package net.soti.ssl;

import android.os.Bundle;
import android.text.TextUtils;
import com.google.common.base.Optional;
import com.google.inject.Inject;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import net.soti.comm.al;
import net.soti.comm.c.a;
import net.soti.comm.f.b;
import net.soti.mobicontrol.ai.k;
import net.soti.mobicontrol.ba.d;
import net.soti.mobicontrol.ba.f;
import net.soti.mobicontrol.ba.h;
import net.soti.mobicontrol.ba.i;
import net.soti.mobicontrol.bk.ac;
import net.soti.mobicontrol.bk.t;
import org.jetbrains.annotations.Nullable;

/* loaded from: classes.dex */
public class RootCertificateStorage {
    public static final int ALL_TLS_MODES = 7;
    public static final String ENT_ROOT_CERT_SECTION = "EntCAs";
    public static final String MC_ROOT_CERT_SECTION = "MCCAs";
    public static final String ROOT_CERTIFICATION = "CA1";
    public static final int TLS_MODE_MOBICONTROL = 1;
    private final a connectionSettings;
    private final k logger;
    private final d storage;
    public static final h LEGACY_FULL_COMM_ROOT_CA_CERT = h.a(al.e, "RootCA_Cert");
    public static final h TLS_MODE_STORAGE_KEY = h.a(al.e, al.o);
    private static final h USER_TRUSTED_KEY = h.a(al.e, "userTrusted");

    @Inject
    public RootCertificateStorage(d dVar, k kVar, a aVar) {
        this.connectionSettings = aVar;
        this.storage = dVar;
        this.logger = kVar;
    }

    private void addSectionToBundle(String str, Bundle bundle) {
        f a2 = this.storage.a(str);
        t tVar = new t();
        for (String str2 : a2.b()) {
            tVar.a(str2, a2.b(str2).b().orNull());
        }
        bundle.putString(a2.a(), tVar.toString());
    }

    private static char[] doCalculatePassword(String str, String str2) throws NoSuchAlgorithmException {
        byte[] bytes = str.getBytes();
        byte[] bytes2 = str2.getBytes();
        MessageDigest messageDigest = MessageDigest.getInstance(b.f97a);
        messageDigest.reset();
        messageDigest.update(bytes);
        messageDigest.update(bytes2);
        messageDigest.update(bytes);
        messageDigest.update(bytes2);
        messageDigest.update(bytes);
        return ac.a(messageDigest.digest()).toCharArray();
    }

    private String getFullRootCa() {
        String orNull = this.storage.a(MC_ROOT_CERT_SECTION).b(ROOT_CERTIFICATION).b().orNull();
        if (orNull == null) {
            orNull = this.storage.a(ENT_ROOT_CERT_SECTION).b(ROOT_CERTIFICATION).b().orNull();
        }
        return orNull == null ? this.storage.a(LEGACY_FULL_COMM_ROOT_CA_CERT).b().orNull() : orNull;
    }

    private List<String> importCerts(String str) {
        f a2 = this.storage.a(str);
        ArrayList arrayList = new ArrayList();
        if (a2.c() == 0) {
            this.logger.b("[ssl][importCerts] empty, nothing to import.  Keeping previous certs section[%s]", str);
            return arrayList;
        }
        Iterator<String> it = a2.b().iterator();
        while (it.hasNext()) {
            String orNull = a2.b(it.next()).b().orNull();
            if (!TextUtils.isEmpty(orNull)) {
                arrayList.add(orNull);
            }
        }
        return arrayList;
    }

    private void setFullRootCa(String str) {
        this.storage.a(LEGACY_FULL_COMM_ROOT_CA_CERT, i.a(str));
    }

    private void setTlsMode(int i) {
        this.storage.a(al.p, i.a(i));
    }

    private void writeSectionToSettings(String str, Bundle bundle) {
        String string = bundle.getString(str);
        if (string == null) {
            return;
        }
        for (Map.Entry<String, Object> entry : new t(string).d().entrySet()) {
            this.storage.a(h.a(str, entry.getKey()), i.a(entry.getValue().toString()));
        }
    }

    public void backupToBundle(Bundle bundle) {
        bundle.putString(LEGACY_FULL_COMM_ROOT_CA_CERT.b(), getFullRootCa());
        bundle.putInt(TLS_MODE_STORAGE_KEY.b(), getTlsMode());
        addSectionToBundle(MC_ROOT_CERT_SECTION, bundle);
        addSectionToBundle(ENT_ROOT_CERT_SECTION, bundle);
    }

    public void clear() {
        this.storage.c(ENT_ROOT_CERT_SECTION);
        this.storage.c(MC_ROOT_CERT_SECTION);
    }

    public List<String> getEnterpriseRootCertsFromStorage() {
        return importCerts(ENT_ROOT_CERT_SECTION);
    }

    @Nullable
    public char[] getKeyStorePassword() {
        Optional<String> c = this.connectionSettings.c();
        Optional<String> b = this.connectionSettings.b();
        if (c.isPresent() && b.isPresent()) {
            try {
                return doCalculatePassword(c.get(), b.get());
            } catch (NoSuchAlgorithmException e) {
                this.logger.b("Error calculating ssl store password:", e);
            }
        }
        return null;
    }

    public List<String> getMcRootCertsFromStorage() {
        return importCerts(MC_ROOT_CERT_SECTION);
    }

    public String getRootCaAndDelete() {
        String fullRootCa = getFullRootCa();
        if (!TextUtils.isEmpty(fullRootCa)) {
            this.storage.b(LEGACY_FULL_COMM_ROOT_CA_CERT);
        }
        return fullRootCa;
    }

    public int getTlsMode() {
        return this.storage.a(al.p).c().or((Optional<Integer>) 7).intValue();
    }

    boolean hasKeystorePassword() {
        return (TextUtils.isEmpty(this.connectionSettings.c().orNull()) || TextUtils.isEmpty(this.connectionSettings.b().orNull())) ? false : true;
    }

    public boolean hasPassword() {
        return (TextUtils.isEmpty(this.storage.a(al.n).b().or((Optional<String>) "")) || TextUtils.isEmpty(this.storage.a(al.m).b().or((Optional<String>) ""))) ? false : true;
    }

    boolean isMobiControlEnabled() {
        return (getTlsMode() & 1) != 0;
    }

    public boolean isUserTrusted() {
        return this.storage.a(USER_TRUSTED_KEY).d().or((Optional<Boolean>) false).booleanValue();
    }

    public void restoreFromBundle(Bundle bundle) {
        setFullRootCa(bundle.getString(LEGACY_FULL_COMM_ROOT_CA_CERT.b()));
        setTlsMode(bundle.getInt(TLS_MODE_STORAGE_KEY.b()));
    }

    public void setUserTrusted(boolean z) {
        this.storage.a(USER_TRUSTED_KEY, i.a(z));
    }
}
