package net.soti.ssl;

import android.os.Bundle;
import android.text.TextUtils;
import com.google.inject.Inject;
import java.security.cert.CertificateException;
import java.util.List;
import net.soti.mobicontrol.ai.k;
import net.soti.mobicontrol.ak.l;
import net.soti.mobicontrol.ak.p;
import net.soti.mobicontrol.i;
import net.soti.mobicontrol.n.e;
import net.soti.ssl.certificate.CertificateStore;
import net.soti.ssl.certificate.DeploymentServerUserTrustedPKI;
import net.soti.ssl.certificate.EnterprisePKI;
import net.soti.ssl.certificate.MobiControlPKI;
import org.jetbrains.annotations.NotNull;

@l
/* loaded from: classes.dex */
public class RootCertificateManager {
    private final CertificateStore appCatalogUserTrustedKeyStore;
    private e connectionSettingsBackupStorage;
    private final CertificateStore dsUserTrustedKeyStore;
    private final CertificateStore enterpriseKeyStore;
    private final KeyStorePasswordProvider keyStorePasswordProvider;
    private final k logger;
    private final CertificateStore mobiControlKeyStore;
    private final RootCertificateStorage rootCertificateStorage;

    @Inject
    public RootCertificateManager(@NotNull RootCertificateStorage rootCertificateStorage, @NotNull KeyStorePasswordProvider keyStorePasswordProvider, @DeploymentServerUserTrustedPKI @NotNull CertificateStore certificateStore, @AppCatalogUserTrustedPKI @NotNull CertificateStore certificateStore2, @MobiControlPKI @NotNull CertificateStore certificateStore3, @EnterprisePKI @NotNull CertificateStore certificateStore4, @NotNull e eVar, @NotNull k kVar) {
        this.rootCertificateStorage = rootCertificateStorage;
        this.keyStorePasswordProvider = keyStorePasswordProvider;
        this.dsUserTrustedKeyStore = certificateStore;
        this.appCatalogUserTrustedKeyStore = certificateStore2;
        this.mobiControlKeyStore = certificateStore3;
        this.enterpriseKeyStore = certificateStore4;
        this.connectionSettingsBackupStorage = eVar;
        this.logger = kVar;
    }

    private void resetKeyStores() {
        char[] password = this.keyStorePasswordProvider.getPassword();
        this.mobiControlKeyStore.resetKeyStore(password);
        this.enterpriseKeyStore.resetKeyStore(password);
        this.dsUserTrustedKeyStore.resetKeyStore(password);
        this.appCatalogUserTrustedKeyStore.resetKeyStore(password);
        this.rootCertificateStorage.setUserTrusted(false);
    }

    private void storeEnterpriseCerts(List<String> list) throws CertificateException {
        this.enterpriseKeyStore.storeCertificates(list, this.keyStorePasswordProvider.getPassword());
    }

    private void storeMcCerts(List<String> list) throws CertificateException {
        this.mobiControlKeyStore.storeCertificates(list, this.keyStorePasswordProvider.getPassword());
    }

    public void importCertificatesFromSettingsStorage() {
        if (this.keyStorePasswordProvider.hasPassword()) {
            List<String> enterpriseRootCertsFromStorage = this.rootCertificateStorage.getEnterpriseRootCertsFromStorage();
            List<String> mcRootCertsFromStorage = this.rootCertificateStorage.getMcRootCertsFromStorage();
            String rootCaAndDelete = this.rootCertificateStorage.getRootCaAndDelete();
            if (!TextUtils.isEmpty(rootCaAndDelete)) {
                mcRootCertsFromStorage.add(rootCaAndDelete);
            }
            if (TextUtils.isEmpty(rootCaAndDelete) && mcRootCertsFromStorage.isEmpty() && enterpriseRootCertsFromStorage.isEmpty()) {
                return;
            }
            resetKeyStores();
            try {
                storeMcCerts(mcRootCertsFromStorage);
            } catch (CertificateException e) {
                this.logger.b("[RootCertManager]Error importing MC Certs", e);
            }
            try {
                storeEnterpriseCerts(enterpriseRootCertsFromStorage);
            } catch (CertificateException e2) {
                this.logger.b("[RootCertManager]Error importing Enterprise Certs", e2);
            }
            this.connectionSettingsBackupStorage.d(RootCertificateStorage.MC_ROOT_CERT_SECTION);
            this.connectionSettingsBackupStorage.d(RootCertificateStorage.ENT_ROOT_CERT_SECTION);
        }
    }

    @net.soti.mobicontrol.ak.k(a = {@p(a = i.w)})
    public void onAgentWipe() {
        resetKeyStores();
        this.rootCertificateStorage.clear();
    }

    public void restoreFromBundle(Bundle bundle) {
        this.rootCertificateStorage.restoreFromBundle(bundle);
        importCertificatesFromSettingsStorage();
    }

    public void saveIntoBundle(Bundle bundle) {
        this.rootCertificateStorage.backupToBundle(bundle);
    }

    public void storeAppCatalogUserTrustedCert(String str) {
        try {
            this.appCatalogUserTrustedKeyStore.storeCertificate(str, this.keyStorePasswordProvider.getPassword());
            this.rootCertificateStorage.setUserTrusted(true);
        } catch (CertificateException e) {
            this.logger.b("Exception", e);
        }
    }

    public void storeDsUserTrustedCert(String str) {
        try {
            this.dsUserTrustedKeyStore.storeCertificate(str, this.keyStorePasswordProvider.getPassword());
            this.rootCertificateStorage.setUserTrusted(true);
        } catch (CertificateException e) {
            this.logger.b("Exception", e);
        }
    }
}
