package com.airwatch.agent.utility;

import com.airwatch.afw.lib.AfwApp;
import com.airwatch.bizlib.model.CertificateDefinition;
import com.samsung.android.knox.keystore.CertificateProvisioning;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableEntryException;
import java.security.cert.CertificateException;
import java.util.Enumeration;
import java.util.Iterator;
import kotlin.Metadata;

@Metadata(d1 = {"\u0000J\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u0019\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u000b\n\u0000\n\u0002\u0010\u0012\n\u0002\b\u0002\n\u0002\u0010\u000e\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0005\bÆ\u0002\u0018\u00002\u00020\u0001B\t\b\u0002¢\u0006\u0004\b\u0019\u0010\u001aJ\u0010\u0010\u0005\u001a\u00020\u00042\u0006\u0010\u0003\u001a\u00020\u0002H\u0007J\u001a\u0010\u000b\u001a\u0004\u0018\u00010\n2\u0006\u0010\u0007\u001a\u00020\u00062\u0006\u0010\t\u001a\u00020\bH\u0007J\u0010\u0010\u000f\u001a\u00020\u000e2\u0006\u0010\r\u001a\u00020\fH\u0007J\u001a\u0010\u0012\u001a\u0004\u0018\u00010\n2\u0006\u0010\u0011\u001a\u00020\u00102\u0006\u0010\t\u001a\u00020\bH\u0007J\u001a\u0010\u0014\u001a\u0004\u0018\u00010\n2\u0006\u0010\u0011\u001a\u00020\u00102\u0006\u0010\t\u001a\u00020\u0013H\u0007J\u001a\u0010\u0015\u001a\u0004\u0018\u00010\n2\u0006\u0010\u0007\u001a\u00020\u00062\u0006\u0010\t\u001a\u00020\u0013H\u0007J\u0012\u0010\u0018\u001a\u0004\u0018\u00010\n2\u0006\u0010\u0017\u001a\u00020\u0016H\u0007¨\u0006\u001b"}, d2 = {"Lcom/airwatch/agent/utility/p;", "", "Lcom/airwatch/agent/profile/group/n;", "certGroup", "Lrb0/r;", "a", "Ljava/io/InputStream;", "certDataStream", "", "password", "Ljava/security/KeyStore$PrivateKeyEntry;", "d", "Ljava/security/KeyStore;", "ks", "", "g", "", "certData", wg.f.f56340d, "", "e", xj.c.f57529d, "Lcom/airwatch/bizlib/model/CertificateDefinition;", "certDef", "b", "<init>", "()V", "android-for-work_release"}, k = 1, mv = {1, 7, 1})
/* loaded from: classes2.dex */
public final class p {

    /* renamed from: a, reason: collision with root package name */
    public static final p f8546a = new p();

    private p() {
    }

    public static final void a(com.airwatch.agent.profile.group.n certGroup) {
        boolean w11;
        kotlin.jvm.internal.n.g(certGroup, "certGroup");
        AfwApp e02 = AfwApp.e0();
        kotlin.jvm.internal.n.f(e02, "getAppContext()");
        Iterator<com.airwatch.bizlib.profile.i> it = certGroup.w().iterator();
        while (it.hasNext()) {
            com.airwatch.bizlib.profile.i next = it.next();
            w11 = kotlin.text.v.w("KeyUsage", next.getName(), true);
            if (w11) {
                com.airwatch.agent.profile.group.q C = AfwApp.e0().g0().C(next.getValue());
                if (C.b()) {
                    C.a();
                } else {
                    C.c(e02.getString(ej.h.pivd_install_title), e02.getString(ej.h.pivd_install_desc));
                }
            }
        }
    }

    public static final KeyStore.PrivateKeyEntry b(CertificateDefinition certDef) throws KeyStoreException, CertificateException, IOException, NoSuchAlgorithmException, UnrecoverableEntryException {
        kotlin.jvm.internal.n.g(certDef, "certDef");
        byte[] certificateData = certDef.getCertificateData();
        kotlin.jvm.internal.n.f(certificateData, "certDef.certificateData");
        String password = certDef.getPassword();
        kotlin.jvm.internal.n.f(password, "certDef.password");
        return e(certificateData, password);
    }

    public static final KeyStore.PrivateKeyEntry c(InputStream certDataStream, String password) throws KeyStoreException, CertificateException, IOException, NoSuchAlgorithmException, UnrecoverableEntryException {
        kotlin.jvm.internal.n.g(certDataStream, "certDataStream");
        kotlin.jvm.internal.n.g(password, "password");
        if (password.length() == 0) {
            ym.g0.X("CertUtils", "empty password", null, 4, null);
            return null;
        }
        char[] charArray = password.toCharArray();
        kotlin.jvm.internal.n.f(charArray, "this as java.lang.String).toCharArray()");
        return d(certDataStream, charArray);
    }

    public static final KeyStore.PrivateKeyEntry d(InputStream certDataStream, char[] password) throws KeyStoreException, CertificateException, IOException, NoSuchAlgorithmException, UnrecoverableEntryException {
        kotlin.jvm.internal.n.g(certDataStream, "certDataStream");
        kotlin.jvm.internal.n.g(password, "password");
        if (ym.l.f(password)) {
            ym.g0.X("CertUtils", "empty password", null, 4, null);
            return null;
        }
        KeyStore keyStore = KeyStore.getInstance(CertificateProvisioning.TYPE_PKCS12);
        KeyStore.PasswordProtection passwordProtection = new KeyStore.PasswordProtection(password);
        keyStore.load(certDataStream, password);
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            if (!keyStore.isKeyEntry(nextElement)) {
                StringBuilder sb2 = new StringBuilder();
                sb2.append("alias ");
                sb2.append(nextElement);
                sb2.append(" is not key entry, keystore has trustedCertificateEntry ");
                kotlin.jvm.internal.n.f(keyStore, "keyStore");
                sb2.append(g(keyStore));
                ym.g0.X("CertUtils", sb2.toString(), null, 4, null);
                if (keyStore.isCertificateEntry(nextElement)) {
                    ym.g0.z("CertUtils", "alias " + nextElement + " is certificate entry", null, 4, null);
                    if (keyStore.entryInstanceOf(nextElement, KeyStore.TrustedCertificateEntry.class)) {
                        ym.g0.z("CertUtils", "alias " + nextElement + " is TrustedCertificateEntry instance", null, 4, null);
                    }
                }
            } else if (keyStore.entryInstanceOf(nextElement, KeyStore.SecretKeyEntry.class)) {
                ym.g0.z("CertUtils", "SecretKeyEntry instance found for alias " + nextElement, null, 4, null);
            } else {
                if (keyStore.entryInstanceOf(nextElement, KeyStore.PrivateKeyEntry.class)) {
                    ym.g0.z("CertUtils", "PrivateKeyEntry instance found for alias " + nextElement, null, 4, null);
                    KeyStore.Entry entry = keyStore.getEntry(nextElement, passwordProtection);
                    kotlin.jvm.internal.n.e(entry, "null cannot be cast to non-null type java.security.KeyStore.PrivateKeyEntry");
                    return (KeyStore.PrivateKeyEntry) entry;
                }
                kotlin.jvm.internal.n.f(keyStore, "keyStore");
                if (g(keyStore)) {
                    ym.g0.z("CertUtils", "TrustedCertificateEntry instance found", null, 4, null);
                } else {
                    ym.g0.X("CertUtils", "Unknown entry type for alias " + nextElement, null, 4, null);
                }
            }
        }
        ym.g0.X("CertUtils", "no private key entry found in cert", null, 4, null);
        return null;
    }

    public static final KeyStore.PrivateKeyEntry e(byte[] certData, String password) throws KeyStoreException, CertificateException, IOException, NoSuchAlgorithmException, UnrecoverableEntryException {
        kotlin.jvm.internal.n.g(certData, "certData");
        kotlin.jvm.internal.n.g(password, "password");
        if (password.length() == 0) {
            ym.g0.X("CertUtils", "empty password", null, 4, null);
            return null;
        }
        char[] charArray = password.toCharArray();
        kotlin.jvm.internal.n.f(charArray, "this as java.lang.String).toCharArray()");
        return f(certData, charArray);
    }

    public static final KeyStore.PrivateKeyEntry f(byte[] certData, char[] password) throws KeyStoreException, CertificateException, IOException, NoSuchAlgorithmException, UnrecoverableEntryException {
        kotlin.jvm.internal.n.g(certData, "certData");
        kotlin.jvm.internal.n.g(password, "password");
        if (password.length == 0) {
            ym.g0.X("CertUtils", "empty password", null, 4, null);
            return null;
        }
        if (!(certData.length == 0)) {
            return d(new ByteArrayInputStream(certData), password);
        }
        ym.g0.X("CertUtils", "empty certData", null, 4, null);
        return null;
    }

    public static final boolean g(KeyStore ks2) throws KeyStoreException {
        kotlin.jvm.internal.n.g(ks2, "ks");
        Enumeration<String> aliases = ks2.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            if (ks2.isCertificateEntry(nextElement)) {
                return ks2.entryInstanceOf(nextElement, KeyStore.TrustedCertificateEntry.class);
            }
        }
        return false;
    }
}
