package org.chromium.chrome.browser;

import android.app.Activity;
import android.content.Context;
import android.os.AsyncTask;
import android.security.KeyChain;
import android.security.KeyChainAliasCallback;
import android.security.KeyChainException;
import android.util.Log;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import javax.security.auth.x500.X500Principal;
import org.chromium.base.ThreadUtils;
import org.chromium.net.AndroidPrivateKey;
import org.chromium.net.DefaultAndroidKeyStore;
import org.chromium.ui.base.WindowAndroid;

/* loaded from: classes.dex */
public class SSLClientCertificateRequest {
    static final String TAG = "SSLClientCertificateRequest";
    private static final DefaultAndroidKeyStore sLocalKeyStore = new DefaultAndroidKeyStore();

    /* loaded from: classes.dex */
    abstract class CertAsyncTask extends AsyncTask {
        private AndroidPrivateKey mAndroidPrivateKey;
        private byte[][] mEncodedChain;
        private final long mNativePtr;

        CertAsyncTask(long j) {
            this.mNativePtr = j;
        }

        /* JADX INFO: Access modifiers changed from: protected */
        @Override // android.os.AsyncTask
        public Void doInBackground(Void... voidArr) {
            String alias = getAlias();
            if (alias != null) {
                AndroidPrivateKey privateKey = getPrivateKey(alias);
                X509Certificate[] certificateChain = getCertificateChain(alias);
                if (privateKey == null || certificateChain == null || certificateChain.length == 0) {
                    Log.w(SSLClientCertificateRequest.TAG, "Empty client certificate chain?");
                } else {
                    byte[][] bArr = new byte[certificateChain.length];
                    for (int i = 0; i < certificateChain.length; i++) {
                        try {
                            bArr[i] = certificateChain[i].getEncoded();
                        } catch (CertificateEncodingException e) {
                            Log.w(SSLClientCertificateRequest.TAG, "Could not retrieve encoded certificate chain: " + e);
                        }
                    }
                    this.mEncodedChain = bArr;
                    this.mAndroidPrivateKey = privateKey;
                }
            }
            return null;
        }

        abstract String getAlias();

        abstract X509Certificate[] getCertificateChain(String str);

        abstract AndroidPrivateKey getPrivateKey(String str);

        /* JADX INFO: Access modifiers changed from: protected */
        @Override // android.os.AsyncTask
        public void onPostExecute(Void r5) {
            ThreadUtils.assertOnUiThread();
            SSLClientCertificateRequest.nativeOnSystemRequestCompletion(this.mNativePtr, this.mEncodedChain, this.mAndroidPrivateKey);
        }
    }

    /* loaded from: classes.dex */
    class CertAsyncTaskKeyChain extends CertAsyncTask {
        static final /* synthetic */ boolean $assertionsDisabled;
        final String mAlias;
        final Context mContext;

        static {
            $assertionsDisabled = !SSLClientCertificateRequest.class.desiredAssertionStatus();
        }

        CertAsyncTaskKeyChain(Context context, long j, String str) {
            super(j);
            this.mContext = context;
            if (!$assertionsDisabled && str == null) {
                throw new AssertionError();
            }
            this.mAlias = str;
        }

        @Override // org.chromium.chrome.browser.SSLClientCertificateRequest.CertAsyncTask
        String getAlias() {
            return this.mAlias;
        }

        @Override // org.chromium.chrome.browser.SSLClientCertificateRequest.CertAsyncTask
        X509Certificate[] getCertificateChain(String str) {
            try {
                return KeyChain.getCertificateChain(this.mContext, str);
            } catch (KeyChainException e) {
                Log.w(SSLClientCertificateRequest.TAG, "KeyChainException when looking for '" + str + "' certificate");
                return null;
            } catch (InterruptedException e2) {
                Log.w(SSLClientCertificateRequest.TAG, "InterruptedException when looking for '" + str + "'certificate");
                return null;
            }
        }

        @Override // org.chromium.chrome.browser.SSLClientCertificateRequest.CertAsyncTask
        AndroidPrivateKey getPrivateKey(String str) {
            try {
                return SSLClientCertificateRequest.sLocalKeyStore.createKey(KeyChain.getPrivateKey(this.mContext, str));
            } catch (KeyChainException e) {
                Log.w(SSLClientCertificateRequest.TAG, "KeyChainException when looking for '" + str + "' certificate");
                return null;
            } catch (InterruptedException e2) {
                Log.w(SSLClientCertificateRequest.TAG, "InterruptedException when looking for '" + str + "'certificate");
                return null;
            }
        }
    }

    /* loaded from: classes.dex */
    class CertAsyncTaskPKCS11 extends CertAsyncTask {
        private final String mHostName;
        private final PKCS11AuthenticationManager mPKCS11AuthManager;
        private final int mPort;

        CertAsyncTaskPKCS11(long j, String str, int i, PKCS11AuthenticationManager pKCS11AuthenticationManager) {
            super(j);
            this.mHostName = str;
            this.mPort = i;
            this.mPKCS11AuthManager = pKCS11AuthenticationManager;
        }

        @Override // org.chromium.chrome.browser.SSLClientCertificateRequest.CertAsyncTask
        String getAlias() {
            return this.mPKCS11AuthManager.getClientCertificateAlias(this.mHostName, this.mPort);
        }

        @Override // org.chromium.chrome.browser.SSLClientCertificateRequest.CertAsyncTask
        X509Certificate[] getCertificateChain(String str) {
            return this.mPKCS11AuthManager.getCertificateChain(str);
        }

        @Override // org.chromium.chrome.browser.SSLClientCertificateRequest.CertAsyncTask
        AndroidPrivateKey getPrivateKey(String str) {
            return this.mPKCS11AuthManager.getPrivateKey(str);
        }
    }

    /* loaded from: classes.dex */
    class KeyChainCertSelectionCallback implements KeyChainAliasCallback {
        private final Context mContext;
        private final long mNativePtr;

        KeyChainCertSelectionCallback(Context context, long j) {
            this.mContext = context;
            this.mNativePtr = j;
        }

        @Override // android.security.KeyChainAliasCallback
        public void alias(final String str) {
            ThreadUtils.runOnUiThread(new Runnable() { // from class: org.chromium.chrome.browser.SSLClientCertificateRequest.KeyChainCertSelectionCallback.1
                @Override // java.lang.Runnable
                public void run() {
                    if (str == null) {
                        ThreadUtils.runOnUiThread(new Runnable() { // from class: org.chromium.chrome.browser.SSLClientCertificateRequest.KeyChainCertSelectionCallback.1.1
                            @Override // java.lang.Runnable
                            public void run() {
                                SSLClientCertificateRequest.nativeOnSystemRequestCompletion(KeyChainCertSelectionCallback.this.mNativePtr, null, null);
                            }
                        });
                    } else {
                        new CertAsyncTaskKeyChain(KeyChainCertSelectionCallback.this.mContext, KeyChainCertSelectionCallback.this.mNativePtr, str).execute(new Void[0]);
                    }
                }
            });
        }
    }

    private static native void nativeNotifyClientCertificatesChangedOnIOThread();

    /* JADX INFO: Access modifiers changed from: private */
    public static native void nativeOnSystemRequestCompletion(long j, byte[][] bArr, AndroidPrivateKey androidPrivateKey);

    public static void notifyClientCertificatesChangedOnIOThread() {
        Log.d(TAG, "ClientCertificatesChanged!");
        nativeNotifyClientCertificatesChangedOnIOThread();
    }

    private static boolean selectClientCertificate(final long j, WindowAndroid windowAndroid, final String[] strArr, byte[][] bArr, final String str, final int i) {
        ThreadUtils.assertOnUiThread();
        final Activity activity = (Activity) windowAndroid.getActivity().get();
        if (activity == null) {
            Log.w(TAG, "Certificate request on GC'd activity.");
            return false;
        }
        final X500Principal[] x500PrincipalArr = null;
        if (bArr.length > 0) {
            x500PrincipalArr = new X500Principal[bArr.length];
            for (int i2 = 0; i2 < bArr.length; i2++) {
                try {
                    x500PrincipalArr[i2] = new X500Principal(bArr[i2]);
                } catch (Exception e) {
                    Log.w(TAG, "Exception while decoding issuers list: " + e);
                    return false;
                }
            }
        }
        Runnable runnable = new Runnable() { // from class: org.chromium.chrome.browser.SSLClientCertificateRequest.1
            @Override // java.lang.Runnable
            public final void run() {
                KeyChain.choosePrivateKeyAlias(activity, new KeyChainCertSelectionCallback(activity.getApplicationContext(), j), strArr, x500PrincipalArr, str, i, null);
            }
        };
        final PKCS11AuthenticationManager pKCS11AuthenticationManager = ((ChromiumApplication) activity.getApplicationContext()).getPKCS11AuthenticationManager();
        if (pKCS11AuthenticationManager.isPKCS11AuthEnabled()) {
            new KeyStoreSelectionDialog(runnable, new Runnable() { // from class: org.chromium.chrome.browser.SSLClientCertificateRequest.2
                @Override // java.lang.Runnable
                public final void run() {
                    new CertAsyncTaskPKCS11(j, str, i, pKCS11AuthenticationManager).execute(new Void[0]);
                }
            }, new Runnable() { // from class: org.chromium.chrome.browser.SSLClientCertificateRequest.3
                @Override // java.lang.Runnable
                public final void run() {
                    SSLClientCertificateRequest.nativeOnSystemRequestCompletion(j, null, null);
                }
            }).show(activity.getFragmentManager(), (String) null);
        } else {
            runnable.run();
        }
        return true;
    }
}
