package com.airwatch.sdk.certificate;

import android.content.SharedPreferences;
import android.util.Base64;
import androidx.annotation.NonNull;
import androidx.annotation.Nullable;
import com.airwatch.afw.lib.AfwApp;
import com.airwatch.agent.c0;
import com.airwatch.bizlib.util.e;
import com.airwatch.sdk.certificate.CertificateFetchResult;
import com.airwatch.sdk.certificate.scep.SCEPEnrollmentDataModel;
import com.airwatch.sdk.context.t;
import com.samsung.android.knox.keystore.CertificateProvisioning;
import fc.b;
import java.io.ByteArrayInputStream;
import java.security.KeyStore;
import java.util.Enumeration;
import kl.ScepInfo;
import org.json.JSONException;
import org.json.JSONObject;
import rk.d;
import ym.g0;

/* loaded from: classes3.dex */
public class a {
    @NonNull
    public static CertificateFetchResult a(JSONObject jSONObject) {
        try {
            g0.u("SCEPUtility", "Calling to fetch SCEP cert(${this@AEScepCertificateProfileGroup.uuid})");
            d(jSONObject);
            return new b(new SCEPEnrollmentDataModel.Builder(jSONObject.getString("Url"), jSONObject.getString("Challenge"), jSONObject.getString("SubjectName")).setSubjectAlternativeName(jSONObject.getString("SubjectAlternateName")).setKeySize(jSONObject.getInt("KeySize")).setKeyType(jSONObject.getString("KeyType")).setKeyUsageFlags(jSONObject.getInt("KeyUsage")).build()).b();
        } catch (JSONException e11) {
            g0.n("SCEPUtility", "JSONException occurred handling SCEP Cert fetch. " + e11.getMessage(), e11);
            return new CertificateFetchResult(CertificateFetchResult.Status.FAILURE, null, -8, null, null);
        }
    }

    public static void b(s3.a aVar) {
        ScepInfo scepPayload = aVar.getScepPayload();
        if (scepPayload == null) {
            g0.u("SCEPUtility", "handleSCEPInstructions() scepPAyload is empty , so returning.");
            return;
        }
        try {
            e(a(new JSONObject(e.f(scepPayload))));
        } catch (JSONException e11) {
            g0.n("SCEPUtility", "handleSCEPInstructions() json exception ", e11);
        }
    }

    @Nullable
    public static KeyStore c(CertificateFetchResult certificateFetchResult) {
        try {
            JSONObject jsonKeyStore = certificateFetchResult.getJsonKeyStore();
            String string = jsonKeyStore.getString("Pkcs12");
            String string2 = jsonKeyStore.getString("Password");
            KeyStore keyStore = KeyStore.getInstance(CertificateProvisioning.TYPE_PKCS12);
            keyStore.load(new ByteArrayInputStream(Base64.decode(string, 0)), string2.toCharArray());
            return keyStore;
        } catch (JSONException e11) {
            g0.n("SCEPUtility", "Could not parse SCEP Result", e11);
            return null;
        } catch (Exception e12) {
            g0.n("SCEPUtility", "Could not load SCEP Cert to KS", e12);
            return null;
        }
    }

    private static void d(JSONObject jSONObject) throws JSONException {
        try {
            SharedPreferences.Editor edit = t.b().p().edit();
            edit.putString("scep_enrollment_url", jSONObject.getString("Url"));
            edit.putString("scep_challenge", jSONObject.getString("Challenge"));
            edit.putString("scep_subject_name", jSONObject.getString("SubjectName"));
            edit.putString("scep_alternative_name", jSONObject.getString("SubjectAlternateName"));
            edit.putInt("scep_keyusage_flags", jSONObject.getInt("KeyUsage"));
            edit.putInt("scep_keysize", jSONObject.getInt("KeySize"));
            edit.putString("scep_key_type", jSONObject.getString("KeyType"));
            edit.apply();
        } catch (JSONException e11) {
            g0.n("SCEPUtility", "Unable to persist SCEP Instructions", e11);
            throw new JSONException(e11.getMessage() + "\nUnable to persist SCEP Instructions");
        }
    }

    private static void e(CertificateFetchResult certificateFetchResult) {
        if (certificateFetchResult.getErrorCode() < 0) {
            g0.k("SCEPUtility", "Received SCEP Error. Code: " + certificateFetchResult.getErrorCode() + ". Wiping...");
            AfwApp.e0().g0().f().wipeEnterpriseData("tls_mutual_auth");
            return;
        }
        try {
            KeyStore c11 = c(certificateFetchResult);
            if (c11 == null) {
                g0.k("SCEPUtility", "setTLSMutualAuthCert() keystore is null ");
                return;
            }
            Enumeration<String> aliases = c11.aliases();
            while (aliases.hasMoreElements()) {
                KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) c11.getEntry(aliases.nextElement(), null);
                d f11 = t.b().f();
                c0 R1 = c0.R1();
                f11.b(R1.q().b(), privateKeyEntry.getPrivateKey(), privateKeyEntry.getCertificateChain(), null);
                R1.E8();
            }
        } catch (Exception e11) {
            g0.n("SCEPUtility", "Exception when parsing the JSON result. We have to quit", e11);
            AfwApp.e0().g0().f().wipeEnterpriseData("tls_mutual_auth");
        }
    }
}
