package net.soti.mobicontrol.enterprise.cert;

import android.os.Build;
import android.os.RemoteException;
import java.io.IOException;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.PublicKey;
import java.security.UnrecoverableEntryException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.List;
import java.util.logging.Logger;
import net.soti.mobicontrol.commons.AndroidVersionInfo;
import net.soti.mobicontrol.commons.CertificateUtils;

/* loaded from: classes.dex */
final class c {
    private final TrustedStoreHelper a;
    private final KeyStoreHelper b;
    private final Logger c;

    /* JADX INFO: Access modifiers changed from: package-private */
    public c(TrustedStoreHelper trustedStoreHelper, KeyStoreHelper keyStoreHelper, Logger logger) {
        this.a = trustedStoreHelper;
        this.b = keyStoreHelper;
        this.c = logger;
    }

    private KeyPair a(KeyStore.PrivateKeyEntry privateKeyEntry) {
        return new KeyPair(privateKeyEntry.getCertificate().getPublicKey(), privateKeyEntry.getPrivateKey());
    }

    private void a(String str, List<X509Certificate> list, int i) throws IOException, CertificateEncodingException, RemoteException {
        if (this.b.storeCACerts(str, i, 0, (X509Certificate[]) list.toArray(new X509Certificate[list.size()])) && i == -1) {
            Iterator<X509Certificate> it = list.iterator();
            while (it.hasNext()) {
                this.a.addToTrustedAndroidCAStore(it.next());
            }
        }
    }

    private boolean a(String str, List<X509Certificate> list, X509Certificate x509Certificate, PrivateKey privateKey, PublicKey publicKey, int i, int i2) throws IOException, CertificateEncodingException, RemoteException {
        if (!this.b.storeKeyPairs(str, privateKey, publicKey, i, i2)) {
            return false;
        }
        boolean storeUserCertificate = this.b.storeUserCertificate(str, i, 0, x509Certificate);
        if (storeUserCertificate && !list.isEmpty()) {
            if (i == -1) {
                this.c.info("# ca certs extracted = " + list.size());
            }
            a(str, list, i);
        }
        return storeUserCertificate;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean a(byte[] bArr, String str) throws RemoteException, CertificateException, IOException {
        X509Certificate certificateFromData = CertificateUtils.getCertificateFromData(bArr);
        if (certificateFromData != null && certificateFromData.getBasicConstraints() != -1) {
            this.c.config("CERT: " + bArr.length);
            this.c.config("got a CA cert");
            this.c.info(String.format("[addCaCertificate] Adding cert {alias=%s}", str));
            if (this.b.storeCACerts(str, -1, 0, certificateFromData)) {
                return this.a.addToTrustedAndroidCAStore(certificateFromData);
            }
        }
        return false;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public boolean a(byte[] bArr, String str, String str2) throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, UnrecoverableEntryException, RemoteException {
        List<X509Certificate> list;
        X509Certificate x509Certificate;
        KeyStore.Entry entry;
        ArrayList arrayList = new ArrayList();
        KeyStore.PasswordProtection passwordProtection = new KeyStore.PasswordProtection(str.toCharArray());
        KeyStore privateKeyStore = CertificateUtils.getPrivateKeyStore(bArr, passwordProtection);
        Enumeration<String> aliases = privateKeyStore.aliases();
        List<X509Certificate> list2 = arrayList;
        X509Certificate x509Certificate2 = null;
        KeyPair keyPair = null;
        while (true) {
            if (!aliases.hasMoreElements()) {
                list = list2;
                x509Certificate = x509Certificate2;
                break;
            }
            String nextElement = aliases.nextElement();
            try {
                entry = privateKeyStore.getEntry(nextElement, passwordProtection);
            } catch (NullPointerException | UnsupportedOperationException | KeyStoreException | NoSuchAlgorithmException | UnrecoverableEntryException e) {
                this.c.warning(String.format("Alias %s did not work due to %s. If there is another alias, try it", nextElement, e.getMessage()));
                entry = null;
            }
            if (entry != null && (entry instanceof KeyStore.PrivateKeyEntry)) {
                this.c.info(String.format("extracted alias %s {new alias=%s}", nextElement, str2));
                KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) entry;
                keyPair = a(privateKeyEntry);
                Certificate[] certificateChain = privateKeyEntry.getCertificateChain();
                this.c.info("# certs extracted = " + certificateChain.length);
                b bVar = new b(this.c);
                bVar.a(certificateChain);
                X509Certificate b = bVar.b();
                list2 = bVar.a();
                if (b != null) {
                    x509Certificate = b;
                    list = list2;
                    break;
                }
                x509Certificate2 = b;
            }
        }
        if (x509Certificate == null) {
            return false;
        }
        int i = Build.VERSION.SDK_INT >= AndroidVersionInfo.JELLY_BEAN_MR2.getApiLevel() ? 1 : 0;
        this.c.info(String.format("[addClientCertificate] Adding cert {alias=%s}", str2));
        return a(str2, list, x509Certificate, keyPair.getPrivate(), keyPair.getPublic(), -1, i);
    }
}
