package net.soti.mobicontrol.vpn;

import android.app.enterprise.CertificateInfo;
import android.app.enterprise.EnterpriseVpnConnection;
import android.app.enterprise.EnterpriseVpnPolicy;
import com.google.common.base.Function;
import com.google.common.base.Optional;
import com.google.common.collect.Lists;
import com.google.inject.Inject;
import java.io.ByteArrayInputStream;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import net.soti.mobicontrol.cert.CertificateDataStorage;
import net.soti.mobicontrol.cert.CertificateHelper;
import net.soti.mobicontrol.cert.CertificateMetadata;
import net.soti.mobicontrol.cert.CertificateMetadataStorage;
import net.soti.mobicontrol.cert.CertificateType;
import net.soti.mobicontrol.cert.X509CertificateUtils;
import net.soti.mobicontrol.logging.Logger;
import net.soti.mobicontrol.processor.FeatureProcessorException;
import net.soti.mobicontrol.util.Assert;
import net.soti.mobicontrol.util.StringUtils;
import org.jetbrains.annotations.NotNull;

/* loaded from: classes8.dex */
public class SamsungMdmV4AnyConnectSettingsManager implements VpnSettingsManager {
    private final Logger a;
    private final Optional<EnterpriseVpnPolicy> b;
    private final CertificateDataStorage c;
    private final CertificateMetadataStorage d;

    @Inject
    public SamsungMdmV4AnyConnectSettingsManager(@NotNull CertificateDataStorage certificateDataStorage, @NotNull CertificateMetadataStorage certificateMetadataStorage, @NotNull EnterpriseVpnPolicyProvider enterpriseVpnPolicyProvider, @NotNull Logger logger) {
        this.a = logger;
        this.c = certificateDataStorage;
        this.b = enterpriseVpnPolicyProvider.get();
        this.d = certificateMetadataStorage;
    }

    private EnterpriseVpnConnection a(VpnProfile vpnProfile) throws FeatureProcessorException {
        EnterpriseVpnConnection enterpriseVpnConnection = new EnterpriseVpnConnection();
        enterpriseVpnConnection.name = vpnProfile.getProfileName();
        enterpriseVpnConnection.host = vpnProfile.getSettings().getServerName();
        enterpriseVpnConnection.type = "anyconnect";
        switch (vpnProfile.getSettings().getVpnCertAuthMode()) {
            case MANUAL:
                enterpriseVpnConnection.setCertAuthMode("Manual");
                break;
            case AUTOMATIC:
            case UNKNOWN:
                enterpriseVpnConnection.setCertAuthMode("Automatic");
                break;
            default:
                throw new FeatureProcessorException(String.format("failed to set AnyConnect VPN payload due to unsupported CertAuthMode : %s", vpnProfile.getSettings().getVpnCertAuthMode()));
        }
        a(enterpriseVpnConnection, a(vpnProfile.getCertificateSettings()));
        a(enterpriseVpnConnection);
        return enterpriseVpnConnection;
    }

    private static Function<EnterpriseVpnConnection, String> a() {
        return new Function<EnterpriseVpnConnection, String>() { // from class: net.soti.mobicontrol.vpn.SamsungMdmV4AnyConnectSettingsManager.1
            @Override // com.google.common.base.Function
            /* renamed from: a, reason: merged with bridge method [inline-methods] */
            public String apply(EnterpriseVpnConnection enterpriseVpnConnection) {
                return enterpriseVpnConnection == null ? "" : enterpriseVpnConnection.name;
            }
        };
    }

    private Optional<X509Certificate> a(CertificateMetadata certificateMetadata) {
        List list;
        Optional<X509Certificate> absent = Optional.absent();
        try {
            list = this.b.get().getClientCertificates("anyconnect");
        } catch (UnsupportedOperationException e) {
            this.a.error("[SamsungMdmV4AnyConnectSettingsManager][isExistingCertificate] getClientCertificates() throw exception", e);
            list = null;
        }
        if (list == null) {
            this.a.error("[SamsungMdmV4AnyConnectSettingsManager][isExistingCertificate] Failed to get installed client certificates", new Object[0]);
            return absent;
        }
        Iterator it = list.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            X509Certificate x509Certificate = (X509Certificate) ((CertificateInfo) it.next()).getCertificate();
            if (X509CertificateUtils.isSameCertificate(x509Certificate, certificateMetadata)) {
                absent = Optional.of(x509Certificate);
                break;
            }
        }
        Logger logger = this.a;
        Object[] objArr = new Object[2];
        objArr[0] = absent.isPresent() ? "Found" : "Could not find";
        objArr[1] = Integer.valueOf(list.size());
        logger.info("[SamsungMdmV4AnyConnectSettingsManager][isExistingCertificate] %s existing AnyConnect certificate among %d certificates", objArr);
        return absent;
    }

    private Optional<CertificateMetadata> a(@NotNull VpnCertificateSettings vpnCertificateSettings) {
        return vpnCertificateSettings.hasUserCertificate() ? Optional.fromNullable(this.d.findCertificate(vpnCertificateSettings.getUserCertificateIssuer(), vpnCertificateSettings.getUserCertificateSn())) : Optional.absent();
    }

    private void a(EnterpriseVpnConnection enterpriseVpnConnection) {
        this.a.debug("[SamsungMdmV4AnyConnectSettingsManager][printVpnConnectionProfile] Enterprise VPN policy \nName: %s\nHost: %s\nType: %s\ncertCN: %s\nVPN certificate auth mode: %s", enterpriseVpnConnection.name, enterpriseVpnConnection.host, enterpriseVpnConnection.type, enterpriseVpnConnection.certCommonName, enterpriseVpnConnection.getCertAuthMode());
    }

    private void a(@NotNull EnterpriseVpnConnection enterpriseVpnConnection, Optional<CertificateMetadata> optional) throws FeatureProcessorException {
        if (optional.isPresent()) {
            Optional<X509Certificate> a = a(optional.get());
            try {
                if (a.isPresent()) {
                    enterpriseVpnConnection.certCommonName = CertificateHelper.getCommonName(a.get().getSubjectDN().getName());
                    enterpriseVpnConnection.certHash = CertificateHelper.getCertificateDigest(a.get().getEncoded());
                    return;
                }
                Optional<byte[]> fromNullable = Optional.fromNullable(this.c.getData(optional.get()));
                Optional<String> fromNullable2 = Optional.fromNullable(this.c.getPassword(optional.get()));
                if (a(fromNullable, fromNullable2)) {
                    enterpriseVpnConnection.certCommonName = b(fromNullable, fromNullable2);
                    enterpriseVpnConnection.certHash = CertificateHelper.getCertificateDigest(fromNullable.get());
                }
            } catch (NoSuchAlgorithmException e) {
                throw new FeatureProcessorException("vpn", "Failed to calculate certificate digest, err: %s", e);
            } catch (CertificateEncodingException e2) {
                throw new FeatureProcessorException("vpn", "Failed to get encoded, err: %s", e2);
            }
        }
    }

    private boolean a(Optional<byte[]> optional, Optional<String> optional2) throws FeatureProcessorException {
        boolean z;
        if (optional.isPresent() && optional2.isPresent()) {
            try {
                z = this.b.get().installClientCertificate("anyconnect", optional.get(), optional2.get());
            } catch (UnsupportedOperationException e) {
                throw new FeatureProcessorException("vpn", "Failed to install certificate, err: %s", e);
            }
        } else {
            this.a.error("[SamsungMdmV4AnyConnectSettingsManager][installClientCertification] cannot install pkcs12[%s], password[%s]", Boolean.valueOf(optional.isPresent()), Boolean.valueOf(optional2.isPresent()));
            z = false;
        }
        this.a.debug("[SamsungMdmV4AnyConnectSettingsManager][installClientCertification] return[%s]", Boolean.valueOf(z));
        return z;
    }

    private boolean a(@NotNull String str) {
        for (EnterpriseVpnConnection enterpriseVpnConnection : this.b.get().getAllEnterpriseVpnConnections()) {
            if (str.equals(enterpriseVpnConnection.name)) {
                this.a.info("[SamsungMdmV4AnyConnectSettingsManager][isExistProfile] Profile exists. name:%s, host:%s, type:%s, certMode:%s", enterpriseVpnConnection.name, enterpriseVpnConnection.host, enterpriseVpnConnection.type, enterpriseVpnConnection.getCertAuthMode());
                return true;
            }
        }
        return false;
    }

    private static String b(Optional<byte[]> optional, Optional<String> optional2) {
        return CertificateHelper.getCommonName(CertificateHelper.getCertificate(optional2.get(), CertificateType.PKCS12, new ByteArrayInputStream(optional.get())).getSubjectDN().toString());
    }

    @Override // net.soti.mobicontrol.vpn.VpnSettingsManager
    public void deleteProfile(int i, String str) {
        this.b.get().removeEnterpriseVpnConnection("anyconnect", str);
    }

    @Override // net.soti.mobicontrol.vpn.VpnSettingsManager
    public Collection<String> getManagedProfiles(int i) {
        List allEnterpriseVpnConnections = this.b.get().getAllEnterpriseVpnConnections();
        return allEnterpriseVpnConnections == null ? new ArrayList() : Lists.transform(allEnterpriseVpnConnections, a());
    }

    @Override // net.soti.mobicontrol.vpn.VpnSettingsManager
    public boolean isAvailable(int i) {
        return i == 0;
    }

    @Override // net.soti.mobicontrol.vpn.VpnSettingsManager
    public boolean setProfile(int i, VpnProfile vpnProfile) throws FeatureProcessorException {
        Assert.notNull(vpnProfile);
        if (!this.b.isPresent()) {
            throw new FeatureProcessorException("vpn", "Cannot get EnterpriseVpnPolicy");
        }
        String profileName = vpnProfile.getProfileName();
        if (StringUtils.isEmpty(profileName)) {
            throw new FeatureProcessorException("vpn", "Profile name is null or empty.");
        }
        boolean enterpriseVpnConnection = a(profileName) ? this.b.get().setEnterpriseVpnConnection(a(vpnProfile), profileName) : this.b.get().setEnterpriseVpnConnection(a(vpnProfile), (String) null);
        Logger logger = this.a;
        Object[] objArr = new Object[2];
        objArr[0] = enterpriseVpnConnection ? "Succeeded" : "Failed";
        objArr[1] = profileName;
        logger.debug("[SamsungMdmV4AnyConnectSettingsManager][setProfile] %s create/update AnyConnect VPN profile:%s", objArr);
        return enterpriseVpnConnection;
    }
}
