package com.nationsky.emmsdk.component.ca;

import android.content.Context;
import android.content.Intent;
import android.os.Build;
import android.security.KeyChain;
import android.text.TextUtils;
import android.util.Log;
import com.nationsky.emmsdk.base.c.g;
import com.nationsky.emmsdk.base.model.localVpn.NetAccessControlModel;
import com.nationsky.emmsdk.business.b;
import com.nationsky.emmsdk.business.d.a;
import com.nationsky.emmsdk.component.ui.CaInstallGuideActivity;
import com.nationsky.emmsdk.consts.NsLog;
import com.nationsky.emmsdk.service.LocalVpnService;
import com.nationsky.emmsdk.util.LocalVpnUtil;
import java.io.BufferedInputStream;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.Iterator;

/* loaded from: classes2.dex */
public class CaManager {
    private static final File CA_CERTS_DIR_ADDED;
    private static final File CA_CERTS_DIR_DELETED;
    private static final File CA_CERTS_DIR_SYSTEM;
    private static final CertificateFactory CERT_FACTORY;
    private static final String FILE_NAME_CA_DER = "one.pem";
    private static final String FILE_NAME_CA_KEY = "SCEPRootKey.pem";
    private static final String FILE_NAME_CA_NEW_DER = "SCEPRootCA.pem";
    private static final String FILE_NAME_CA_PUB = "SCEPRootCA.pem";
    private static final String KEY_IS_SSL_ENABLE = "key_is_ssl_enable";
    private static final String PREFIX_SYSTEM = "system:";
    private static final String PREFIX_USER = "user:";
    private static final String TAG = "CaManager";
    private static File addedDir;
    private static File deletedDir;
    private static File systemDir;

    static {
        String str = System.getenv("ANDROID_ROOT");
        String str2 = System.getenv("ANDROID_DATA");
        CA_CERTS_DIR_SYSTEM = new File(str + "/etc/security/cacerts");
        CA_CERTS_DIR_ADDED = new File(str2 + "/misc/keychain/cacerts-added");
        CA_CERTS_DIR_DELETED = new File(str2 + "/misc/keychain/cacerts-removed");
        try {
            CERT_FACTORY = CertificateFactory.getInstance("X509");
            systemDir = CA_CERTS_DIR_SYSTEM;
            addedDir = CA_CERTS_DIR_ADDED;
            deletedDir = CA_CERTS_DIR_DELETED;
        } catch (CertificateException e) {
            throw new AssertionError(e);
        }
    }

    public CaManager() {
        this(CA_CERTS_DIR_SYSTEM, CA_CERTS_DIR_ADDED, CA_CERTS_DIR_DELETED);
    }

    public CaManager(File file, File file2, File file3) {
        systemDir = file;
        addedDir = file2;
        deletedDir = file3;
    }

    private static byte[] InputStream2ByteArray(String str) {
        try {
            FileInputStream fileInputStream = new FileInputStream(str);
            byte[] byteArray = toByteArray(fileInputStream);
            fileInputStream.close();
            return byteArray;
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    /* JADX WARN: Type inference failed for: r0v1, types: [com.nationsky.emmsdk.component.ca.CaManager$1] */
    public static void checAndInstallCa(final Context context) {
        if (isHttpsEnableB()) {
            new Thread() { // from class: com.nationsky.emmsdk.component.ca.CaManager.1
                @Override // java.lang.Thread, java.lang.Runnable
                public final void run() {
                    try {
                        if (CaManager.hasCaCertInstalled()) {
                            return;
                        }
                        CaManager.releaseCaFiles(context);
                        if (CaManager.installCertByOwner(context)) {
                            g.a().a("isCaInstall", (Boolean) true);
                        } else if (LocalVpnService.isStartLocaoVpn(b.b())) {
                            CaManager.installCa(b.b());
                        }
                    } catch (Exception e) {
                        e.printStackTrace();
                        NsLog.d(CaManager.TAG, "exception:" + e);
                    }
                }
            }.start();
        }
    }

    private static void copyToFiles(InputStream inputStream, String str) {
        File file = new File(b.b().getFilesDir(), str);
        try {
            FileOutputStream fileOutputStream = new FileOutputStream(file);
            byte[] bArr = new byte[1024];
            while (true) {
                int read = inputStream.read(bArr);
                if (read <= 0) {
                    inputStream.close();
                    fileOutputStream.close();
                    return;
                }
                fileOutputStream.write(bArr, 0, read);
            }
        } catch (Exception unused) {
            file.delete();
        }
    }

    public static byte[] getCaDerPath() {
        try {
            return getCaDerPathStr().getBytes("utf-8");
        } catch (Exception unused) {
            return null;
        }
    }

    public static String getCaDerPathStr() {
        return new File(b.b().getFilesDir().getPath(), FILE_NAME_CA_DER).getAbsolutePath();
    }

    public static byte[] getCaKeyPath() {
        try {
            return getCaKeyPathStr().getBytes("utf-8");
        } catch (Exception unused) {
            return null;
        }
    }

    public static String getCaKeyPathStr() {
        return new File(b.b().getFilesDir().getPath(), FILE_NAME_CA_KEY).getAbsolutePath();
    }

    public static String getCaNewDerPathStr() {
        return new File(b.b().getFilesDir().getPath(), "SCEPRootCA.pem").getAbsolutePath();
    }

    public static byte[] getCaPubPath() {
        try {
            return getCaPubPathStr().getBytes("utf-8");
        } catch (Exception unused) {
            return null;
        }
    }

    public static String getCaPubPathStr() {
        return new File(b.b().getFilesDir().getPath(), "SCEPRootCA.pem").getAbsolutePath();
    }

    public static boolean hasCaCertInstalled() {
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidCAStore");
            if (keyStore == null) {
                return false;
            }
            keyStore.load(null, null);
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                if (!TextUtils.isEmpty(nextElement)) {
                    X509Certificate x509Certificate = (X509Certificate) keyStore.getCertificate(nextElement);
                    if (nextElement.contains("user")) {
                        String name = x509Certificate.getIssuerDN().getName();
                        if (!TextUtils.isEmpty(name) && name.contains("CN=InternalCA")) {
                            return true;
                        }
                    } else {
                        continue;
                    }
                }
            }
            return false;
        } catch (Throwable th) {
            th.printStackTrace();
            return false;
        }
    }

    public static void installCa(Context context) {
        try {
            if (Build.VERSION.SDK_INT >= 30) {
                Intent intent = new Intent(context, (Class<?>) CaInstallGuideActivity.class);
                intent.addFlags(268435456);
                context.startActivity(intent);
            } else {
                Intent createInstallIntent = KeyChain.createInstallIntent();
                byte[] InputStream2ByteArray = InputStream2ByteArray(getCaNewDerPathStr());
                createInstallIntent.putExtra("name", "UEM");
                createInstallIntent.putExtra("CERT", InputStream2ByteArray);
                createInstallIntent.addFlags(268435456);
                context.startActivity(createInstallIntent);
            }
        } catch (Exception e) {
            e.printStackTrace();
            NsLog.d(TAG, "installCa exception:" + e);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static boolean installCertByOwner(Context context) {
        try {
            return a.a().a(context, context.getAssets().open("SCEPRootCA.pem"));
        } catch (Exception e) {
            NsLog.e(TAG, "exception while installCertByOwner: " + Log.getStackTraceString(e));
            return false;
        }
    }

    public static boolean isCaInstalled() {
        X509Certificate readCertificate;
        ArrayList<X509Certificate> readAddCertificate = readAddCertificate();
        if (readAddCertificate == null || readAddCertificate.size() <= 0 || (readCertificate = readCertificate(getCaNewDerPathStr())) == null) {
            return false;
        }
        Iterator<X509Certificate> it = readAddCertificate.iterator();
        while (it.hasNext()) {
            if (it.next().equals(readCertificate)) {
                return true;
            }
        }
        return false;
    }

    public static int isHttpsEnable() {
        return isHttpsEnableB() ? 1 : 0;
    }

    public static boolean isHttpsEnableB() {
        NetAccessControlModel j = LocalVpnUtil.j(b.b());
        return j == null || j.httpsFilter != 0;
    }

    private static final boolean isSystem(String str) {
        return str.startsWith(PREFIX_SYSTEM);
    }

    private static final boolean isUser(String str) {
        return str.startsWith(PREFIX_USER);
    }

    private static ArrayList<X509Certificate> readAddCertificate() {
        ArrayList<X509Certificate> arrayList = new ArrayList<>();
        String[] list = addedDir.list();
        if (list == null) {
            return arrayList;
        }
        for (String str : list) {
            X509Certificate readCertificate = readCertificate(addedDir.getPath() + "/" + str);
            if (readCertificate != null) {
                arrayList.add(readCertificate);
            }
        }
        return arrayList;
    }

    private static X509Certificate readCertificate(File file) {
        BufferedInputStream bufferedInputStream;
        BufferedInputStream bufferedInputStream2 = null;
        if (!file.isFile()) {
            return null;
        }
        try {
            bufferedInputStream = new BufferedInputStream(new FileInputStream(file));
            try {
                X509Certificate x509Certificate = (X509Certificate) CERT_FACTORY.generateCertificate(bufferedInputStream);
                try {
                    bufferedInputStream.close();
                } catch (Exception e) {
                    e.printStackTrace();
                }
                return x509Certificate;
            } catch (IOException unused) {
                if (bufferedInputStream != null) {
                    try {
                        bufferedInputStream.close();
                    } catch (Exception e2) {
                        e2.printStackTrace();
                    }
                }
                return null;
            } catch (CertificateException unused2) {
                if (bufferedInputStream != null) {
                    try {
                        bufferedInputStream.close();
                    } catch (Exception e3) {
                        e3.printStackTrace();
                    }
                }
                return null;
            } catch (Throwable th) {
                th = th;
                bufferedInputStream2 = bufferedInputStream;
                if (bufferedInputStream2 != null) {
                    try {
                        bufferedInputStream2.close();
                    } catch (Exception e4) {
                        e4.printStackTrace();
                    }
                }
                throw th;
            }
        } catch (IOException unused3) {
            bufferedInputStream = null;
        } catch (CertificateException unused4) {
            bufferedInputStream = null;
        } catch (Throwable th2) {
            th = th2;
        }
    }

    public static X509Certificate readCertificate(String str) {
        return readCertificate(new File(str));
    }

    public static void releaseCaFiles(Context context) {
        try {
            File file = new File(context.getFilesDir(), FILE_NAME_CA_DER);
            if (!file.getParentFile().exists()) {
                file.getParentFile().mkdirs();
            }
            if (!file.exists()) {
                copyToFiles(context.getAssets().open(FILE_NAME_CA_DER), FILE_NAME_CA_DER);
            }
            if (!new File(context.getFilesDir(), FILE_NAME_CA_KEY).exists()) {
                copyToFiles(context.getAssets().open(FILE_NAME_CA_KEY), FILE_NAME_CA_KEY);
            }
            if (!new File(context.getFilesDir(), "SCEPRootCA.pem").exists()) {
                copyToFiles(context.getAssets().open("SCEPRootCA.pem"), "SCEPRootCA.pem");
            }
            if (new File(context.getFilesDir(), "SCEPRootCA.pem").exists()) {
                return;
            }
            copyToFiles(context.getAssets().open("SCEPRootCA.pem"), "SCEPRootCA.pem");
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    public static void setHttpsEnable(boolean z) {
        g.a().a(KEY_IS_SSL_ENABLE, Boolean.valueOf(z));
    }

    private static byte[] toByteArray(InputStream inputStream) {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byte[] bArr = new byte[4096];
        while (true) {
            int read = inputStream.read(bArr);
            if (read == -1) {
                return byteArrayOutputStream.toByteArray();
            }
            byteArrayOutputStream.write(bArr, 0, read);
        }
    }
}
