package de.blinkt.openvpn.core;

import android.R;
import android.content.ComponentName;
import android.content.Context;
import android.content.Intent;
import android.content.ServiceConnection;
import android.content.pm.PackageManager;
import android.content.pm.ResolveInfo;
import android.content.pm.ServiceInfo;
import android.os.Bundle;
import android.os.IBinder;
import android.os.Looper;
import android.os.RemoteException;
import android.security.KeyChainException;
import android.support.v4.media.a;
import android.widget.ArrayAdapter;
import android.widget.Spinner;
import android.widget.SpinnerAdapter;
import androidx.annotation.NonNull;
import androidx.annotation.Nullable;
import androidx.annotation.WorkerThread;
import de.blinkt.openvpn.api.ExternalCertificateProvider;
import java.io.ByteArrayInputStream;
import java.io.Closeable;
import java.io.UnsupportedEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import java.util.Vector;
import java.util.concurrent.LinkedBlockingQueue;

/* loaded from: classes2.dex */
public class ExtAuthHelper {
    public static final String ACTION_CERT_CONFIGURATION = "de.blinkt.openvpn.api.ExternalCertificateConfiguration";
    public static final String ACTION_CERT_PROVIDER = "de.blinkt.openvpn.api.ExternalCertificateProvider";
    public static final String EXTRA_ALIAS = "de.blinkt.openvpn.api.KEY_ALIAS";
    public static final String EXTRA_DESCRIPTION = "de.blinkt.openvpn.api.KEY_DESCRIPTION";

    /* loaded from: classes2.dex */
    public static class ExternalAuthProvider {
        public boolean configurable = false;
        private String label;
        public String packageName;

        public String toString() {
            return this.label;
        }
    }

    /* loaded from: classes2.dex */
    public static class ExternalAuthProviderConnection implements Closeable {
        private final Context context;
        private final ExternalCertificateProvider service;
        private final ServiceConnection serviceConnection;

        public ExternalAuthProviderConnection(Context context, ServiceConnection serviceConnection, ExternalCertificateProvider externalCertificateProvider) {
            this.context = context;
            this.serviceConnection = serviceConnection;
            this.service = externalCertificateProvider;
        }

        @Override // java.io.Closeable, java.lang.AutoCloseable
        public void close() {
            this.context.unbindService(this.serviceConnection);
        }

        public ExternalCertificateProvider getService() {
            return this.service;
        }
    }

    @WorkerThread
    public static ExternalAuthProviderConnection bindToExtAuthProvider(@NonNull Context context, String str) {
        ensureNotOnMainThread(context);
        final LinkedBlockingQueue linkedBlockingQueue = new LinkedBlockingQueue(1);
        ServiceConnection serviceConnection = new ServiceConnection() { // from class: de.blinkt.openvpn.core.ExtAuthHelper.1
            public volatile boolean mConnectedAtLeastOnce = false;

            @Override // android.content.ServiceConnection
            public void onServiceConnected(ComponentName componentName, IBinder iBinder) {
                if (this.mConnectedAtLeastOnce) {
                    return;
                }
                this.mConnectedAtLeastOnce = true;
                try {
                    linkedBlockingQueue.put(ExternalCertificateProvider.Stub.asInterface(iBinder));
                } catch (InterruptedException unused) {
                }
            }

            @Override // android.content.ServiceConnection
            public void onServiceDisconnected(ComponentName componentName) {
            }
        };
        Intent intent = new Intent(ACTION_CERT_PROVIDER);
        intent.setPackage(str);
        if (context.bindService(intent, serviceConnection, 1)) {
            return new ExternalAuthProviderConnection(context, serviceConnection, (ExternalCertificateProvider) linkedBlockingQueue.take());
        }
        throw new KeyChainException(a.l("could not bind to external authticator app: ", str));
    }

    private static void ensureNotOnMainThread(@NonNull Context context) {
        Looper myLooper = Looper.myLooper();
        if (myLooper != null && myLooper == context.getMainLooper()) {
            throw new IllegalStateException("calling this from your main thread can lead to deadlock");
        }
    }

    @Nullable
    @WorkerThread
    public static X509Certificate[] getCertificateChain(@NonNull Context context, @NonNull String str, @NonNull String str2) {
        try {
            ExternalAuthProviderConnection bindToExtAuthProvider = bindToExtAuthProvider(context.getApplicationContext(), str);
            try {
                byte[] certificateChain = bindToExtAuthProvider.getService().getCertificateChain(str2);
                if (certificateChain == null) {
                    bindToExtAuthProvider.close();
                    return null;
                }
                Collection<X509Certificate> certificates = toCertificates(certificateChain);
                X509Certificate[] x509CertificateArr = (X509Certificate[]) certificates.toArray(new X509Certificate[certificates.size()]);
                bindToExtAuthProvider.close();
                return x509CertificateArr;
            } catch (Throwable th) {
                if (bindToExtAuthProvider != null) {
                    try {
                        bindToExtAuthProvider.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                }
                throw th;
            }
        } catch (RemoteException | InterruptedException | RuntimeException e3) {
            throw new KeyChainException(e3);
        }
    }

    public static Bundle getCertificateMetaData(@NonNull Context context, @NonNull String str, String str2) {
        try {
            ExternalAuthProviderConnection bindToExtAuthProvider = bindToExtAuthProvider(context.getApplicationContext(), str);
            try {
                Bundle certificateMetaData = bindToExtAuthProvider.getService().getCertificateMetaData(str2);
                bindToExtAuthProvider.close();
                return certificateMetaData;
            } catch (Throwable th) {
                if (bindToExtAuthProvider != null) {
                    try {
                        bindToExtAuthProvider.close();
                    } catch (Throwable th2) {
                        th.addSuppressed(th2);
                    }
                }
                throw th;
            }
        } catch (RemoteException | InterruptedException | RuntimeException e3) {
            throw new KeyChainException(e3);
        }
    }

    public static ArrayList<ExternalAuthProvider> getExternalAuthProviderList(Context context) {
        Intent intent = new Intent(ACTION_CERT_CONFIGURATION);
        PackageManager packageManager = context.getPackageManager();
        List<ResolveInfo> queryIntentActivities = packageManager.queryIntentActivities(intent, 0);
        List<ResolveInfo> queryIntentServices = packageManager.queryIntentServices(new Intent(ACTION_CERT_PROVIDER), 0);
        ArrayList<ExternalAuthProvider> arrayList = new ArrayList<>();
        for (ResolveInfo resolveInfo : queryIntentServices) {
            ExternalAuthProvider externalAuthProvider = new ExternalAuthProvider();
            ServiceInfo serviceInfo = resolveInfo.serviceInfo;
            externalAuthProvider.packageName = serviceInfo.packageName;
            externalAuthProvider.label = (String) serviceInfo.applicationInfo.loadLabel(packageManager);
            Iterator<ResolveInfo> it = queryIntentActivities.iterator();
            while (it.hasNext()) {
                if (resolveInfo.serviceInfo.packageName.equals(it.next().activityInfo.packageName)) {
                    externalAuthProvider.configurable = true;
                }
            }
            arrayList.add(externalAuthProvider);
        }
        return arrayList;
    }

    public static void setExternalAuthProviderSpinnerList(Spinner spinner, String str) {
        Context context = spinner.getContext();
        context.getPackageManager();
        ArrayList<ExternalAuthProvider> externalAuthProviderList = getExternalAuthProviderList(context);
        if (externalAuthProviderList.size() == 0) {
            str = "";
            ExternalAuthProvider externalAuthProvider = new ExternalAuthProvider();
            externalAuthProvider.label = "No external auth provider found";
            externalAuthProvider.packageName = "";
            externalAuthProvider.configurable = false;
            externalAuthProviderList.add(externalAuthProvider);
        }
        int i3 = -1;
        for (int i4 = 0; i4 < externalAuthProviderList.size(); i4++) {
            if (externalAuthProviderList.get(i4).packageName.equals(str)) {
                i3 = i4;
            }
        }
        spinner.setAdapter((SpinnerAdapter) new ArrayAdapter(context, R.layout.simple_spinner_item, R.id.text1, externalAuthProviderList));
        if (i3 != -1) {
            spinner.setSelection(i3);
        }
    }

    @Nullable
    @WorkerThread
    public static byte[] signData(@NonNull Context context, @NonNull String str, @NonNull String str2, @NonNull byte[] bArr) {
        try {
            ExternalAuthProviderConnection bindToExtAuthProvider = bindToExtAuthProvider(context.getApplicationContext(), str);
            try {
                byte[] signedData = bindToExtAuthProvider.getService().getSignedData(str2, bArr);
                bindToExtAuthProvider.close();
                return signedData;
            } finally {
            }
        } catch (RemoteException e3) {
            throw new KeyChainException(e3);
        }
    }

    public static Collection<X509Certificate> toCertificates(@NonNull byte[] bArr) {
        try {
            Vector vector = new Vector();
            for (String str : new String(bArr, "iso8859-1").split("-----BEGIN CERTIFICATE-----")) {
                vector.addAll(CertificateFactory.getInstance("X.509").generateCertificates(new ByteArrayInputStream(("-----BEGIN CERTIFICATE-----" + str).getBytes("iso8859-1"))));
            }
            return vector;
        } catch (UnsupportedEncodingException e3) {
            throw new AssertionError(e3);
        } catch (CertificateException e4) {
            throw new AssertionError(e4);
        }
    }
}
