package com.atakmap.net;

import android.app.AlertDialog;
import android.app.ProgressDialog;
import android.content.Context;
import android.content.DialogInterface;
import android.os.Bundle;
import atak.core.amw;
import com.atakmap.android.maps.MapView;
import com.atakmap.android.util.af;
import com.atakmap.android.util.ah;
import com.atakmap.app.civ.R;
import com.atakmap.comms.CommsMapComponent;
import com.atakmap.comms.app.a;
import com.atakmap.comms.app.b;
import com.atakmap.comms.o;
import com.atakmap.coremap.filesystem.FileSystemUtils;
import com.atakmap.coremap.log.Log;
import gov.tak.api.engine.net.d;
import java.io.ByteArrayOutputStream;
import java.security.KeyStore;
import java.security.cert.X509Certificate;

/* loaded from: classes2.dex */
public class k implements a.InterfaceC0144a, b.a {
    protected static final String a = "CertificateEnrollmentClient";
    private static k d;
    private a e = null;
    private ProgressDialog f;
    private Context g;
    private boolean h;
    private MapView i;
    private Context j;

    /* renamed from: com.atakmap.net.k$7, reason: invalid class name */
    /* loaded from: classes2.dex */
    static /* synthetic */ class AnonymousClass7 {
        static final /* synthetic */ int[] a;

        static {
            int[] iArr = new int[CommsMapComponent.c.a.values().length];
            a = iArr;
            try {
                iArr[CommsMapComponent.c.a.SERVER_NOT_TRUSTED.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                a[CommsMapComponent.c.a.CONNECTION_FAILURE.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
            try {
                a[CommsMapComponent.c.a.AUTH_ERROR.ordinal()] = 3;
            } catch (NoSuchFieldError unused3) {
            }
            try {
                a[CommsMapComponent.c.a.OTHER.ordinal()] = 4;
            } catch (NoSuchFieldError unused4) {
            }
        }
    }

    /* loaded from: classes2.dex */
    public interface a {
        void a(b bVar);
    }

    /* loaded from: classes2.dex */
    public enum b {
        SUCCESS,
        BAD_CREDENTIALS,
        QUICK_CONNECT_ERROR,
        ERROR
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes2.dex */
    public class c implements CommsMapComponent.c {
        private final CertificateConfigRequest b;
        private final String c;
        private final String d;
        private final boolean e;
        private byte[] f;

        public c(CertificateConfigRequest certificateConfigRequest, String str, String str2, boolean z) {
            this.b = certificateConfigRequest;
            this.c = str;
            this.d = str2;
            this.e = z;
        }

        @Override // com.atakmap.comms.CommsMapComponent.c
        public void a(final CommsMapComponent.c.a aVar) {
            k.this.i.post(new Runnable() { // from class: com.atakmap.net.k.c.1
                @Override // java.lang.Runnable
                public void run() {
                    b bVar = b.ERROR;
                    CertificateConfigRequest certificateConfigRequest = c.this.b;
                    int i = AnonymousClass7.a[aVar.ordinal()];
                    String str = null;
                    if (i == 1) {
                        k.this.a(false);
                        if (c.this.b.k()) {
                            CommsMapComponent.c().d().a(c.this.b.c(), false);
                            k.this.a("The TAK Server's identity could not be verified", b.QUICK_CONNECT_ERROR, c.this.b);
                            return;
                        } else {
                            try {
                                new AlertDialog.Builder(k.this.g).setIcon(com.atakmap.android.util.a.b()).setTitle(R.string.server_auth_error).setMessage("The TAK Server's identity could not be verified").setPositiveButton(R.string.ok, (DialogInterface.OnClickListener) null).create().show();
                                return;
                            } catch (Exception unused) {
                                return;
                            }
                        }
                    }
                    if (i == 2) {
                        Log.e(k.a, "CertificateEnrollmentRequest Failed - Connection Error");
                        str = k.this.j.getString(R.string.enroll_client_failure);
                        if (c.this.b.k()) {
                            bVar = b.QUICK_CONNECT_ERROR;
                            CommsMapComponent.c().d().a(c.this.b.c(), false);
                        }
                        certificateConfigRequest = c.this.b;
                    } else if (i == 3) {
                        Log.e(k.a, "CertificateEnrollmentRequest Failed - Auth Error");
                        str = k.this.j.getString(R.string.invalid_credentials);
                        bVar = b.BAD_CREDENTIALS;
                        certificateConfigRequest = c.this.b;
                    } else if (i == 4) {
                        Log.e(k.a, "CertificateEnrollmentRequest Failed - Other Error");
                        str = k.this.j.getString(R.string.enroll_client_failure);
                        if (c.this.b.k()) {
                            bVar = b.QUICK_CONNECT_ERROR;
                            CommsMapComponent.c().d().a(c.this.b.c(), false);
                        }
                    }
                    af.a().a(af.a.NETWORK_ERROR.a(), af.b, k.this.j.getString(R.string.connection_error), k.this.j.getString(R.string.enroll_client_failure), str);
                    CommsMapComponent.c().d().a();
                    k.this.a(false);
                    k.this.a(str, bVar, certificateConfigRequest);
                }
            });
        }

        @Override // com.atakmap.comms.CommsMapComponent.c
        public void a(byte[] bArr) {
            this.f = bArr;
        }

        @Override // com.atakmap.comms.CommsMapComponent.c
        public void a(byte[] bArr, byte[] bArr2) {
            final String str;
            if (FileSystemUtils.isEmpty(this.f)) {
                Log.e(k.a, "generateKey failed!");
                str = "Certificate config request failed";
            } else {
                str = null;
            }
            if (!this.b.h() && bArr2 == null) {
                Log.e(k.a, "no enrollment trust store and none given in enrollment setup!");
                str = "Server did not return trust configuration";
            }
            if (str != null) {
                k.this.a(false);
                k.this.i.post(new Runnable() { // from class: com.atakmap.net.k.c.2
                    @Override // java.lang.Runnable
                    public void run() {
                        af a = af.a();
                        int a2 = af.a.NETWORK_ERROR.a();
                        af.b bVar = af.b;
                        String string = k.this.g.getString(R.string.connection_error);
                        String str2 = str;
                        a.a(a2, bVar, string, str2, str2);
                        k.this.a(k.this.j.getString(R.string.enroll_client_success), b.SUCCESS, null);
                    }
                });
                return;
            }
            f.a("PRIVATE_KEY", this.f);
            com.atakmap.net.b.a(d.a.TYPE_clientPassword, this.b.b(), "", this.c, false);
            com.atakmap.comms.k b = com.atakmap.comms.k.b(this.b.c());
            f.a("CLIENT_CERTIFICATE", this.b.b(), b.c(), bArr);
            if (!this.b.h()) {
                com.atakmap.net.b.a(d.a.TYPE_caPassword, this.b.b(), "", this.d, false);
                f.a("TRUST_STORE_CA", this.b.b(), b.c(), bArr2);
            }
            l.a(this.b.b());
            if (this.e) {
                k.b().c(this.b);
                return;
            }
            CommsMapComponent.c().d().a();
            k.this.a(false);
            k.this.i.post(new Runnable() { // from class: com.atakmap.net.k.c.3
                @Override // java.lang.Runnable
                public void run() {
                    k.this.a(k.this.j.getString(R.string.enroll_client_success), b.SUCCESS, null);
                }
            });
        }
    }

    private k() {
    }

    private void a(CertificateConfigRequest certificateConfigRequest) {
        try {
            byte[] a2 = f.a("TRUST_STORE_CA", certificateConfigRequest.b());
            boolean z = true;
            certificateConfigRequest.a(a2 != null);
            if (a2 == null) {
                z = false;
            }
            certificateConfigRequest.b(z);
            b(certificateConfigRequest);
        } catch (Exception e) {
            Log.e(a, "Exception in post!", e);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void a(String str, final b bVar, final CertificateConfigRequest certificateConfigRequest) {
        String string = bVar == b.SUCCESS ? this.j.getString(R.string.enroll_client_success_title) : this.j.getString(R.string.enroll_client_failure_title);
        final boolean z = (certificateConfigRequest == null || !certificateConfigRequest.k() || bVar == b.SUCCESS) ? false : true;
        AlertDialog.Builder positiveButton = new AlertDialog.Builder(this.g).setIcon(com.atakmap.android.util.a.b()).setTitle(string).setMessage(str).setPositiveButton(z ? this.j.getString(R.string.retry) : this.j.getString(R.string.ok), new DialogInterface.OnClickListener() { // from class: com.atakmap.net.k.6
            @Override // android.content.DialogInterface.OnClickListener
            public void onClick(DialogInterface dialogInterface, int i) {
                if (k.this.e != null) {
                    k.this.e.a(bVar);
                    return;
                }
                if (!z) {
                    if (bVar != b.BAD_CREDENTIALS || certificateConfigRequest == null) {
                        return;
                    }
                    k.this.i.post(new Runnable() { // from class: com.atakmap.net.k.6.1
                        @Override // java.lang.Runnable
                        public void run() {
                            com.atakmap.comms.app.a.a(certificateConfigRequest.e(), certificateConfigRequest.c(), certificateConfigRequest.f(), certificateConfigRequest.g(), certificateConfigRequest.d(), certificateConfigRequest.i(), k.this.g, k.this);
                        }
                    });
                    return;
                }
                com.atakmap.comms.k b2 = com.atakmap.comms.k.b(certificateConfigRequest.c());
                com.atakmap.comms.app.b.a(b2.b() + ":" + b2.c(), certificateConfigRequest.f(), certificateConfigRequest.g(), k.this.g, k.this);
            }
        });
        if (z) {
            positiveButton.setNegativeButton(R.string.cancel, (DialogInterface.OnClickListener) null);
        }
        try {
            positiveButton.show();
        } catch (Exception e) {
            Log.e(a, "error occurred and the preference activity has been closed prior to the enrollment completing", e);
        }
    }

    private void a(final String str, String str2, String str3, boolean z) {
        Log.d(a, "retrieving enrollment profile");
        o a2 = o.a();
        Context context = this.g;
        if (a2.a(context, str, str2, str3, z, true, false, -1L, new n(context) { // from class: com.atakmap.net.k.3
            @Override // com.atakmap.net.n
            public void a(boolean z2, Bundle bundle) {
                Log.d(k.a, "onDeviceProfileRequestComplete finished successfully: " + str);
                k.this.a(false);
                if (z2) {
                    k kVar = k.this;
                    kVar.a(kVar.j.getString(R.string.enroll_client_success), b.SUCCESS, null);
                } else {
                    k kVar2 = k.this;
                    kVar2.a(kVar2.j.getString(R.string.device_profile_failure), b.ERROR, null);
                }
            }
        })) {
            a(false);
            return;
        }
        Log.d(a, "getProfile not sent: " + str);
        this.i.post(new Runnable() { // from class: com.atakmap.net.k.4
            @Override // java.lang.Runnable
            public void run() {
                CommsMapComponent.c().d().a();
                k.this.a(false);
                k kVar = k.this;
                kVar.a(kVar.j.getString(R.string.enroll_client_success), b.SUCCESS, null);
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void a(final boolean z) {
        this.i.post(new Runnable() { // from class: com.atakmap.net.k.5
            @Override // java.lang.Runnable
            public void run() {
                try {
                    if (k.this.f == null) {
                        Log.w(k.a, "progress not set");
                    } else if (z) {
                        k.this.f.show();
                    } else {
                        k.this.f.dismiss();
                    }
                } catch (Exception e) {
                    Log.e(k.a, e.getMessage());
                }
            }
        });
    }

    public static synchronized k b() {
        k kVar;
        synchronized (k.class) {
            if (d == null) {
                d = new k();
            }
            kVar = d;
        }
        return kVar;
    }

    private void b(CertificateConfigRequest certificateConfigRequest) {
        c cVar;
        X509Certificate[] acceptedIssuers;
        if (certificateConfigRequest == null || !certificateConfigRequest.a()) {
            Log.w(a, "Invalid CertificateConfigRequest!");
            return;
        }
        Log.d(a, "CertificateConfigRequest created for: " + certificateConfigRequest);
        a(true);
        AtakAuthenticationCredentials a2 = com.atakmap.net.b.a(d.a.TYPE_clientPassword, certificateConfigRequest.b());
        String b2 = (a2 == null || FileSystemUtils.isEmpty(a2.password)) ? com.atakmap.android.util.b.b(64) : a2.password;
        AtakAuthenticationCredentials a3 = com.atakmap.net.b.a(d.a.TYPE_caPassword, certificateConfigRequest.b());
        String b3 = (a3 == null || FileSystemUtils.isEmpty(a3.password)) ? com.atakmap.android.util.b.b(64) : a3.password;
        c cVar2 = new c(certificateConfigRequest, b2, b3, this.h);
        try {
            if (certificateConfigRequest.h()) {
                byte[] a4 = f.a("TRUST_STORE_CA", certificateConfigRequest.b());
                acceptedIssuers = a4 != null ? (X509Certificate[]) amw.a(a4, com.atakmap.net.b.a(d.a.TYPE_caPassword, certificateConfigRequest.b()).password).toArray(new X509Certificate[0]) : null;
            } else {
                acceptedIssuers = l.a().a(false).getAcceptedIssuers();
            }
            KeyStore keyStore = KeyStore.getInstance("PKCS12");
            keyStore.load(null, null);
            int i = 0;
            for (X509Certificate x509Certificate : acceptedIssuers) {
                keyStore.setCertificateEntry("ca" + i, x509Certificate);
                i++;
            }
            String b4 = com.atakmap.android.util.b.b(64);
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            keyStore.store(byteArrayOutputStream, b4.toCharArray());
            byte[] byteArray = byteArrayOutputStream.toByteArray();
            cVar = cVar2;
            try {
                CommsMapComponent.c().a((CommsMapComponent.c) cVar2, certificateConfigRequest.b(), com.atakmap.comms.o.a(o.a.CERT_ENROLLMENT), certificateConfigRequest.j() ? false : true, certificateConfigRequest.f(), certificateConfigRequest.g(), false, byteArray, b4, b2, b3);
            } catch (Exception e) {
                e = e;
                Log.e(a, "Enrollment failed to start", e);
                cVar.a(CommsMapComponent.c.a.OTHER);
            }
        } catch (Exception e2) {
            e = e2;
            cVar = cVar2;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void c(CertificateConfigRequest certificateConfigRequest) {
        if (certificateConfigRequest != null && certificateConfigRequest.a()) {
            a(certificateConfigRequest.b(), certificateConfigRequest.f(), certificateConfigRequest.g(), certificateConfigRequest.j());
        } else {
            Log.w(a, "Invalid CertificateConfigRequest!");
            a(false);
        }
    }

    @Override // com.atakmap.comms.app.b.a
    public void a() {
        Log.d(a, "in onEnrollmentCancel");
    }

    public void a(Context context, String str, String str2, String str3, Long l, a aVar, boolean z) {
        a(context, str, str2, str3, l, aVar, z, false);
    }

    public void a(final Context context, final String str, final String str2, final String str3, final Long l, a aVar, boolean z, boolean z2) {
        final String str4;
        final String str5;
        this.g = context;
        this.h = z;
        this.e = aVar;
        MapView mapView = MapView.getMapView();
        this.i = mapView;
        if (mapView == null) {
            Log.d(a, "mapview is null, cannot enroll");
            return;
        }
        this.j = mapView.getContext();
        this.i.post(new Runnable() { // from class: com.atakmap.net.k.1
            @Override // java.lang.Runnable
            public void run() {
                k.this.f = new ProgressDialog(context);
                k.this.f.setTitle(k.this.j.getString(R.string.enroll_client_title));
                k.this.f.setIcon(com.atakmap.android.util.a.b());
                k.this.f.setMessage(k.this.j.getString(R.string.enroll_client_message));
            }
        });
        if (str2 == null) {
            com.atakmap.comms.app.b.a(null, null, null, context, this);
            return;
        }
        com.atakmap.comms.k b2 = com.atakmap.comms.k.b(str2);
        if (b2 == null) {
            Log.e(a, "could not enroll for a bad connectString: " + str2, new Exception());
            return;
        }
        f.c("CLIENT_CERTIFICATE", b2.b(), b2.c());
        AtakAuthenticationCredentials a2 = com.atakmap.net.b.a(d.a.TYPE_COT_SERVICE, b2.b());
        if (a2 != null) {
            str4 = a2.username;
            str5 = a2.password;
        } else {
            str4 = null;
            str5 = null;
        }
        if (FileSystemUtils.isEmpty(str4) || FileSystemUtils.isEmpty(str5)) {
            this.i.post(new Runnable() { // from class: com.atakmap.net.k.2
                @Override // java.lang.Runnable
                public void run() {
                    com.atakmap.comms.app.a.a(str, str2, FileSystemUtils.isEmpty(str4) ? "" : str4, FileSystemUtils.isEmpty(str5) ? "" : str5, str3, l, context, k.this);
                }
            });
            return;
        }
        CertificateConfigRequest certificateConfigRequest = new CertificateConfigRequest(str2, str3, str, str4, str5, l);
        certificateConfigRequest.c(z2);
        a(certificateConfigRequest);
    }

    @Override // com.atakmap.comms.app.b.a
    public void a(Context context, String str, String str2, String str3, String str4, String str5, Long l) {
        com.atakmap.comms.f d2;
        String str6 = str;
        Log.d(a, "in onEnrollmentOk");
        if (FileSystemUtils.isEmpty(str)) {
            Log.e(a, "cannot enroll with an empty address");
            return;
        }
        if (str6.contains("://")) {
            str6 = str6.substring(str6.indexOf("://") + 3);
        }
        String[] split = str6.split(":");
        String str7 = split[0];
        if (FileSystemUtils.isEmpty(str7)) {
            Log.e(a, "cannot enroll with an empty hostname");
            return;
        }
        int a2 = split.length > 1 ? ah.a(split[1], 8089) : 8089;
        String str8 = (split.length <= 2 || !"quic".equalsIgnoreCase(split[2])) ? "ssl" : split[2];
        com.atakmap.net.b.a(d.a.TYPE_COT_SERVICE, str7, str4, str5, l.longValue());
        String str9 = str7 + ":" + a2 + ":" + str8;
        Bundle bundle = new Bundle();
        bundle.putString(com.atakmap.comms.p.a, str9);
        bundle.putString(com.atakmap.comms.p.b, str3);
        bundle.putBoolean(com.atakmap.comms.p.k, true);
        com.atakmap.comms.p pVar = new com.atakmap.comms.p(bundle);
        CommsMapComponent c2 = CommsMapComponent.c();
        if (c2 == null || (d2 = c2.d()) == null) {
            return;
        }
        d2.a(pVar);
        a(context, str3, str9, str2, l, null, true, true);
    }

    @Override // com.atakmap.comms.app.a.InterfaceC0144a
    public void a(String str) {
        Log.d(a, "cancelled out of CredentialsDialog");
    }

    @Override // com.atakmap.comms.app.a.InterfaceC0144a
    public void a(String str, String str2, String str3, String str4, String str5, Long l) {
        com.atakmap.comms.f d2;
        CommsMapComponent c2 = CommsMapComponent.c();
        if (c2 == null || (d2 = c2.d()) == null) {
            return;
        }
        d2.a(str, str4, str5);
        a(new CertificateConfigRequest(str, str2, str3, str4, str5, l));
    }
}
