package com.nmwco.mobility.client.util;

import android.content.Context;
import android.os.Looper;
import android.security.KeyChain;
import android.security.KeyChainException;
import com.nmwco.mobility.client.R;
import com.nmwco.mobility.client.SharedApplication;
import com.nmwco.mobility.client.configuration.Config;
import com.nmwco.mobility.client.configuration.LocalKeyStore;
import com.nmwco.mobility.client.gen.EventCategories;
import com.nmwco.mobility.client.gen.Messages;
import com.nmwco.mobility.client.logging.Log;
import com.nmwco.mobility.client.util.CertificateStoreEntry;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.SignatureException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.Iterator;

/* loaded from: classes.dex */
public class UserCertificateStore {
    private static final String KEYSTORE_PFX = "PKCS12";

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: com.nmwco.mobility.client.util.UserCertificateStore$1, reason: invalid class name */
    /* loaded from: classes.dex */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$com$nmwco$mobility$client$util$CertificateStoreEntry$KeyType;

        static {
            int[] iArr = new int[CertificateStoreEntry.KeyType.values().length];
            $SwitchMap$com$nmwco$mobility$client$util$CertificateStoreEntry$KeyType = iArr;
            try {
                iArr[CertificateStoreEntry.KeyType.LOCAL_KEY.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                $SwitchMap$com$nmwco$mobility$client$util$CertificateStoreEntry$KeyType[CertificateStoreEntry.KeyType.SYSTEM_KEY.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
        }
    }

    /* loaded from: classes.dex */
    public enum CertificateAvailability {
        AVAILABLE,
        UNAVAILABLE,
        KEYSTORE_LOCKED
    }

    /* JADX WARN: Code restructure failed: missing block: B:6:0x001a, code lost:
    
        if (r1 != 2) goto L15;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static boolean deleteCertificate(com.nmwco.mobility.client.util.CertificateStoreEntry r3) {
        /*
            com.nmwco.mobility.client.util.CertificateAlias r0 = r3.getKey()
            boolean r1 = r0.isValid()
            if (r1 == 0) goto L33
            int[] r1 = com.nmwco.mobility.client.util.UserCertificateStore.AnonymousClass1.$SwitchMap$com$nmwco$mobility$client$util$CertificateStoreEntry$KeyType
            com.nmwco.mobility.client.util.CertificateStoreEntry$KeyType r2 = r3.getKeyType()
            int r2 = r2.ordinal()
            r1 = r1[r2]
            r2 = 1
            if (r1 == r2) goto L1d
            r0 = 2
            if (r1 == r0) goto L2f
            goto L32
        L1d:
            com.nmwco.mobility.client.configuration.LocalKeyStore.deletePrivateKeyEntry(r0)     // Catch: java.lang.Exception -> L2f
            com.nmwco.mobility.client.util.CertificateAlias r0 = r3.getKeyChainAlias()     // Catch: java.lang.Exception -> L2f
            if (r0 == 0) goto L2f
            boolean r1 = r0.isValid()     // Catch: java.lang.Exception -> L2f
            if (r1 == 0) goto L2f
            com.nmwco.mobility.client.configuration.LocalKeyStore.deletePrivateKeyEntry(r0)     // Catch: java.lang.Exception -> L2f
        L2f:
            r3.clearMesCfgSettings()
        L32:
            return r2
        L33:
            r3 = 0
            return r3
        */
        throw new UnsupportedOperationException("Method not decompiled: com.nmwco.mobility.client.util.UserCertificateStore.deleteCertificate(com.nmwco.mobility.client.util.CertificateStoreEntry):boolean");
    }

    public static X509Certificate getCertificate(CertificateStoreEntry certificateStoreEntry) throws CertificateException {
        int i = AnonymousClass1.$SwitchMap$com$nmwco$mobility$client$util$CertificateStoreEntry$KeyType[certificateStoreEntry.getKeyType().ordinal()];
        if (i == 1) {
            try {
                X509Certificate certificateForPrivateKey = LocalKeyStore.getCertificateForPrivateKey(certificateStoreEntry.getKey());
                if (certificateForPrivateKey != null) {
                    return certificateForPrivateKey;
                }
            } catch (Exception e) {
                throw new CertificateException(e.getMessage(), e);
            }
        } else if (i == 2) {
            for (int i2 = 0; i2 < 3; i2++) {
                try {
                    CertificateAlias keyChainAlias = certificateStoreEntry.getKeyChainAlias();
                    Context sharedApplicationContext = SharedApplication.getSharedApplicationContext();
                    PrivateKey privateKey = KeyChain.getPrivateKey(sharedApplicationContext, keyChainAlias.getAlias());
                    X509Certificate[] certificateChain = KeyChain.getCertificateChain(sharedApplicationContext, keyChainAlias.getAlias());
                    if (privateKey != null && certificateChain != null) {
                        return certificateChain[0];
                    }
                } catch (InterruptedException unused) {
                } catch (NullPointerException unused2) {
                    return null;
                } catch (Exception e2) {
                    throw new CertificateException(e2.getCause() != null ? e2.getCause().getMessage() : e2.getMessage(), e2);
                }
            }
        }
        return null;
    }

    public static CertificateAvailability getCertificateAvailability(CertificateStoreEntry certificateStoreEntry) {
        try {
            if (getCertificate(certificateStoreEntry) != null) {
                return CertificateAvailability.AVAILABLE;
            }
        } catch (CertificateException e) {
            Log.d(EventCategories.EV_SRC_NOMAD_CLIENT_UI, Messages.EV_CERTIFICATE_NOT_ACCESSIBLE, e.getMessage());
            Throwable cause = e.getCause();
            if (cause instanceof KeyChainException) {
                Throwable cause2 = cause.getCause();
                if ((cause2 instanceof IllegalStateException) && cause2.getMessage().contains("LOCKED")) {
                    return CertificateAvailability.KEYSTORE_LOCKED;
                }
            }
        }
        return CertificateAvailability.UNAVAILABLE;
    }

    public static CertificateStoreEntry[] getCertificates() {
        ArrayList arrayList = new ArrayList();
        for (String str : Config.getEnumeratedKeys(CertificateStoreEntry.getPrefix())) {
            try {
                CertificateStoreEntry certificateStoreEntry = new CertificateStoreEntry(str);
                if (Looper.myLooper() == null) {
                    X509Certificate certificate = getCertificate(certificateStoreEntry);
                    if (certificate == null) {
                        throw new Exception("Unable to get certificate");
                        break;
                    }
                    certificateStoreEntry.setCertificate(certificate);
                }
                if (certificateStoreEntry.hasPrivateKey()) {
                    arrayList.add(certificateStoreEntry);
                }
            } catch (Exception unused) {
                Config.deleteKey(CertificateStoreEntry.getPrefix() + Config.KEY_SEP + str);
            }
        }
        return (CertificateStoreEntry[]) arrayList.toArray(new CertificateStoreEntry[arrayList.size()]);
    }

    public static CertificateStoreEntry getEntryForKeyChainAlias(CertificateAlias certificateAlias) {
        Iterator<String> it = Config.getEnumeratedKeys(CertificateStoreEntry.getPrefix()).iterator();
        while (it.hasNext()) {
            CertificateStoreEntry certificateStoreEntry = new CertificateStoreEntry(it.next());
            if (certificateStoreEntry.getKeyChainAlias().equals(certificateAlias)) {
                return certificateStoreEntry;
            }
        }
        return null;
    }

    public static PrivateKey getPrivateKey(CertificateStoreEntry certificateStoreEntry) throws SignatureException {
        int i = AnonymousClass1.$SwitchMap$com$nmwco$mobility$client$util$CertificateStoreEntry$KeyType[certificateStoreEntry.getKeyType().ordinal()];
        if (i == 1) {
            try {
                PrivateKey privateKey = LocalKeyStore.getPrivateKey(certificateStoreEntry.getKey());
                if (privateKey != null) {
                    return privateKey;
                }
                return null;
            } catch (Exception e) {
                e.printStackTrace();
                return null;
            }
        }
        if (i != 2) {
            return null;
        }
        try {
            Context sharedApplicationContext = SharedApplication.getSharedApplicationContext();
            CertificateAlias keyChainAlias = certificateStoreEntry.getKeyChainAlias();
            PrivateKey privateKey2 = KeyChain.getPrivateKey(sharedApplicationContext, keyChainAlias.getAlias());
            KeyChain.getCertificateChain(sharedApplicationContext, keyChainAlias.getAlias());
            return privateKey2;
        } catch (Exception e2) {
            throw new SignatureException(e2);
        }
    }

    public static CertificateStoreEntry installCertificate(InputStream inputStream, String str, boolean z) throws Exception {
        KeyStore keyStore = KeyStore.getInstance(KEYSTORE_PFX);
        if (keyStore != null) {
            try {
                keyStore.load(inputStream, str.toCharArray());
                Enumeration<String> aliases = keyStore.aliases();
                if (aliases != null) {
                    while (aliases.hasMoreElements()) {
                        String nextElement = aliases.nextElement();
                        if (keyStore.entryInstanceOf(nextElement, KeyStore.PrivateKeyEntry.class)) {
                            KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry(nextElement, null);
                            CertificateStoreEntry newCertificateEntry = CertificateStoreEntry.newCertificateEntry((X509Certificate) privateKeyEntry.getCertificate(), CertificateStoreEntry.KeyType.LOCAL_KEY, z, CertificateStoreEntry.HAS_PRIVATE_KEY.booleanValue());
                            if (LocalKeyStore.installPrivateKey(newCertificateEntry.getKey(), privateKeyEntry)) {
                                return newCertificateEntry;
                            }
                        }
                    }
                }
            } catch (IOException e) {
                throw new CertificateException(SharedApplication.getSharedApplication().getString(R.string.ui_certificate_invalid_certificate_or_password), e);
            }
        }
        return null;
    }

    public static boolean isCertificateAccessible(CertificateStoreEntry certificateStoreEntry) {
        if (certificateStoreEntry != null && certificateStoreEntry.exists()) {
            try {
                if (getCertificate(certificateStoreEntry) != null) {
                    return true;
                }
                throw new CertificateException("certificate doesn't exist");
            } catch (CertificateException e) {
                Log.d(EventCategories.EV_SRC_NOMAD_CLIENT_UI, Messages.EV_CERTIFICATE_NOT_ACCESSIBLE, e.getMessage());
            }
        }
        return false;
    }

    public static CertificateStoreEntry lookupEntryInKeyChain(CertificateAlias certificateAlias) {
        CertificateStoreEntry entryForKeyChainAlias = getEntryForKeyChainAlias(certificateAlias);
        if (entryForKeyChainAlias != null) {
            return entryForKeyChainAlias;
        }
        try {
            KeyChain.getPrivateKey(SharedApplication.getSharedApplicationContext(), certificateAlias.getAlias());
            X509Certificate[] certificateChain = KeyChain.getCertificateChain(SharedApplication.getSharedApplicationContext(), certificateAlias.getAlias());
            if (certificateChain == null || certificateChain.length < 1) {
                return null;
            }
            return CertificateStoreEntry.newCertificateEntry(certificateChain[0], CertificateStoreEntry.KeyType.SYSTEM_KEY, certificateAlias.getAlias(), CertificateStoreEntry.READWRITE.booleanValue(), CertificateStoreEntry.HAS_PRIVATE_KEY.booleanValue());
        } catch (Exception unused) {
            return null;
        }
    }
}
