package net.soti.mobicontrol.cert;

import com.google.inject.Inject;
import java.util.List;
import net.soti.mobicontrol.Messages;
import net.soti.mobicontrol.logging.Logger;
import net.soti.mobicontrol.messagebus.Message;
import net.soti.mobicontrol.messagebus.MessageListener;
import net.soti.mobicontrol.messagebus.MessageListenerException;
import net.soti.mobicontrol.messagebus.SubscribeTo;
import net.soti.mobicontrol.storage.MotoStorageRelocation;

@SubscribeTo(destinations = {Messages.Destinations.DEVICE_ADMINISTRATOR_ON_ENABLED})
/* loaded from: classes.dex */
public class PersistentCertificatesRestorer implements MessageListener {
    static final /* synthetic */ boolean $assertionsDisabled;
    private final CertificateManager certificateManager;
    private final CredentialStorageManager credentialStorageManager;
    private final PersistentCertificateMetadataStorage dbStorage;
    private final Logger logger;
    private final MotoStorageRelocation storageRelocation;

    static {
        $assertionsDisabled = !PersistentCertificatesRestorer.class.desiredAssertionStatus();
    }

    @Inject
    public PersistentCertificatesRestorer(CredentialStorageManager credentialStorageManager, Logger logger, PersistentCertificateMetadataStorage persistentCertificateMetadataStorage, CertificateManager certificateManager, MotoStorageRelocation motoStorageRelocation) {
        this.credentialStorageManager = credentialStorageManager;
        this.logger = logger;
        this.dbStorage = persistentCertificateMetadataStorage;
        this.certificateManager = certificateManager;
        this.storageRelocation = motoStorageRelocation;
    }

    private void restoreCertificates() {
        List<CertificateMetadata> listCertificates = this.certificateManager.listCertificates();
        if (listCertificates != null) {
            for (CertificateMetadata certificateMetadata : listCertificates) {
                this.logger.debug("[%s][restoreCertificate] : {%s} certs to be installed ... ", getClass(), certificateMetadata.getAlias());
                byte[] data = this.dbStorage.getData(certificateMetadata);
                if (!$assertionsDisabled && data == null) {
                    throw new AssertionError();
                }
                this.logger.debug("[%s][restoreCertificate] : restoring certificate with alias %s: success: %s ", getClass(), certificateMetadata.getAlias(), Boolean.valueOf(this.credentialStorageManager.installCertificate(certificateMetadata.getAlias(), data, CertificateHelper.isX509(data) ? "CERT" : CertificateHelper.PKCS12, this.dbStorage.getPassword(certificateMetadata))));
            }
        }
    }

    @Override // net.soti.mobicontrol.messagebus.MessageListener
    public void receive(Message message) throws MessageListenerException {
        if (message.isSameDestination(Messages.Destinations.DEVICE_ADMINISTRATOR_ON_ENABLED) && this.storageRelocation.isDeviceReset()) {
            boolean isCredentialStorageUnlocked = this.credentialStorageManager.isCredentialStorageUnlocked();
            if (!isCredentialStorageUnlocked) {
                isCredentialStorageUnlocked = this.credentialStorageManager.requestUnlock();
            }
            if (!isCredentialStorageUnlocked) {
                this.logger.warn("[%s][receive] : Failed to unlock the Credentials Storage. Reset the Storage.", getClass());
                isCredentialStorageUnlocked = this.credentialStorageManager.resetDeviceKeyStore();
            }
            if (!isCredentialStorageUnlocked) {
                this.logger.warn("[%s][receive] : Credentials Storage is locked, cannot restore certificates.", getClass());
            } else {
                this.logger.debug("[%s][receive] : Credentials Storage is unlocked, restoring certificates ", getClass());
                restoreCertificates();
            }
        }
    }
}
