package net.soti.mobicontrol.aa;

import android.app.enterprise.CertificateInfo;
import android.app.enterprise.EnterpriseVpnPolicy;
import android.content.Context;
import android.os.Build;
import com.google.common.base.Optional;
import java.nio.ByteBuffer;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Iterator;
import java.util.List;
import java.util.concurrent.ExecutorService;
import javax.inject.Inject;
import javax.inject.Singleton;
import net.soti.c;
import net.soti.mobicontrol.Messages;
import net.soti.mobicontrol.aa.bm;
import net.soti.mobicontrol.admin.DeviceAdministrationManager;
import net.soti.mobicontrol.cx.g.b;
import net.soti.mobicontrol.ds.message.DsMessage;
import org.jetbrains.annotations.Nullable;

@Singleton
@net.soti.mobicontrol.cd.m
/* loaded from: classes.dex */
public class bq extends j {

    /* renamed from: b, reason: collision with root package name */
    private final DeviceAdministrationManager f1689b;
    private final bm c;
    private final net.soti.mobicontrol.pendingaction.n d;
    private final ExecutorService e;
    private final z f;
    private final Optional<EnterpriseVpnPolicy> g;
    private final net.soti.mobicontrol.cd.d h;
    private final Context i;
    private final u j;
    private final m k;

    @Inject
    public bq(af afVar, net.soti.mobicontrol.device.security.d dVar, net.soti.mobicontrol.vpn.o oVar, DeviceAdministrationManager deviceAdministrationManager, u uVar, m mVar, z zVar, bm bmVar, net.soti.mobicontrol.pendingaction.n nVar, ExecutorService executorService, net.soti.mobicontrol.cd.d dVar2, Context context, net.soti.mobicontrol.bx.m mVar2) {
        super(dVar, afVar, uVar, mVar, bmVar, dVar2, context, mVar2);
        this.f1689b = deviceAdministrationManager;
        this.j = uVar;
        this.k = mVar;
        this.c = bmVar;
        this.d = nVar;
        this.e = executorService;
        this.f = zVar;
        this.h = dVar2;
        this.i = context;
        this.g = oVar.a();
    }

    public static boolean a(X509Certificate x509Certificate, s sVar) {
        return sVar.b().equals(n.a(x509Certificate.getSerialNumber())) && b(x509Certificate, sVar) && c(x509Certificate, sVar);
    }

    private boolean a(bm.a aVar) {
        net.soti.mobicontrol.bx.m d = d();
        net.soti.mobicontrol.device.security.f b2 = f().b();
        if (b2 != net.soti.mobicontrol.device.security.f.USABLE) {
            d.d("[SamsungCertificateManager][showInstallationUI][cert] Certificate storage is unusable. State[%s]", b2);
        } else if (e().a(aVar.h())) {
            d.d("[SamsungCertificateManager][showInstallationUI][cert] Certificate already installed, performing CERT sync ..");
            d_();
        } else {
            l.a(this.i, d, aVar.h(), aVar.e());
        }
        return true;
    }

    private boolean a(s sVar) {
        X509Certificate x509Certificate;
        List clientCertificates = this.g.get().getClientCertificates("anyconnect");
        if (clientCertificates != null) {
            Iterator it = clientCertificates.iterator();
            while (it.hasNext()) {
                x509Certificate = (X509Certificate) ((CertificateInfo) it.next()).getCertificate();
                if (a(x509Certificate, sVar)) {
                    break;
                }
            }
        }
        x509Certificate = null;
        return x509Certificate != null;
    }

    private boolean a(s sVar, String str, String str2) {
        d().d("[SamsungCertificateManager][dirtyCertificateDeletion] : delete certificate in dirty way ...");
        byte[] a2 = this.k.a(sVar);
        if (a2 == null) {
            d().d("[SamsungCertificateManager][dirtyCertificateDeletion] : data is null. nothing to delete");
            return true;
        }
        String b2 = this.k.b(sVar);
        if (b2 == null) {
            d().d("[SamsungCertificateManager][dirtyCertificateDeletion] : password is null. nothing to delete");
            return true;
        }
        aa c = n.c(a2, b2);
        String a3 = l.a(sVar.a());
        sVar.a(a3);
        super.a(a2, c, b2, sVar, a3);
        return super.a(str, str2);
    }

    private boolean a(byte[] bArr, String str, s sVar, String str2, aa aaVar, l lVar) {
        if (Build.VERSION.SDK_INT < net.soti.mobicontrol.device.l.ICE_CREAM_SANDWICH.getVersion()) {
            d().e("[SamsungCertificateManager][doStartInteractiveCertInstall] feature is not supported for [%s]", sVar.b());
            this.h.b(DsMessage.a("", net.soti.comm.aq.FEATURE_NOT_SUPPORTED, net.soti.mobicontrol.ds.message.c.ERROR));
            return false;
        }
        String a2 = n.a(sVar.d());
        String b2 = sVar.b();
        a(lVar.d(), str2);
        b(bArr, aaVar, str, a2, b2, str2, lVar.c(), lVar.a(), bm.f1677b);
        return true;
    }

    private static boolean b(X509Certificate x509Certificate, s sVar) {
        return n.a(sVar.c()).equals(n.a(x509Certificate.getSubjectDN().getName())) && n.a(sVar.d()).equals(n.a(x509Certificate.getIssuerDN().getName()));
    }

    private static boolean c(X509Certificate x509Certificate, s sVar) {
        return sVar.f().equals(x509Certificate.getNotAfter()) && sVar.e().equals(x509Certificate.getNotBefore());
    }

    public void a(Certificate[] certificateArr, String str) {
        for (Certificate certificate : certificateArr) {
            X509Certificate x509Certificate = (X509Certificate) certificate;
            if (n.c(x509Certificate)) {
                try {
                    this.f1726a.a(str, x509Certificate.getEncoded(), aa.CERT, "");
                } catch (CertificateEncodingException e) {
                    d().e("[%s][installCertificateChain] error :", e);
                }
            }
        }
    }

    @Override // net.soti.mobicontrol.aa.j, net.soti.mobicontrol.aa.q
    public boolean a(String str, String str2) {
        if (super.a(str, str2)) {
            return true;
        }
        s a2 = this.j.a(str, str2);
        if (a2 == null || !a(a2, str, str2)) {
            return false;
        }
        this.j.d(a2);
        return true;
    }

    @Override // net.soti.mobicontrol.aa.j, net.soti.mobicontrol.aa.q
    public boolean a(String str, byte[] bArr, aa aaVar, String str2, String str3) {
        net.soti.mobicontrol.bx.m d = d();
        Optional<s> b2 = n.b(bArr, str2);
        if (!b2.isPresent()) {
            d.e("[SamsungCertificateManager][addCertificate][cert] Cannot convert data into cert object fileName[%s]", str);
            this.h.b(DsMessage.a(this.i.getString(b.l.certificate_install_fail, this.i.getString(b.l.unknown) + " {" + str + "}"), net.soti.comm.aq.DEVICE_ERROR, net.soti.mobicontrol.ds.message.c.ERROR));
            return false;
        }
        s sVar = b2.get();
        String a2 = sVar.a();
        if (this.f1726a.a(a2)) {
            d.d("[SamsungCertificateManager][addCertificate][cert] Certificate already installed, performing CERT sync ..");
            d_();
            return true;
        }
        aa c = n.c(bArr, str2);
        if (c != aaVar) {
            d.d("[SamsungCertificateManager][addCertificate][cert] Corrected Certificate type to %s", c);
        } else {
            c = aaVar;
        }
        boolean z = false;
        net.soti.mobicontrol.device.security.f b3 = f().b();
        if (b3 != net.soti.mobicontrol.device.security.f.USABLE) {
            d.d("[SamsungCertificateManager][addCertificate][cert] Certificate storage is unusable. State[%s]", b3);
            z = true;
        }
        if (!bm.f1676a.equalsIgnoreCase(str3) && c == aa.PKCS12) {
            try {
                l lVar = new l(d, ByteBuffer.wrap(bArr), str2);
                if (lVar.b()) {
                    return a(bArr, str2, sVar, a2, c, lVar);
                }
            } catch (CertificateException e) {
                d.e(c.j.f1339a, e);
            }
        } else {
            if (!z) {
                return a(bArr, c, str2, sVar, a2);
            }
            a(bArr, c, str2, n.a(sVar.d()), sVar.b(), a2, null, null, str3);
        }
        return true;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // net.soti.mobicontrol.aa.j
    public boolean a(byte[] bArr, aa aaVar, String str, s sVar, String str2) {
        if (aaVar == aa.PKCS12 && this.g.isPresent() && !a(sVar)) {
            if (this.g.get().installClientCertificate("anyconnect", bArr, str)) {
                d().b("[SamsungCertificateManager][doCertificateInstallation] Installed CERT with alias {%s} into the AnyConnect VPN keystore", str2);
            } else {
                d().b("[SamsungCertificateManager][doCertificateInstallation] Failed to install %s with alias {%s} into the AnyConnect VPN keystore", aaVar, str2);
            }
        }
        return super.a(bArr, aaVar, str, sVar, str2);
    }

    @Override // net.soti.mobicontrol.aa.j, net.soti.mobicontrol.aa.q
    public void b() {
        bm.a aVar = null;
        for (bm.a aVar2 : this.c.b()) {
            if (!aVar2.k() || !aVar2.i()) {
                this.c.c(aVar2.a(), aVar2.b());
                a(aVar2.h(), aVar2.c(), aVar2.d(), aVar2.e(), aVar2.j());
                aVar2 = aVar;
            }
            aVar = aVar2;
        }
        if (aVar != null) {
            a(aVar);
        }
    }

    @net.soti.mobicontrol.cd.l(a = {@net.soti.mobicontrol.cd.o(a = Messages.b.w)})
    public void b(net.soti.mobicontrol.cd.c cVar) {
        if (cVar.b(Messages.b.M) && this.f1689b.isAdminActive()) {
            d_();
        }
    }

    protected void b(byte[] bArr, aa aaVar, String str, String str2, String str3, String str4, @Nullable byte[] bArr2, @Nullable byte[] bArr3, String str5) {
        a(bArr, aaVar, str, str2, str3, str4, bArr2, bArr3, str5);
        if (this.d.b(net.soti.mobicontrol.pendingaction.q.INSTALL_CERTIFICATE).isEmpty()) {
            this.d.a(new net.soti.mobicontrol.pendingaction.k(net.soti.mobicontrol.pendingaction.q.INSTALL_CERTIFICATE, this.i.getString(b.l.pending_certificate_installation_label), this.i.getString(b.l.pending_certificate_installation_detail)));
        }
    }

    @Override // net.soti.mobicontrol.aa.j
    protected void c() {
        this.e.submit(new Runnable() { // from class: net.soti.mobicontrol.aa.bq.1
            @Override // java.lang.Runnable
            public void run() {
                bq.this.d.a(net.soti.mobicontrol.pendingaction.q.CREDENTIAL_STORAGE_UNLOCK);
                bq.this.b();
            }
        });
    }

    @Override // net.soti.mobicontrol.aa.j
    protected void d_() {
        this.f.a();
    }

    @Override // net.soti.mobicontrol.aa.j
    protected void e_() {
        this.d.a(net.soti.mobicontrol.pendingaction.q.INSTALL_CERTIFICATE);
    }
}
