
                    CertificateController.logger.error(StackTraceUtility.getStackTraceAsString(e));
                } catch (BrokenBarrierException e2) {
                    CertificateController.logger.error("Barrier broken, exception details follow:");
                    CertificateController.logger.error(StackTraceUtility.getStackTraceAsString(e2));
                    Log.e(CertificateController.TAG, "error while waiting at barrier", e2);
                }
            }
        }
    }

    public CertificateController(Context context) {
        this.context = context;
    }

    private boolean checkIfCertWasInstalledCorrectly(CertificateWithPW certificateWithPW) {
        boolean z;
        Log.i(TAG, "now checking if certificate was installed successfully");
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidCAStore");
            if (keyStore != null) {
                keyStore.load(null, null);
                Enumeration<String> aliases = keyStore.aliases();
                while (aliases.hasMoreElements()) {
                    if (HelperUtils.equals(SharedCertificateHelper.getThumbPrint((X509Certificate) keyStore.getCertificate(aliases.nextElement())), certificateWithPW.getThumbprint())) {
                        String format = String.format("certificate successfully installed: Subject: '%s' Thumbprint: '%s'", certificateWithPW.getCertificateSubectName(), certificateWithPW.getThumbprint());
                        Log.i(TAG, format);
                        logger.info(format);
                        z = true;
                        break;
                    }
                }
            }
        } catch (Exception e) {
            logger.error("error while trying to analyze installed CA certificates");
            Log.e(TAG, "error while trying to analyze installed CA certificates", e);
        }
        z = false;
        if (!z) {
            logger.error(String.format("certificate installation failed: Subject: '%s' Thumbprint: '%s'", certificateWithPW.getCertificateSubectName(), certificateWithPW.getThumbprint()));
        }
        return z;
    }

    /* JADX INFO: Access modifiers changed from: private */
    @TargetApi(14)
    public void launchInstallationIntent(CertificateWithPW certificateWithPW) {
        AndroidJobstepResult androidJobstepResult = new AndroidJobstepResult(ErrorCode.CACertInstallationError, this.context.getString(R.string.error_certificateInstallation_userDeclinedRequest));
        Log.i(TAG, "trying to install certificate: " + certificateWithPW.getCertificateSubectName());
        logger.info("trying to install certificate: " + certificateWithPW.getCertificateSubectName());
        Intent createInstallIntent = KeyChain.createInstallIntent();
        try {
            createInstallIntent.putExtra(SecurityPolicy.TYPE_CERTIFICATE, certificateWithPW.getX509Certificate().getEncoded());
            createInstallIntent.putExtra(Action.NAME_ATTRIBUTE, certificateWithPW.getThumbprint());
            createInstallIntent.setFlags(268435456);
            createInstallIntent.addFlags(268435456);
            this.context.startActivity(createInstallIntent);
            try {
                Log.i(TAG, "waiting for 1 minute...");
                Thread.sleep(ReconfigureOnChangeFilter.DEFAULT_REFRESH_PERIOD);
            } catch (InterruptedException unused) {
            }
            if (checkIfCertWasInstalledCorrectly(certificateWithPW)) {
                this.currentResult = null;
            } else {
                this.currentResult = androidJobstepResult;
            }
        } catch (CertificateEncodingException e) {
            Log.e(TAG, "error installing certificate", e);
            logger.error("unable to get encoded form of certificate");
            this.currentResult = new AndroidJobstepResult(ErrorCode.CACertInstallationError, "certificate encoding failed");
        }
    }

    public AndroidJobstepResult installCertificate(CertificateWithPW certificateWithPW) {
        synchronized (lockObject) {
            if (Build.VERSION.SDK_INT < 14) {
                logger.error("preICS (4.0) device: certificate installation not supported");
                return new AndroidJobstepResult(ErrorCode.CACertInstallationError, this.context.getString(R.string.error_certificateInstallation_atLeastAndroidICSVersion));
            }
            CyclicBarrier cyclicBarrier = new CyclicBarrier(2);
            this.receiver = new DialogTouchedReceiver(cyclicBarrier);
            this.context.registerReceiver(this.receiver, this.intentFilter);
            Intent intent = new Intent();
            intent.setAction(USER_CLICKED_CERTIFICATE_INSTALLATION_ACTION);
            intent.putExtra(SERIALIZED_CERT_EXTRA, certificateWithPW);
            NotificationHelper.showNotificationIcon(this.context, NOTIFICATION_ID, this.context.getResources().getString(R.string.new_cert), this.context.getResources().getString(R.string.certificate_install_notification_text), intent, null, true);
            try {
                Log.d(TAG, "waiting at barrier for user to click certificate notification");
                logger.info("waiting for user to click certificate installation");
                cyclicBarrier.await();
                Log.d(TAG, "barrier breached, continuing work...");
            } catch (InterruptedException e) {
                Log.e(TAG, "error while waiting at barrier", e);
                logger.error("Barrier interrupted, exception details follow:");
                logger.error(StackTraceUtility.getStackTraceAsString(e));
            } catch (BrokenBarrierException e2) {
                Log.e(TAG, "error while waiting at barrier", e2);
                logger.error("Barrier broken, exception details follow:");
                logger.error(StackTraceUtility.getStackTraceAsString(e2));
            }
            if (this.receiver != null) {
                this.context.unregisterReceiver(this.receiver);
                this.receiver = null;
            }
            return this.currentResult;
        }
    }
}
