package lm;

import android.annotation.SuppressLint;
import android.app.Activity;
import android.content.Context;
import android.os.Bundle;
import android.security.KeyChain;
import android.security.KeyChainAliasCallback;
import android.security.KeyChainException;
import android.text.TextUtils;
import android.webkit.ClientCertRequest;
import android.webkit.ClientCertRequestHandler;
import androidx.annotation.NonNull;
import androidx.annotation.WorkerThread;
import com.airwatch.sdk.AirWatchSDKException;
import com.airwatch.sdk.SDKStatusCode;
import com.airwatch.sdk.certificate.CertificateFetchResult;
import com.airwatch.sdk.certificate.CertificateManager;
import com.airwatch.sdk.context.SDKContext;
import com.airwatch.sdk.context.awsdkcontext.b;
import com.airwatch.storage.SDKKeyStore;
import com.microsoft.identity.common.java.WarningType;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.PrivateKey;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import java.util.List;
import java.util.concurrent.Callable;
import nm.t;
import zn.g0;

/* loaded from: classes3.dex */
public class e {

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes3.dex */
    public class a implements rn.j<CertificateFetchResult> {

        /* renamed from: a, reason: collision with root package name */
        final /* synthetic */ b.t f38719a;

        a(b.t tVar) {
            this.f38719a = tVar;
        }

        @Override // rn.l
        /* renamed from: a, reason: merged with bridge method [inline-methods] */
        public void onSuccess(CertificateFetchResult certificateFetchResult) {
            this.f38719a.onSuccess(0, e.k());
        }

        @Override // rn.k
        public void onFailure(Exception exc) {
            this.f38719a.onFailed(exc instanceof AirWatchSDKException ? (AirWatchSDKException) exc : new AirWatchSDKException(SDKStatusCode.SDK_RES_UNEXPECTED_EXCEPTION));
        }
    }

    public static void c(final Context context, final Object obj) {
        KeyChain.choosePrivateKeyAlias((Activity) context, new KeyChainAliasCallback() { // from class: lm.d
            @Override // android.security.KeyChainAliasCallback
            public final void alias(String str) {
                e.i(str, context, obj);
            }
        }, new String[0], null, "localhost", -1, "tomcat");
    }

    public static void d(KeyStore keyStore, Object obj) {
        PrivateKey privateKey;
        X509Certificate[] x509CertificateArr;
        if (keyStore == null || obj == null) {
            return;
        }
        try {
            Enumeration<String> aliases = keyStore.aliases();
            while (true) {
                privateKey = null;
                if (!aliases.hasMoreElements()) {
                    x509CertificateArr = null;
                    break;
                }
                String nextElement = aliases.nextElement();
                if (keyStore.isKeyEntry(nextElement)) {
                    KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry(nextElement, null);
                    privateKey = privateKeyEntry.getPrivateKey();
                    x509CertificateArr = (X509Certificate[]) privateKeyEntry.getCertificateChain();
                    break;
                }
            }
            if (privateKey == null || x509CertificateArr == null) {
                g0.c("CertAuth", "Cancelling the cert auth request.");
                e(obj);
                return;
            }
            g0.c("CertAuth", "Proceeding with Cert " + x509CertificateArr[0].getSubjectDN());
            p(obj, x509CertificateArr, privateKey);
        } catch (Exception e11) {
            g0.n("CertAuth", "exception while handling authentication", e11);
        }
    }

    @SuppressLint({WarningType.NewApi})
    public static void e(Object obj) {
        if (obj instanceof ClientCertRequestHandler) {
            ((ClientCertRequestHandler) obj).cancel();
        } else if (obj instanceof ClientCertRequest) {
            ((ClientCertRequest) obj).cancel();
        }
    }

    public static void f() {
        SDKKeyStore l11 = l().l();
        String j11 = j();
        if (TextUtils.isEmpty(j11)) {
            return;
        }
        l11.removeEntry(j11);
    }

    @WorkerThread
    public static synchronized KeyStore g(@NonNull Context context, boolean z11) {
        KeyStore k11;
        synchronized (e.class) {
            if (!m()) {
                return null;
            }
            if (!z11 && (k11 = k()) != null) {
                return k11;
            }
            CertificateManager certificateManager = (CertificateManager) x80.a.a(CertificateManager.class);
            try {
                certificateManager.g(context, certificateManager.s(j()), true);
            } catch (AirWatchSDKException e11) {
                g0.n("CertAuth", "Exception while refetchtching IA certificate " + e11.a(), e11);
            }
            return k();
        }
    }

    public static void h(@NonNull final Context context, b.t tVar, t tVar2) {
        new com.airwatch.sdk.context.awsdkcontext.b();
        if (m()) {
            String j11 = j();
            List<Bundle> m11 = tVar2.m("CertificatesV2");
            if (m11.isEmpty()) {
                return;
            }
            for (Bundle bundle : m11) {
                final String string = bundle.getString(bundle.getString("CertificateIssuer") == null ? "ConfigurationGroupID" : "CertificateIssuer");
                final String string2 = bundle.getString("IssuerToken");
                final String string3 = bundle.getString("CertificateSource");
                if (j11.equals(string)) {
                    rn.o.d().g("FetchCertificate", new Callable() { // from class: lm.c
                        @Override // java.util.concurrent.Callable
                        public final Object call() {
                            CertificateFetchResult o11;
                            o11 = e.o(context, string, string3, string2);
                            return o11;
                        }
                    }).h(new a(tVar));
                    return;
                }
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static void i(String str, Context context, Object obj) {
        try {
            X509Certificate[] certificateChain = KeyChain.getCertificateChain(context, str);
            if (certificateChain == null) {
                g0.c("CertAuth", "X509 chain is null");
                e(obj);
            } else {
                p(obj, certificateChain, KeyChain.getPrivateKey(context, str));
            }
        } catch (KeyChainException | InterruptedException e11) {
            g0.n("CertAuth", "Unable to do cert auth from keychain ", e11);
        }
    }

    private static String j() {
        return l().p().getString("awIACertAuthAlias", "");
    }

    public static KeyStore k() {
        SDKKeyStore l11 = l().l();
        String j11 = j();
        if (TextUtils.isEmpty(j11) || !l11.g(j11)) {
            return null;
        }
        try {
            KeyStore d11 = ((ln.f) vg.e.b(ln.f.class)).d(j11);
            if (d11 == null) {
                return null;
            }
            g0.c("CertAuth", "Returning Key Store");
            return d11;
        } catch (KeyStoreException | CertificateException e11) {
            g0.o("CertAuth", e11);
            return null;
        }
    }

    private static SDKContext l() {
        return (SDKContext) x80.a.a(SDKContext.class);
    }

    public static boolean m() {
        return !TextUtils.isEmpty(j());
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static /* synthetic */ CertificateFetchResult o(Context context, String str, String str2, String str3) throws Exception {
        return ((CertificateManager) x80.a.a(CertificateManager.class)).g(context, new CertificateFetchDetails(str, str2, str, str3), true);
    }

    @SuppressLint({WarningType.NewApi})
    public static void p(Object obj, X509Certificate[] x509CertificateArr, PrivateKey privateKey) {
        if (obj instanceof ClientCertRequestHandler) {
            ((ClientCertRequestHandler) obj).proceed(privateKey, x509CertificateArr);
        } else if (obj instanceof ClientCertRequest) {
            ((ClientCertRequest) obj).proceed(privateKey, x509CertificateArr);
        }
    }
}
