package net.soti.mobicontrol.k;

import android.app.enterprise.CertificateInfo;
import android.app.enterprise.EnterpriseVpnPolicy;
import android.content.Context;
import android.os.Build;
import com.google.common.base.Optional;
import java.nio.ByteBuffer;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Iterator;
import java.util.List;
import java.util.concurrent.ExecutorService;
import javax.inject.Inject;
import javax.inject.Singleton;
import net.soti.mobicontrol.admin.DeviceAdministrationManager;
import net.soti.mobicontrol.ds.message.DsMessage;
import org.jetbrains.annotations.Nullable;

@Singleton
@net.soti.mobicontrol.ao.m
/* loaded from: classes.dex */
public class bj extends h {
    private final DeviceAdministrationManager b;
    private final be c;
    private final net.soti.mobicontrol.pendingaction.m d;
    private final ExecutorService e;
    private final t f;
    private final Optional<EnterpriseVpnPolicy> g;
    private final net.soti.mobicontrol.ao.d h;
    private final Context i;
    private final r j;
    private final k k;

    @Inject
    public bj(z zVar, net.soti.mobicontrol.device.security.e eVar, net.soti.mobicontrol.vpn.o oVar, DeviceAdministrationManager deviceAdministrationManager, r rVar, k kVar, t tVar, be beVar, net.soti.mobicontrol.pendingaction.m mVar, ExecutorService executorService, net.soti.mobicontrol.ao.d dVar, Context context, net.soti.mobicontrol.am.m mVar2) {
        super(eVar, zVar, rVar, kVar, beVar, dVar, context, mVar2);
        this.b = deviceAdministrationManager;
        this.j = rVar;
        this.k = kVar;
        this.c = beVar;
        this.d = mVar;
        this.e = executorService;
        this.f = tVar;
        this.h = dVar;
        this.i = context;
        this.g = oVar.a();
    }

    public static boolean a(X509Certificate x509Certificate, p pVar) {
        return pVar.b().equals(l.a(x509Certificate.getSerialNumber())) && b(x509Certificate, pVar) && c(x509Certificate, pVar);
    }

    private boolean a(bf bfVar) {
        net.soti.mobicontrol.am.m d = d();
        net.soti.mobicontrol.device.security.g b = f().b();
        if (b != net.soti.mobicontrol.device.security.g.USABLE) {
            d.c("[SamsungCertificateManager][showInstallationUI][cert] Certificate storage is unusable. State[%s]", b);
        } else if (e().a(bfVar.h())) {
            d.c("[SamsungCertificateManager][showInstallationUI][cert] Certificate already installed, performing CERT sync ..");
            d_();
        } else {
            j.a(this.i, d, bfVar.h(), bfVar.e());
        }
        return true;
    }

    private boolean a(p pVar) {
        X509Certificate x509Certificate;
        List clientCertificates = this.g.get().getClientCertificates("anyconnect");
        if (clientCertificates != null) {
            Iterator it = clientCertificates.iterator();
            while (it.hasNext()) {
                x509Certificate = (X509Certificate) ((CertificateInfo) it.next()).getCertificate();
                if (a(x509Certificate, pVar)) {
                    break;
                }
            }
        }
        x509Certificate = null;
        return x509Certificate != null;
    }

    private boolean a(p pVar, String str, String str2) {
        d().c("[SamsungCertificateManager][dirtyCertificateDeletion] : delete certificate in dirty way ...");
        byte[] a2 = this.k.a(pVar);
        if (a2 == null) {
            d().c("[SamsungCertificateManager][dirtyCertificateDeletion] : data is null. nothing to delete");
            return true;
        }
        String b = this.k.b(pVar);
        if (b == null) {
            d().c("[SamsungCertificateManager][dirtyCertificateDeletion] : password is null. nothing to delete");
            return true;
        }
        u c = l.c(a2, b);
        String a3 = j.a(pVar.a());
        pVar.a(a3);
        super.a(a2, c, b, pVar, a3);
        return super.a(str, str2);
    }

    private boolean a(byte[] bArr, String str, p pVar, String str2, u uVar, j jVar) {
        if (Build.VERSION.SDK_INT < net.soti.mobicontrol.device.n.ICE_CREAM_SANDWICH.getVersion()) {
            d().d("[SamsungCertificateManager][doStartInteractiveCertInstall] feature is not supported for [%s]", pVar.b());
            this.h.b(DsMessage.a("", net.soti.comm.as.FEATURE_NOT_SUPPORTED, net.soti.mobicontrol.ds.message.c.ERROR));
            return false;
        }
        String a2 = l.a(pVar.d());
        String b = pVar.b();
        a(jVar.d(), str2);
        b(bArr, uVar, str, a2, b, str2, jVar.c(), jVar.a(), be.b);
        return true;
    }

    private static boolean b(X509Certificate x509Certificate, p pVar) {
        return l.a(pVar.c()).equals(l.a(x509Certificate.getSubjectDN().getName())) && l.a(pVar.d()).equals(l.a(x509Certificate.getIssuerDN().getName()));
    }

    private static boolean c(X509Certificate x509Certificate, p pVar) {
        return pVar.f().equals(x509Certificate.getNotAfter()) && pVar.e().equals(x509Certificate.getNotBefore());
    }

    public void a(Certificate[] certificateArr, String str) {
        for (Certificate certificate : certificateArr) {
            X509Certificate x509Certificate = (X509Certificate) certificate;
            if (l.c(x509Certificate)) {
                try {
                    this.f2286a.a(str, x509Certificate.getEncoded(), u.CERT, "");
                } catch (CertificateEncodingException e) {
                    d().b("[%s][installCertificateChain] error :", e);
                }
            }
        }
    }

    @Override // net.soti.mobicontrol.k.h, net.soti.mobicontrol.k.n
    public boolean a(String str, String str2) {
        if (super.a(str, str2)) {
            return true;
        }
        p a2 = this.j.a(str, str2);
        if (a2 == null || !a(a2, str, str2)) {
            return false;
        }
        this.j.d(a2);
        return true;
    }

    @Override // net.soti.mobicontrol.k.h, net.soti.mobicontrol.k.n
    public boolean a(String str, byte[] bArr, u uVar, String str2, String str3) {
        net.soti.mobicontrol.am.m d = d();
        Optional<p> b = l.b(bArr, str2);
        if (!b.isPresent()) {
            d.d("[SamsungCertificateManager][addCertificate][cert] Cannot convert data into cert object fileName[%s]", str);
            this.h.b(DsMessage.a(this.i.getString(net.soti.mobicontrol.common.r.certificate_install_fail, this.i.getString(net.soti.mobicontrol.common.r.unknown) + " {" + str + "}"), net.soti.comm.as.DEVICE_ERROR, net.soti.mobicontrol.ds.message.c.ERROR));
            return false;
        }
        p pVar = b.get();
        String a2 = pVar.a();
        if (this.f2286a.a(a2)) {
            d.c("[SamsungCertificateManager][addCertificate][cert] Certificate already installed, performing CERT sync ..");
            d_();
            return true;
        }
        u c = l.c(bArr, str2);
        if (c != uVar) {
            d.c("[SamsungCertificateManager][addCertificate][cert] Corrected Certificate type to %s", c);
        } else {
            c = uVar;
        }
        boolean z = false;
        net.soti.mobicontrol.device.security.g b2 = f().b();
        if (b2 != net.soti.mobicontrol.device.security.g.USABLE) {
            d.c("[SamsungCertificateManager][addCertificate][cert] Certificate storage is unusable. State[%s]", b2);
            z = true;
        }
        if (!be.f2263a.equalsIgnoreCase(str3) && c == u.PKCS12) {
            try {
                j jVar = new j(d, ByteBuffer.wrap(bArr), str2);
                if (jVar.b()) {
                    return a(bArr, str2, pVar, a2, c, jVar);
                }
            } catch (CertificateException e) {
                d.b(net.soti.k.f827a, e);
            }
        } else {
            if (!z) {
                return a(bArr, c, str2, pVar, a2);
            }
            a(bArr, c, str2, l.a(pVar.d()), pVar.b(), a2, null, null, str3);
        }
        return true;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // net.soti.mobicontrol.k.h
    public boolean a(byte[] bArr, u uVar, String str, p pVar, String str2) {
        if (uVar == u.PKCS12 && this.g.isPresent() && !a(pVar)) {
            if (this.g.get().installClientCertificate("anyconnect", bArr, str)) {
                d().a("[SamsungCertificateManager][doCertificateInstallation] Installed CERT with alias {%s} into the AnyConnect VPN keystore", str2);
            } else {
                d().d("[SamsungCertificateManager][doCertificateInstallation] Failed to install CERT with alias {%s} into the AnyConnect VPN keystore", str2);
            }
        }
        return super.a(bArr, uVar, str, pVar, str2);
    }

    @Override // net.soti.mobicontrol.k.h, net.soti.mobicontrol.k.n
    public void b() {
        bf bfVar = null;
        for (bf bfVar2 : this.c.b()) {
            if (!bfVar2.k() || !bfVar2.i()) {
                this.c.c(bfVar2.a(), bfVar2.b());
                a(bfVar2.h(), bfVar2.c(), bfVar2.d(), bfVar2.e(), bfVar2.j());
                bfVar2 = bfVar;
            }
            bfVar = bfVar2;
        }
        if (bfVar != null) {
            a(bfVar);
        }
    }

    @net.soti.mobicontrol.ao.l(a = {@net.soti.mobicontrol.ao.q(a = net.soti.mobicontrol.m.u)})
    public void b(net.soti.mobicontrol.ao.c cVar) {
        if (cVar.b(net.soti.mobicontrol.m.I) && this.b.isAdminActive()) {
            d_();
        }
    }

    protected void b(byte[] bArr, u uVar, String str, String str2, String str3, String str4, @Nullable byte[] bArr2, @Nullable byte[] bArr3, String str5) {
        a(bArr, uVar, str, str2, str3, str4, bArr2, bArr3, str5);
        if (this.d.b(net.soti.mobicontrol.pendingaction.p.INSTALL_CERTIFICATE).isEmpty()) {
            this.d.a(new net.soti.mobicontrol.pendingaction.i(net.soti.mobicontrol.pendingaction.p.INSTALL_CERTIFICATE, this.i.getString(net.soti.mobicontrol.common.r.pending_certificate_installation_label), this.i.getString(net.soti.mobicontrol.common.r.pending_certificate_installation_detail)));
        }
    }

    @Override // net.soti.mobicontrol.k.h
    protected void c() {
        this.e.submit(new Runnable() { // from class: net.soti.mobicontrol.k.bj.1
            @Override // java.lang.Runnable
            public void run() {
                bj.this.d.a(net.soti.mobicontrol.pendingaction.p.CREDENTIAL_STORAGE_UNLOCK);
                bj.this.b();
            }
        });
    }

    @Override // net.soti.mobicontrol.k.h
    protected void d_() {
        this.f.a();
    }

    @Override // net.soti.mobicontrol.k.h
    protected void e_() {
        this.d.a(net.soti.mobicontrol.pendingaction.p.INSTALL_CERTIFICATE);
    }
}
