package net.soti.mobicontrol.cert;

import android.app.admin.DevicePolicyManager;
import android.content.ComponentName;
import android.content.Context;
import android.os.UserManager;
import android.support.annotation.RequiresApi;
import com.google.common.base.Optional;
import com.google.inject.Inject;
import net.soti.mobicontrol.admin.Admin;
import net.soti.mobicontrol.logging.Logger;
import net.soti.mobicontrol.util.func.collections.Iter;
import net.soti.mobicontrol.util.func.functions.Predicate;

@RequiresApi(21)
/* loaded from: classes.dex */
public class AfwCertifiedCredentialStorageManager implements CredentialStorageManager, CredentialStorageRestrictionManager {
    private final ComponentName a;
    private final DevicePolicyManager b;
    private final AfwCertAliasStorage c;
    private final CertificateMetadataStorage d;
    private final CertificateDataStorage e;
    private final CertificateKeyStoreHelper f;
    private final UserManager g;
    private final Context h;
    private final Logger i;

    @Inject
    public AfwCertifiedCredentialStorageManager(@Admin ComponentName componentName, DevicePolicyManager devicePolicyManager, AfwCertAliasStorage afwCertAliasStorage, CertificateMetadataStorage certificateMetadataStorage, CertificateDataStorage certificateDataStorage, CertificateKeyStoreHelper certificateKeyStoreHelper, UserManager userManager, Context context, Logger logger) {
        this.a = componentName;
        this.b = devicePolicyManager;
        this.c = afwCertAliasStorage;
        this.d = certificateMetadataStorage;
        this.e = certificateDataStorage;
        this.f = certificateKeyStoreHelper;
        this.g = userManager;
        this.h = context;
        this.i = logger;
    }

    private synchronized void a(final String str) {
        this.i.debug("[AfwCertifiedCredentialStorageManager][removeCaCertificate] Looking for CA cert %s", str);
        Optional findFirst = Iter.of(this.d.getCertificates()).findFirst(new Predicate<CertificateMetadata>() { // from class: net.soti.mobicontrol.cert.AfwCertifiedCredentialStorageManager.1
            @Override // net.soti.mobicontrol.util.func.functions.Predicate, net.soti.mobicontrol.util.func.functions.F
            /* renamed from: a, reason: merged with bridge method [inline-methods] */
            public Boolean f(CertificateMetadata certificateMetadata) {
                return Boolean.valueOf(certificateMetadata.getAlias().equals(str));
            }
        });
        if (findFirst.isPresent()) {
            this.i.debug("[AfwCertifiedCredentialStorageManager][removeCaCertificate] Removing CA cert %s", str);
            byte[] data = this.e.getData((CertificateMetadata) findFirst.get());
            if (isConfigCredentialsDisallowed()) {
                setConfigCredentialRestriction(false);
                this.b.uninstallCaCert(this.a, data);
                setConfigCredentialRestriction(true);
            } else {
                this.b.uninstallCaCert(this.a, data);
            }
        } else {
            this.i.debug("[AfwCertifiedCredentialStorageManager][removeCaCertificate] CA cert %s is not found", str);
        }
    }

    private synchronized boolean a(String str, byte[] bArr) {
        boolean installCaCert;
        if (isConfigCredentialsDisallowed()) {
            setConfigCredentialRestriction(false);
            installCaCert = this.b.installCaCert(this.a, bArr);
            setConfigCredentialRestriction(true);
        } else {
            installCaCert = this.b.installCaCert(this.a, bArr);
        }
        this.c.addAlias(str);
        this.i.debug("[AfwCertifiedCredentialStorageManager][installFromPkcs] Installed CA certificate");
        return installCaCert;
    }

    private boolean a(String str, byte[] bArr, String str2) {
        try {
            PublicPrivateKeyPair firstKeyPairFromPkcs12 = this.f.getFirstKeyPairFromPkcs12(bArr, str2);
            boolean installKeyPair = this.b.installKeyPair(this.a, firstKeyPairFromPkcs12.getPrivateKey(), firstKeyPairFromPkcs12.getCertificate(), str);
            if (installKeyPair) {
                this.c.addAlias(str);
            }
            this.i.debug("[AfwCertifiedCredentialStorageManager][installFromPkcs] Installed cert %s from PKCS#12", str);
            return installKeyPair;
        } catch (Exception e) {
            throw new SecurityException(e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public DevicePolicyManager a() {
        return this.b;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public ComponentName getAdmin() {
        return this.a;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Context getContext() {
        return this.h;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public Logger getLogger() {
        return this.i;
    }

    @Override // net.soti.mobicontrol.cert.CredentialStorageManager
    public boolean installCertificate(String str, byte[] bArr, CertificateType certificateType, String str2) {
        return certificateType == CertificateType.CERT ? a(str, bArr) : a(str, bArr, str2);
    }

    @Override // net.soti.mobicontrol.cert.CredentialStorageManager
    public boolean isCertificateInstalled(String str) {
        return this.c.containsAlias(str);
    }

    @Override // net.soti.mobicontrol.cert.CredentialStorageRestrictionManager
    public synchronized boolean isConfigCredentialsDisallowed() {
        try {
        } catch (Exception e) {
            this.i.error(e, "[%s][isConfigCredentialsDisallowed] failed to check UserManager restriction: %s", getClass().getSimpleName(), "no_config_credentials");
            return false;
        }
        return this.g.hasUserRestriction("no_config_credentials");
    }

    @Override // net.soti.mobicontrol.cert.CredentialStorageManager
    public boolean removeCertificate(String str, boolean z) {
        boolean removeKeyPair;
        this.i.debug("[AfwCertifiedCredentialStorageManager][removeCertificate] Attempt to remove the certificate %s", str);
        if (z) {
            a(str);
            removeKeyPair = true;
        } else {
            removeKeyPair = removeKeyPair(this.a, str);
        }
        if (removeKeyPair) {
            this.c.removeAlias(str);
        } else {
            this.i.warn("[AfwCertifiedCredentialStorageManager][removeCertificate] Failed to remove, %s", str);
        }
        return removeKeyPair;
    }

    protected boolean removeKeyPair(ComponentName componentName, String str) {
        return true;
    }

    @Override // net.soti.mobicontrol.cert.CredentialStorageRestrictionManager
    public synchronized void setConfigCredentialRestriction(boolean z) {
        try {
            if (z) {
                this.b.addUserRestriction(this.a, "no_config_credentials");
            } else {
                this.b.clearUserRestriction(this.a, "no_config_credentials");
            }
        } catch (Exception e) {
            this.i.error(e, "[%s][setFeatureState] failed to set user restriction: %s", getClass().getSimpleName(), "no_config_credentials");
        }
    }
}
