package net.soti.mobicontrol.newenrollment.security.repository.api.local;

import com.google.common.base.Optional;
import io.reactivex.Completable;
import io.reactivex.CompletableEmitter;
import io.reactivex.CompletableOnSubscribe;
import io.reactivex.Single;
import io.reactivex.SingleEmitter;
import io.reactivex.SingleOnSubscribe;
import io.reactivex.SingleSource;
import io.reactivex.functions.Function;
import java.io.ByteArrayInputStream;
import java.math.BigInteger;
import java.nio.charset.Charset;
import javax.inject.Inject;
import net.soti.comm.connectionsettings.ConnectionSettings;
import net.soti.mobicontrol.cert.CertificateHelper;
import net.soti.mobicontrol.cert.CertificateKeyStoreHelper;
import net.soti.mobicontrol.cert.CertificateMetadata;
import net.soti.mobicontrol.cert.CertificateProcessingException;
import net.soti.mobicontrol.cert.CertificateType;
import net.soti.mobicontrol.cert.PublicPrivateKeyPair;
import net.soti.mobicontrol.security.ClientCertificateException;
import net.soti.mobicontrol.security.ClientCertificateStorage;
import net.soti.mobicontrol.util.StringUtils;
import net.soti.ssl.RootCertificateManager;
import net.soti.ssl.RootCertificateStorage;
import org.apache.commons.net.util.Base64;
import org.jetbrains.annotations.NotNull;

/* loaded from: classes5.dex */
public class NewEnrollmentCertificateStore implements NewEnrollmentCertificateStorage {

    @NotNull
    private final RootCertificateManager a;

    @NotNull
    private final RootCertificateStorage b;

    @NotNull
    private final ClientCertificateStorage c;

    @NotNull
    private final CertificateKeyStoreHelper d;

    @NotNull
    private final ConnectionSettings e;

    @Inject
    public NewEnrollmentCertificateStore(@NotNull RootCertificateManager rootCertificateManager, @NotNull RootCertificateStorage rootCertificateStorage, @NotNull ClientCertificateStorage clientCertificateStorage, @NotNull CertificateKeyStoreHelper certificateKeyStoreHelper, @NotNull ConnectionSettings connectionSettings) {
        this.a = rootCertificateManager;
        this.b = rootCertificateStorage;
        this.c = clientCertificateStorage;
        this.d = certificateKeyStoreHelper;
        this.e = connectionSettings;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public /* synthetic */ SingleSource a(Boolean bool) throws Exception {
        return Single.just(Boolean.valueOf(bool.booleanValue() && this.c.hasClientCertificate()));
    }

    @NotNull
    private static String a(@NotNull String str) {
        return String.format("%040x", new BigInteger(1, Base64.decodeBase64(str)));
    }

    /* JADX INFO: Access modifiers changed from: private */
    public /* synthetic */ void a(SingleEmitter singleEmitter) throws Exception {
        singleEmitter.onSuccess(Boolean.valueOf(!this.b.getMcRootCertsFromStorage().isEmpty()));
    }

    private void a(@NotNull String str, @NotNull String str2) throws ClientCertificateException {
        String upperCase = a(str).toUpperCase();
        Optional<PublicPrivateKeyPair> b = b(upperCase, str2);
        if (!b.isPresent()) {
            throw new ClientCertificateException("Could not extract private or public key from certificate.");
        }
        Optional<byte[]> hexToByteArray = StringUtils.hexToByteArray(upperCase);
        if (!hexToByteArray.isPresent()) {
            throw new ClientCertificateException("Can not save certificate data.");
        }
        this.c.setClientCertificate(new ByteArrayInputStream(hexToByteArray.get()), str2.toCharArray(), CertificateType.PKCS12.asString());
        Optional<CertificateMetadata> fromCertificate = CertificateHelper.fromCertificate(b.get().getCertificate());
        if (!fromCertificate.isPresent()) {
            throw new ClientCertificateException("Can not save certificate data.");
        }
        CertificateMetadata certificateMetadata = fromCertificate.get();
        this.e.setClientCertificateAlias(CertificateHelper.createAlias(CertificateHelper.getCommonName(certificateMetadata.getIssuerDN()), CertificateHelper.getCommonName(certificateMetadata.getSerialNumber())));
    }

    private void a(@NotNull String[] strArr) {
        this.a.removeBackupCertificates();
        String[] strArr2 = new String[strArr.length];
        for (int i = 0; i < strArr.length; i++) {
            strArr2[i] = a(strArr[i]).toUpperCase();
        }
        this.b.storeAllCertificates(strArr2);
        this.a.importCertificatesFromSettingsStorage();
        for (int i2 = 0; i2 < strArr.length; i2++) {
            this.a.storeAppCatalogUserTrustedCert(strArr2[i2]);
            this.a.storeDsUserTrustedCert(strArr2[i2]);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public /* synthetic */ void a(String[] strArr, CompletableEmitter completableEmitter) throws Exception {
        this.b.storeAllCertificates(strArr);
        this.a.importCertificatesFromSettingsStorage();
        for (String str : strArr) {
            this.a.storeDsUserTrustedCert(str);
            this.a.storeAppCatalogUserTrustedCert(str);
        }
        completableEmitter.onComplete();
    }

    private void a(@NotNull String[] strArr, @NotNull String str) throws ClientCertificateException {
        for (String str2 : strArr) {
            a(str2, str);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public /* synthetic */ void a(String[] strArr, String[] strArr2, String str, CompletableEmitter completableEmitter) throws Exception {
        a(strArr);
        a(strArr2, str);
        completableEmitter.onComplete();
    }

    private Optional<PublicPrivateKeyPair> b(@NotNull String str, @NotNull String str2) throws ClientCertificateException {
        Optional<PublicPrivateKeyPair> absent = Optional.absent();
        Charset defaultCharset = Charset.defaultCharset();
        Optional<byte[]> hexToByteArray = StringUtils.hexToByteArray(new String(str.getBytes(defaultCharset), defaultCharset));
        if (!hexToByteArray.isPresent()) {
            return absent;
        }
        try {
            return Optional.fromNullable(this.d.getFirstKeyPairFromPkcs12(hexToByteArray.get(), str2));
        } catch (CertificateProcessingException e) {
            throw new ClientCertificateException("Could not extract private or public key from certificate automatically. Ask user for password", e);
        }
    }

    @Override // net.soti.mobicontrol.newenrollment.security.repository.api.local.NewEnrollmentCertificateStorage
    public Completable importClientAndServerCertificates(@NotNull final String[] strArr, @NotNull final String[] strArr2, @NotNull final String str) {
        return Completable.create(new CompletableOnSubscribe() { // from class: net.soti.mobicontrol.newenrollment.security.repository.api.local.-$$Lambda$NewEnrollmentCertificateStore$D5u-PtyWd7znYN3fuIBWLz9JdvE
            @Override // io.reactivex.CompletableOnSubscribe
            public final void subscribe(CompletableEmitter completableEmitter) {
                NewEnrollmentCertificateStore.this.a(strArr2, strArr, str, completableEmitter);
            }
        });
    }

    @Override // net.soti.mobicontrol.newenrollment.security.repository.api.local.NewEnrollmentCertificateStorage
    public Completable importDsRootCertificates(@NotNull final String[] strArr) {
        return Completable.create(new CompletableOnSubscribe() { // from class: net.soti.mobicontrol.newenrollment.security.repository.api.local.-$$Lambda$NewEnrollmentCertificateStore$kmDpxYa9mNBi8rUT18RE3nphsEE
            @Override // io.reactivex.CompletableOnSubscribe
            public final void subscribe(CompletableEmitter completableEmitter) {
                NewEnrollmentCertificateStore.this.a(strArr, completableEmitter);
            }
        });
    }

    @Override // net.soti.mobicontrol.newenrollment.security.repository.api.local.NewEnrollmentCertificateStorage
    public Single<Boolean> isCertificatesImported() {
        return isServerCertificatesImported().flatMap(new Function() { // from class: net.soti.mobicontrol.newenrollment.security.repository.api.local.-$$Lambda$NewEnrollmentCertificateStore$krw9GWXu-qWxPnY-dY_rson4mFI
            @Override // io.reactivex.functions.Function
            public final Object apply(Object obj) {
                SingleSource a;
                a = NewEnrollmentCertificateStore.this.a((Boolean) obj);
                return a;
            }
        });
    }

    @Override // net.soti.mobicontrol.newenrollment.security.repository.api.local.NewEnrollmentCertificateStorage
    public Single<Boolean> isServerCertificatesImported() {
        return Single.create(new SingleOnSubscribe() { // from class: net.soti.mobicontrol.newenrollment.security.repository.api.local.-$$Lambda$NewEnrollmentCertificateStore$_H6BVAqr7zLUT-nbh62JzmKpzho
            @Override // io.reactivex.SingleOnSubscribe
            public final void subscribe(SingleEmitter singleEmitter) {
                NewEnrollmentCertificateStore.this.a(singleEmitter);
            }
        });
    }
}
