package com.google.android.apps.chrome.oemsupport;

import android.content.ComponentName;
import android.content.Context;
import android.content.Intent;
import android.content.ServiceConnection;
import android.os.IBinder;
import android.os.RemoteException;
import android.text.TextUtils;
import android.util.Log;
import com.google.android.apps.chrome.deviceextras.DeviceSupportHelper;
import com.google.android.apps.chrome.knoxsettings.KnoxSettings;
import com.google.android.apps.chrome.knoxsettings.KnoxSettingsProvider;
import java.io.ByteArrayInputStream;
import java.io.ObjectInputStream;
import java.security.cert.X509Certificate;
import org.chromium.base.ThreadUtils;
import org.chromium.chrome.browser.PKCS11AuthenticationManager;
import org.chromium.chrome.browser.SSLClientCertificateRequest;
import org.chromium.net.AndroidPrivateKey;
import org.chromium.net.IRemoteAndroidKeyStore;
import org.chromium.net.IRemoteAndroidKeyStoreCallbacks;
import org.chromium.net.RemoteAndroidKeyStore;

/* loaded from: classes.dex */
public class DelegatedPKCS11Manager implements PKCS11AuthenticationManager {
    static final /* synthetic */ boolean $assertionsDisabled;
    private static final Object CONNECTION_LOCK;
    private static final String DEVICE_EXTRAS_SERVICE_ACTION = "com.chrome.deviceextras.KnoxPKCS11Service";
    private static final long REMOTE_INITIALIZATION_DELAY = 20000;
    private static final String TAG = "DelegatedPKCS11Manager";
    private final IRemoteAndroidKeyStoreCallbacks mCallbacks = new IRemoteAndroidKeyStoreCallbacks.Stub() { // from class: com.google.android.apps.chrome.oemsupport.DelegatedPKCS11Manager.1
        @Override // org.chromium.net.IRemoteAndroidKeyStoreCallbacks
        public void onDisabled() {
            Log.d(DelegatedPKCS11Manager.TAG, "onDisabled");
            DelegatedPKCS11Manager.this.disconnectFromRemote();
            synchronized (DelegatedPKCS11Manager.CONNECTION_LOCK) {
                DelegatedPKCS11Manager.CONNECTION_LOCK.notify();
            }
        }

        @Override // org.chromium.net.IRemoteAndroidKeyStoreCallbacks
        public void onInitComplete() {
            Log.d(DelegatedPKCS11Manager.TAG, "onInitializationComplete");
            DelegatedPKCS11Manager.this.mRemoteIsReady = true;
            SSLClientCertificateRequest.notifyClientCertificatesChangedOnIOThread();
            synchronized (DelegatedPKCS11Manager.CONNECTION_LOCK) {
                DelegatedPKCS11Manager.CONNECTION_LOCK.notify();
            }
        }
    };
    private final ServiceConnection mConnection = new ServiceConnection() { // from class: com.google.android.apps.chrome.oemsupport.DelegatedPKCS11Manager.2
        @Override // android.content.ServiceConnection
        public void onServiceConnected(ComponentName componentName, IBinder iBinder) {
            DelegatedPKCS11Manager.this.mRemoteManager = IRemoteAndroidKeyStore.Stub.asInterface(iBinder);
            try {
                DelegatedPKCS11Manager.this.mRemoteManager.setClientCallbacks(DelegatedPKCS11Manager.this.mCallbacks);
            } catch (RemoteException e) {
            }
            DelegatedPKCS11Manager.this.mKeyStoreRemote = new RemoteAndroidKeyStore(DelegatedPKCS11Manager.this.mRemoteManager);
        }

        @Override // android.content.ServiceConnection
        public void onServiceDisconnected(ComponentName componentName) {
            DelegatedPKCS11Manager.this.clearState();
        }
    };
    private Context mContext;
    private boolean mIsBound;
    private boolean mIsEnabled;
    private RemoteAndroidKeyStore mKeyStoreRemote;
    private boolean mRemoteIsReady;
    private IRemoteAndroidKeyStore mRemoteManager;

    static {
        $assertionsDisabled = !DelegatedPKCS11Manager.class.desiredAssertionStatus();
        CONNECTION_LOCK = new Object();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void bindToService() {
        Intent intent = new Intent();
        intent.setPackage(DeviceSupportHelper.getSupportPackageName(this.mContext));
        intent.setAction(DEVICE_EXTRAS_SERVICE_ACTION);
        this.mIsBound = this.mContext.bindService(intent, this.mConnection, 1);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void clearState() {
        this.mIsBound = false;
        this.mRemoteManager = null;
        this.mKeyStoreRemote = null;
        this.mRemoteIsReady = false;
        SSLClientCertificateRequest.notifyClientCertificatesChangedOnIOThread();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void disconnectFromRemote() {
        Log.d(TAG, "Disconnect from remote");
        if (this.mIsBound) {
            this.mContext.unbindService(this.mConnection);
        }
        clearState();
    }

    private void maybeWaitForRemoteServiceToInitialize() {
        if (!this.mIsEnabled || this.mRemoteIsReady) {
            return;
        }
        if (!this.mIsBound) {
            bindToService();
        }
        synchronized (CONNECTION_LOCK) {
            Log.d(TAG, "Waiting for Remote service to initialize.");
            try {
                CONNECTION_LOCK.wait(REMOTE_INITIALIZATION_DELAY);
            } catch (InterruptedException e) {
                e.printStackTrace();
            }
        }
    }

    @Override // org.chromium.chrome.browser.PKCS11AuthenticationManager
    public X509Certificate[] getCertificateChain(String str) {
        if (!$assertionsDisabled && ThreadUtils.runningOnUiThread()) {
            throw new AssertionError();
        }
        try {
            return (X509Certificate[]) new ObjectInputStream(new ByteArrayInputStream(this.mRemoteManager.getEncodedCertificateChain(str))).readObject();
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    @Override // org.chromium.chrome.browser.PKCS11AuthenticationManager
    public String getClientCertificateAlias(String str, int i) {
        if (!$assertionsDisabled && ThreadUtils.runningOnUiThread()) {
            throw new AssertionError();
        }
        maybeWaitForRemoteServiceToInitialize();
        try {
            String clientCertificateAlias = KnoxSettingsProvider.getClientCertificateAlias(this.mContext, str, i);
            if (TextUtils.isEmpty(clientCertificateAlias)) {
                if (this.mRemoteManager == null) {
                    Log.e(TAG, "Cannot get client certificate alias as remote is unavailable");
                    clientCertificateAlias = null;
                } else {
                    clientCertificateAlias = this.mRemoteManager.getClientCertificateAlias();
                }
            }
            return clientCertificateAlias;
        } catch (RemoteException e) {
            e.printStackTrace();
            return null;
        }
    }

    @Override // org.chromium.chrome.browser.PKCS11AuthenticationManager
    public AndroidPrivateKey getPrivateKey(String str) {
        if (this.mKeyStoreRemote != null) {
            return this.mKeyStoreRemote.createKey(str);
        }
        Log.e(TAG, "Cannot get private key as remote is unavailable");
        return null;
    }

    @Override // org.chromium.chrome.browser.PKCS11AuthenticationManager
    public void initialize(Context context) {
        if (!$assertionsDisabled && !ThreadUtils.runningOnUiThread()) {
            throw new AssertionError();
        }
        Log.d(TAG, "initialize");
        this.mContext = context;
        KnoxSettings.getInstance(context).addObserver(new KnoxSettings.Observer() { // from class: com.google.android.apps.chrome.oemsupport.DelegatedPKCS11Manager.3
            @Override // com.google.android.apps.chrome.knoxsettings.KnoxSettings.Observer
            public void onSettingsAvailable(KnoxSettings.Settings settings) {
                boolean smartCardAuthenticationEnabled = settings.getSmartCardAuthenticationEnabled();
                if (!DelegatedPKCS11Manager.this.mIsEnabled && smartCardAuthenticationEnabled) {
                    DelegatedPKCS11Manager.this.mIsEnabled = true;
                    DelegatedPKCS11Manager.this.bindToService();
                } else {
                    if (!DelegatedPKCS11Manager.this.mIsEnabled || smartCardAuthenticationEnabled) {
                        return;
                    }
                    DelegatedPKCS11Manager.this.mIsEnabled = false;
                    DelegatedPKCS11Manager.this.disconnectFromRemote();
                }
            }
        });
    }

    @Override // org.chromium.chrome.browser.PKCS11AuthenticationManager
    public boolean isPKCS11AuthEnabled() {
        return this.mIsEnabled;
    }
}
