package de.blinkt.openpvpn.fragments;

import android.app.AlertDialog;
import android.content.ActivityNotFoundException;
import android.content.DialogInterface;
import android.content.Intent;
import android.os.Build;
import android.os.Bundle;
import android.os.Handler;
import android.os.Message;
import android.security.KeyChain;
import android.security.KeyChainAliasCallback;
import android.security.KeyChainException;
import android.text.TextUtils;
import android.view.View;
import android.widget.AdapterView;
import android.widget.Spinner;
import android.widget.TextView;
import de.blinkt.openpvpn.R;
import de.blinkt.openpvpn.core.ExtAuthHelper;
import de.blinkt.openpvpn.core.X509Utils;
import de.blinkt.openpvpn.fragments.KeyChainSettingsFragment;
import java.security.cert.X509Certificate;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes.dex */
public abstract class KeyChainSettingsFragment extends Settings_Fragment implements View.OnClickListener, Handler.Callback {
    private static final int UPDATEE_EXT_ALIAS = 210;
    private static final int UPDATE_ALIAS = 20;
    private TextView mAliasCertificate;
    private TextView mAliasName;
    private TextView mExtAliasName;
    private Spinner mExtAuthSpinner;
    private Handler mHandler;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: de.blinkt.openpvpn.fragments.KeyChainSettingsFragment$1, reason: invalid class name */
    /* loaded from: classes.dex */
    public class AnonymousClass1 extends Thread {
        AnonymousClass1() {
        }

        public /* synthetic */ void lambda$run$0$KeyChainSettingsFragment$1() {
            KeyChainSettingsFragment.this.setAlias();
        }

        @Override // java.lang.Thread, java.lang.Runnable
        public void run() {
            try {
                Bundle certificateMetaData = ExtAuthHelper.getCertificateMetaData(KeyChainSettingsFragment.this.getActivity(), KeyChainSettingsFragment.this.mProfile.mExternalAuthenticator, KeyChainSettingsFragment.this.mProfile.mAlias);
                KeyChainSettingsFragment.this.mProfile.mAlias = certificateMetaData.getString(ExtAuthHelper.EXTRA_ALIAS);
                KeyChainSettingsFragment.this.getActivity().runOnUiThread(new Runnable() { // from class: de.blinkt.openpvpn.fragments.-$$Lambda$KeyChainSettingsFragment$1$LDjMn88S0Ff528GcT2kkRiPYccE
                    @Override // java.lang.Runnable
                    public final void run() {
                        KeyChainSettingsFragment.AnonymousClass1.this.lambda$run$0$KeyChainSettingsFragment$1();
                    }
                });
            } catch (KeyChainException e) {
                e.printStackTrace();
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: de.blinkt.openpvpn.fragments.KeyChainSettingsFragment$2, reason: invalid class name */
    /* loaded from: classes.dex */
    public class AnonymousClass2 extends Thread {
        final /* synthetic */ boolean val$external;

        AnonymousClass2(boolean z) {
            this.val$external = z;
        }

        public /* synthetic */ void lambda$run$0$KeyChainSettingsFragment$2(String str, Bundle bundle) {
            KeyChainSettingsFragment.this.mAliasCertificate.setText(str);
            if (bundle != null) {
                KeyChainSettingsFragment.this.mExtAliasName.setText(bundle.getString(ExtAuthHelper.EXTRA_DESCRIPTION));
            }
        }

        @Override // java.lang.Thread, java.lang.Runnable
        public void run() {
            final String str;
            X509Certificate x509Certificate;
            final Bundle bundle = null;
            try {
                str = "";
                if (!this.val$external) {
                    x509Certificate = KeyChain.getCertificateChain(KeyChainSettingsFragment.this.getActivity().getApplicationContext(), KeyChainSettingsFragment.this.mProfile.mAlias)[0];
                    if (Build.VERSION.SDK_INT >= 18 && KeyChainSettingsFragment.this.isInHardwareKeystore()) {
                        str = "" + KeyChainSettingsFragment.this.getString(R.string.hwkeychain);
                    }
                } else if (TextUtils.isEmpty(KeyChainSettingsFragment.this.mProfile.mExternalAuthenticator) || TextUtils.isEmpty(KeyChainSettingsFragment.this.mProfile.mAlias)) {
                    str = KeyChainSettingsFragment.this.getString(R.string.extauth_not_configured);
                    x509Certificate = null;
                } else {
                    x509Certificate = ExtAuthHelper.getCertificateChain(KeyChainSettingsFragment.this.getActivity(), KeyChainSettingsFragment.this.mProfile.mExternalAuthenticator, KeyChainSettingsFragment.this.mProfile.mAlias)[0];
                    bundle = ExtAuthHelper.getCertificateMetaData(KeyChainSettingsFragment.this.getActivity(), KeyChainSettingsFragment.this.mProfile.mExternalAuthenticator, KeyChainSettingsFragment.this.mProfile.mAlias);
                }
                if (x509Certificate != null) {
                    str = (str + X509Utils.getCertificateValidityString(x509Certificate, KeyChainSettingsFragment.this.getResources())) + X509Utils.getCertificateFriendlyName(x509Certificate);
                }
            } catch (Exception e) {
                str = "Could not get certificate from Keystore: " + e.getLocalizedMessage();
            }
            KeyChainSettingsFragment.this.getActivity().runOnUiThread(new Runnable() { // from class: de.blinkt.openpvpn.fragments.-$$Lambda$KeyChainSettingsFragment$2$eX1ZR3tnqJsgoyTEeIwM99EhzRs
                @Override // java.lang.Runnable
                public final void run() {
                    KeyChainSettingsFragment.AnonymousClass2.this.lambda$run$0$KeyChainSettingsFragment$2(str, bundle);
                }
            });
        }
    }

    private void fetchExtCertificateMetaData() {
        new AnonymousClass1().start();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public boolean isInHardwareKeystore() throws KeyChainException, InterruptedException {
        return KeyChain.isBoundKeyAlgorithm(KeyChain.getPrivateKey(getActivity().getApplicationContext(), this.mProfile.mAlias).getAlgorithm());
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void setAlias() {
        if (this.mProfile.mAuthenticationType == 8) {
            setExtAlias();
        } else {
            setKeyStoreAlias();
        }
    }

    private void setExtAlias() {
        if (this.mProfile.mAlias == null) {
            this.mExtAliasName.setText(R.string.extauth_not_configured);
            this.mAliasCertificate.setText("");
        } else {
            this.mAliasCertificate.setText("Querying certificate from external provider...");
            this.mExtAliasName.setText("");
            setCertificate(true);
        }
    }

    private void setKeyStoreAlias() {
        if (this.mProfile.mAlias == null) {
            this.mAliasName.setText(R.string.client_no_certificate);
            this.mAliasCertificate.setText("");
        } else {
            this.mAliasCertificate.setText("Loading certificate from Keystore...");
            this.mAliasName.setText(this.mProfile.mAlias);
            setCertificate(false);
        }
    }

    private void startExternalAuthConfig() {
        ExtAuthHelper.ExternalAuthProvider externalAuthProvider = (ExtAuthHelper.ExternalAuthProvider) this.mExtAuthSpinner.getSelectedItem();
        this.mProfile.mExternalAuthenticator = externalAuthProvider.packageName;
        if (!externalAuthProvider.configurable) {
            fetchExtCertificateMetaData();
            return;
        }
        Intent intent = new Intent(ExtAuthHelper.ACTION_CERT_CONFIGURATION);
        intent.setPackage(externalAuthProvider.packageName);
        intent.putExtra(ExtAuthHelper.EXTRA_ALIAS, this.mProfile.mAlias);
        startActivityForResult(intent, 210);
    }

    @Override // android.os.Handler.Callback
    public boolean handleMessage(Message message) {
        setAlias();
        return true;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void initKeychainViews(View view) {
        view.findViewById(R.id.select_keystore_button).setOnClickListener(this);
        view.findViewById(R.id.configure_extauth_button).setOnClickListener(this);
        this.mAliasCertificate = (TextView) view.findViewById(R.id.alias_certificate);
        this.mExtAuthSpinner = (Spinner) view.findViewById(R.id.extauth_spinner);
        this.mExtAuthSpinner.setOnItemSelectedListener(new AdapterView.OnItemSelectedListener() { // from class: de.blinkt.openpvpn.fragments.KeyChainSettingsFragment.3
            @Override // android.widget.AdapterView.OnItemSelectedListener
            public void onItemSelected(AdapterView<?> adapterView, View view2, int i, long j) {
                if (((ExtAuthHelper.ExternalAuthProvider) adapterView.getItemAtPosition(i)).packageName.equals(KeyChainSettingsFragment.this.mProfile.mExternalAuthenticator)) {
                    return;
                }
                KeyChainSettingsFragment.this.mProfile.mAlias = "";
            }

            @Override // android.widget.AdapterView.OnItemSelectedListener
            public void onNothingSelected(AdapterView<?> adapterView) {
            }
        });
        this.mExtAliasName = (TextView) view.findViewById(R.id.extauth_detail);
        this.mAliasName = (TextView) view.findViewById(R.id.aliasname);
        if (this.mHandler == null) {
            this.mHandler = new Handler(this);
        }
        ExtAuthHelper.setExternalAuthProviderSpinnerList(this.mExtAuthSpinner, this.mProfile.mExternalAuthenticator);
    }

    public /* synthetic */ void lambda$showCertDialog$0$KeyChainSettingsFragment(String str) {
        this.mProfile.mAlias = str;
        this.mHandler.sendEmptyMessage(20);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public void loadPreferences() {
        setAlias();
    }

    @Override // android.app.Fragment
    public void onActivityResult(int i, int i2, Intent intent) {
        super.onActivityResult(i, i2, intent);
        if (i == 210 && i2 == -1) {
            this.mProfile.mAlias = intent.getStringExtra(ExtAuthHelper.EXTRA_ALIAS);
            this.mExtAliasName.setText(intent.getStringExtra(ExtAuthHelper.EXTRA_DESCRIPTION));
        }
    }

    @Override // android.view.View.OnClickListener
    public void onClick(View view) {
        if (view == view.findViewById(R.id.select_keystore_button)) {
            showCertDialog();
        } else if (view == view.findViewById(R.id.configure_extauth_button)) {
            startExternalAuthConfig();
        }
    }

    @Override // android.app.Fragment
    public void onStart() {
        super.onStart();
        loadPreferences();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // de.blinkt.openpvpn.fragments.Settings_Fragment
    public void savePreferences() {
    }

    protected void setCertificate(boolean z) {
        new AnonymousClass2(z).start();
    }

    public void showCertDialog() {
        try {
            KeyChain.choosePrivateKeyAlias(getActivity(), new KeyChainAliasCallback() { // from class: de.blinkt.openpvpn.fragments.-$$Lambda$KeyChainSettingsFragment$na19941FNj2HYvYDgmbnSiYKems
                @Override // android.security.KeyChainAliasCallback
                public final void alias(String str) {
                    KeyChainSettingsFragment.this.lambda$showCertDialog$0$KeyChainSettingsFragment(str);
                }
            }, new String[]{"RSA"}, null, this.mProfile.mServerName, -1, this.mProfile.mAlias);
        } catch (ActivityNotFoundException unused) {
            AlertDialog.Builder builder = new AlertDialog.Builder(getActivity());
            builder.setTitle(R.string.broken_image_cert_title);
            builder.setMessage(R.string.broken_image_cert);
            builder.setPositiveButton(android.R.string.ok, (DialogInterface.OnClickListener) null);
            builder.show();
        }
    }
}
