package net.soti.mobicontrol.bh;

import com.google.common.base.Optional;
import com.google.inject.Inject;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.InputStream;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Iterator;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.X509KeyManager;
import net.soti.mobicontrol.ao.m;
import net.soti.mobicontrol.ao.q;
import net.soti.mobicontrol.k.l;
import net.soti.mobicontrol.k.p;
import net.soti.mobicontrol.k.u;
import net.soti.ssl.KeyStorePasswordProvider;
import net.soti.ssl.certificate.CertificateStore;
import net.soti.ssl.certificate.ClientAuthPKI;
import org.jetbrains.annotations.Nullable;

@m
/* loaded from: classes.dex */
public class c {

    /* renamed from: a, reason: collision with root package name */
    private static final byte[] f1234a = new byte[0];
    private static final String b = "client_cert_name";
    private static final String c = "client_cert";
    private final KeyStorePasswordProvider d;
    private final net.soti.mobicontrol.am.m e;
    private final net.soti.comm.c.a f;
    private final CertificateStore g;

    @Inject
    public c(net.soti.comm.c.a aVar, @ClientAuthPKI CertificateStore certificateStore, KeyStorePasswordProvider keyStorePasswordProvider, net.soti.mobicontrol.am.m mVar) {
        this.f = aVar;
        this.g = certificateStore;
        this.d = keyStorePasswordProvider;
        this.e = mVar;
    }

    private KeyStore a(KeyStore keyStore, String str, char[] cArr) throws b {
        try {
            Key key = keyStore.getKey(str, h());
            Certificate[] certificateChain = keyStore.getCertificateChain(str);
            KeyStore keyStore2 = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore2.load(null, cArr);
            keyStore2.setKeyEntry("client certificate", key, cArr, certificateChain);
            return keyStore2;
        } catch (Exception e) {
            throw new b(e);
        }
    }

    private void a(InputStream inputStream, char[] cArr, String str) throws b {
        try {
            KeyStore keyStore = KeyStore.getInstance(str);
            keyStore.load(inputStream, cArr);
            Iterator it = net.soti.mobicontrol.bx.a.a.d.a(keyStore.aliases()).iterator();
            while (it.hasNext()) {
                a((String) it.next(), keyStore, cArr);
            }
        } catch (Exception e) {
            throw new b(e);
        }
    }

    private void a(String str, KeyStore keyStore, char[] cArr) throws b {
        try {
            KeyStore.Entry entry = keyStore.getEntry(str, new KeyStore.PasswordProtection(cArr));
            if (!(entry instanceof KeyStore.PrivateKeyEntry)) {
                this.e.c("[ClientCertificateStorage][storeKeyByAlias] Entry does not contain private key %s", entry);
                return;
            }
            KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) entry;
            String b2 = l.b((X509Certificate) privateKeyEntry.getCertificate());
            this.e.a("[ClientCertificateStorage][storeKeyByAlias] Storing client cert %s -> %s", str, b2);
            this.g.storePrivateKeyEntry(b2, privateKeyEntry, h());
        } catch (Exception e) {
            throw new b(e);
        }
    }

    private boolean a(String str) throws KeyStoreException {
        if (!g().containsAlias(str)) {
            return false;
        }
        this.g.getKeyStore(h()).deleteEntry(str);
        return true;
    }

    @Nullable
    private static KeyManager[] a(@Nullable KeyManager[] keyManagerArr) {
        if (keyManagerArr == null) {
            return null;
        }
        KeyManager[] keyManagerArr2 = new KeyManager[keyManagerArr.length];
        int i = 0;
        while (true) {
            int i2 = i;
            if (i2 >= keyManagerArr.length) {
                return keyManagerArr2;
            }
            if (keyManagerArr[i2] instanceof X509KeyManager) {
                keyManagerArr2[i2] = new d((X509KeyManager) keyManagerArr[i2]);
            } else {
                keyManagerArr2[i2] = keyManagerArr[i2];
            }
            i = i2 + 1;
        }
    }

    private byte[] e() {
        KeyStore g;
        String f;
        try {
            g = g();
            f = f();
        } catch (Exception e) {
            this.e.b("[ClientCertificateStorage][getCertificateAsBytes] Failed to load client certificate", e);
        }
        if (!g.containsAlias(f)) {
            this.e.b("[ClientCertificateStorage][getCertificateAsBytes] Cannot find certificate %s", f);
            return f1234a;
        }
        this.e.b("[ClientCertificateStorage][getCertificateAsBytes] Using %s ", f);
        KeyStore a2 = a(g, f, h());
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        a2.store(byteArrayOutputStream, h());
        return byteArrayOutputStream.toByteArray();
    }

    private String f() {
        this.e.a("[ClientCertificateStorage][getClientAlias]");
        String b2 = l.b(this.f.n());
        this.e.a("[ClientCertificateStorage][getClientAlias] %s", b2);
        return b2;
    }

    private KeyStore g() {
        return this.g.getKeyStore(h());
    }

    private char[] h() {
        return this.d.getPassword();
    }

    public void a(String str, String str2) throws b {
        FileInputStream fileInputStream;
        this.e.a("[ClientCertificateStorage][setClientCertificate] %s", str);
        try {
            fileInputStream = new FileInputStream(str);
            try {
                try {
                    a(fileInputStream, str2.toCharArray(), u.PKCS12.asString());
                    net.soti.mobicontrol.bx.u.a(fileInputStream);
                } catch (FileNotFoundException e) {
                    e = e;
                    throw new b(e);
                }
            } catch (Throwable th) {
                th = th;
                net.soti.mobicontrol.bx.u.a(fileInputStream);
                throw th;
            }
        } catch (FileNotFoundException e2) {
            e = e2;
            fileInputStream = null;
        } catch (Throwable th2) {
            th = th2;
            fileInputStream = null;
            net.soti.mobicontrol.bx.u.a(fileInputStream);
            throw th;
        }
    }

    public void a(net.soti.mobicontrol.b.b.d dVar) {
        this.e.a("[ClientCertificateStorage][saveIntoBundle] Saving client certificate into bundle");
        dVar.a(b, this.f.n());
        dVar.a(c, e());
    }

    @Nullable
    public KeyManager[] a() {
        KeyStore g;
        String f;
        try {
            g = g();
            f = f();
        } catch (Exception e) {
            this.e.b("[ClientCertificateStorage][getKeyManagers] Failed to load client certificate", e);
        }
        if (!g.containsAlias(f)) {
            this.e.b("[ClientCertificateStorage][getKeyManagers] Cannot find certificate %s for client authentication", f);
            return null;
        }
        this.e.b("[ClientCertificateStorage][getKeyManagers] Using %s for client authentication", f);
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        keyManagerFactory.init(a(g, f, h()), h());
        return a(keyManagerFactory.getKeyManagers());
    }

    public void b(net.soti.mobicontrol.b.b.d dVar) {
        this.e.a("[ClientCertificateStorage][restoreFromBundle] Reading client certificate from backupStorage");
        this.f.g(dVar.b(b));
        byte[] d = dVar.d(c);
        if (d != null) {
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(d);
            try {
                a(byteArrayInputStream, h(), KeyStore.getDefaultType());
            } catch (Exception e) {
                this.e.b("[ClientCertificateStorage][restoreFromBundle] Cannot import client certificate", e);
            } finally {
                net.soti.mobicontrol.bx.u.a(byteArrayInputStream);
            }
        }
    }

    public boolean b() {
        try {
            return g().getCertificate(f()) != null;
        } catch (KeyStoreException e) {
            return false;
        }
    }

    public boolean b(String str, String str2) {
        try {
        } catch (Exception e) {
            this.e.b("[ClientCertificateStorage][getKeyManagers] Failed to load client certificate", e);
        }
        return a(l.b(str, str2));
    }

    public Optional<p> c() {
        try {
            return l.a(g().getCertificate(f()));
        } catch (Exception e) {
            this.e.c("[ClientCertificateStorage][getClientCertificateMetadata] No client certificate found");
            return Optional.absent();
        }
    }

    @net.soti.mobicontrol.ao.l(a = {@q(a = net.soti.mobicontrol.m.E)})
    public void d() {
        this.e.a("[ClientCertificateStorage][clearClientCertificateOnWipe]");
        try {
            a(this.f.n());
        } catch (KeyStoreException e) {
            this.e.b("[ClientCertificateStorage][clearClientCertificateOnWipe] ", e);
        }
    }
}
