package com.airwatch.agent.profile.group;

import android.text.Html;
import androidx.annotation.NonNull;
import androidx.annotation.VisibleForTesting;
import com.airwatch.afw.lib.AfwApp;
import com.airwatch.agent.utility.m1;
import com.airwatch.agent.utility.s1;
import com.airwatch.agent.utility.z1;
import com.airwatch.bizlib.model.CertificateDefinitionAnchorApp;
import com.airwatch.log.eventreporting.ActionConstants;
import com.airwatch.log.eventreporting.Category;
import com.airwatch.log.eventreporting.EventType;
import com.airwatch.log.eventreporting.LogEvent;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.UnrecoverableEntryException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Vector;

/* loaded from: classes2.dex */
public class n extends com.airwatch.bizlib.profile.e {

    /* renamed from: p, reason: collision with root package name */
    public static String[] f7355p = {"PayloadCertificateUUID", "SMIMESigningCertificateUUID", "SMIMEEncryptionCertificateUUID", "SMIMECertPayloadUUID", "CAPayloadCertificateUUID", "CertificatePayloadUUID", "VPNServerPublicSSLUUID", "VPNServerPublicSslUuidList"};

    /* renamed from: q, reason: collision with root package name */
    @VisibleForTesting
    static b2.a f7356q = new b2.a(AfwApp.e0());

    /* renamed from: o, reason: collision with root package name */
    private h0.a f7357o;

    public n() {
        super("Certificate", "com.airwatch.android.certificate");
        this.f7357o = AfwApp.e0().g0().x();
    }

    public n(String str, int i11, String str2) {
        super("Certificate", "com.airwatch.android.certificate", str, i11, str2);
        this.f7357o = AfwApp.e0().g0().x();
    }

    public n(String str, String str2) {
        super(str, str2);
        this.f7357o = AfwApp.e0().g0().x();
    }

    public n(String str, String str2, String str3, int i11) {
        super(str, str2, str3, i11);
        this.f7357o = AfwApp.e0().g0().x();
    }

    public n(String str, String str2, String str3, int i11, String str4) {
        super(str, str2, str3, i11, str4);
        this.f7357o = AfwApp.e0().g0().x();
    }

    public static X509Certificate e0(Certificate certificate) {
        if (certificate == null) {
            return null;
        }
        try {
            return (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(certificate.getEncoded()));
        } catch (Exception e11) {
            ym.g0.n("CertificateProfileGroup", "There was an error with the encoding of the certificate.", e11);
            return null;
        }
    }

    public static n g0(String str) {
        return h0(str, "com.airwatch.android.certificate");
    }

    /* JADX INFO: Access modifiers changed from: protected */
    public static n h0(String str, String str2) {
        Vector<com.airwatch.bizlib.profile.e> S = f2.a.s0().S(str2);
        if (str != null) {
            try {
            } catch (Exception e11) {
                ym.g0.n("CertificateProfileGroup", "An unexpected exception occurred while getting cert by UUID: " + e11.getMessage(), e11);
            }
            if (str.length() != 0) {
                Iterator<com.airwatch.bizlib.profile.e> it = S.iterator();
                while (it.hasNext()) {
                    com.airwatch.bizlib.profile.e next = it.next();
                    String z11 = next.z();
                    if (z11 != null && z11.length() != 0) {
                        if (z11.contentEquals(str)) {
                            return (n) next;
                        }
                    }
                    ym.g0.c("CertificateProfileGroup", "getCertByUUID: cert group UUID in profile is null or empty.  Skipping group.");
                }
                return null;
            }
        }
        ym.g0.c("CertificateProfileGroup", "getCertByUUID: certUUID parameter is null or empty.");
        return null;
    }

    public static byte[] i0(n nVar) {
        return new CertificateDefinitionAnchorApp(nVar).getCertificateData();
    }

    public static String j0(n nVar) {
        return new CertificateDefinitionAnchorApp(nVar).getCertificateString();
    }

    public static String k0(n nVar) {
        return new CertificateDefinitionAnchorApp(nVar).g();
    }

    public static String l0(n nVar) {
        return new CertificateDefinitionAnchorApp(nVar).getName();
    }

    public static String m0(n nVar) {
        if (nVar != null) {
            return new CertificateDefinitionAnchorApp(nVar).getPassword();
        }
        return null;
    }

    public static String n0(n nVar) {
        return new CertificateDefinitionAnchorApp(nVar).e();
    }

    public static String o0(n nVar) {
        if (nVar != null) {
            return new CertificateDefinitionAnchorApp(nVar).getThumbprint();
        }
        return null;
    }

    public static String p0(n nVar) {
        if (nVar.w0(nVar, true) == 0) {
            return nVar.f7357o.a(new CertificateDefinitionAnchorApp(nVar));
        }
        return null;
    }

    public static CertificateDefinitionAnchorApp q0(@NonNull n nVar) {
        return new CertificateDefinitionAnchorApp(nVar);
    }

    public static PrivateKey r0(n nVar) {
        if (nVar == null) {
            return null;
        }
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(i0(nVar));
        String m02 = m0(nVar);
        if (m02 == null || m02.length() == 0) {
            return null;
        }
        try {
            KeyStore.PrivateKeyEntry c11 = com.airwatch.agent.utility.p.c(byteArrayInputStream, m02);
            if (c11 != null) {
                return c11.getPrivateKey();
            }
            return null;
        } catch (Exception e11) {
            ym.g0.n("CertificateProfileGroup", "There was an error extracting the private key.", e11);
            return null;
        }
    }

    public static KeyStore.PrivateKeyEntry s0(n nVar) {
        String m02;
        if (nVar != null && (m02 = m0(nVar)) != null && m02.length() != 0) {
            try {
                return com.airwatch.agent.utility.p.c(new ByteArrayInputStream(i0(nVar)), m02);
            } catch (IOException e11) {
                e = e11;
                ym.g0.n("CertificateProfileGroup", "There was an error extracting the entry key.", e);
                return null;
            } catch (KeyStoreException e12) {
                e = e12;
                ym.g0.n("CertificateProfileGroup", "There was an error extracting the entry key.", e);
                return null;
            } catch (NoSuchAlgorithmException e13) {
                e = e13;
                ym.g0.n("CertificateProfileGroup", "There was an error extracting the entry key.", e);
                return null;
            } catch (UnrecoverableEntryException e14) {
                e = e14;
                ym.g0.n("CertificateProfileGroup", "There was an error extracting the entry key.", e);
                return null;
            } catch (CertificateException e15) {
                e = e15;
                ym.g0.n("CertificateProfileGroup", "There was an error extracting the entry key.", e);
                return null;
            } catch (Exception e16) {
                ym.g0.n("CertificateProfileGroup", "There was an exception extracting the entry key.", e16);
            }
        }
        return null;
    }

    public static X509Certificate t0(n nVar) {
        if (nVar == null) {
            return null;
        }
        try {
            byte[] i02 = i0(nVar);
            if (!ym.l.e(i02)) {
                ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(i02);
                String m02 = m0(nVar);
                if (m02 != null && m02.length() != 0) {
                    KeyStore.PrivateKeyEntry c11 = com.airwatch.agent.utility.p.c(byteArrayInputStream, m02);
                    if (c11 != null) {
                        return e0(c11.getCertificate());
                    }
                    return null;
                }
                return (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(byteArrayInputStream);
            }
            ym.g0.k("CertificateProfileGroup", "certificate data is empty, unable to construct X509 certificate for cert: " + o0(nVar) + " from profile: " + nVar.z());
            com.airwatch.agent.analytics.a c12 = com.airwatch.agent.analytics.a.c(AfwApp.e0());
            StringBuilder sb2 = new StringBuilder();
            sb2.append("com.airwatch.androidagent.getX509Cert");
            sb2.append(nVar.z());
            c12.f(new com.airwatch.agent.analytics.d(sb2.toString(), 0));
            return null;
        } catch (Exception e11) {
            f7356q.a("Exception in getX509Cert for cert id " + nVar.z() + e11.toString());
            ym.g0.n("CertificateProfileGroup", "Could not convert certificate into x509 format.", e11);
            return null;
        }
    }

    public static boolean v0(n nVar) {
        X509Certificate t02 = t0(nVar);
        for (com.airwatch.bizlib.profile.e eVar : f2.a.s0().S(nVar.getType())) {
            if ((eVar instanceof n) && t02 != null && t02.equals(t0((n) eVar)) && !eVar.z().equals(nVar.z())) {
                f7356q.k("isPGExistsWithSameCert: same cert exists in other PG " + nVar.z());
                ym.g0.u("CertificateProfileGroup", "isPGExistsWithSameCert: same cert exists in other PG ");
                return true;
            }
        }
        return false;
    }

    private boolean x0(CertificateDefinitionAnchorApp certificateDefinitionAnchorApp) {
        boolean z11;
        if (s1.g(certificateDefinitionAnchorApp.getThumbprint())) {
            f7356q.n("Cert Thumbprint is null " + certificateDefinitionAnchorApp.getUuid());
            z11 = true;
        } else {
            z11 = false;
        }
        if (!ym.l.e(certificateDefinitionAnchorApp.getCertificateData())) {
            return z11;
        }
        f7356q.n("Cert Data is null " + certificateDefinitionAnchorApp.getUuid());
        return true;
    }

    @Override // com.airwatch.bizlib.profile.e
    public List<String> A() {
        ArrayList arrayList = new ArrayList();
        arrayList.add("CertificateName");
        arrayList.add("CertificatePassword");
        arrayList.add("CertificateThumbprint");
        return arrayList;
    }

    @Override // com.airwatch.bizlib.profile.e
    public boolean G(com.airwatch.bizlib.profile.e eVar) {
        return D(eVar);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.airwatch.bizlib.profile.e
    public boolean H(com.airwatch.bizlib.profile.e eVar) {
        f7356q.k("cert remove: " + eVar.z());
        if (com.airwatch.agent.c0.R1().h4()) {
            f7356q.k("cert remove: updating exchange email without removing ");
            return true;
        }
        CertificateDefinitionAnchorApp certificateDefinitionAnchorApp = new CertificateDefinitionAnchorApp(eVar);
        if (x0(certificateDefinitionAnchorApp)) {
            ym.g0.R("CertificateProfileGroup", "can't uninstall null certificate");
            f7356q.n("cert removal impossible due to null data " + eVar.z());
            return true;
        }
        try {
            if (this.f7357o.c(eVar, certificateDefinitionAnchorApp)) {
                f7356q.k("cert remove: delete db ");
                new wg.g(AfwApp.e0()).v(certificateDefinitionAnchorApp);
            }
        } catch (Exception e11) {
            String name = certificateDefinitionAnchorApp.getName();
            if (name == null || name.length() <= 0) {
                name = "cert name not available!!!";
            }
            String str = "Error while removing certificate: " + name;
            f7356q.k(str);
            ym.g0.o(str, e11);
        }
        f7356q.n("cert remove: done " + eVar.z());
        return true;
    }

    @Override // com.airwatch.bizlib.profile.e
    public boolean O() {
        List<com.airwatch.bizlib.profile.e> J = f2.a.s0().J(z(), f7355p);
        return (J != null ? J.size() : 0) == 0;
    }

    @Override // com.airwatch.bizlib.profile.e
    public boolean P() {
        return true;
    }

    @Override // com.airwatch.bizlib.profile.e
    public void d(com.airwatch.bizlib.profile.e eVar) {
        com.airwatch.bizlib.util.a.c(LogEvent.builder().eventType(EventType.Information).category(Category.Certificates).action(ActionConstants.RemoveProfileConfirmed).createdOn(System.currentTimeMillis()).attribute("Profile UUID", eVar.getIdentifier()).build());
    }

    public boolean f0(CertificateDefinitionAnchorApp certificateDefinitionAnchorApp) {
        if (!"DerivedCredentials".equals(certificateDefinitionAnchorApp.e())) {
            return false;
        }
        if (!com.airwatch.agent.c0.R1().H0("isPureBredEnabled", false) && s1.g(j0(this))) {
            com.airwatch.agent.utility.p.a(this);
        }
        return true;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.airwatch.bizlib.profile.e
    public boolean i() {
        f2.a s02 = f2.a.s0();
        Vector<com.airwatch.bizlib.profile.e> S = s02.S(getType());
        com.airwatch.agent.c0 R1 = com.airwatch.agent.c0.R1();
        R1.U5(true);
        for (com.airwatch.bizlib.profile.e eVar : S) {
            if (eVar.x() == 1) {
                ym.g0.u("CertificateProfileGroup", "cert install: already installed: " + eVar.z());
                f7356q.k("cert install: already installed: " + eVar.z());
            } else {
                f7356q.k("cert install: " + eVar.z());
                if ("DerivedCredentials".equals(new CertificateDefinitionAnchorApp(eVar).e())) {
                    if (R1.H0("isPureBredEnabled", false)) {
                        f7356q.k("cert install: purged enabled: " + eVar.z());
                        s02.o0(eVar.z(), 1);
                    } else if (s1.g(j0(this))) {
                        com.airwatch.agent.utility.p.a(this);
                        f7356q.k("cert install: fetch certificate: " + eVar.z());
                    }
                }
                boolean e11 = this.f7357o.e(s02.J(eVar.z(), f7355p));
                int w02 = w0(eVar, e11);
                ym.g0.c("CertificateProfileGroup", "Certificate Install Status: " + w02);
                f7356q.k("cert install: status " + w02);
                if (w02 == 0) {
                    s02.o0(eVar.z(), 1);
                } else if (e11) {
                    if (2 == w02) {
                        s02.o0(eVar.z(), 2);
                    } else if (4 == w02) {
                        s02.o0(eVar.z(), 4);
                    } else if (3 == w02) {
                        s02.o0(eVar.z(), 7);
                    }
                }
            }
        }
        ym.g0.u("CertificateProfileGroup", "Done: install cert profiles: " + S.size());
        f7356q.n("Done: install cert profiles: " + S.size());
        return true;
    }

    @Override // com.airwatch.bizlib.profile.e
    public boolean j() {
        return z1.L(new CertificateDefinitionAnchorApp(this));
    }

    @Override // com.airwatch.bizlib.profile.e
    public String m() {
        return AfwApp.e0().getResources().getString(ej.h.certificates_profile_name);
    }

    @Override // com.airwatch.bizlib.profile.e
    public CharSequence s() {
        CertificateDefinitionAnchorApp certificateDefinitionAnchorApp = new CertificateDefinitionAnchorApp(this);
        return Html.fromHtml(AfwApp.e0().getString(ej.h.certificates_profile_description, certificateDefinitionAnchorApp.getType(), certificateDefinitionAnchorApp.g(), certificateDefinitionAnchorApp.getThumbprint()));
    }

    @VisibleForTesting
    int u0(com.airwatch.bizlib.profile.e eVar, CertificateDefinitionAnchorApp certificateDefinitionAnchorApp) {
        return this.f7357o.b(eVar, certificateDefinitionAnchorApp);
    }

    public int w0(com.airwatch.bizlib.profile.e eVar, boolean z11) {
        CertificateDefinitionAnchorApp certificateDefinitionAnchorApp = new CertificateDefinitionAnchorApp(eVar);
        wg.g gVar = new wg.g(AfwApp.e0());
        if (!(!x0(certificateDefinitionAnchorApp))) {
            ym.g0.k("CertificateProfileGroup", "certificate is not valid");
            return 3;
        }
        gVar.t(certificateDefinitionAnchorApp);
        ym.g0.u("CertificateProfileGroup", "cert added to db: " + eVar.z());
        f7356q.k("cert added to db: " + eVar.z());
        if (!certificateDefinitionAnchorApp.isCertificateInstallable()) {
            ym.g0.u("CertificateProfileGroup", "persistCertData() certificate is not installable, so returning! ");
            return 0;
        }
        ym.g0.u("CertificateProfileGroup", "persistCertData() installableCertificate : " + z11);
        if (z11) {
            ym.g0.c("CertificateProfileGroup", "persistCertData() certificate installation failed");
            int u02 = u0(eVar, certificateDefinitionAnchorApp);
            if (u02 != 0) {
                f7356q.n("Fail: cert install status:" + u02 + ", Uuid:" + certificateDefinitionAnchorApp.getUuid());
                return u02;
            }
        }
        com.airwatch.agent.c0.R1().g6(true);
        m1.k(AfwApp.e0());
        return 0;
    }
}
