package com.android.server.devicepolicy;

import android.R;
import android.app.Notification;
import android.content.BroadcastReceiver;
import android.content.Context;
import android.content.Intent;
import android.content.IntentFilter;
import android.content.pm.ActivityInfo;
import android.content.pm.PackageManager;
import android.content.res.Resources;
import android.os.Handler;
import android.os.RemoteException;
import android.os.UserHandle;
import android.os.storage.StorageManager;
import android.util.Log;
import com.android.internal.notification.SystemNotificationChannels;
import com.android.server.devicepolicy.DevicePolicyManagerService;
import com.android.server.pm.PackageManagerService;
import java.io.ByteArrayInputStream;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.List;

/* loaded from: classes.dex */
public class CertificateMonitor {
    protected static final String LOG_TAG = "DevicePolicyManager";
    protected static final int MONITORING_CERT_NOTIFICATION_ID = 33;
    private final Handler mHandler;
    private final DevicePolicyManagerService.Injector mInjector;
    private final BroadcastReceiver mRootCaReceiver = new BroadcastReceiver() { // from class: com.android.server.devicepolicy.CertificateMonitor.1
        @Override // android.content.BroadcastReceiver
        public void onReceive(Context context, Intent intent) {
            if (StorageManager.inCryptKeeperBounce()) {
                return;
            }
            CertificateMonitor.this.updateInstalledCertificates(UserHandle.of(intent.getIntExtra("android.intent.extra.user_handle", getSendingUserId())));
        }
    };
    private final DevicePolicyManagerService mService;

    public CertificateMonitor(DevicePolicyManagerService devicePolicyManagerService, DevicePolicyManagerService.Injector injector, Handler handler) {
        this.mService = devicePolicyManagerService;
        this.mInjector = injector;
        this.mHandler = handler;
        IntentFilter intentFilter = new IntentFilter();
        intentFilter.addAction("android.intent.action.USER_STARTED");
        intentFilter.addAction("android.intent.action.USER_UNLOCKED");
        intentFilter.addAction("android.security.action.TRUST_STORE_CHANGED");
        intentFilter.setPriority(1000);
        this.mInjector.mContext.registerReceiverAsUser(this.mRootCaReceiver, UserHandle.ALL, intentFilter, null, this.mHandler);
    }

    private Notification buildNotification(UserHandle userHandle, int i) {
        String string;
        int i2;
        try {
            Context createContextAsUser = this.mInjector.createContextAsUser(userHandle);
            Resources resources = this.mInjector.getResources();
            int identifier = userHandle.getIdentifier();
            if (this.mService.getProfileOwner(userHandle.getIdentifier()) != null) {
                string = resources.getString(R.string.permdesc_mediaLocation, this.mService.getProfileOwnerName(userHandle.getIdentifier()));
                i2 = R.drawable.spinner_76_outer_holo;
                identifier = this.mService.getProfileParentId(userHandle.getIdentifier());
            } else if (this.mService.getDeviceOwnerUserId() == userHandle.getIdentifier()) {
                this.mService.getDeviceOwnerName();
                string = resources.getString(R.string.permdesc_mediaLocation, this.mService.getDeviceOwnerName());
                i2 = R.drawable.spinner_76_outer_holo;
            } else {
                string = resources.getString(R.string.permdesc_manageProfileAndDeviceOwners);
                i2 = R.drawable.stat_sys_warning;
            }
            Intent intent = new Intent("com.android.settings.MONITORING_CERT_INFO");
            intent.setFlags(268468224);
            intent.putExtra("android.settings.extra.number_of_certificates", i);
            intent.putExtra("android.intent.extra.USER_ID", userHandle.getIdentifier());
            ActivityInfo resolveActivityInfo = intent.resolveActivityInfo(this.mInjector.getPackageManager(), PackageManagerService.DumpState.DUMP_DEXOPT);
            if (resolveActivityInfo != null) {
                intent.setComponent(resolveActivityInfo.getComponentName());
            }
            return new Notification.Builder(createContextAsUser, SystemNotificationChannels.SECURITY).setSmallIcon(i2).setContentTitle(resources.getQuantityText(R.plurals.restr_pin_countdown, i)).setContentText(string).setContentIntent(this.mInjector.pendingIntentGetActivityAsUser(createContextAsUser, 0, intent, 134217728, null, UserHandle.of(identifier))).setShowWhen(false).setColor(R.color.dim_foreground_light_inverse_disabled).build();
        } catch (PackageManager.NameNotFoundException e) {
            Log.e(LOG_TAG, "Create context as " + userHandle + " failed", e);
            return null;
        }
    }

    private static X509Certificate parseCert(byte[] bArr) throws CertificateException {
        return (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(bArr));
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void updateInstalledCertificates(UserHandle userHandle) {
        if (this.mInjector.getUserManager().isUserUnlocked(userHandle.getIdentifier())) {
            try {
                List<String> installedCaCertificates = getInstalledCaCertificates(userHandle);
                this.mService.onInstalledCertificatesChanged(userHandle, installedCaCertificates);
                int size = installedCaCertificates.size() - this.mService.getAcceptedCaCertificates(userHandle).size();
                if (size == 0) {
                    this.mInjector.getNotificationManager().cancelAsUser(LOG_TAG, 33, userHandle);
                } else {
                    this.mInjector.getNotificationManager().notifyAsUser(LOG_TAG, 33, buildNotification(userHandle, size), userHandle);
                }
            } catch (RemoteException | RuntimeException e) {
                Log.e(LOG_TAG, "Could not retrieve certificates from KeyChain service", e);
            }
        }
    }

    /* JADX WARN: Removed duplicated region for block: B:24:0x003e  */
    /* JADX WARN: Removed duplicated region for block: B:34:? A[Catch: InterruptedException -> 0x0021, AssertionError -> 0x002f, SYNTHETIC, TRY_ENTER, TryCatch #7 {AssertionError -> 0x002f, InterruptedException -> 0x0021, blocks: (B:3:0x0001, B:13:0x0018, B:9:0x002b, B:17:0x001d, B:28:0x0040, B:25:0x0049, B:32:0x0045, B:29:0x0043), top: B:2:0x0001 }] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public java.util.List<java.lang.String> getInstalledCaCertificates(android.os.UserHandle r8) throws android.os.RemoteException, java.lang.RuntimeException {
        /*
            r7 = this;
            r3 = 0
            com.android.server.devicepolicy.DevicePolicyManagerService$Injector r2 = r7.mInjector     // Catch: java.lang.InterruptedException -> L21 java.lang.AssertionError -> L2f
            android.security.KeyChain$KeyChainConnection r0 = r2.keyChainBindAsUser(r8)     // Catch: java.lang.InterruptedException -> L21 java.lang.AssertionError -> L2f
            r4 = 0
            android.security.IKeyChainService r2 = r0.getService()     // Catch: java.lang.Throwable -> L36 java.lang.Throwable -> L4d
            android.content.pm.StringParceledListSlice r2 = r2.getUserCaAliases()     // Catch: java.lang.Throwable -> L36 java.lang.Throwable -> L4d
            java.util.List r2 = r2.getList()     // Catch: java.lang.Throwable -> L36 java.lang.Throwable -> L4d
            if (r0 == 0) goto L1b
            if (r3 == 0) goto L2b
            r0.close()     // Catch: java.lang.Throwable -> L1c java.lang.InterruptedException -> L21 java.lang.AssertionError -> L2f
        L1b:
            return r2
        L1c:
            r5 = move-exception
            r4.addSuppressed(r5)     // Catch: java.lang.InterruptedException -> L21 java.lang.AssertionError -> L2f
            goto L1b
        L21:
            r1 = move-exception
            java.lang.Thread r2 = java.lang.Thread.currentThread()
            r2.interrupt()
            r2 = r3
            goto L1b
        L2b:
            r0.close()     // Catch: java.lang.InterruptedException -> L21 java.lang.AssertionError -> L2f
            goto L1b
        L2f:
            r1 = move-exception
            java.lang.RuntimeException r2 = new java.lang.RuntimeException
            r2.<init>(r1)
            throw r2
        L36:
            r2 = move-exception
            throw r2     // Catch: java.lang.Throwable -> L38
        L38:
            r4 = move-exception
            r6 = r4
            r4 = r2
            r2 = r6
        L3c:
            if (r0 == 0) goto L43
            if (r4 == 0) goto L49
            r0.close()     // Catch: java.lang.InterruptedException -> L21 java.lang.AssertionError -> L2f java.lang.Throwable -> L44
        L43:
            throw r2     // Catch: java.lang.InterruptedException -> L21 java.lang.AssertionError -> L2f
        L44:
            r5 = move-exception
            r4.addSuppressed(r5)     // Catch: java.lang.InterruptedException -> L21 java.lang.AssertionError -> L2f
            goto L43
        L49:
            r0.close()     // Catch: java.lang.InterruptedException -> L21 java.lang.AssertionError -> L2f
            goto L43
        L4d:
            r2 = move-exception
            r4 = r3
            goto L3c
        */
        throw new UnsupportedOperationException("Method not decompiled: com.android.server.devicepolicy.CertificateMonitor.getInstalledCaCertificates(android.os.UserHandle):java.util.List");
    }

    /* JADX WARN: Removed duplicated region for block: B:31:0x005b  */
    /* JADX WARN: Removed duplicated region for block: B:41:? A[Catch: RemoteException -> 0x0035, InterruptedException -> 0x0043, SYNTHETIC, TRY_ENTER, TryCatch #8 {RemoteException -> 0x0035, InterruptedException -> 0x0043, blocks: (B:6:0x000f, B:16:0x0022, B:12:0x003f, B:20:0x0031, B:35:0x005d, B:32:0x0066, B:39:0x0062, B:36:0x0060), top: B:5:0x000f }] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public java.lang.String installCaCert(android.os.UserHandle r12, byte[] r13) {
        /*
            r11 = this;
            r7 = 0
            java.security.cert.X509Certificate r1 = parseCert(r13)     // Catch: java.security.cert.CertificateException -> L26 java.io.IOException -> L6d
            r6 = 1
            java.security.cert.Certificate[] r6 = new java.security.cert.Certificate[r6]     // Catch: java.security.cert.CertificateException -> L26 java.io.IOException -> L6d
            r8 = 0
            r6[r8] = r1     // Catch: java.security.cert.CertificateException -> L26 java.io.IOException -> L6d
            byte[] r5 = android.security.Credentials.convertToPem(r6)     // Catch: java.security.cert.CertificateException -> L26 java.io.IOException -> L6d
            com.android.server.devicepolicy.DevicePolicyManagerService$Injector r6 = r11.mInjector     // Catch: android.os.RemoteException -> L35 java.lang.InterruptedException -> L43
            android.security.KeyChain$KeyChainConnection r4 = r6.keyChainBindAsUser(r12)     // Catch: android.os.RemoteException -> L35 java.lang.InterruptedException -> L43
            r8 = 0
            android.security.IKeyChainService r6 = r4.getService()     // Catch: java.lang.Throwable -> L53 java.lang.Throwable -> L6a
            java.lang.String r6 = r6.installCaCertificate(r5)     // Catch: java.lang.Throwable -> L53 java.lang.Throwable -> L6a
            if (r4 == 0) goto L25
            if (r7 == 0) goto L3f
            r4.close()     // Catch: java.lang.Throwable -> L30 android.os.RemoteException -> L35 java.lang.InterruptedException -> L43
        L25:
            return r6
        L26:
            r0 = move-exception
        L27:
            java.lang.String r6 = "DevicePolicyManager"
            java.lang.String r8 = "Problem converting cert"
            android.util.Log.e(r6, r8, r0)
            r6 = r7
            goto L25
        L30:
            r9 = move-exception
            r8.addSuppressed(r9)     // Catch: android.os.RemoteException -> L35 java.lang.InterruptedException -> L43
            goto L25
        L35:
            r2 = move-exception
            java.lang.String r6 = "DevicePolicyManager"
            java.lang.String r8 = "installCaCertsToKeyChain(): "
            android.util.Log.e(r6, r8, r2)
        L3d:
            r6 = r7
            goto L25
        L3f:
            r4.close()     // Catch: android.os.RemoteException -> L35 java.lang.InterruptedException -> L43
            goto L25
        L43:
            r3 = move-exception
            java.lang.String r6 = "DevicePolicyManager"
            java.lang.String r8 = "installCaCertsToKeyChain(): "
            android.util.Log.w(r6, r8, r3)
            java.lang.Thread r6 = java.lang.Thread.currentThread()
            r6.interrupt()
            goto L3d
        L53:
            r6 = move-exception
            throw r6     // Catch: java.lang.Throwable -> L55
        L55:
            r8 = move-exception
            r10 = r8
            r8 = r6
            r6 = r10
        L59:
            if (r4 == 0) goto L60
            if (r8 == 0) goto L66
            r4.close()     // Catch: android.os.RemoteException -> L35 java.lang.InterruptedException -> L43 java.lang.Throwable -> L61
        L60:
            throw r6     // Catch: android.os.RemoteException -> L35 java.lang.InterruptedException -> L43
        L61:
            r9 = move-exception
            r8.addSuppressed(r9)     // Catch: android.os.RemoteException -> L35 java.lang.InterruptedException -> L43
            goto L60
        L66:
            r4.close()     // Catch: android.os.RemoteException -> L35 java.lang.InterruptedException -> L43
            goto L60
        L6a:
            r6 = move-exception
            r8 = r7
            goto L59
        L6d:
            r0 = move-exception
            goto L27
        */
        throw new UnsupportedOperationException("Method not decompiled: com.android.server.devicepolicy.CertificateMonitor.installCaCert(android.os.UserHandle, byte[]):java.lang.String");
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public final /* synthetic */ void lambda$onCertificateApprovalsChanged$0$CertificateMonitor(int i) {
        updateInstalledCertificates(UserHandle.of(i));
    }

    public void onCertificateApprovalsChanged(final int i) {
        this.mHandler.post(new Runnable(this, i) { // from class: com.android.server.devicepolicy.CertificateMonitor$$Lambda$0
            private final CertificateMonitor arg$1;
            private final int arg$2;

            /* JADX INFO: Access modifiers changed from: package-private */
            {
                this.arg$1 = this;
                this.arg$2 = i;
            }

            @Override // java.lang.Runnable
            public void run() {
                this.arg$1.lambda$onCertificateApprovalsChanged$0$CertificateMonitor(this.arg$2);
            }
        });
    }

    /* JADX WARN: Removed duplicated region for block: B:31:0x0049  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public void uninstallCaCerts(android.os.UserHandle r9, java.lang.String[] r10) {
        /*
            r8 = this;
            com.android.server.devicepolicy.DevicePolicyManagerService$Injector r4 = r8.mInjector     // Catch: android.os.RemoteException -> L24 java.lang.InterruptedException -> L31
            android.security.KeyChain$KeyChainConnection r3 = r4.keyChainBindAsUser(r9)     // Catch: android.os.RemoteException -> L24 java.lang.InterruptedException -> L31
            r5 = 0
            r1 = 0
        L8:
            int r4 = r10.length     // Catch: java.lang.Throwable -> L41 java.lang.Throwable -> L58
            if (r1 >= r4) goto L17
            android.security.IKeyChainService r4 = r3.getService()     // Catch: java.lang.Throwable -> L41 java.lang.Throwable -> L58
            r6 = r10[r1]     // Catch: java.lang.Throwable -> L41 java.lang.Throwable -> L58
            r4.deleteCaCertificate(r6)     // Catch: java.lang.Throwable -> L41 java.lang.Throwable -> L58
            int r1 = r1 + 1
            goto L8
        L17:
            if (r3 == 0) goto L1e
            if (r5 == 0) goto L2d
            r3.close()     // Catch: java.lang.Throwable -> L1f android.os.RemoteException -> L24 java.lang.InterruptedException -> L31
        L1e:
            return
        L1f:
            r4 = move-exception
            r5.addSuppressed(r4)     // Catch: android.os.RemoteException -> L24 java.lang.InterruptedException -> L31
            goto L1e
        L24:
            r0 = move-exception
            java.lang.String r4 = "DevicePolicyManager"
            java.lang.String r5 = "from CaCertUninstaller: "
            android.util.Log.e(r4, r5, r0)
            goto L1e
        L2d:
            r3.close()     // Catch: android.os.RemoteException -> L24 java.lang.InterruptedException -> L31
            goto L1e
        L31:
            r2 = move-exception
            java.lang.String r4 = "DevicePolicyManager"
            java.lang.String r5 = "CaCertUninstaller: "
            android.util.Log.w(r4, r5, r2)
            java.lang.Thread r4 = java.lang.Thread.currentThread()
            r4.interrupt()
            goto L1e
        L41:
            r4 = move-exception
            throw r4     // Catch: java.lang.Throwable -> L43
        L43:
            r5 = move-exception
            r7 = r5
            r5 = r4
            r4 = r7
        L47:
            if (r3 == 0) goto L4e
            if (r5 == 0) goto L54
            r3.close()     // Catch: android.os.RemoteException -> L24 java.lang.InterruptedException -> L31 java.lang.Throwable -> L4f
        L4e:
            throw r4     // Catch: android.os.RemoteException -> L24 java.lang.InterruptedException -> L31
        L4f:
            r6 = move-exception
            r5.addSuppressed(r6)     // Catch: android.os.RemoteException -> L24 java.lang.InterruptedException -> L31
            goto L4e
        L54:
            r3.close()     // Catch: android.os.RemoteException -> L24 java.lang.InterruptedException -> L31
            goto L4e
        L58:
            r4 = move-exception
            goto L47
        */
        throw new UnsupportedOperationException("Method not decompiled: com.android.server.devicepolicy.CertificateMonitor.uninstallCaCerts(android.os.UserHandle, java.lang.String[]):void");
    }
}
