package com.android.keychain;

import android.R;
import android.app.Activity;
import android.app.AlertDialog;
import android.app.PendingIntent;
import android.app.admin.IDevicePolicyManager;
import android.content.Context;
import android.content.DialogInterface;
import android.content.Intent;
import android.content.pm.PackageManager;
import android.content.res.Resources;
import android.net.Uri;
import android.os.AsyncTask;
import android.os.RemoteException;
import android.os.ServiceManager;
import android.security.IKeyChainAliasCallback;
import android.security.KeyChain;
import android.security.KeyStore;
import android.util.Log;
import android.view.LayoutInflater;
import android.view.View;
import android.view.ViewGroup;
import android.widget.AdapterView;
import android.widget.BaseAdapter;
import android.widget.ListView;
import android.widget.RadioButton;
import android.widget.TextView;
import com.android.internal.annotations.VisibleForTesting;
import com.android.keychain.KeyChainActivity;
import com.android.keychain.internal.KeyInfoProvider;
import com.android.org.bouncycastle.asn1.x509.X509Name;
import java.io.ByteArrayInputStream;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Objects;
import java.util.concurrent.ExecutionException;
import java.util.function.Predicate;
import java.util.stream.Collectors;
import java.util.stream.Stream;
import javax.security.auth.x500.X500Principal;

/* loaded from: classes.dex */
public class KeyChainActivity extends Activity {
    private KeyStore mKeyStore = KeyStore.getInstance();
    private PendingIntent mSender;
    private int mSenderUid;

    /* JADX INFO: Access modifiers changed from: package-private */
    @VisibleForTesting
    /* loaded from: classes.dex */
    public static class AliasLoader extends AsyncTask<Void, Void, CertificateAdapter> {
        private final CertificateParametersFilter mCertificateFilter;
        private final Context mContext;
        private final KeyInfoProvider mInfoProvider;
        private final KeyStore mKeyStore;

        public AliasLoader(KeyStore keyStore, Context context, KeyInfoProvider keyInfoProvider, CertificateParametersFilter certificateParametersFilter) {
            this.mKeyStore = keyStore;
            this.mContext = context;
            this.mInfoProvider = keyInfoProvider;
            this.mCertificateFilter = certificateParametersFilter;
        }

        /* JADX INFO: Access modifiers changed from: protected */
        @Override // android.os.AsyncTask
        public CertificateAdapter doInBackground(Void... voidArr) {
            String[] list = this.mKeyStore.list("USRPKEY_");
            List emptyList = list == null ? Collections.emptyList() : Arrays.asList(list);
            KeyStore keyStore = this.mKeyStore;
            Context context = this.mContext;
            Stream stream = emptyList.stream();
            final KeyInfoProvider keyInfoProvider = this.mInfoProvider;
            Objects.requireNonNull(keyInfoProvider);
            Stream filter = stream.filter(new Predicate() { // from class: com.android.keychain.-$$Lambda$weVG-KQSk-7Gu752kdmGT8uHroE
                @Override // java.util.function.Predicate
                public final boolean test(Object obj) {
                    return KeyInfoProvider.this.isUserSelectable((String) obj);
                }
            });
            final CertificateParametersFilter certificateParametersFilter = this.mCertificateFilter;
            Objects.requireNonNull(certificateParametersFilter);
            return new CertificateAdapter(keyStore, context, (List) filter.filter(new Predicate() { // from class: com.android.keychain.-$$Lambda$QKjJylqdBin4FRhNMtjM6rlN1Kc
                @Override // java.util.function.Predicate
                public final boolean test(Object obj) {
                    return KeyChainActivity.CertificateParametersFilter.this.shouldPresentCertificate((String) obj);
                }
            }).sorted().collect(Collectors.toList()), this.mCertificateFilter.areIssuersOrKeyTypesSpecified());
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @VisibleForTesting
    /* loaded from: classes.dex */
    public static class CertificateAdapter extends BaseAdapter {
        private final List<String> mAliases;
        private final Context mContext;
        private final boolean mIssuersOrKeyTypesSpecified;
        private final KeyStore mKeyStore;
        private final List<String> mSubjects;

        /* loaded from: classes.dex */
        private class CertLoader extends AsyncTask<Void, Void, String> {
            private final int mAdapterPosition;
            private final TextView mSubjectView;

            private CertLoader(int i, TextView textView) {
                this.mAdapterPosition = i;
                this.mSubjectView = textView;
            }

            /* JADX INFO: Access modifiers changed from: protected */
            @Override // android.os.AsyncTask
            public String doInBackground(Void... voidArr) {
                X509Certificate loadCertificate = KeyChainActivity.loadCertificate(CertificateAdapter.this.mKeyStore, (String) CertificateAdapter.this.mAliases.get(this.mAdapterPosition));
                if (loadCertificate == null) {
                    return null;
                }
                return X509Name.getInstance(loadCertificate.getSubjectX500Principal().getEncoded()).toString(true, X509Name.DefaultSymbols);
            }

            /* JADX INFO: Access modifiers changed from: protected */
            @Override // android.os.AsyncTask
            public void onPostExecute(String str) {
                CertificateAdapter.this.mSubjects.set(this.mAdapterPosition, str);
                this.mSubjectView.setText(str);
            }
        }

        private CertificateAdapter(KeyStore keyStore, Context context, List<String> list, boolean z) {
            this.mSubjects = new ArrayList();
            this.mAliases = list;
            this.mSubjects.addAll(Collections.nCopies(list.size(), null));
            this.mKeyStore = keyStore;
            this.mContext = context;
            this.mIssuersOrKeyTypesSpecified = z;
        }

        @Override // android.widget.Adapter
        public int getCount() {
            return this.mAliases.size();
        }

        @Override // android.widget.Adapter
        public String getItem(int i) {
            return this.mAliases.get(i);
        }

        @Override // android.widget.Adapter
        public long getItemId(int i) {
            return i;
        }

        @Override // android.widget.Adapter
        public View getView(int i, View view, ViewGroup viewGroup) {
            ViewHolder viewHolder;
            if (view == null) {
                view = LayoutInflater.from(this.mContext).inflate(R.layout.cert_item, viewGroup, false);
                viewHolder = new ViewHolder();
                viewHolder.mAliasTextView = (TextView) view.findViewById(R.id.cert_item_alias);
                viewHolder.mSubjectTextView = (TextView) view.findViewById(R.id.cert_item_subject);
                viewHolder.mRadioButton = (RadioButton) view.findViewById(R.id.cert_item_selected);
                view.setTag(viewHolder);
            } else {
                viewHolder = (ViewHolder) view.getTag();
            }
            viewHolder.mAliasTextView.setText(this.mAliases.get(i));
            String str = this.mSubjects.get(i);
            if (str == null) {
                new CertLoader(i, viewHolder.mSubjectTextView).execute(new Void[0]);
            } else {
                viewHolder.mSubjectTextView.setText(str);
            }
            viewHolder.mRadioButton.setChecked(i == ((ListView) viewGroup).getCheckedItemPosition() - 1);
            return view;
        }

        public boolean hasKeysToChoose() {
            return !this.mAliases.isEmpty();
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    @VisibleForTesting
    /* loaded from: classes.dex */
    public static class CertificateParametersFilter {
        private final List<X500Principal> mIssuers = new ArrayList();
        private final KeyStore mKeyStore;
        private final List<String> mKeyTypes;

        public CertificateParametersFilter(KeyStore keyStore, String[] strArr, ArrayList<byte[]> arrayList) {
            this.mKeyStore = keyStore;
            this.mKeyTypes = Arrays.asList(strArr);
            Iterator<byte[]> it = arrayList.iterator();
            while (it.hasNext()) {
                byte[] next = it.next();
                try {
                    Log.i("KeyChain", "Added issuer: " + new X500Principal(next).getName());
                    this.mIssuers.add(new X500Principal(next));
                } catch (IllegalArgumentException e) {
                    Log.w("KeyChain", "Skipping invalid issuer", e);
                }
            }
        }

        public boolean areIssuersOrKeyTypesSpecified() {
            return (this.mIssuers.isEmpty() && this.mKeyTypes.isEmpty()) ? false : true;
        }

        public boolean shouldPresentCertificate(String str) {
            X509Certificate loadCertificate = KeyChainActivity.loadCertificate(this.mKeyStore, str);
            if (loadCertificate == null) {
                return false;
            }
            Log.i("KeyChain", String.format("Inspecting certificate %s aliased with %s", loadCertificate.getSubjectDN().getName(), str));
            String algorithm = loadCertificate.getPublicKey().getAlgorithm();
            Log.i("KeyChain", String.format("Certificate key algorithm: %s", algorithm));
            if (!this.mKeyTypes.isEmpty() && !this.mKeyTypes.contains(algorithm)) {
                return false;
            }
            X500Principal issuerX500Principal = loadCertificate.getIssuerX500Principal();
            Log.i("KeyChain", String.format("Certificate issuer: %s", issuerX500Principal.getName()));
            return this.mIssuers.isEmpty() || this.mIssuers.contains(issuerX500Principal);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public class ResponseSender extends AsyncTask<Void, Void, Void> {
        private String mAlias;
        private boolean mFromPolicy;
        private IKeyChainAliasCallback mKeyChainAliasResponse;

        private ResponseSender(IKeyChainAliasCallback iKeyChainAliasCallback, String str, boolean z) {
            this.mKeyChainAliasResponse = iKeyChainAliasCallback;
            this.mAlias = str;
            this.mFromPolicy = z;
        }

        /* JADX INFO: Access modifiers changed from: protected */
        @Override // android.os.AsyncTask
        public Void doInBackground(Void... voidArr) {
            try {
                if (this.mAlias != null) {
                    KeyChain.KeyChainConnection bind = KeyChain.bind(KeyChainActivity.this);
                    try {
                        if (!this.mFromPolicy && !bind.getService().isUserSelectable(this.mAlias)) {
                            Log.w("KeyChain", String.format("Alias %s not user-selectable.", this.mAlias));
                            return null;
                        }
                        bind.getService().setGrant(KeyChainActivity.this.mSenderUid, this.mAlias, true);
                        bind.close();
                    } finally {
                        bind.close();
                    }
                }
                this.mKeyChainAliasResponse.alias(this.mAlias);
            } catch (InterruptedException e) {
                Thread.currentThread().interrupt();
                Log.d("KeyChain", "interrupted while granting access", e);
            } catch (Exception e2) {
                Log.e("KeyChain", "error while granting access", e2);
            }
            return null;
        }

        /* JADX INFO: Access modifiers changed from: protected */
        @Override // android.os.AsyncTask
        public void onPostExecute(Void r1) {
            KeyChainActivity.this.finish();
        }
    }

    /* loaded from: classes.dex */
    private static class ViewHolder {
        TextView mAliasTextView;
        RadioButton mRadioButton;
        TextView mSubjectTextView;

        private ViewHolder() {
        }
    }

    private void chooseCertificate() {
        KeyInfoProvider keyInfoProvider = new KeyInfoProvider() { // from class: com.android.keychain.KeyChainActivity.1
            @Override // com.android.keychain.internal.KeyInfoProvider
            public boolean isUserSelectable(String str) {
                try {
                    KeyChain.KeyChainConnection bind = KeyChain.bind(KeyChainActivity.this);
                    try {
                        boolean isUserSelectable = bind.getService().isUserSelectable(str);
                        if (bind != null) {
                            bind.close();
                        }
                        return isUserSelectable;
                    } catch (Throwable th) {
                        try {
                            throw th;
                        } catch (Throwable th2) {
                            if (bind != null) {
                                try {
                                    bind.close();
                                } catch (Throwable th3) {
                                    th.addSuppressed(th3);
                                }
                            }
                            throw th2;
                        }
                    }
                } catch (InterruptedException e) {
                    Log.e("KeyChain", "interrupted while checking if key is user-selectable", e);
                    Thread.currentThread().interrupt();
                    return false;
                } catch (Exception e2) {
                    Log.e("KeyChain", "error while checking if key is user-selectable", e2);
                    return false;
                }
            }
        };
        String[] stringArrayExtra = getIntent().getStringArrayExtra("key_types");
        if (stringArrayExtra == null) {
            stringArrayExtra = new String[0];
        }
        ArrayList arrayList = (ArrayList) getIntent().getSerializableExtra("issuers");
        if (arrayList == null) {
            arrayList = new ArrayList();
        }
        KeyStore keyStore = this.mKeyStore;
        final AliasLoader aliasLoader = new AliasLoader(keyStore, this, keyInfoProvider, new CertificateParametersFilter(keyStore, stringArrayExtra, arrayList));
        aliasLoader.execute(new Void[0]);
        IKeyChainAliasCallback.Stub stub = new IKeyChainAliasCallback.Stub() { // from class: com.android.keychain.KeyChainActivity.2
            public void alias(String str) {
                if (str != null) {
                    KeyChainActivity.this.finishWithAliasFromPolicy(str);
                    return;
                }
                try {
                    final CertificateAdapter certificateAdapter = aliasLoader.get();
                    if (certificateAdapter.hasKeysToChoose()) {
                        KeyChainActivity.this.runOnUiThread(new Runnable() { // from class: com.android.keychain.KeyChainActivity.2.1
                            @Override // java.lang.Runnable
                            public void run() {
                                KeyChainActivity.this.displayCertChooserDialog(certificateAdapter);
                            }
                        });
                    } else {
                        KeyChainActivity.this.finish(null);
                    }
                } catch (InterruptedException | ExecutionException e) {
                    Log.e("KeyChain", "Loading certificate aliases interrupted", e);
                    KeyChainActivity.this.finish(null);
                }
            }
        };
        try {
            IDevicePolicyManager.Stub.asInterface(ServiceManager.getService("device_policy")).choosePrivateKeyAlias(this.mSenderUid, (Uri) getIntent().getParcelableExtra("uri"), getIntent().getStringExtra("alias"), stub);
        } catch (RemoteException e) {
            Log.e("KeyChain", "Unable to request alias from DevicePolicyManager", e);
            try {
                stub.alias((String) null);
            } catch (RemoteException unused) {
                finish(null);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void displayCertChooserDialog(final CertificateAdapter certificateAdapter) {
        String string;
        int i;
        AlertDialog.Builder builder = new AlertDialog.Builder(this);
        boolean isEmpty = certificateAdapter.mAliases.isEmpty();
        builder.setNegativeButton(isEmpty ? R.string.cancel : R.string.deny_button, new DialogInterface.OnClickListener() { // from class: com.android.keychain.KeyChainActivity.3
            @Override // android.content.DialogInterface.OnClickListener
            public void onClick(DialogInterface dialogInterface, int i2) {
                dialogInterface.cancel();
            }
        });
        Resources resources = getResources();
        if (isEmpty) {
            string = resources.getString(R.string.title_no_certs);
            i = -1;
        } else {
            string = resources.getString(R.string.title_select_cert);
            String stringExtra = getIntent().getStringExtra("alias");
            if (stringExtra != null) {
                int indexOf = certificateAdapter.mAliases.indexOf(stringExtra);
                if (indexOf != -1) {
                    i = indexOf + 1;
                    builder.setPositiveButton(R.string.allow_button, new DialogInterface.OnClickListener() { // from class: com.android.keychain.KeyChainActivity.4
                        @Override // android.content.DialogInterface.OnClickListener
                        public void onClick(DialogInterface dialogInterface, int i2) {
                            if (dialogInterface instanceof AlertDialog) {
                                int checkedItemPosition = ((AlertDialog) dialogInterface).getListView().getCheckedItemPosition() - 1;
                                KeyChainActivity.this.finish(checkedItemPosition >= 0 ? certificateAdapter.getItem(checkedItemPosition) : null);
                                return;
                            }
                            Log.wtf("KeyChain", "Expected AlertDialog, got " + dialogInterface, new Exception());
                            KeyChainActivity.this.finish(null);
                        }
                    });
                }
                i = -1;
                builder.setPositiveButton(R.string.allow_button, new DialogInterface.OnClickListener() { // from class: com.android.keychain.KeyChainActivity.4
                    @Override // android.content.DialogInterface.OnClickListener
                    public void onClick(DialogInterface dialogInterface, int i2) {
                        if (dialogInterface instanceof AlertDialog) {
                            int checkedItemPosition = ((AlertDialog) dialogInterface).getListView().getCheckedItemPosition() - 1;
                            KeyChainActivity.this.finish(checkedItemPosition >= 0 ? certificateAdapter.getItem(checkedItemPosition) : null);
                            return;
                        }
                        Log.wtf("KeyChain", "Expected AlertDialog, got " + dialogInterface, new Exception());
                        KeyChainActivity.this.finish(null);
                    }
                });
            } else {
                if (certificateAdapter.mAliases.size() == 1) {
                    i = 1;
                    builder.setPositiveButton(R.string.allow_button, new DialogInterface.OnClickListener() { // from class: com.android.keychain.KeyChainActivity.4
                        @Override // android.content.DialogInterface.OnClickListener
                        public void onClick(DialogInterface dialogInterface, int i2) {
                            if (dialogInterface instanceof AlertDialog) {
                                int checkedItemPosition = ((AlertDialog) dialogInterface).getListView().getCheckedItemPosition() - 1;
                                KeyChainActivity.this.finish(checkedItemPosition >= 0 ? certificateAdapter.getItem(checkedItemPosition) : null);
                                return;
                            }
                            Log.wtf("KeyChain", "Expected AlertDialog, got " + dialogInterface, new Exception());
                            KeyChainActivity.this.finish(null);
                        }
                    });
                }
                i = -1;
                builder.setPositiveButton(R.string.allow_button, new DialogInterface.OnClickListener() { // from class: com.android.keychain.KeyChainActivity.4
                    @Override // android.content.DialogInterface.OnClickListener
                    public void onClick(DialogInterface dialogInterface, int i2) {
                        if (dialogInterface instanceof AlertDialog) {
                            int checkedItemPosition = ((AlertDialog) dialogInterface).getListView().getCheckedItemPosition() - 1;
                            KeyChainActivity.this.finish(checkedItemPosition >= 0 ? certificateAdapter.getItem(checkedItemPosition) : null);
                            return;
                        }
                        Log.wtf("KeyChain", "Expected AlertDialog, got " + dialogInterface, new Exception());
                        KeyChainActivity.this.finish(null);
                    }
                });
            }
        }
        builder.setTitle(string);
        builder.setSingleChoiceItems(certificateAdapter, i, (DialogInterface.OnClickListener) null);
        final AlertDialog create = builder.create();
        TextView textView = (TextView) View.inflate(this, R.layout.cert_chooser_header, null);
        final ListView listView = create.getListView();
        listView.addHeaderView(textView, null, false);
        listView.setOnItemClickListener(new AdapterView.OnItemClickListener() { // from class: com.android.keychain.KeyChainActivity.5
            @Override // android.widget.AdapterView.OnItemClickListener
            public void onItemClick(AdapterView<?> adapterView, View view, int i2, long j) {
                if (i2 == 0) {
                    return;
                }
                create.getButton(-1).setEnabled(true);
                listView.setItemChecked(i2, true);
                certificateAdapter.notifyDataSetChanged();
            }
        });
        String targetPackage = this.mSender.getIntentSender().getTargetPackage();
        PackageManager packageManager = getPackageManager();
        try {
            targetPackage = packageManager.getApplicationLabel(packageManager.getApplicationInfo(targetPackage, 0)).toString();
        } catch (PackageManager.NameNotFoundException unused) {
        }
        String format = String.format(resources.getString(R.string.requesting_application), targetPackage);
        Uri uri = (Uri) getIntent().getParcelableExtra("uri");
        if (uri != null) {
            String format2 = String.format(resources.getString(R.string.requesting_server), uri.getAuthority());
            if (format == null) {
                format = format2;
            } else {
                format = format + " " + format2;
            }
        }
        textView.setText(format);
        if (i == -1) {
            create.setOnShowListener(new DialogInterface.OnShowListener() { // from class: com.android.keychain.KeyChainActivity.6
                @Override // android.content.DialogInterface.OnShowListener
                public void onShow(DialogInterface dialogInterface) {
                    create.getButton(-1).setEnabled(false);
                }
            });
        }
        create.setOnCancelListener(new DialogInterface.OnCancelListener() { // from class: com.android.keychain.KeyChainActivity.7
            @Override // android.content.DialogInterface.OnCancelListener
            public void onCancel(DialogInterface dialogInterface) {
                KeyChainActivity.this.finish(null);
            }
        });
        create.show();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void finish(String str) {
        finish(str, false);
    }

    private void finish(String str, boolean z) {
        if (str == null) {
            setResult(0);
        } else {
            Intent intent = new Intent();
            intent.putExtra("android.intent.extra.TEXT", str);
            setResult(-1, intent);
        }
        IKeyChainAliasCallback asInterface = IKeyChainAliasCallback.Stub.asInterface(getIntent().getIBinderExtra("response"));
        if (asInterface != null) {
            new ResponseSender(asInterface, str, z).execute(new Void[0]);
        } else {
            finish();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void finishWithAliasFromPolicy(String str) {
        finish(str, true);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static X509Certificate loadCertificate(KeyStore keyStore, String str) {
        byte[] bArr = keyStore.get("USRCERT_" + str);
        if (bArr == null) {
            return null;
        }
        try {
            return (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(bArr));
        } catch (CertificateException e) {
            Log.w("KeyChain", "Error generating certificate", e);
            return null;
        }
    }

    @Override // android.app.Activity
    public void onBackPressed() {
        finish(null);
    }

    @Override // android.app.Activity
    public void onResume() {
        super.onResume();
        this.mSender = (PendingIntent) getIntent().getParcelableExtra("sender");
        if (this.mSender == null) {
            finish(null);
            return;
        }
        try {
            this.mSenderUid = getPackageManager().getPackageInfo(this.mSender.getIntentSender().getTargetPackage(), 0).applicationInfo.uid;
            chooseCertificate();
        } catch (PackageManager.NameNotFoundException unused) {
            finish(null);
        }
    }
}
