package com.airwatch.agent.profile.group;

import android.text.Html;
import androidx.annotation.NonNull;
import androidx.annotation.VisibleForTesting;
import com.airwatch.afw.lib.AfwApp;
import com.airwatch.bizlib.model.CertificateDefinitionAnchorApp;
import com.airwatch.log.eventreporting.ActionConstants;
import com.airwatch.log.eventreporting.Category;
import com.airwatch.log.eventreporting.EventType;
import com.airwatch.log.eventreporting.LogEvent;
import ig.h2;
import ig.r1;
import ig.x1;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableEntryException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Vector;

/* loaded from: classes2.dex */
public class n extends com.airwatch.bizlib.profile.f {

    /* renamed from: p, reason: collision with root package name */
    public static String[] f6257p = {"PayloadCertificateUUID", "SMIMESigningCertificateUUID", "SMIMEEncryptionCertificateUUID", "SMIMECertPayloadUUID", "CAPayloadCertificateUUID", "CertificatePayloadUUID", "VPNServerPublicSSLUUID", "VPNServerPublicSslUuidList"};

    /* renamed from: q, reason: collision with root package name */
    @VisibleForTesting
    static i2.a f6258q = new i2.a(AfwApp.e0());

    /* renamed from: o, reason: collision with root package name */
    private i0.a f6259o;

    public n() {
        super("Certificate", "com.airwatch.android.certificate");
        this.f6259o = AfwApp.e0().g0().B();
    }

    public n(String str, int i11, String str2) {
        super("Certificate", "com.airwatch.android.certificate", str, i11, str2);
        this.f6259o = AfwApp.e0().g0().B();
    }

    public n(String str, String str2) {
        super(str, str2);
        this.f6259o = AfwApp.e0().g0().B();
    }

    public n(String str, String str2, String str3, int i11) {
        super(str, str2, str3, i11);
        this.f6259o = AfwApp.e0().g0().B();
    }

    public n(String str, String str2, String str3, int i11, String str4) {
        super(str, str2, str3, i11, str4);
        this.f6259o = AfwApp.e0().g0().B();
    }

    public static X509Certificate e0(Certificate certificate) {
        if (certificate == null) {
            return null;
        }
        try {
            return (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(certificate.getEncoded()));
        } catch (Exception e11) {
            zn.g0.n("CertificateProfileGroup", "There was an error with the encoding of the certificate.", e11);
            return null;
        }
    }

    public static n g0(String str) {
        return h0(str, "com.airwatch.android.certificate");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static n h0(String str, String str2) {
        Vector<com.airwatch.bizlib.profile.f> Q = m2.a.r0().Q(str2);
        if (str != null) {
            try {
            } catch (Exception e11) {
                zn.g0.n("CertificateProfileGroup", "An unexpected exception occurred while getting cert by UUID: " + e11.getMessage(), e11);
            }
            if (str.length() != 0) {
                Iterator<com.airwatch.bizlib.profile.f> it = Q.iterator();
                while (it.hasNext()) {
                    com.airwatch.bizlib.profile.f next = it.next();
                    String z11 = next.z();
                    if (z11 != null && z11.length() != 0) {
                        if (z11.contentEquals(str)) {
                            return (n) next;
                        }
                    }
                    zn.g0.c("CertificateProfileGroup", "getCertByUUID: cert group UUID in profile is null or empty.  Skipping group.");
                }
                return null;
            }
        }
        zn.g0.c("CertificateProfileGroup", "getCertByUUID: certUUID parameter is null or empty.");
        return null;
    }

    public static byte[] i0(n nVar) {
        return new CertificateDefinitionAnchorApp(nVar).getCertificateData();
    }

    public static String j0(n nVar) {
        return new CertificateDefinitionAnchorApp(nVar).getCertificateString();
    }

    public static String k0(n nVar) {
        return new CertificateDefinitionAnchorApp(nVar).g();
    }

    public static String l0(n nVar) {
        return new CertificateDefinitionAnchorApp(nVar).getName();
    }

    public static String m0(n nVar) {
        if (nVar != null) {
            return new CertificateDefinitionAnchorApp(nVar).getPassword();
        }
        return null;
    }

    public static String n0(n nVar) {
        return new CertificateDefinitionAnchorApp(nVar).e();
    }

    public static String o0(n nVar) {
        if (nVar != null) {
            return new CertificateDefinitionAnchorApp(nVar).getThumbprint();
        }
        return null;
    }

    public static String p0(n nVar) {
        if (nVar.v0(nVar, true) == 0) {
            return nVar.f6259o.a(new CertificateDefinitionAnchorApp(nVar));
        }
        return null;
    }

    public static CertificateDefinitionAnchorApp q0(@NonNull n nVar) {
        return new CertificateDefinitionAnchorApp(nVar);
    }

    public static KeyStore.PrivateKeyEntry r0(n nVar) {
        String m02;
        if (nVar != null && (m02 = m0(nVar)) != null && m02.length() != 0) {
            try {
                return ig.q.c(new ByteArrayInputStream(i0(nVar)), m02);
            } catch (IOException e11) {
                e = e11;
                zn.g0.n("CertificateProfileGroup", "There was an error extracting the entry key.", e);
                return null;
            } catch (KeyStoreException e12) {
                e = e12;
                zn.g0.n("CertificateProfileGroup", "There was an error extracting the entry key.", e);
                return null;
            } catch (NoSuchAlgorithmException e13) {
                e = e13;
                zn.g0.n("CertificateProfileGroup", "There was an error extracting the entry key.", e);
                return null;
            } catch (UnrecoverableEntryException e14) {
                e = e14;
                zn.g0.n("CertificateProfileGroup", "There was an error extracting the entry key.", e);
                return null;
            } catch (CertificateException e15) {
                e = e15;
                zn.g0.n("CertificateProfileGroup", "There was an error extracting the entry key.", e);
                return null;
            } catch (Exception e16) {
                zn.g0.n("CertificateProfileGroup", "There was an exception extracting the entry key.", e16);
            }
        }
        return null;
    }

    public static X509Certificate s0(n nVar) {
        if (nVar == null) {
            return null;
        }
        try {
            byte[] i02 = i0(nVar);
            if (!zn.l.e(i02)) {
                ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(i02);
                String m02 = m0(nVar);
                if (m02 != null && m02.length() != 0) {
                    KeyStore.PrivateKeyEntry c11 = ig.q.c(byteArrayInputStream, m02);
                    if (c11 != null) {
                        return e0(c11.getCertificate());
                    }
                    return null;
                }
                return (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(byteArrayInputStream);
            }
            zn.g0.k("CertificateProfileGroup", "certificate data is empty, unable to construct X509 certificate for cert: " + o0(nVar) + " from profile: " + nVar.z());
            z0.b c12 = z0.b.c(AfwApp.e0());
            StringBuilder sb2 = new StringBuilder();
            sb2.append("com.airwatch.androidagent.getX509Cert");
            sb2.append(nVar.z());
            c12.f(new com.airwatch.agent.analytics.b(sb2.toString(), 0));
            return null;
        } catch (Exception e11) {
            f6258q.b("Exception in getX509Cert for cert id " + nVar.z() + e11.toString());
            zn.g0.n("CertificateProfileGroup", "Could not convert certificate into x509 format.", e11);
            return null;
        }
    }

    public static boolean u0(n nVar) {
        X509Certificate s02 = s0(nVar);
        for (com.airwatch.bizlib.profile.f fVar : m2.a.r0().Q(nVar.getType())) {
            if ((fVar instanceof n) && s02 != null && s02.equals(s0((n) fVar)) && !fVar.z().equals(nVar.z())) {
                f6258q.m("isPGExistsWithSameCert: same cert exists in other PG " + nVar.z());
                zn.g0.u("CertificateProfileGroup", "isPGExistsWithSameCert: same cert exists in other PG ");
                return true;
            }
        }
        return false;
    }

    private boolean w0(CertificateDefinitionAnchorApp certificateDefinitionAnchorApp) {
        boolean z11;
        if (x1.g(certificateDefinitionAnchorApp.getThumbprint())) {
            f6258q.a("Cert Thumbprint is null " + certificateDefinitionAnchorApp.getUuid());
            z11 = true;
        } else {
            z11 = false;
        }
        if (!zn.l.e(certificateDefinitionAnchorApp.getCertificateData())) {
            return z11;
        }
        f6258q.a("Cert Data is null " + certificateDefinitionAnchorApp.getUuid());
        return true;
    }

    @Override // com.airwatch.bizlib.profile.f
    public List<String> A() {
        ArrayList arrayList = new ArrayList();
        arrayList.add("CertificateName");
        arrayList.add("CertificatePassword");
        arrayList.add("CertificateThumbprint");
        return arrayList;
    }

    @Override // com.airwatch.bizlib.profile.f
    public boolean G(com.airwatch.bizlib.profile.f fVar) {
        return D(fVar);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.airwatch.bizlib.profile.f
    public boolean H(com.airwatch.bizlib.profile.f fVar) {
        f6258q.m("cert remove: " + fVar.z());
        if (com.airwatch.agent.d0.S1().i4()) {
            f6258q.m("cert remove: updating exchange email without removing ");
            return true;
        }
        CertificateDefinitionAnchorApp certificateDefinitionAnchorApp = new CertificateDefinitionAnchorApp(fVar);
        if (w0(certificateDefinitionAnchorApp)) {
            zn.g0.R("CertificateProfileGroup", "can't uninstall null certificate");
            f6258q.a("cert removal impossible due to null data " + fVar.z());
            return true;
        }
        try {
            if (this.f6259o.c(fVar, certificateDefinitionAnchorApp)) {
                f6258q.m("cert remove: delete db ");
                new nh.g(AfwApp.e0()).v(certificateDefinitionAnchorApp);
            }
        } catch (Exception e11) {
            String name = certificateDefinitionAnchorApp.getName();
            if (name == null || name.length() <= 0) {
                name = "cert name not available!!!";
            }
            String str = "Error while removing certificate: " + name;
            f6258q.m(str);
            zn.g0.o(str, e11);
        }
        f6258q.a("cert remove: done " + fVar.z());
        return true;
    }

    @Override // com.airwatch.bizlib.profile.f
    public boolean O() {
        List<com.airwatch.bizlib.profile.f> H = m2.a.r0().H(z(), f6257p);
        return (H != null ? H.size() : 0) == 0;
    }

    @Override // com.airwatch.bizlib.profile.f
    public boolean P() {
        return true;
    }

    @Override // com.airwatch.bizlib.profile.f
    public void c(com.airwatch.bizlib.profile.f fVar) {
        com.airwatch.bizlib.util.a.b(LogEvent.builder().eventType(EventType.Information).category(Category.Certificates).action(ActionConstants.RemoveProfileConfirmed).createdOn(System.currentTimeMillis()).attribute("Profile UUID", fVar.getIdentifier()).build());
    }

    public boolean f0(CertificateDefinitionAnchorApp certificateDefinitionAnchorApp) {
        if (!"DerivedCredentials".equals(certificateDefinitionAnchorApp.e())) {
            return false;
        }
        if (!com.airwatch.agent.d0.S1().I0("isPureBredEnabled", false) && x1.g(j0(this))) {
            ig.q.a(this);
        }
        return true;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.airwatch.bizlib.profile.f
    public boolean h() {
        m2.a r02 = m2.a.r0();
        Vector<com.airwatch.bizlib.profile.f> Q = r02.Q(getType());
        com.airwatch.agent.d0 S1 = com.airwatch.agent.d0.S1();
        S1.Z5(true);
        for (com.airwatch.bizlib.profile.f fVar : Q) {
            if (fVar.x() == 1) {
                zn.g0.u("CertificateProfileGroup", "cert install: already installed: " + fVar.z());
                f6258q.m("cert install: already installed: " + fVar.z());
            } else {
                f6258q.m("cert install: " + fVar.z());
                if ("DerivedCredentials".equals(new CertificateDefinitionAnchorApp(fVar).e())) {
                    if (S1.I0("isPureBredEnabled", false)) {
                        f6258q.m("cert install: purged enabled: " + fVar.z());
                        r02.m0(fVar.z(), 1);
                    } else if (x1.g(j0(this))) {
                        ig.q.a(this);
                        f6258q.m("cert install: fetch certificate: " + fVar.z());
                    }
                }
                boolean e11 = this.f6259o.e(r02.H(fVar.z(), f6257p));
                int v02 = v0(fVar, e11);
                zn.g0.c("CertificateProfileGroup", "Certificate Install Status: " + v02);
                f6258q.m("cert install: status " + v02);
                if (v02 == 0) {
                    r02.m0(fVar.z(), 1);
                } else if (e11) {
                    if (2 == v02) {
                        r02.m0(fVar.z(), 2);
                    } else if (4 == v02) {
                        r02.m0(fVar.z(), 4);
                    } else if (3 == v02) {
                        r02.m0(fVar.z(), 7);
                    }
                }
            }
        }
        zn.g0.u("CertificateProfileGroup", "Done: install cert profiles: " + Q.size());
        f6258q.a("Done: install cert profiles: " + Q.size());
        return true;
    }

    @Override // com.airwatch.bizlib.profile.f
    public boolean j() {
        return h2.K(new CertificateDefinitionAnchorApp(this));
    }

    @Override // com.airwatch.bizlib.profile.f
    public String m() {
        return AfwApp.e0().getResources().getString(jk.h.certificates_profile_name);
    }

    @Override // com.airwatch.bizlib.profile.f
    public CharSequence s() {
        CertificateDefinitionAnchorApp certificateDefinitionAnchorApp = new CertificateDefinitionAnchorApp(this);
        return Html.fromHtml(AfwApp.e0().getString(jk.h.certificates_profile_description, certificateDefinitionAnchorApp.getType(), certificateDefinitionAnchorApp.g(), certificateDefinitionAnchorApp.getThumbprint()));
    }

    @VisibleForTesting
    int t0(com.airwatch.bizlib.profile.f fVar, CertificateDefinitionAnchorApp certificateDefinitionAnchorApp) {
        return this.f6259o.b(fVar, certificateDefinitionAnchorApp);
    }

    public int v0(com.airwatch.bizlib.profile.f fVar, boolean z11) {
        CertificateDefinitionAnchorApp certificateDefinitionAnchorApp = new CertificateDefinitionAnchorApp(fVar);
        nh.g gVar = new nh.g(AfwApp.e0());
        if (!(!w0(certificateDefinitionAnchorApp))) {
            zn.g0.k("CertificateProfileGroup", "certificate is not valid");
            return 3;
        }
        gVar.t(certificateDefinitionAnchorApp);
        zn.g0.u("CertificateProfileGroup", "cert added to db: " + fVar.z());
        f6258q.m("cert added to db: " + fVar.z());
        if (!certificateDefinitionAnchorApp.isCertificateInstallable()) {
            zn.g0.u("CertificateProfileGroup", "persistCertData() certificate is not installable, so returning! ");
            return 0;
        }
        zn.g0.u("CertificateProfileGroup", "persistCertData() installableCertificate : " + z11);
        if (z11) {
            zn.g0.c("CertificateProfileGroup", "persistCertData() certificate installation failed");
            int t02 = t0(fVar, certificateDefinitionAnchorApp);
            if (t02 != 0) {
                f6258q.a("Fail: cert install status:" + t02 + ", Uuid:" + certificateDefinitionAnchorApp.getUuid());
                return t02;
            }
        }
        com.airwatch.agent.d0.S1().l6(true);
        r1.k(AfwApp.e0());
        return 0;
    }
}
