package net.soti.mobicontrol.j;

import android.app.enterprise.CertificateInfo;
import android.app.enterprise.EnterpriseVpnPolicy;
import android.content.Context;
import android.os.Build;
import com.google.common.base.Optional;
import java.nio.ByteBuffer;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.List;
import java.util.concurrent.ExecutorService;
import javax.inject.Inject;
import javax.inject.Singleton;
import net.soti.comm.ap;
import net.soti.mobicontrol.admin.DeviceAdministrationManager;
import net.soti.mobicontrol.ds.message.DsMessage;
import org.jetbrains.annotations.Nullable;

@Singleton
@net.soti.mobicontrol.ak.l
/* loaded from: classes.dex */
public class ag extends c {
    private final DeviceAdministrationManager b;
    private final ac c;
    private final net.soti.mobicontrol.pendingaction.i d;
    private final ExecutorService e;
    private final o f;
    private final Optional<EnterpriseVpnPolicy> g;
    private final net.soti.mobicontrol.ak.c h;
    private final Context i;
    private final m j;
    private final f k;

    @Inject
    public ag(p pVar, net.soti.mobicontrol.device.security.e eVar, net.soti.mobicontrol.vpn.h hVar, DeviceAdministrationManager deviceAdministrationManager, m mVar, f fVar, o oVar, ac acVar, net.soti.mobicontrol.pendingaction.i iVar, ExecutorService executorService, net.soti.mobicontrol.ak.c cVar, Context context, net.soti.mobicontrol.ai.k kVar) {
        super(eVar, pVar, mVar, fVar, acVar, cVar, context, kVar);
        this.b = deviceAdministrationManager;
        this.j = mVar;
        this.k = fVar;
        this.c = acVar;
        this.d = iVar;
        this.e = executorService;
        this.f = oVar;
        this.g = hVar.a();
        this.h = cVar;
        this.i = context;
    }

    private boolean a(ad adVar) {
        net.soti.mobicontrol.ai.k c = c();
        net.soti.mobicontrol.device.security.g f = e().f();
        if (f != net.soti.mobicontrol.device.security.g.USABLE) {
            c.c("[cert][%s][addCertificate] Certificate storage is unusable. State[%s]", b(), f);
        } else if (d().isCertificateInstalled(adVar.h())) {
            c.c("[cert][%s][addCertificate] Certificate already installed, performing CERT sync ..", b());
            performCertificateSync();
        } else {
            e.a(this.i, c, adVar.h(), adVar.e());
        }
        return true;
    }

    private boolean a(k kVar, String str, String str2) {
        c().c("[%s][deleteCertificate] : delete certificate in dirty way ...", getClass());
        byte[] a2 = this.k.a(kVar);
        if (a2 == null) {
            c().c("[%s][deleteCertificate] : data is null. nothing to delete");
            return true;
        }
        String b = this.k.b(kVar);
        if (b == null) {
            c().c("[%s][deleteCertificate] : password is null. nothing to delete");
            return true;
        }
        String c = g.c(a2, b);
        String a3 = e.a(kVar.a());
        kVar.a(a3);
        super.a(a2, c, b, kVar, a3);
        return super.a(str, str2);
    }

    private boolean a(byte[] bArr) {
        List<CertificateInfo> clientCertificates = this.g.get().getClientCertificates("anyconnect");
        if (clientCertificates != null) {
            for (CertificateInfo certificateInfo : clientCertificates) {
                if (Arrays.equals(a(certificateInfo), bArr)) {
                    break;
                }
            }
        }
        certificateInfo = null;
        return certificateInfo != null;
    }

    private byte[] a(CertificateInfo certificateInfo) {
        try {
            return certificateInfo.getCertificate().getEncoded();
        } catch (CertificateEncodingException e) {
            return new byte[0];
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void i() {
        ad adVar = null;
        for (ad adVar2 : this.c.c()) {
            if (!adVar2.k() || !adVar2.i()) {
                this.c.b(adVar2.a(), adVar2.b());
                a(adVar2.h(), adVar2.c(), adVar2.d(), adVar2.e(), adVar2.j());
                adVar2 = adVar;
            }
            adVar = adVar2;
        }
        if (adVar != null) {
            a(adVar);
        }
    }

    public void a(Certificate[] certificateArr, String str) {
        for (Certificate certificate : certificateArr) {
            X509Certificate x509Certificate = (X509Certificate) certificate;
            if (g.b(x509Certificate)) {
                try {
                    this.f990a.installCertificate(str, x509Certificate.getEncoded(), g.b, "");
                } catch (CertificateEncodingException e) {
                    c().b("[%s][installCertificateChain] error :", e);
                }
            }
        }
    }

    @Override // net.soti.mobicontrol.j.c, net.soti.mobicontrol.j.i
    public boolean a(String str, String str2) {
        if (super.a(str, str2)) {
            return true;
        }
        k a2 = this.j.a(str, str2);
        if (a2 == null || !a(a2, str, str2)) {
            return false;
        }
        this.j.d(a2);
        return true;
    }

    /* JADX WARN: Unsupported multi-entry loop pattern (BACK_EDGE: B:31:0x013f -> B:29:0x0144). Please report as a decompilation issue!!! */
    @Override // net.soti.mobicontrol.j.c, net.soti.mobicontrol.j.i
    public boolean a(String str, byte[] bArr, String str2, String str3, String str4) {
        boolean z;
        e eVar;
        net.soti.mobicontrol.ai.k c = c();
        Optional<k> b = g.b(bArr, str3);
        if (!b.isPresent()) {
            c.d("[cert][%s][addCertificate] Cannot convert data into cert object fileName[%s]", b(), str);
            this.h.b(DsMessage.a(this.i.getString(net.soti.mobicontrol.k.p.certificate_install_fail, this.i.getString(net.soti.mobicontrol.k.p.unknown) + " {" + str + "}"), ap.DEVICE_ERROR, net.soti.mobicontrol.ds.message.c.ERROR));
            return false;
        }
        k kVar = b.get();
        String a2 = kVar.a();
        if (this.f990a.isCertificateInstalled(a2)) {
            c.c("[cert][%s][addCertificate] Certificate already installed, performing CERT sync ..", b());
            performCertificateSync();
            return true;
        }
        String c2 = g.c(bArr, str3);
        if (c2.equals(str2)) {
            c2 = str2;
        } else {
            c.c("[cert][%s][addCertificate] Corrected Certificate type to %s", b(), c2);
        }
        boolean z2 = false;
        net.soti.mobicontrol.device.security.g f = e().f();
        if (f != net.soti.mobicontrol.device.security.g.USABLE) {
            c.c("[cert][%s][addCertificate] Certificate storage is unusable. State[%s]", b(), f);
            z2 = true;
        }
        if (!ac.f981a.equalsIgnoreCase(str4) && c2.equalsIgnoreCase(g.d)) {
            try {
                eVar = new e(c, ByteBuffer.wrap(bArr), str3);
            } catch (CertificateException e) {
                c.b("Exception", e);
            }
            if (eVar.b()) {
                if (Build.VERSION.SDK_INT < net.soti.mobicontrol.device.d.ICE_CREAM_SANDWICH.getVersion()) {
                    c.d("[ImportCertificateCommand][execute] feature is not supported for [%s]", kVar.b());
                    this.h.b(DsMessage.a("", ap.FEATURE_NOT_SUPPORTED, net.soti.mobicontrol.ds.message.c.ERROR));
                    z = false;
                } else {
                    String a3 = g.a(kVar.d());
                    String b2 = kVar.b();
                    a(eVar.d(), a2);
                    b(bArr, c2, str3, a3, b2, a2, eVar.c(), eVar.a(), str4);
                    z = true;
                }
                return z;
            }
        } else if (z2) {
            a(bArr, c2, str3, g.a(kVar.d()), kVar.b(), a2, null, null, str4);
        } else {
            a(bArr, c2, str3, kVar, a2);
        }
        z = true;
        return z;
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // net.soti.mobicontrol.j.c
    public boolean a(byte[] bArr, String str, String str2, k kVar, String str3) {
        if (str.equals(g.d) && this.g.isPresent() && !a(bArr)) {
            if (this.g.get().installClientCertificate("anyconnect", bArr, str2)) {
                c().a("[%s] Installed CERT with alias {%s} into the AnyConnect VPN keystore", getClass().getSimpleName(), str3);
            } else {
                c().d("[%s] Failed to install CERT with alias {%s} into the AnyConnect VPN keystore", getClass().getSimpleName(), str3);
            }
        }
        return super.a(bArr, str, str2, kVar, str3);
    }

    @net.soti.mobicontrol.ak.k(a = {@net.soti.mobicontrol.ak.p(a = net.soti.mobicontrol.i.n)})
    public void b(net.soti.mobicontrol.ak.b bVar) {
        if (bVar.b(net.soti.mobicontrol.i.y) && this.b.isAdminActive()) {
            this.f.a();
        }
    }

    protected void b(byte[] bArr, String str, String str2, String str3, String str4, String str5, @Nullable byte[] bArr2, @Nullable byte[] bArr3, String str6) {
        a(bArr, str, str2, str3, str4, str5, bArr2, bArr3, str6);
        if (this.d.b(net.soti.mobicontrol.pendingaction.l.INSTALL_CERTIFICATE).isEmpty()) {
            this.d.a(new net.soti.mobicontrol.pendingaction.e(net.soti.mobicontrol.pendingaction.l.INSTALL_CERTIFICATE, this.i.getString(net.soti.mobicontrol.k.p.pending_certificate_installation_label), this.i.getString(net.soti.mobicontrol.k.p.pending_certificate_installation_detail)));
        }
    }

    @Override // net.soti.mobicontrol.j.c
    protected void g() {
        this.d.a(net.soti.mobicontrol.pendingaction.l.INSTALL_CERTIFICATE);
    }

    @Override // net.soti.mobicontrol.j.c
    protected void h() {
        this.e.submit(new Runnable() { // from class: net.soti.mobicontrol.j.ag.1
            @Override // java.lang.Runnable
            public void run() {
                ag.this.d.a(net.soti.mobicontrol.pendingaction.l.CREDENTIAL_STORAGE_UNLOCK);
                ag.this.i();
            }
        });
    }

    @Override // net.soti.mobicontrol.j.c
    protected void performCertificateSync() {
        this.f.a();
    }
}
