package net.soti.mobicontrol.ah;

import android.app.enterprise.CertificateInfo;
import android.app.enterprise.EnterpriseVpnPolicy;
import android.content.Context;
import com.google.common.base.Optional;
import java.nio.ByteBuffer;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Iterator;
import java.util.List;
import java.util.concurrent.ExecutorService;
import javax.inject.Inject;
import javax.inject.Singleton;
import net.soti.c;
import net.soti.mobicontrol.Messages;
import net.soti.mobicontrol.admin.DeviceAdministrationManager;
import net.soti.mobicontrol.ah.bs;
import net.soti.mobicontrol.dq.h.b;
import net.soti.mobicontrol.ds.message.DsMessage;
import org.jetbrains.annotations.Nullable;

@Singleton
@net.soti.mobicontrol.cp.o
/* loaded from: classes.dex */
public class bx extends q {

    /* renamed from: b, reason: collision with root package name */
    private final DeviceAdministrationManager f2050b;
    private final bs c;
    private final net.soti.mobicontrol.pendingaction.n d;
    private final ExecutorService e;
    private final ag f;
    private final Optional<EnterpriseVpnPolicy> g;
    private final net.soti.mobicontrol.cp.d h;
    private final Context i;
    private final ab j;
    private final t k;

    @Inject
    public bx(al alVar, net.soti.mobicontrol.device.security.d dVar, net.soti.mobicontrol.vpn.p pVar, DeviceAdministrationManager deviceAdministrationManager, ab abVar, t tVar, ag agVar, bs bsVar, net.soti.mobicontrol.pendingaction.n nVar, ExecutorService executorService, net.soti.mobicontrol.cp.d dVar2, Context context, net.soti.mobicontrol.cj.q qVar) {
        super(dVar, alVar, abVar, tVar, bsVar, dVar2, context, qVar);
        this.f2050b = deviceAdministrationManager;
        this.j = abVar;
        this.k = tVar;
        this.c = bsVar;
        this.d = nVar;
        this.e = executorService;
        this.f = agVar;
        this.h = dVar2;
        this.i = context;
        this.g = pVar.a();
    }

    public static boolean a(X509Certificate x509Certificate, z zVar) {
        return zVar.b().equals(u.a(x509Certificate.getSerialNumber())) && b(x509Certificate, zVar) && c(x509Certificate, zVar);
    }

    private boolean a(bs.a aVar) {
        net.soti.mobicontrol.cj.q e = e();
        net.soti.mobicontrol.device.security.g d = g().d();
        if (d != net.soti.mobicontrol.device.security.g.USABLE) {
            e.d("[SamsungCertificateManager][showInstallationUI][cert] Certificate storage is unusable. State[%s]", d);
            return true;
        }
        if (!f().a(aVar.h())) {
            s.a(this.i, e, aVar.h(), aVar.e());
            return true;
        }
        e.d("[SamsungCertificateManager][showInstallationUI][cert] Certificate already installed, performing CERT sync ..");
        d_();
        return true;
    }

    private boolean a(z zVar) {
        X509Certificate x509Certificate;
        List clientCertificates = this.g.get().getClientCertificates("anyconnect");
        if (clientCertificates != null) {
            Iterator it = clientCertificates.iterator();
            while (it.hasNext()) {
                x509Certificate = (X509Certificate) ((CertificateInfo) it.next()).getCertificate();
                if (a(x509Certificate, zVar)) {
                    break;
                }
            }
        }
        x509Certificate = null;
        return x509Certificate != null;
    }

    private boolean a(z zVar, String str, String str2) {
        e().d("[SamsungCertificateManager][dirtyCertificateDeletion] : delete certificate in dirty way ...");
        byte[] a2 = this.k.a(zVar);
        if (a2 == null) {
            e().d("[SamsungCertificateManager][dirtyCertificateDeletion] : data is null. nothing to delete");
            return true;
        }
        String b2 = this.k.b(zVar);
        if (b2 == null) {
            e().d("[SamsungCertificateManager][dirtyCertificateDeletion] : password is null. nothing to delete");
            return true;
        }
        ah c = u.c(a2, b2);
        String a3 = s.a(zVar.a());
        zVar.a(a3);
        super.a(a2, c, b2, zVar, a3);
        return super.a(str, str2);
    }

    private boolean a(byte[] bArr, String str, z zVar, String str2, ah ahVar, s sVar) {
        String a2 = u.a(zVar.d());
        String b2 = zVar.b();
        a(sVar.d(), str2);
        b(bArr, ahVar, str, a2, b2, str2, sVar.c(), sVar.a(), bs.f2038b);
        return true;
    }

    private static boolean b(X509Certificate x509Certificate, z zVar) {
        return u.a(zVar.c()).equals(u.a(x509Certificate.getSubjectDN().getName())) && u.a(zVar.d()).equals(u.a(x509Certificate.getIssuerDN().getName()));
    }

    private static boolean c(X509Certificate x509Certificate, z zVar) {
        return zVar.f().equals(x509Certificate.getNotAfter()) && zVar.e().equals(x509Certificate.getNotBefore());
    }

    public void a(Certificate[] certificateArr, String str) {
        for (Certificate certificate : certificateArr) {
            X509Certificate x509Certificate = (X509Certificate) certificate;
            if (u.c(x509Certificate)) {
                try {
                    this.f2092a.a(str, x509Certificate.getEncoded(), ah.CERT, "");
                } catch (CertificateEncodingException e) {
                    e().e("[%s][installCertificateChain] error :", e);
                }
            }
        }
    }

    @Override // net.soti.mobicontrol.ah.q, net.soti.mobicontrol.ah.x
    public boolean a(String str, String str2) {
        if (super.a(str, str2)) {
            return true;
        }
        z a2 = this.j.a(str, str2);
        if (a2 == null || !a(a2, str, str2)) {
            return false;
        }
        this.j.d(a2);
        return true;
    }

    boolean a(String str, ah ahVar) {
        return !bs.f2037a.equalsIgnoreCase(str) && ahVar == ah.PKCS12;
    }

    @Override // net.soti.mobicontrol.ah.q, net.soti.mobicontrol.ah.x
    public boolean a(String str, byte[] bArr, ah ahVar, String str2, String str3) {
        ah ahVar2;
        String str4;
        net.soti.mobicontrol.cj.q e = e();
        Optional<z> b2 = u.b(bArr, str2);
        boolean z = false;
        if (!b2.isPresent()) {
            e.e("[SamsungCertificateManager][addCertificate][cert] Cannot convert data into cert object fileName[%s]", str);
            this.h.b(DsMessage.a(this.i.getString(b.l.certificate_install_fail, this.i.getString(b.l.unknown) + " {" + str + "}"), net.soti.comm.aq.DEVICE_ERROR, net.soti.mobicontrol.ds.message.e.ERROR));
            return false;
        }
        z zVar = b2.get();
        String a2 = zVar.a();
        if (this.f2092a.a(a2)) {
            e.d("[SamsungCertificateManager][addCertificate][cert] Certificate already installed, performing CERT sync ..");
            d_();
            return true;
        }
        ah c = u.c(bArr, str2);
        if (c != ahVar) {
            e.d("[SamsungCertificateManager][addCertificate][cert] Corrected Certificate type to %s", c);
            ahVar2 = c;
        } else {
            ahVar2 = ahVar;
        }
        net.soti.mobicontrol.device.security.g d = g().d();
        if (d != net.soti.mobicontrol.device.security.g.USABLE) {
            e.d("[SamsungCertificateManager][addCertificate][cert] Certificate storage is unusable. State[%s]", d);
            str4 = str3;
            z = true;
        } else {
            str4 = str3;
        }
        if (a(str4, ahVar2)) {
            try {
                s sVar = new s(e, ByteBuffer.wrap(bArr), str2);
                if (sVar.b()) {
                    return a(bArr, str2, zVar, a2, ahVar2, sVar);
                }
            } catch (CertificateException e2) {
                e.e(c.n.f1544a, e2);
            }
        } else {
            if (!z) {
                return a(bArr, ahVar2, str2, zVar, a2);
            }
            a(bArr, ahVar2, str2, u.a(zVar.d()), zVar.b(), a2, null, null, str3);
        }
        return true;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // net.soti.mobicontrol.ah.q
    public boolean a(byte[] bArr, ah ahVar, String str, z zVar, String str2) {
        if (ahVar == ah.PKCS12 && this.g.isPresent() && !a(zVar)) {
            if (this.g.get().installClientCertificate("anyconnect", bArr, str)) {
                e().b("[SamsungCertificateManager][doCertificateInstallation] Installed CERT with alias {%s} into the AnyConnect VPN keystore", str2);
            } else {
                e().b("[SamsungCertificateManager][doCertificateInstallation] Failed to install %s with alias {%s} into the AnyConnect VPN keystore", ahVar, str2);
            }
        }
        return super.a(bArr, ahVar, str, zVar, str2);
    }

    @Override // net.soti.mobicontrol.ah.q, net.soti.mobicontrol.ah.x
    public void b() {
        bs.a aVar = null;
        for (bs.a aVar2 : this.c.b()) {
            if (aVar2.k() && aVar2.i()) {
                aVar = aVar2;
            } else {
                this.c.c(aVar2.a(), aVar2.b());
                a(aVar2.h(), aVar2.c(), aVar2.d(), aVar2.e(), aVar2.j());
            }
        }
        if (aVar != null) {
            a(aVar);
        }
    }

    @net.soti.mobicontrol.cp.n(a = {@net.soti.mobicontrol.cp.q(a = Messages.b.x)})
    public void b(net.soti.mobicontrol.cp.c cVar) {
        if (cVar.b(Messages.b.N) && this.f2050b.isAdminActive()) {
            d_();
        }
    }

    protected void b(byte[] bArr, ah ahVar, String str, String str2, String str3, String str4, @Nullable byte[] bArr2, @Nullable byte[] bArr3, String str5) {
        a(bArr, ahVar, str, str2, str3, str4, bArr2, bArr3, str5);
        if (this.d.b(net.soti.mobicontrol.pendingaction.q.INSTALL_CERTIFICATE).isEmpty()) {
            this.d.a(new net.soti.mobicontrol.pendingaction.k(net.soti.mobicontrol.pendingaction.q.INSTALL_CERTIFICATE, this.i.getString(b.l.pending_certificate_installation_label), this.i.getString(b.l.pending_certificate_installation_detail)));
        }
    }

    @Override // net.soti.mobicontrol.ah.q
    protected void c() {
        this.e.submit(new Runnable() { // from class: net.soti.mobicontrol.ah.bx.1
            @Override // java.lang.Runnable
            public void run() {
                bx.this.d.a(net.soti.mobicontrol.pendingaction.q.CREDENTIAL_STORAGE_UNLOCK);
                bx.this.b();
            }
        });
    }

    @Override // net.soti.mobicontrol.ah.q
    protected void d_() {
        this.f.a();
    }

    @Override // net.soti.mobicontrol.ah.q
    protected void e_() {
        this.d.a(net.soti.mobicontrol.pendingaction.q.INSTALL_CERTIFICATE);
    }
}
