package p9;

import androidx.annotation.VisibleForTesting;
import com.airwatch.afw.lib.AfwApp;
import com.airwatch.agent.enterprise.container.Container;
import com.airwatch.agent.interrogator.certificate.CertificateSamplePayload;
import com.airwatch.agent.interrogator.classes.CertificateEntry;
import com.airwatch.agent.utility.j1;
import com.airwatch.agent.utility.s1;
import com.airwatch.bizlib.model.CertificateDefinitionAnchorApp;
import com.airwatch.bizlib.profile.e;
import com.airwatch.interrogator.InterrogatorSerializable;
import com.airwatch.interrogator.SamplerType;
import com.google.firebase.messaging.Constants;
import com.samsung.android.knox.keystore.CertificateProvisioning;
import com.workspaceone.peoplesdk.internal.util.Commons;
import java.io.BufferedInputStream;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.UnsupportedEncodingException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import org.apache.commons.io.IOUtils;
import wg.g;
import wg.v;
import ym.g0;

/* loaded from: classes2.dex */
public class a extends i9.b<CertificateSamplePayload> {

    /* renamed from: d, reason: collision with root package name */
    private b2.a f49068d;

    /* renamed from: e, reason: collision with root package name */
    @VisibleForTesting
    private final Set<CertificateEntry> f49069e;

    public a() {
        super(SamplerType.CERTIFICATE_LIST);
        this.f49068d = new b2.a(AfwApp.e0());
        this.f49069e = new HashSet();
    }

    private synchronized void g(X509Certificate x509Certificate, CertificateEntry certificateEntry) throws UnsupportedEncodingException, CertificateEncodingException {
        certificateEntry.certificateName = x509Certificate.getSubjectDN().getName();
        certificateEntry.certificateType = x509Certificate.getType();
        certificateEntry.commonNameSize = (short) x509Certificate.getSubjectDN().getName().getBytes("UTF-8").length;
        certificateEntry.commonNameData = x509Certificate.getSubjectDN().getName().getBytes("UTF-8");
        certificateEntry.certificateData = x509Certificate.getEncoded();
        certificateEntry.certificateSize = (short) x509Certificate.getEncoded().length;
        this.f49069e.add(certificateEntry);
    }

    private void h(CertificateDefinitionAnchorApp certificateDefinitionAnchorApp, e eVar) {
        try {
            g0.c("CertificateListSampler", "addCertificates() ");
            String password = certificateDefinitionAnchorApp.getPassword();
            if (password == null || password.length() <= 0) {
                g0.c("CertificateListSampler", "addCertificates() X509 ");
                k((X509Certificate) CertificateFactory.getInstance("X509").generateCertificate(new ByteArrayInputStream(certificateDefinitionAnchorApp.getCertificateData())), new CertificateEntry(), certificateDefinitionAnchorApp, eVar);
            } else {
                g0.c("CertificateListSampler", "addCertificates() PKCS12");
                l(certificateDefinitionAnchorApp, eVar);
            }
        } catch (Exception e11) {
            this.f49068d.n("Exception adding cert " + certificateDefinitionAnchorApp.getUuid() + e11.toString());
            g0.n("CertificateListSampler", "addCertificates() exception with certificate ", e11);
        }
    }

    private void l(CertificateDefinitionAnchorApp certificateDefinitionAnchorApp, e eVar) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        KeyStore keyStore = KeyStore.getInstance(CertificateProvisioning.TYPE_PKCS12);
        keyStore.load(new ByteArrayInputStream(certificateDefinitionAnchorApp.getCertificateData()), certificateDefinitionAnchorApp.getPassword().toCharArray());
        Iterator it = Collections.list(keyStore.aliases()).iterator();
        while (it.hasNext()) {
            String str = (String) it.next();
            CertificateEntry certificateEntry = new CertificateEntry();
            certificateEntry.isIdentity = (short) 1;
            k((X509Certificate) keyStore.getCertificate(str), certificateEntry, certificateDefinitionAnchorApp, eVar);
        }
    }

    private void m(CertificateDefinitionAnchorApp certificateDefinitionAnchorApp) {
        g0.c("CertificateListSampler", "deleteOrphanCerts() ");
        g gVar = new g(AfwApp.e0());
        v vVar = new v(v.e(Constants.ScionAnalytics.MessageType.DATA_MESSAGE), certificateDefinitionAnchorApp.getIdentifier());
        vVar.m(v.e("uuid"), certificateDefinitionAnchorApp.getUuid());
        gVar.x(vVar);
    }

    private boolean p(com.airwatch.agent.enterprise.e eVar, Container container) {
        f2.a s02 = f2.a.s0();
        return !(eVar.isCredStoreOpen() || container.h()) || (s02.S("com.airwatch.android.certificate").isEmpty() && s02.S("com.airwatch.android.container.certificate").isEmpty());
    }

    @Override // com.airwatch.interrogator.Sampler
    protected InterrogatorSerializable b() {
        return new b(this);
    }

    @Override // i9.b
    protected synchronized void f() {
        b2.a aVar;
        String str;
        com.airwatch.agent.enterprise.e f11;
        List<CertificateDefinitionAnchorApp> emptyList = Collections.emptyList();
        try {
            try {
                this.f49069e.clear();
                f11 = AfwApp.e0().g0().f();
            } finally {
                String str2 = this.f49069e.size() == emptyList.size() ? "Success for cert list sample: " : "Error for cert list sample: ";
                this.f49068d.n(str2 + emptyList.size() + Commons.COMMA_STRING + this.f49069e.size());
            }
        } catch (Exception e11) {
            this.f49068d.n("Exception getting cert data " + emptyList.size() + Commons.COMMA_STRING + this.f49069e.size() + Commons.COMMA_STRING + e11.toString());
            g0.n("CertificateListSampler", "There was an error getting certificate data", e11);
            String str3 = this.f49069e.size() == emptyList.size() ? "Success for cert list sample: " : "Error for cert list sample: ";
            aVar = this.f49068d;
            str = str3 + emptyList.size() + Commons.COMMA_STRING + this.f49069e.size();
        }
        if (p(f11, AfwApp.e0().g0().F()) && f11.checksCredstoreForCerts()) {
            return;
        }
        emptyList = new g(AfwApp.e0()).C();
        this.f49068d.k("start certificate list sample: " + emptyList.size());
        if (emptyList.isEmpty()) {
            f2.a s02 = f2.a.s0();
            if (s02.S("com.airwatch.android.certificate").size() + s02.S("com.airwatch.android.androidwork.certificate").size() > 0) {
                this.f49068d.n("certificate profiles present but absent from certificate database");
                g0.u("CertificateListSampler", "certificate profiles present but absent from certificate database");
            }
        }
        for (CertificateDefinitionAnchorApp certificateDefinitionAnchorApp : emptyList) {
            e O = f2.a.s0().O(certificateDefinitionAnchorApp.getUuid());
            if (O != null || s1.e(certificateDefinitionAnchorApp.getUuid(), certificateDefinitionAnchorApp.getIdentifier())) {
                if (O != null) {
                    CertificateDefinitionAnchorApp certificateDefinitionAnchorApp2 = new CertificateDefinitionAnchorApp(O);
                    certificateDefinitionAnchorApp.j(certificateDefinitionAnchorApp2.g());
                    certificateDefinitionAnchorApp.setEnableTima(certificateDefinitionAnchorApp2.getEnableTima());
                }
                this.f49068d.k("add cert sample: " + certificateDefinitionAnchorApp.getUuid());
                h(certificateDefinitionAnchorApp, O);
            } else {
                this.f49068d.n("deleting OrphanCerts: " + certificateDefinitionAnchorApp.getUuid());
                g0.R("CertificateListSampler", "sampleData() certificate was bound to profile group, but profile is missing now.");
                m(certificateDefinitionAnchorApp);
            }
        }
        if (this.f49069e.isEmpty() && !emptyList.isEmpty()) {
            this.f49068d.n("AirWatch adding the placeholder cert");
            g0.j("AirWatch adding the placeholder cert");
            j();
        }
        String str4 = this.f49069e.size() == emptyList.size() ? "Success for cert list sample: " : "Error for cert list sample: ";
        aVar = this.f49068d;
        str = str4 + emptyList.size() + Commons.COMMA_STRING + this.f49069e.size();
        aVar.n(str);
    }

    @VisibleForTesting
    void i(X509Certificate x509Certificate, CertificateEntry certificateEntry, CertificateDefinitionAnchorApp certificateDefinitionAnchorApp, Container container) throws UnsupportedEncodingException, CertificateEncodingException {
        g0.c("CertificateListSampler", "addTimaCertificate() ");
        if (!container.e()) {
            g0.c("CertificateListSampler", "addTimaCertificate() container is not Active , so reporting");
            g(x509Certificate, certificateEntry);
        } else if (container.isCertInstalledInSystemCredStore(x509Certificate, certificateDefinitionAnchorApp)) {
            g0.c("CertificateListSampler", "addTimaCertificate() container is  Active and cert installed ");
            g(x509Certificate, certificateEntry);
        }
    }

    @VisibleForTesting
    void j() {
        BufferedInputStream bufferedInputStream;
        InputStream inputStream = null;
        try {
            try {
                InputStream open = AfwApp.e0().getAssets().open("placeholder.cer", 0);
                try {
                    bufferedInputStream = new BufferedInputStream(open);
                    try {
                        X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(bufferedInputStream);
                        CertificateEntry certificateEntry = new CertificateEntry();
                        certificateEntry.isIdentity = (short) 0;
                        g(x509Certificate, certificateEntry);
                        IOUtils.closeQuietly(open);
                    } catch (IOException e11) {
                        e = e11;
                        inputStream = open;
                        this.f49068d.n("Error loading placeholder certificate." + e.toString());
                        g0.n("CertificateListSampler", "Error loading placeholder certificate.", e);
                        IOUtils.closeQuietly(inputStream);
                        IOUtils.closeQuietly((InputStream) bufferedInputStream);
                    } catch (CertificateException e12) {
                        e = e12;
                        inputStream = open;
                        this.f49068d.n("Error generating placeholder certificate." + e.toString());
                        g0.n("CertificateListSampler", "Error generating placeholder certificate.", e);
                        IOUtils.closeQuietly(inputStream);
                        IOUtils.closeQuietly((InputStream) bufferedInputStream);
                    } catch (Throwable th2) {
                        th = th2;
                        inputStream = open;
                        IOUtils.closeQuietly(inputStream);
                        IOUtils.closeQuietly((InputStream) bufferedInputStream);
                        throw th;
                    }
                } catch (IOException e13) {
                    e = e13;
                    bufferedInputStream = null;
                } catch (CertificateException e14) {
                    e = e14;
                    bufferedInputStream = null;
                } catch (Throwable th3) {
                    th = th3;
                    bufferedInputStream = null;
                }
            } catch (Throwable th4) {
                th = th4;
            }
        } catch (IOException e15) {
            e = e15;
            bufferedInputStream = null;
        } catch (CertificateException e16) {
            e = e16;
            bufferedInputStream = null;
        } catch (Throwable th5) {
            th = th5;
            bufferedInputStream = null;
        }
        IOUtils.closeQuietly((InputStream) bufferedInputStream);
    }

    @VisibleForTesting
    void k(X509Certificate x509Certificate, CertificateEntry certificateEntry, CertificateDefinitionAnchorApp certificateDefinitionAnchorApp, e eVar) throws CertificateEncodingException, UnsupportedEncodingException {
        Container F = AfwApp.e0().g0().F();
        if (x509Certificate == null || certificateEntry == null) {
            return;
        }
        if (!j1.i(certificateDefinitionAnchorApp)) {
            g(x509Certificate, certificateEntry);
            return;
        }
        if (AfwApp.e0().g0().f().isCertInstalledInSystemCredStore(x509Certificate, certificateDefinitionAnchorApp)) {
            g(x509Certificate, certificateEntry);
            return;
        }
        if (certificateDefinitionAnchorApp.getEnableTima()) {
            i(x509Certificate, certificateEntry, certificateDefinitionAnchorApp, F);
        } else {
            if (certificateDefinitionAnchorApp.getEnableTima() || !"com.airwatch.android.container.certificate".equals(eVar.getType())) {
                return;
            }
            g(x509Certificate, certificateEntry);
        }
    }

    public synchronized List<CertificateEntry> n() {
        return new ArrayList(this.f49069e);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // i9.b
    /* renamed from: o, reason: merged with bridge method [inline-methods] */
    public synchronized CertificateSamplePayload d() {
        return new CertificateSamplePayload(new ArrayList(this.f49069e));
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // i9.b
    /* renamed from: q, reason: merged with bridge method [inline-methods] */
    public synchronized void e(CertificateSamplePayload certificateSamplePayload) {
        this.f49069e.addAll(certificateSamplePayload.a());
    }
}
