package com.cisco.cpm.spw;

import android.annotation.SuppressLint;
import android.os.AsyncTask;
import android.os.Build;
import android.os.Bundle;
import android.os.Message;
import com.cisco.cpm.spw.SPWWifiConfig;
import com.cisco.cpm.spw.android.wifisupplicant.R;
import com.cisco.cpm.util.EnrollmentUtility;
import com.cisco.cpm.util.FileUtils;
import com.cisco.cpm.util.SPWConstants;
import com.cisco.cpm.util.SPWLog;
import java.io.File;
import java.io.FileOutputStream;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyPair;
import java.security.KeyPairGenerator;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.SecureRandom;
import java.security.cert.X509Certificate;
import javax.net.ssl.SSLHandshakeException;
import org.spongycastle.jce.ECNamedCurveTable;
import org.spongycastle.jce.spec.ECNamedCurveParameterSpec;
import org.spongycastle.jce.spec.ECNamedCurveSpec;

/* loaded from: classes.dex */
public class ISEEnrollmentAsynchTask extends AsyncTask<AsynchTaskParameter, Void, SPWConstants.RETURNVALUES> {
    private static final String EC = "EC";
    private static final String PROVIDER = "SC";
    private static final String RSA = "RSA";
    AsynchTaskParameter[] params = null;
    SPWProfileObject profileObject = new SPWProfileObject();
    boolean credentialPasswordRequired = false;
    AndroidActivity activity = null;

    @SuppressLint({"TrulyRandom"})
    private KeyPair genKeyPair(SPWWifiConfig.CertInfo certInfo) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException {
        if (certInfo.getKeyType() != SPWWifiConfig.CertInfo.KeyType.EC) {
            int keySize = certInfo.getKeySize();
            SPWLog.getLogger().i("Generating RSA key with key size: " + keySize);
            KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance(RSA, PROVIDER);
            keyPairGenerator.initialize(keySize, new SecureRandom());
            return keyPairGenerator.generateKeyPair();
        }
        String curveName = certInfo.getCurveType().getCurveName();
        SPWLog.getLogger().i("Generating EC key with curve type: " + curveName);
        ECNamedCurveParameterSpec parameterSpec = ECNamedCurveTable.getParameterSpec(curveName);
        ECNamedCurveSpec eCNamedCurveSpec = new ECNamedCurveSpec(curveName, parameterSpec.getCurve(), parameterSpec.getG(), parameterSpec.getN(), parameterSpec.getH(), parameterSpec.getSeed());
        KeyPairGenerator keyPairGenerator2 = KeyPairGenerator.getInstance(EC, PROVIDER);
        keyPairGenerator2.initialize(eCNamedCurveSpec);
        return keyPairGenerator2.generateKeyPair();
    }

    private void writeToExternalStorage(X509Certificate x509Certificate) throws Exception {
        try {
            String str = this.params[0].getSPWWifiConfig().getIdentity() + ".crt";
            File defaultCertStorageDir = FileUtils.getDefaultCertStorageDir();
            File file = new File(defaultCertStorageDir, str);
            SPWLog.getLogger().i("writing user cert to " + file.getAbsolutePath());
            new FileOutputStream(file);
            FileOutputStream fileOutputStream = new FileOutputStream(file);
            fileOutputStream.write(x509Certificate.getEncoded());
            fileOutputStream.close();
            this.params[0].getSPWWifiConfig().setCertsDir(defaultCertStorageDir);
        } catch (Exception e) {
            SPWLog.getLogger().e("Error writing cert " + this.params[0].getSPWWifiConfig().getIdentity(), e);
            throw e;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // android.os.AsyncTask
    public SPWConstants.RETURNVALUES doInBackground(AsynchTaskParameter... asynchTaskParameterArr) {
        EnrollmentUtility enrollmentUtility;
        this.params = asynchTaskParameterArr;
        this.activity = asynchTaskParameterArr[0].getMainActivity();
        try {
            SPWWifiConfig sPWWifiConfig = asynchTaskParameterArr[0].getSPWWifiConfig();
            SPWLog.getLogger().i("Making SCEP call");
            KeyPair genKeyPair = genKeyPair(sPWWifiConfig.getCurrentCertInfo());
            String macAddress = asynchTaskParameterArr[0].getMacAddress();
            String chPwd = sPWWifiConfig.getCurrentCertInfo().getChPwd();
            if (chPwd == null) {
                chPwd = sPWWifiConfig.getSession();
            }
            if (sPWWifiConfig.useSCEPEnrollment() || !sPWWifiConfig.useESTNativeClient() || Build.VERSION.SDK_INT < 23) {
                SPWLog.getLogger().i("Making SCEP call");
                enrollmentUtility = new EnrollmentUtility(sPWWifiConfig.getIdentity(), sPWWifiConfig.getCurrentCertInfo().getSubject(), chPwd, sPWWifiConfig.getPKIUrl(), genKeyPair, macAddress, sPWWifiConfig.getGUID(), sPWWifiConfig.getSCEPInitialRetryCnt(), sPWWifiConfig.getSCEPInitialTimeout(), sPWWifiConfig.getSCEPPendingRetryCnt(), sPWWifiConfig.getSCEPPendingTimeout(), asynchTaskParameterArr[0].validateServerCert());
            } else {
                SPWLog.getLogger().i("Making EST call");
                enrollmentUtility = new EnrollmentUtility(sPWWifiConfig.getIdentity(), sPWWifiConfig.getPassword(), sPWWifiConfig.getCurrentCertInfo().getSubject(), chPwd, genKeyPair, macAddress, sPWWifiConfig.getGUID(), sPWWifiConfig.getESTSvrHost(), sPWWifiConfig.getESTSvrPort(), sPWWifiConfig.getCurrentCertInfo().getCurveType().getCurveName(), sPWWifiConfig.getESTSvrCertChain());
            }
            X509Certificate certificate = enrollmentUtility.getCertificate();
            if (certificate == null) {
                SPWLog.getLogger().e("Unable to download certificate " + sPWWifiConfig.getIdentity() + " " + sPWWifiConfig.getSession());
                return SPWConstants.RETURNVALUES.FAILED;
            }
            sPWWifiConfig.getCurrentCertInfo().setCert(certificate);
            sPWWifiConfig.getCurrentCertInfo().setPrivateKey(genKeyPair.getPrivate());
            sPWWifiConfig.getCurrentCertInfo().setPublicKey(genKeyPair.getPublic());
            return SPWConstants.RETURNVALUES.PASSED;
        } catch (SSLHandshakeException e) {
            SPWLog.getLogger().e("ISEEnrollmentAsynchTask", e);
            SPWLog.getLogger().e(e.getMessage());
            return e.getMessage().contains("CertPathValidatorException") ? SPWConstants.RETURNVALUES.CERT_EXCEPTION : SPWConstants.RETURNVALUES.FAILED;
        } catch (Exception e2) {
            SPWLog.getLogger().e("ISEEnrollmentAsynchTask", e2);
            SPWLog.getLogger().e(e2.getMessage());
            return SPWConstants.RETURNVALUES.FAILED;
        }
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // android.os.AsyncTask
    public void onPostExecute(SPWConstants.RETURNVALUES returnvalues) {
        Message obtainMessage = this.params[0].handler.obtainMessage();
        Bundle bundle = new Bundle();
        if (returnvalues == SPWConstants.RETURNVALUES.PASSED) {
            bundle.putString(SPWConstants.USERINPUT_KEY, SPWConstants.USERINPUT_YES);
            bundle.putString(SPWConstants.ENUM_STATE, SPWConstants.STATEENUM.SCEP_DONE.toString());
            obtainMessage.what = SPWConstants.STATEENUM.SCEP_DONE.ordinal();
        } else if (returnvalues == SPWConstants.RETURNVALUES.CERT_EXCEPTION) {
            bundle.putString(SPWConstants.ENUM_STATE, SPWConstants.STATEENUM.ASK_CERT_PERMISSION.toString());
            bundle.putString(SPWConstants.PREV_STATE, SPWConstants.STATEENUM.PROFILE_DOWNLOADED.toString());
            obtainMessage.what = SPWConstants.STATEENUM.ASK_CERT_PERMISSION.ordinal();
        } else {
            bundle.putString(SPWConstants.ENUM_STATE, SPWConstants.STATEENUM.EXCEPTION.toString());
            bundle.putString(SPWConstants.ERRORCODE_KEY, this.activity.getString(R.string.cert_gen_failed));
            obtainMessage.what = SPWConstants.STATEENUM.EXCEPTION.ordinal();
        }
        obtainMessage.setData(bundle);
        this.params[0].handler.dispatchMessage(obtainMessage);
    }
}
