package net.soti.mobicontrol.cert;

import android.content.Context;
import com.google.common.base.Optional;
import com.google.inject.Inject;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import net.soti.comm.McEvent;
import net.soti.mobicontrol.cert.PendingCertificateStore;
import net.soti.mobicontrol.device.security.KeyStoreLockManager;
import net.soti.mobicontrol.device.security.KeyStoreState;
import net.soti.mobicontrol.ds.message.DsMessage;
import net.soti.mobicontrol.ds.message.LogLevel;
import net.soti.mobicontrol.logging.Logger;
import net.soti.mobicontrol.messagebus.MessageBus;
import net.soti.mobicontrol.pendingaction.PendingAction;
import net.soti.mobicontrol.pendingaction.PendingActionManager;
import net.soti.mobicontrol.pendingaction.PendingActionType;
import net.soti.mobicontrol.sony.mdm70.R;
import net.soti.mobicontrol.toast.ToastManager;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;

/* loaded from: classes3.dex */
public class SonyCertificateManager extends BaseCertificateManager implements CertificateUsageManager {
    public static final String DUMMY_FILENAME = "SONY_REIMPORT_CERT";
    private final ToastManager a;
    private final PendingActionManager b;
    private final KeyStoreLockManager c;
    private final SonyCredentialStorageManager d;
    private final CertificateMetadataStorage e;
    private final CertificateDataStorage f;
    private final PendingCertificateStore g;
    private final Context h;
    private final Logger i;

    @Inject
    public SonyCertificateManager(@NotNull ToastManager toastManager, @NotNull PendingActionManager pendingActionManager, @NotNull KeyStoreLockManager keyStoreLockManager, @NotNull SonyCredentialStorageManager sonyCredentialStorageManager, @NotNull CertificateMetadataStorage certificateMetadataStorage, @NotNull CertificateDataStorage certificateDataStorage, @NotNull PendingCertificateStore pendingCertificateStore, @NotNull MessageBus messageBus, @NotNull Context context, @NotNull Logger logger, @NotNull CertificateParametersProvider certificateParametersProvider) {
        super(keyStoreLockManager, sonyCredentialStorageManager, certificateMetadataStorage, certificateDataStorage, pendingCertificateStore, messageBus, context, certificateParametersProvider, logger);
        this.a = toastManager;
        this.c = keyStoreLockManager;
        this.d = sonyCredentialStorageManager;
        this.e = certificateMetadataStorage;
        this.f = certificateDataStorage;
        this.g = pendingCertificateStore;
        this.b = pendingActionManager;
        this.h = context;
        this.i = logger;
    }

    private String a(CertificateMetadata certificateMetadata, byte[] bArr, String str) {
        String alias = certificateMetadata.getAlias();
        Certificate certificate = CertificateHelper.getCertificate(bArr, str);
        if (!(certificate instanceof X509Certificate) || !CertificateHelper.isCA((X509Certificate) certificate)) {
            return alias;
        }
        String commonName = CertificateHelper.getCommonName(certificateMetadata.getSubjectDN());
        certificateMetadata.setAlias(commonName);
        this.i.debug("[SonyCertificateManager][createAliasAndUpdateMetadata] setting alias to: %s", commonName);
        return commonName;
    }

    private void a() {
        if (this.b.getPendingActionsByType(PendingActionType.INSTALL_CERTIFICATE).isEmpty()) {
            this.b.add(new PendingAction(PendingActionType.INSTALL_CERTIFICATE, this.h.getString(R.string.pending_certificate_installation_label), this.h.getString(R.string.pending_certificate_installation_detail)));
        }
    }

    private void a(String str) {
        this.i.error("[SonyCertificateManager][logAndDisplayErrorMessage] failed to install cert, data was corrupted (%s)", str);
        String string = this.h.getString(R.string.certificate_install_fail, str);
        getMessageBus().sendMessageSilently(DsMessage.make(string, McEvent.DEVICE_ERROR, LogLevel.ERROR));
        this.a.showWithLong(string);
    }

    private boolean a(CertificateMetadata certificateMetadata, CertificateUsage certificateUsage) {
        return this.g.findPendingCertificate(CertificateHelper.getCommonName(certificateMetadata.getIssuerDN()), certificateMetadata.getSerialNumber(), certificateUsage).isPresent();
    }

    private void b() {
        if (this.c.getKeyStoreState() != KeyStoreState.USABLE) {
            this.i.warn("[SonyCertificateManager][requestKeyStoreUnlock] Requesting credential storage to be unlocked!");
            this.c.requestUnlock(false);
        }
    }

    @Override // net.soti.mobicontrol.cert.CertificateUsageManager
    public boolean addCertificate(String str, String str2, CertificateUsage certificateUsage) {
        CertificateMetadata findCertificate = this.e.findCertificate(str, str2);
        if (findCertificate == null) {
            return false;
        }
        return addCertificate(DUMMY_FILENAME, this.f.getData(findCertificate), null, this.f.getPassword(findCertificate), "", CertificateUsage.USAGE_EMAIL);
    }

    @Override // net.soti.mobicontrol.cert.CertificateUsageManager
    public boolean addCertificate(String str, byte[] bArr, CertificateType certificateType, String str2, String str3, CertificateUsage certificateUsage) {
        Optional<CertificateMetadata> fromRawData = CertificateHelper.fromRawData(bArr, str2);
        if (!isMetadataPresent(str, fromRawData)) {
            this.i.warn("[SonyCertificateManager][addCertificate] Metadata is not present");
            return false;
        }
        CertificateType certificateType2 = CertificateHelper.getCertificateType(bArr, str2);
        if (certificateType2 != certificateType) {
            this.i.warn("[SonyCertificateManager][addCertificate] corrected certificate type to %s", certificateType2);
        }
        CertificateMetadata certificateMetadata = fromRawData.get();
        String a = a(certificateMetadata, bArr, str2);
        if (isCertificateInstalled(a, certificateUsage)) {
            this.i.warn("[SonyCertificateManager][addCertificate] Cert already installed");
            synchronizeTrustStores(bArr, str2, certificateMetadata);
            return true;
        }
        if (a(certificateMetadata, certificateUsage)) {
            this.i.info("[SonyCertificateManager][addCertificate] cert is already pending install");
        } else {
            this.i.debug("[SonyCertificateManager][addCertificate] adding cert to pending list");
            addForPendingInstall(bArr, certificateType2, str2, CertificateHelper.getCommonName(certificateMetadata.getIssuerDN()), certificateMetadata.getSerialNumber(), a, null, null, str3, certificateUsage);
        }
        return true;
    }

    @Override // net.soti.mobicontrol.cert.BaseCertificateManager, net.soti.mobicontrol.cert.CertificateManager
    public boolean addCertificate(CertificateParameters certificateParameters) {
        return addCertificate(certificateParameters.getCertPath(), certificateParameters.getData(), certificateParameters.getCertType(), certificateParameters.getCertPassword(), certificateParameters.getInstallType(), CertificateUsage.USAGE_VPN_AND_APPS);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // net.soti.mobicontrol.cert.BaseCertificateManager
    public void addForPendingInstall(byte[] bArr, CertificateType certificateType, String str, String str2, String str3, String str4, @Nullable byte[] bArr2, @Nullable byte[] bArr3, String str5) {
        addForPendingInstall(bArr, certificateType, str, str2, str3, str4, bArr2, bArr3, str5, CertificateUsage.USAGE_VPN_AND_APPS);
    }

    protected void addForPendingInstall(byte[] bArr, CertificateType certificateType, String str, String str2, String str3, String str4, @Nullable byte[] bArr2, @Nullable byte[] bArr3, String str5, CertificateUsage certificateUsage) {
        if (this.g.findPendingCertificate(str2, str3).isPresent()) {
            this.i.info("[SonyCertificateManager][addForPendingInstall] Certificate '%s-%s' is already in pending storage", str2, str3);
        } else {
            this.i.info("[SonyCertificateManager][addForPendingInstall] Storing cert '%s-%s' for later installation", str2, str3);
            this.g.addPendingCertificate(str2, str3, bArr, certificateType, str, str4, bArr2, bArr3, str5, certificateUsage);
        }
        b();
        a();
    }

    protected boolean doCertificateInstallation(byte[] bArr, CertificateType certificateType, String str, CertificateMetadata certificateMetadata, String str2, CertificateUsage certificateUsage) {
        if (!this.d.installCertificate(str2, bArr, certificateType, str, certificateUsage)) {
            return false;
        }
        this.e.addCertificate(certificateMetadata);
        this.f.storeData(certificateMetadata, bArr, str);
        notifySuccessfulInstallation();
        return true;
    }

    @Override // net.soti.mobicontrol.cert.BaseCertificateManager, net.soti.mobicontrol.cert.CertificateManager
    public void installPendingCertificates() {
        if (!this.c.isKeyStoreUnlocked()) {
            this.i.warn("[SonyCertificateManager][installPendingCertificates] Cannot install pending certs, status=%s", this.c.getKeyStoreState());
            return;
        }
        for (PendingCertificateStore.PendingCertificate pendingCertificate : this.g.getPendingCertificates()) {
            Optional<CertificateMetadata> fromRawData = CertificateHelper.fromRawData(pendingCertificate.getCertificate(), pendingCertificate.getPassword());
            if (!fromRawData.isPresent()) {
                a(pendingCertificate.getAlias());
            } else if (doCertificateInstallation(pendingCertificate.getCertificate(), pendingCertificate.getCertificateType(), pendingCertificate.getPassword(), fromRawData.get(), a(fromRawData.get(), pendingCertificate.getCertificate(), pendingCertificate.getPassword()), pendingCertificate.getCertificateUsage())) {
                this.g.removePendingCertificate(pendingCertificate.getIssuerDn(), pendingCertificate.getSerialNumber(), CertificateUsageMatcher.matches(pendingCertificate.getCertificateUsage()));
            } else {
                this.i.error("[SonyCertificateManager][installPendingCertificates] failed to install cert - %s", pendingCertificate.getAlias());
            }
        }
        if (this.g.getPendingCertificates().isEmpty()) {
            this.b.deleteByType(PendingActionType.INSTALL_CERTIFICATE);
        }
    }

    @Override // net.soti.mobicontrol.cert.CertificateUsageManager
    public boolean isCertificateInstalled(String str, CertificateUsage certificateUsage) {
        return this.d.isCertificateInstalled(str, certificateUsage);
    }

    @Override // net.soti.mobicontrol.cert.CertificateUsageManager
    public boolean isSupported() {
        return true;
    }

    @Override // net.soti.mobicontrol.cert.BaseCertificateManager
    protected void onCredentialStorageUnlocked() {
    }

    @Override // net.soti.mobicontrol.cert.BaseCertificateManager
    protected void performCertificateSync() {
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // net.soti.mobicontrol.cert.BaseCertificateManager
    public boolean removeCertificate(String str, CertificateMetadata certificateMetadata) {
        boolean removeCertificate = super.removeCertificate(str, certificateMetadata);
        if (!removeCertificate) {
            String commonName = CertificateHelper.getCommonName(certificateMetadata.getSubjectDN());
            this.i.info("[SonyCertificateManager][removeCertificate] attempting to delete cert with Common Name: %s", commonName);
            removeCertificate = this.d.removeCertificate(commonName, true);
            if (removeCertificate) {
                this.i.info("[SonyCertificateManager][removeCertificate] Certificate deleted [%s] from storage", str);
                this.e.removeCertificate(certificateMetadata);
            }
        }
        return removeCertificate;
    }

    @Override // net.soti.mobicontrol.cert.BaseCertificateManager
    protected void removePendingActions() {
        this.b.deleteByType(PendingActionType.CREDENTIAL_STORAGE_UNLOCK);
        this.b.deleteByType(PendingActionType.INSTALL_CERTIFICATE);
    }
}
