package com.arubanetworks.quickconnect.android;

import android.content.Intent;
import android.os.Build;
import com.arubanetworks.quickconnect.android.interfaces.CertificateInstaller;
import com.arubanetworks.quickconnect.android.interfaces.ConfigDriver;
import com.arubanetworks.quickconnect.android.interfaces.ResultCallback;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.io.OutputStreamWriter;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import org.bouncycastle.openssl.PEMWriter;

/* loaded from: classes.dex */
public class AndroidCertInstaller implements CertificateInstaller {
    private static final String TAG = "CertificateInstaller";
    ConfigDriver mConfigDriver;
    ResultCallback mCertInstallCb = null;
    Intent mInstallIntent = null;
    String mCertName = null;

    public AndroidCertInstaller(ConfigDriver configDriver) {
        this.mConfigDriver = null;
        this.mConfigDriver = configDriver;
    }

    private byte[] convertToPem(Object obj) throws IOException {
        try {
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            PEMWriter pEMWriter = new PEMWriter(new OutputStreamWriter(byteArrayOutputStream));
            pEMWriter.writeObject(obj);
            pEMWriter.close();
            return byteArrayOutputStream.toByteArray();
        } catch (IOException e) {
            Logging.e(TAG, "Error in converting to PEM");
            throw e;
        }
    }

    private void installTlsCertificateLegacy(String str, byte[] bArr, ResultCallback resultCallback) {
        X509Certificate x509Certificate;
        PrivateKey privateKey;
        this.mCertInstallCb = resultCallback;
        try {
            KeyStore keyStore = KeyStore.getInstance("PKCS12");
            KeyStore.PasswordProtection passwordProtection = new KeyStore.PasswordProtection("".toCharArray());
            keyStore.load(new ByteArrayInputStream(bArr), passwordProtection.getPassword());
            Enumeration<String> aliases = keyStore.aliases();
            while (true) {
                x509Certificate = null;
                if (!aliases.hasMoreElements()) {
                    privateKey = null;
                    break;
                }
                String nextElement = aliases.nextElement();
                KeyStore.Entry entry = keyStore.getEntry(nextElement, passwordProtection);
                Logging.d(TAG, "extracted alias = " + nextElement + " entry = " + entry.getClass());
                if (entry instanceof KeyStore.PrivateKeyEntry) {
                    KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) entry;
                    privateKey = privateKeyEntry.getPrivateKey();
                    x509Certificate = (X509Certificate) privateKeyEntry.getCertificate();
                    break;
                }
            }
            if (x509Certificate == null || privateKey == null) {
                Logging.e(TAG, "Could not extract certificate and private key");
                resultCallback.processResult(1);
                return;
            }
            Intent intent = new Intent("android.credentials.SYSTEM_INSTALL");
            this.mInstallIntent = intent;
            intent.putExtra("USRCERT_" + str, convertToPem(x509Certificate));
            this.mInstallIntent.putExtra("USRPKEY_" + str, convertToPem(privateKey));
            this.mConfigDriver.unlockKeyStore(new ResultCallback() { // from class: com.arubanetworks.quickconnect.android.AndroidCertInstaller.4
                @Override // com.arubanetworks.quickconnect.android.interfaces.ResultCallback
                public void processResult(Object obj) {
                    Logging.d(AndroidCertInstaller.TAG, "Trying TLS certificate installation with system install intent");
                    AndroidCertInstaller.this.mConfigDriver.triggerIntent(AndroidCertInstaller.this.mInstallIntent, AndroidCertInstaller.this.mCertInstallCb);
                }
            });
        } catch (Exception e) {
            Logging.e(TAG, "Error in extracting certificates", e);
            resultCallback.processResult(1);
        }
    }

    @Override // com.arubanetworks.quickconnect.android.interfaces.CertificateInstaller
    public void installCertificate(String str, String str2, byte[] bArr, ResultCallback resultCallback) {
        Logging.d(TAG, "Installing certificate " + str);
        this.mCertInstallCb = resultCallback;
        this.mCertName = str;
        if (Build.VERSION.SDK_INT <= 10) {
            Logging.d(TAG, "Android version <= 2.3.3 using SYSTEM_INSTALL to install certificate");
            Intent intent = new Intent("android.credentials.SYSTEM_INSTALL");
            this.mInstallIntent = intent;
            intent.putExtra("CACERT_" + str, bArr);
        } else {
            Logging.d(TAG, "Android version >= 3.0 using CREDENTIALS_INSTALL to install certificate");
            Intent intent2 = new Intent("android.credentials.INSTALL");
            this.mInstallIntent = intent2;
            intent2.putExtra("CERT", bArr);
            this.mInstallIntent.putExtra(ConfigParams.CFG_ORG_NAME, str);
        }
        if (wouldNotPopulateCertName()) {
            this.mConfigDriver.unlockKeyStore(new ResultCallback() { // from class: com.arubanetworks.quickconnect.android.AndroidCertInstaller.2
                @Override // com.arubanetworks.quickconnect.android.interfaces.ResultCallback
                public void processResult(Object obj) {
                    Logging.d(AndroidCertInstaller.TAG, "Showing infodialog to enter certificate name");
                    AndroidCertInstaller.this.mConfigDriver.showInfoDialog(AndroidCertInstaller.this.mConfigDriver.getResourceString(R.string.enter_cert_name).replace("$1", AndroidCertInstaller.this.mCertName), new ResultCallback() { // from class: com.arubanetworks.quickconnect.android.AndroidCertInstaller.2.1
                        @Override // com.arubanetworks.quickconnect.android.interfaces.ResultCallback
                        public void processResult(Object obj2) {
                            AndroidCertInstaller.this.mConfigDriver.triggerIntent(AndroidCertInstaller.this.mInstallIntent, AndroidCertInstaller.this.mCertInstallCb);
                        }
                    });
                }
            });
        } else {
            this.mConfigDriver.unlockKeyStore(new ResultCallback() { // from class: com.arubanetworks.quickconnect.android.AndroidCertInstaller.1
                @Override // com.arubanetworks.quickconnect.android.interfaces.ResultCallback
                public void processResult(Object obj) {
                    AndroidCertInstaller.this.mConfigDriver.triggerIntent(AndroidCertInstaller.this.mInstallIntent, AndroidCertInstaller.this.mCertInstallCb);
                }
            });
        }
    }

    @Override // com.arubanetworks.quickconnect.android.interfaces.CertificateInstaller
    public void installTlsCertificate(String str, byte[] bArr, String str2, ResultCallback resultCallback) {
        if (Build.VERSION.SDK_INT <= 10) {
            Logging.d(TAG, "Android version <= 2.3.3 using SYSTEM_INSTALL to install certificate");
            installTlsCertificateLegacy(str, bArr, resultCallback);
            return;
        }
        Logging.d(TAG, "Android version >= 3.0 using CREDENTIALS_INSTALL to install certificate");
        this.mCertInstallCb = resultCallback;
        this.mCertName = str;
        Intent intent = new Intent("android.credentials.INSTALL");
        this.mInstallIntent = intent;
        intent.putExtra("PKCS12", bArr);
        this.mInstallIntent.putExtra(ConfigParams.CFG_ORG_NAME, str);
        Logging.d(TAG, this.mCertName);
        this.mConfigDriver.unlockKeyStore(new ResultCallback() { // from class: com.arubanetworks.quickconnect.android.AndroidCertInstaller.3
            @Override // com.arubanetworks.quickconnect.android.interfaces.ResultCallback
            public void processResult(Object obj) {
                Logging.d(AndroidCertInstaller.TAG, "Trying TLS certificate installation with credentials install intent");
                String resourceString = AndroidCertInstaller.this.mConfigDriver.getResourceString(R.string.personal_cert_install);
                if (AndroidCertInstaller.this.wouldNotPopulateCertName()) {
                    resourceString = resourceString + " " + AndroidCertInstaller.this.mConfigDriver.getResourceString(R.string.enter_pkcs12_name).replace("$1", AndroidCertInstaller.this.mCertName);
                }
                AndroidCertInstaller.this.mConfigDriver.showInfoDialog(resourceString, new ResultCallback() { // from class: com.arubanetworks.quickconnect.android.AndroidCertInstaller.3.1
                    @Override // com.arubanetworks.quickconnect.android.interfaces.ResultCallback
                    public void processResult(Object obj2) {
                        AndroidCertInstaller.this.mConfigDriver.triggerIntent(AndroidCertInstaller.this.mInstallIntent, AndroidCertInstaller.this.mCertInstallCb);
                    }
                });
            }
        });
    }

    @Override // com.arubanetworks.quickconnect.android.interfaces.CertificateInstaller
    public boolean wouldMangleCertName() {
        if (Build.VERSION.SDK_INT < 11) {
            return false;
        }
        Logging.d(TAG, "Running on >=3.X. CertInstaller will mangle cert name");
        return true;
    }

    @Override // com.arubanetworks.quickconnect.android.interfaces.CertificateInstaller
    public boolean wouldNotPopulateCertName() {
        if (!Build.MANUFACTURER.equals("HTC") || Build.VERSION.SDK_INT < 11) {
            return false;
        }
        Logging.d(TAG, "Running on HTC Android >=3.X certificate name won't be populated. Need to show info dialog");
        return true;
    }
}
