package com.huawei.svn.hiwork.mdm.manager;

import android.app.Activity;
import android.content.Context;
import android.content.Intent;
import android.os.Build;
import android.os.Bundle;
import android.security.KeyChain;
import com.android.common.speech.LoggingEvents;
import com.android.org.bouncycastle.asn1.ASN1InputStream;
import com.android.org.bouncycastle.asn1.ASN1Sequence;
import com.android.org.bouncycastle.asn1.DEROctetString;
import com.android.org.bouncycastle.asn1.x509.BasicConstraints;
import com.huawei.svn.log.Log;
import com.huawei.svn.provider.Telephony;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.lang.reflect.Method;
import java.security.KeyFactory;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.List;

/* loaded from: classes.dex */
public class CertInstaller extends Activity {
    private static final String CERTIFICATE = "CERT";
    private static final String CERT_NAME_KEY = "name";
    private static final int MAX_FILE_SIZE = 1000000;
    public static final String PKCS12 = "PKCS12";
    private static final String PKCS12_EXT = ".p12";
    private static final String PRIVATE_KEY = "PKEY";
    private static final String PUBLIC_KEY = "KEY";
    private static final int REQUEST_KEYPAIR_INSTALL_CODE = 2;
    private static final int REQUEST_SYSTEM_INSTALL_CODE = 1;
    public static boolean isInstallOk = false;
    public final int OK = 0;
    public final int ERROR = 1;
    X509Certificate mUserCert = null;
    PrivateKey mUserKey = null;
    String mCerName = null;
    String mCerUUID = null;
    List<X509Certificate> mCaCerts = null;
    KeyStore mKeyStore = null;
    File mCertFile = null;
    Context context = null;
    int mCertNameMethod = 0;
    String mFinalCertName = null;
    int mSize = 0;

    private boolean extractPkcs12Internal(byte[] bArr, String str) throws Exception {
        Log.i("MDMjava-CertInstaller", "--extractPkcs12Internal--start to extractPkcs12Internal");
        Log.i("MDMjava-CertInstaller", "--extractPkcs12Internal--pkcs12CertData:" + bArr);
        java.security.KeyStore keyStore = java.security.KeyStore.getInstance(PKCS12);
        KeyStore.PasswordProtection passwordProtection = new KeyStore.PasswordProtection(str.toCharArray());
        keyStore.load(new ByteArrayInputStream(bArr), passwordProtection.getPassword());
        Enumeration<String> aliases = keyStore.aliases();
        if (!aliases.hasMoreElements()) {
            return false;
        }
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            KeyStore.Entry entry = keyStore.getEntry(nextElement, passwordProtection);
            Log.i("MDMjava-CertInstaller", "--extractPkcs12Internal--extracted alias = " + nextElement + ", entry=" + entry.getClass());
            if (entry instanceof KeyStore.PrivateKeyEntry) {
                return installFrom((KeyStore.PrivateKeyEntry) entry);
            }
        }
        Log.i("MDMjava-CertInstaller", "--extractPkcs12Internal-- extractPkcs12Internal ok");
        return true;
    }

    private boolean install(String str, byte[] bArr, String str2) {
        boolean z = false;
        Log.i("MDMjava-CertInstaller", "--install-begin install");
        if (bArr == null || str == null) {
            Log.e("MDMjava-CertInstaller", "--install-certdata or certFileName is null");
            return false;
        }
        this.mCerName = str;
        if (!str.endsWith(PKCS12_EXT)) {
            return installCredentialFromBytes(this.mCerName, bArr);
        }
        Log.i("MDMjava-CertInstaller", "--install-it is a p12");
        this.mCerName.substring(0, str.length() - PKCS12_EXT.length());
        try {
            Log.i("MDMjava-CertInstaller", "--install-try to extractPkcs12Internal");
            if (extractPkcs12Internal(bArr, str2)) {
                Intent createInstallIntent = KeyChain.createInstallIntent();
                createInstallIntent.putExtra(PUBLIC_KEY, this.mUserCert.getPublicKey().getEncoded());
                createInstallIntent.putExtra(PRIVATE_KEY, this.mUserKey.getEncoded());
                Log.i("MDMjava-CertInstaller", "--install-start install pair key");
                startActivityForResult(createInstallIntent, 2);
                Log.i("MDMjava-CertInstaller", "--install-end install pair key");
                z = true;
            } else {
                Log.e("MDMjava-CertInstaller", "--install-extractPkcs12Internal failed");
            }
            return z;
        } catch (Exception e) {
            e.printStackTrace();
            Log.e("MDMjava-CertInstaller", "--install-install pair key failed");
            return z;
        }
    }

    private boolean installAllCredentials(String str) throws CertificateEncodingException {
        Boolean.valueOf(false);
        if (this.mUserCert != null) {
            Log.i("MDMjava-CertInstaller", "--installAllCredentials installing mUserCert");
            if (Boolean.valueOf(installCredentialFromBytes(str, this.mUserCert.getEncoded())).booleanValue()) {
                this.mUserCert = null;
                return true;
            }
            Log.e("MDMjava-CertInstaller", "--install-install mUserCert failed");
            return false;
        }
        if (!this.mCaCerts.isEmpty()) {
            Log.i("MDMjava-CertInstaller", "--installAllCredentials installing mCaCerts");
            Iterator<X509Certificate> it = this.mCaCerts.iterator();
            if (it.hasNext()) {
                X509Certificate next = it.next();
                if (Boolean.valueOf(installCredentialFromBytes(str, next.getEncoded())).booleanValue()) {
                    this.mCaCerts.remove(next);
                    return true;
                }
                Log.e("MDMjava-CertInstaller", "--install-install ca failed");
                return false;
            }
        }
        return true;
    }

    private boolean installCredentialFromBytes(String str, byte[] bArr) {
        try {
            Intent createInstallIntent = KeyChain.createInstallIntent();
            createInstallIntent.putExtra("name", str);
            createInstallIntent.putExtra(CERTIFICATE, bArr);
            startActivityForResult(createInstallIntent, 1);
            return true;
        } catch (Exception e) {
            return false;
        }
    }

    private synchronized boolean installFrom(KeyStore.PrivateKeyEntry privateKeyEntry) {
        this.mUserKey = privateKeyEntry.getPrivateKey();
        this.mUserCert = (X509Certificate) privateKeyEntry.getCertificate();
        Certificate[] certificateChain = privateKeyEntry.getCertificateChain();
        Log.i("MDMjava-CertInstaller", "# certs extracted = " + certificateChain.length);
        for (Certificate certificate : certificateChain) {
            X509Certificate x509Certificate = (X509Certificate) certificate;
            if (isCa(x509Certificate)) {
                this.mCaCerts.add(x509Certificate);
            }
        }
        Log.i("MDMjava-CertInstaller", "# ca certs extracted = " + this.mCaCerts.size());
        return true;
    }

    private boolean isCa(X509Certificate x509Certificate) {
        if (Build.VERSION.SDK_INT < 17) {
            try {
                return new BasicConstraints((ASN1Sequence) new ASN1InputStream(((DEROctetString) new ASN1InputStream(x509Certificate.getExtensionValue("2.5.29.19")).readObject()).getOctets()).readObject()).isCA();
            } catch (Exception e) {
                return false;
            }
        }
        try {
            if (x509Certificate.getExtensionValue("2.5.29.19") == null) {
                return false;
            }
            Class<?> cls = Class.forName("org.bouncycastle.asn1.ASN1InputStream");
            Method method = cls.getMethod("readObject", null);
            Object invoke = method.invoke(cls.newInstance(), null);
            Class.forName("org.bouncycastle.asn1.DEROctetString");
            return BasicConstraints.getInstance(method.invoke(cls.getConstructor(Byte[].class).newInstance((byte[]) cls.getMethod("getOctets", null).invoke(invoke, null)), null)).isCA();
        } catch (Exception e2) {
            return false;
        }
    }

    public native void noticeInstallResult(int i, String str);

    @Override // android.app.Activity
    protected void onActivityResult(int i, int i2, Intent intent) {
        if (i == 1) {
            Log.i("MDMjava-CertInstaller", "--onActivityResult--REQUEST_SYSTEM_INSTALL_CODE");
            if (i2 == -1) {
                Log.i("MDMjava-CertInstaller", "--onActivityResult-RESULT_OK");
                noticeInstallResult(0, this.mCerUUID + this.mCerName);
            } else {
                Log.e("MDMjava-CertInstaller", "--onActivityResult-install failed");
                noticeInstallResult(1, LoggingEvents.EXTRA_CALLING_APP_NAME);
            }
        } else {
            if (2 == i) {
                Log.i("MDMjava-CertInstaller", "--onActivityResult--REQUEST_KEYPAIR_INSTALL_CODE");
                if (this.mUserCert == null && this.mCaCerts.isEmpty()) {
                    return;
                }
                Log.i("MDMjava-CertInstaller", "--onActivityResult--install other certs");
                try {
                    installAllCredentials(this.mCerName);
                    return;
                } catch (CertificateEncodingException e) {
                    e.printStackTrace();
                    return;
                }
            }
            Log.e("MDMjava-CertInstaller", "no REQUEST_SYSTEM_INSTALL_CODE  --error");
            noticeInstallResult(1, LoggingEvents.EXTRA_CALLING_APP_NAME);
        }
        finish();
    }

    @Override // android.app.Activity
    protected void onCreate(Bundle bundle) {
        super.onCreate(bundle);
        Log.i("MDMjava-CertInstaller", "--onCreate-activity oncreated");
        this.mCaCerts = new ArrayList();
        Bundle extras = getIntent().getExtras();
        if (extras == null) {
            Log.e("MDMjava-CertInstaller", "--onCreate-enter bundle is null");
            noticeInstallResult(1, LoggingEvents.EXTRA_CALLING_APP_NAME);
            finish();
        }
        String[] split = extras.getString("certFileName").split(":");
        this.mCerUUID = split[0];
        String str = split[1];
        byte[] byteArray = extras.getByteArray("certdata");
        String str2 = null;
        Iterator<String> it = extras.keySet().iterator();
        while (it.hasNext()) {
            if (it.next().equals(Telephony.Carriers.PASSWORD)) {
                str2 = extras.getString(Telephony.Carriers.PASSWORD);
            }
        }
        Log.i("MDMjava-CertInstaller", "--onCreate-certFileName:" + str);
        Log.i("MDMjava-CertInstaller", "--onCreate-password:" + str2);
        if (str.endsWith(PKCS12_EXT) && str2 == null) {
            Intent createInstallIntent = KeyChain.createInstallIntent();
            createInstallIntent.putExtra(PKCS12, byteArray);
            startActivityForResult(createInstallIntent, 1);
        } else {
            isInstallOk = install(str, byteArray, str2);
            if (isInstallOk) {
                return;
            }
            Log.e("MDMjava-CertInstaller", "--onCreate-install failed");
            noticeInstallResult(1, LoggingEvents.EXTRA_CALLING_APP_NAME);
            finish();
        }
    }

    void setPrivateKey(byte[] bArr) {
        try {
            this.mUserKey = KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(bArr));
        } catch (Exception e) {
            Log.i("MDMjava-CertInstaller", "setPrivateKey(): " + e);
            throw new RuntimeException(e);
        }
    }
}
