package com.airwatch.sdk.certificate;

import android.annotation.SuppressLint;
import android.app.Activity;
import android.content.Context;
import android.security.KeyChain;
import android.security.KeyChainAliasCallback;
import android.security.KeyChainException;
import android.support.annotation.Nullable;
import android.support.annotation.WorkerThread;
import android.text.TextUtils;
import android.webkit.ClientCertRequest;
import android.webkit.ClientCertRequestHandler;
import com.airwatch.sdk.AirWatchSDKException;
import com.airwatch.sdk.configuration.SDKConfiguration;
import com.airwatch.sdk.configuration.SDKConfigurationKeys;
import com.airwatch.sdk.context.SDKContextManager;
import com.airwatch.sdk.context.awsdkcontext.SDKContextHelper;
import com.airwatch.storage.SDKKeyStore;
import com.airwatch.storage.SDKSecurePreferencesKeys;
import com.airwatch.util.Logger;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.PrivateKey;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import java.util.concurrent.CountDownLatch;
import java.util.concurrent.TimeUnit;

/* loaded from: classes.dex */
public class CertificateFetchUtility {
    static CountDownLatch a = null;
    private static final String b = "CertAuth";
    private static final String c = "DerivedCredentials";

    @WorkerThread
    public static synchronized KeyStore a(Context context, boolean z) {
        KeyStore b2;
        synchronized (CertificateFetchUtility.class) {
            if (!a()) {
                b2 = null;
            } else if (z || (b2 = b()) == null) {
                SDKContextHelper sDKContextHelper = new SDKContextHelper();
                SDKConfiguration b3 = SDKContextManager.a().b();
                String b4 = b3.b(SDKConfigurationKeys.bb, "CertificateIssuer");
                String b5 = b3.b(SDKConfigurationKeys.bb, "IssuerToken");
                String b6 = b3.b(SDKConfigurationKeys.bb, SDKConfigurationKeys.bg);
                if (TextUtils.isEmpty(b6)) {
                    a(context, sDKContextHelper, b4, b5);
                } else if (c.equals(b6)) {
                    a(context, sDKContextHelper);
                } else {
                    Logger.d(b, "Unknown certificate provider");
                }
                b2 = b();
            }
        }
        return b2;
    }

    public static void a(Context context, final SDKContextHelper.AWContextCallBack aWContextCallBack, SDKConfiguration sDKConfiguration) {
        SDKContextHelper sDKContextHelper = new SDKContextHelper();
        String b2 = sDKConfiguration.b(SDKConfigurationKeys.bb, "CertificateIssuer");
        String b3 = sDKConfiguration.b(SDKConfigurationKeys.bb, "IssuerToken");
        if (!TextUtils.isEmpty(sDKConfiguration.b(SDKConfigurationKeys.bb, SDKConfigurationKeys.bg))) {
            sDKContextHelper.a(0, context, new SDKContextHelper.AWContextCallBack() { // from class: com.airwatch.sdk.certificate.CertificateFetchUtility.3
                @Override // com.airwatch.sdk.context.awsdkcontext.SDKContextHelper.AWContextCallBack
                public void a(int i, Object obj) {
                    SDKContextHelper.AWContextCallBack.this.a(0, CertificateFetchUtility.b());
                }

                @Override // com.airwatch.sdk.context.awsdkcontext.SDKContextHelper.AWContextCallBack
                public void a(AirWatchSDKException airWatchSDKException) {
                    SDKContextHelper.AWContextCallBack.this.a(airWatchSDKException);
                }
            });
        } else {
            if (TextUtils.isEmpty(b2) || TextUtils.isEmpty(b3)) {
                return;
            }
            sDKContextHelper.a(0, context, SDKSecurePreferencesKeys.R, b2, b3, new SDKContextHelper.AWContextCallBack() { // from class: com.airwatch.sdk.certificate.CertificateFetchUtility.4
                @Override // com.airwatch.sdk.context.awsdkcontext.SDKContextHelper.AWContextCallBack
                public void a(int i, Object obj) {
                    SDKContextHelper.AWContextCallBack.this.a(0, CertificateFetchUtility.b());
                }

                @Override // com.airwatch.sdk.context.awsdkcontext.SDKContextHelper.AWContextCallBack
                public void a(AirWatchSDKException airWatchSDKException) {
                    SDKContextHelper.AWContextCallBack.this.a(airWatchSDKException);
                }
            });
        }
    }

    private static void a(Context context, SDKContextHelper sDKContextHelper) {
        a = new CountDownLatch(1);
        try {
            sDKContextHelper.a(0, context, new SDKContextHelper.AWContextCallBack() { // from class: com.airwatch.sdk.certificate.CertificateFetchUtility.1
                @Override // com.airwatch.sdk.context.awsdkcontext.SDKContextHelper.AWContextCallBack
                public void a(int i, Object obj) {
                    if (CertificateFetchUtility.a != null) {
                        CertificateFetchUtility.a.countDown();
                    }
                }

                @Override // com.airwatch.sdk.context.awsdkcontext.SDKContextHelper.AWContextCallBack
                public void a(AirWatchSDKException airWatchSDKException) {
                    Logger.d(CertificateFetchUtility.b, airWatchSDKException);
                }
            });
            a.await(10000L, TimeUnit.MILLISECONDS);
            a = null;
        } catch (InterruptedException e) {
            Logger.d(b, e);
        }
        a = null;
    }

    private static void a(Context context, SDKContextHelper sDKContextHelper, String str, String str2) {
        a = new CountDownLatch(1);
        try {
            sDKContextHelper.a(0, context, SDKSecurePreferencesKeys.R, str, str2, new SDKContextHelper.AWContextCallBack() { // from class: com.airwatch.sdk.certificate.CertificateFetchUtility.2
                @Override // com.airwatch.sdk.context.awsdkcontext.SDKContextHelper.AWContextCallBack
                public void a(int i, Object obj) {
                    if (CertificateFetchUtility.a != null) {
                        CertificateFetchUtility.a.countDown();
                    }
                }

                @Override // com.airwatch.sdk.context.awsdkcontext.SDKContextHelper.AWContextCallBack
                public void a(AirWatchSDKException airWatchSDKException) {
                    Logger.d(CertificateFetchUtility.b, airWatchSDKException);
                }
            });
            a.await(10000L, TimeUnit.MILLISECONDS);
        } catch (InterruptedException e) {
            Logger.d(b, e);
        }
        a = null;
    }

    public static void a(final Context context, final Object obj) {
        KeyChain.choosePrivateKeyAlias((Activity) context, new KeyChainAliasCallback() { // from class: com.airwatch.sdk.certificate.CertificateFetchUtility.5
            @Override // android.security.KeyChainAliasCallback
            public void alias(@Nullable String str) {
                CertificateFetchUtility.b(str, context, obj);
            }
        }, new String[0], null, "localhost", -1, "tomcat");
    }

    @SuppressLint({"NewApi"})
    public static void a(KeyStore keyStore, Object obj) {
        PrivateKey privateKey;
        X509Certificate[] x509CertificateArr = null;
        if (keyStore == null || obj == null) {
            return;
        }
        try {
            Enumeration<String> aliases = keyStore.aliases();
            while (true) {
                if (!aliases.hasMoreElements()) {
                    privateKey = null;
                    break;
                }
                String nextElement = aliases.nextElement();
                if (keyStore.isKeyEntry(nextElement)) {
                    KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry(nextElement, null);
                    PrivateKey privateKey2 = privateKeyEntry.getPrivateKey();
                    x509CertificateArr = (X509Certificate[]) privateKeyEntry.getCertificateChain();
                    privateKey = privateKey2;
                    break;
                }
            }
            if (privateKey == null || x509CertificateArr == null) {
                if (obj instanceof ClientCertRequest) {
                    Logger.a(b, "proceeding with ignore");
                    ((ClientCertRequest) obj).ignore();
                    return;
                }
                return;
            }
            Logger.a(b, "proceeding with Cet" + x509CertificateArr[0].getSubjectDN());
            if (obj instanceof ClientCertRequestHandler) {
                ((ClientCertRequestHandler) obj).proceed(privateKey, x509CertificateArr);
            } else {
                ((ClientCertRequest) obj).proceed(privateKey, x509CertificateArr);
            }
        } catch (Exception e) {
            Logger.d(b, "exception while handling authintication", (Throwable) e);
        }
    }

    public static boolean a() {
        try {
            SDKConfiguration b2 = SDKContextManager.a().b();
            String b3 = b2.b(SDKConfigurationKeys.bb, "CertificateIssuer");
            String b4 = b2.b(SDKConfigurationKeys.bb, SDKConfigurationKeys.bg);
            if (!TextUtils.isEmpty(b3) || !TextUtils.isEmpty(b4)) {
                Logger.a(b, "Cert Auth Status true");
                return true;
            }
        } catch (Exception e) {
            Logger.d(b, "Error in Cert Enabled Check", (Throwable) e);
        }
        Logger.a(b, "Cert Auth Status false");
        return false;
    }

    public static KeyStore b() {
        SDKKeyStore k = SDKContextManager.a().k();
        if (k.a(SDKSecurePreferencesKeys.R)) {
            try {
                KeyStore c2 = k.c(SDKSecurePreferencesKeys.R);
                if (c2 != null) {
                    Logger.a(b, "Returning Key Store");
                    return c2;
                }
            } catch (KeyStoreException | CertificateException e) {
                Logger.d(b, e);
            }
        }
        return null;
    }

    /* JADX INFO: Access modifiers changed from: private */
    @SuppressLint({"NewApi"})
    public static void b(String str, Context context, Object obj) {
        try {
            X509Certificate[] certificateChain = KeyChain.getCertificateChain(context, str);
            if (certificateChain == null) {
                Logger.a(b, "X509 chain is null");
                if (obj instanceof ClientCertRequest) {
                    ((ClientCertRequest) obj).ignore();
                }
            } else {
                PrivateKey privateKey = KeyChain.getPrivateKey(context, str);
                if (obj instanceof ClientCertRequestHandler) {
                    ((ClientCertRequestHandler) obj).proceed(privateKey, certificateChain);
                } else {
                    ((ClientCertRequest) obj).proceed(privateKey, certificateChain);
                }
            }
        } catch (KeyChainException | InterruptedException e) {
            Logger.d(b, "Unable to do cert auth from keychain ", e);
        }
    }
}
