package com.airwatch.sdk.certificate;

import android.content.SharedPreferences;
import android.text.TextUtils;
import android.util.Base64;
import android.util.Log;
import com.airwatch.sdk.certificate.CertificateFetchResult;
import com.airwatch.sdk.certificate.scep.SCEPEnrollmentDataModel;
import com.airwatch.sdk.certificate.scep.SCEPEnrollmentHelper;
import com.airwatch.sdk.certificate.scep.SCEPEnrollmentStatus;
import com.airwatch.sdk.certificate.scep.SCEPError;
import com.airwatch.sdk.certificate.scep.SCEPKeyStore;
import com.airwatch.sdk.certificate.scep.SCEPPendingInfo;
import com.airwatch.util.r;
import com.airwatch.util.y;
import com.google.common.base.Ascii;
import com.samsung.android.knox.keystore.CEPConstants;
import java.io.ByteArrayOutputStream;
import java.io.IOException;
import java.lang.reflect.InvocationTargetException;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.concurrent.Callable;
import java.util.concurrent.ConcurrentHashMap;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: classes2.dex */
public class d implements g {

    /* renamed from: a, reason: collision with root package name */
    private SCEPEnrollmentHelper f3716a = new SCEPEnrollmentHelper();
    private SharedPreferences b = com.airwatch.sdk.context.m.a().f();
    private com.airwatch.storage.c c = com.airwatch.sdk.context.m.a().k();
    private com.airwatch.l.j d = com.airwatch.l.j.a();
    private Set<f> e = Collections.newSetFromMap(new ConcurrentHashMap());
    private Callable<CertificateFetchResult> f = null;
    private int g = 10;
    private long h = 5;

    private CertificateFetchResult a(SCEPEnrollmentStatus sCEPEnrollmentStatus) {
        switch (sCEPEnrollmentStatus) {
            case SUCCESS:
                r.b("SCEPCertificateFetcher", "SCEP enrollment successful.");
                try {
                    JSONObject a2 = a(this.f3716a.getSCEPKeyStore());
                    p();
                    return new CertificateFetchResult(CertificateFetchResult.Status.SUCCESS, a2, 0, null);
                } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException | JSONException e) {
                    Log.e("SCEPCertificateFetcher", "Error converting SCEP keystore to JSON : " + e.getMessage(), e);
                    return new CertificateFetchResult(CertificateFetchResult.Status.FAILURE, null, -5, null);
                }
            case FAILURE:
                SCEPError sCEPError = this.f3716a.getSCEPError();
                r.d("SCEPCertificateFetcher", "SCEP enrollment failed. Error: " + sCEPError.getErrorDescription() + " code: " + sCEPError.getErrorCode());
                if (sCEPError.getErrorCode() == SCEPError.NETWORK_ERROR.getErrorCode() && b()) {
                    return new CertificateFetchResult(CertificateFetchResult.Status.PENDING, null, 0, e());
                }
                p();
                return new CertificateFetchResult(CertificateFetchResult.Status.FAILURE, null, -3, null);
            case PENDING:
                r.b("SCEPCertificateFetcher", "SCEP enrollment pending.");
                a(this.f3716a.getSCEPPendingInfo());
                m();
                return new CertificateFetchResult(CertificateFetchResult.Status.PENDING, null, 0, e());
            default:
                r.a("SCEPCertificateFetcher", "Invalid SCEP enrollment status.");
                return new CertificateFetchResult(CertificateFetchResult.Status.FAILURE, null, -4, null);
        }
    }

    private JSONObject a(SCEPKeyStore sCEPKeyStore) throws CertificateException, NoSuchAlgorithmException, KeyStoreException, IOException, JSONException {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        sCEPKeyStore.getKeyStore().store(byteArrayOutputStream, sCEPKeyStore.getPassword());
        String encodeToString = Base64.encodeToString(byteArrayOutputStream.toByteArray(), 2);
        JSONObject jSONObject = new JSONObject();
        jSONObject.put("Pkcs12", encodeToString);
        jSONObject.put("Password", new String(sCEPKeyStore.getPassword()));
        return jSONObject;
    }

    private void a(long j) {
        if (this.f != null) {
            this.d.b("FetchCertificate", this.f);
        }
        this.f = i();
        if (j > 0) {
            this.d.a("FetchCertificate", this.f, j);
        } else {
            this.d.a((Object) "FetchCertificate", (Callable) this.f);
        }
    }

    private void a(CertificateFetchResult certificateFetchResult) {
        this.c.a("awIACertAuthAlias", certificateFetchResult.b());
        try {
            String str = (String) SharedPreferences.class.getMethod(a.d.a("\u0003\u007f\u000ek\f\t~\u0003z", 'X', (char) 242, (char) 0), String.class, String.class).invoke(this.b, "scepCertIssuer", "");
            if (TextUtils.isEmpty(str)) {
                return;
            }
            this.c.a(str, certificateFetchResult.b());
        } catch (InvocationTargetException e) {
            throw e.getCause();
        }
    }

    private void a(SCEPPendingInfo sCEPPendingInfo) {
        try {
            SharedPreferences.Editor editor = (SharedPreferences.Editor) SharedPreferences.class.getMethod(a.d.a("<<BN", 'V', (char) 4), new Class[0]).invoke(this.b, new Object[0]);
            List<String> certificateChain = sCEPPendingInfo.getCertificateChain();
            editor.putInt("scep_ca_cert_chain_size", certificateChain.size());
            for (int i = 0; i < certificateChain.size(); i++) {
                editor.putString("scep_ca_cert_" + i, certificateChain.get(i));
            }
            editor.putString("scep_private_key", sCEPPendingInfo.getPrivateKey());
            editor.commit();
        } catch (InvocationTargetException e) {
            throw e.getCause();
        }
    }

    private void b(CertificateFetchResult certificateFetchResult) {
        Iterator<f> it = this.e.iterator();
        while (it.hasNext()) {
            it.next().a(certificateFetchResult);
        }
    }

    private CertificateFetchResult c() {
        return new CertificateFetchResult(CertificateFetchResult.Status.FAILURE, null, -8, null);
    }

    private boolean d() {
        try {
            return !((String) SharedPreferences.class.getMethod(a.d.a("`]kIif\\`X", 'W', (char) 1), String.class, String.class).invoke(this.b, "scep_enrollment_url", "")).equalsIgnoreCase("");
        } catch (InvocationTargetException e) {
            throw e.getCause();
        }
    }

    private e e() {
        return new e(f(), g());
    }

    private int f() {
        return this.g - this.b.getInt("scep_pending_attempt_count", 0);
    }

    private long g() {
        return (this.b.getLong("scep_pending_last_attempt_timestamp", System.currentTimeMillis()) + (this.h * 1000)) - System.currentTimeMillis();
    }

    private CertificateFetchResult h() {
        if (l()) {
            r.b("SCEPCertificateFetcher", "Could not fetch a pending certificate using SCEP. Max retry limit reached for the same transaction ID. Next fetch will result in a new certificate fetch.");
            p();
            return new CertificateFetchResult(CertificateFetchResult.Status.FAILURE, null, -6, e());
        }
        if (k()) {
            final SCEPPendingInfo r = r();
            com.airwatch.crypto.openssl.b.f().a(new Callable<Void>() { // from class: com.airwatch.sdk.certificate.d.2
                @Override // java.util.concurrent.Callable
                /* renamed from: a, reason: merged with bridge method [inline-methods] */
                public Void call() throws Exception {
                    d.this.f3716a.poll(d.this.t(), d.this.s(), r);
                    return null;
                }
            });
            return a(this.f3716a.getEnrollmentStatus());
        }
        r.b("SCEPCertificateFetcher", "SCEP certificate fetch: retry interval has not been reached. Time remaining: " + g() + " ms");
        return new CertificateFetchResult(CertificateFetchResult.Status.PENDING, null, -7, e());
    }

    private Callable<CertificateFetchResult> i() {
        return new Callable<CertificateFetchResult>() { // from class: com.airwatch.sdk.certificate.d.3
            @Override // java.util.concurrent.Callable
            /* renamed from: a, reason: merged with bridge method [inline-methods] */
            public CertificateFetchResult call() throws Exception {
                return d.this.a();
            }
        };
    }

    private void j() {
        try {
            SharedPreferences.Editor editor = (SharedPreferences.Editor) SharedPreferences.class.getMethod(a.d.a("\u007f}\u0002\f", (char) 216, 's', (char) 0), new Class[0]).invoke(this.b, new Object[0]);
            editor.remove("scep_pending_attempt_count");
            editor.remove("scep_pending_last_attempt_timestamp");
            editor.commit();
        } catch (InvocationTargetException e) {
            throw e.getCause();
        }
    }

    private boolean k() {
        return g() <= 0;
    }

    private boolean l() {
        return f() <= 0;
    }

    private void m() {
        o();
        n();
    }

    private void n() {
        try {
            ((SharedPreferences.Editor) SharedPreferences.class.getMethod(a.d.a("\u0016\u0016\u001c(", 'x', (char) 199, (char) 2), new Class[0]).invoke(this.b, new Object[0])).putLong("scep_pending_last_attempt_timestamp", System.currentTimeMillis()).commit();
        } catch (InvocationTargetException e) {
            throw e.getCause();
        }
    }

    private void o() {
        try {
            ((SharedPreferences.Editor) SharedPreferences.class.getMethod(a.d.a("RPT^", (char) 147, '~', (char) 1), new Class[0]).invoke(this.b, new Object[0])).putInt("scep_pending_attempt_count", this.b.getInt("scep_pending_attempt_count", 0) + 1).commit();
        } catch (InvocationTargetException e) {
            throw e.getCause();
        }
    }

    private void p() {
        q();
        j();
    }

    private void q() {
        try {
            SharedPreferences.Editor editor = (SharedPreferences.Editor) SharedPreferences.class.getMethod(a.d.a("YY_k", '5', '>', (char) 3), new Class[0]).invoke(this.b, new Object[0]);
            editor.remove("scep_private_key");
            int i = this.b.getInt("scep_ca_cert_chain_size", 0);
            for (int i2 = 0; i2 < i; i2++) {
                editor.remove("scep_ca_cert_" + i2);
            }
            editor.remove("scep_ca_cert_chain_size");
            editor.commit();
        } catch (InvocationTargetException e) {
            throw e.getCause();
        }
    }

    private SCEPPendingInfo r() {
        try {
            String str = (String) SharedPreferences.class.getMethod(a.d.a("LK[;]\\TZT", 'D', (char) 159, (char) 3), String.class, String.class).invoke(this.b, "scep_private_key", "");
            int i = this.b.getInt("scep_ca_cert_chain_size", 0);
            ArrayList arrayList = new ArrayList(i);
            for (int i2 = 0; i2 < i; i2++) {
                try {
                    arrayList.add((String) SharedPreferences.class.getMethod(a.d.a("LIW5URHLD", (char) 136, (char) 1), String.class, String.class).invoke(this.b, "scep_ca_cert_" + i2, ""));
                } catch (InvocationTargetException e) {
                    throw e.getCause();
                }
            }
            return new SCEPPendingInfo(arrayList, str);
        } catch (InvocationTargetException e2) {
            throw e2.getCause();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public char[] s() {
        return com.airwatch.util.j.b(y.a(Ascii.DLE)).toCharArray();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public SCEPEnrollmentDataModel t() {
        try {
            String str = (String) SharedPreferences.class.getMethod(a.d.a("\u001b\u001a*\n,+#)#", (char) 17, (char) 220, (char) 2), String.class, String.class).invoke(this.b, "scep_enrollment_url", "");
            try {
                String str2 = (String) SharedPreferences.class.getMethod(a.d.a("BAQ1SRJPJ", (char) 220, '|', (char) 3), String.class, String.class).invoke(this.b, "scep_challenge", "");
                try {
                    String str3 = (String) SharedPreferences.class.getMethod(a.d.a("|{\fk\u000e\r\u0005\u000b\u0005", (char) 152, (char) 4, (char) 2), String.class, String.class).invoke(this.b, "scep_subject_name", "");
                    try {
                        String str4 = (String) SharedPreferences.class.getMethod(a.d.a("\u0018\u0017'\u0007)( & ", (char) 2, (char) 208, (char) 2), String.class, String.class).invoke(this.b, "scep_alternative_name", "");
                        try {
                            return new SCEPEnrollmentDataModel.Builder(str, str2, str3).setSubjectAlternativeName(str4).setKeySize(this.b.getInt("scep_keysize", 2048)).setKeyType((String) SharedPreferences.class.getMethod(a.d.a("\u000b\n\u001ay\u001c\u001b\u0013\u0019\u0013", (char) 208, (char) 0), String.class, String.class).invoke(this.b, "scep_key_type", CEPConstants.CEP_KEYALGO_TYPE_RSA)).setKeyUsageFlags(this.b.getInt("scep_keyusage_flags", 0)).build();
                        } catch (InvocationTargetException e) {
                            throw e.getCause();
                        }
                    } catch (InvocationTargetException e2) {
                        throw e2.getCause();
                    }
                } catch (InvocationTargetException e3) {
                    throw e3.getCause();
                }
            } catch (InvocationTargetException e4) {
                throw e4.getCause();
            }
        } catch (InvocationTargetException e5) {
            throw e5.getCause();
        }
    }

    @Override // com.airwatch.sdk.certificate.g
    public CertificateFetchResult a() {
        CertificateFetchResult a2;
        if (!d()) {
            CertificateFetchResult c = c();
            b(c);
            return c;
        }
        if (b()) {
            a2 = h();
        } else {
            com.airwatch.crypto.openssl.b.f().a(new Callable<Void>() { // from class: com.airwatch.sdk.certificate.d.1
                @Override // java.util.concurrent.Callable
                /* renamed from: a, reason: merged with bridge method [inline-methods] */
                public Void call() throws Exception {
                    d.this.f3716a.enroll(d.this.t(), d.this.s());
                    return null;
                }
            });
            a2 = a(this.f3716a.getEnrollmentStatus());
        }
        if (a2.a() == CertificateFetchResult.Status.SUCCESS) {
            a(a2);
        } else if (a2.a() == CertificateFetchResult.Status.PENDING) {
            a(g());
        }
        b(a2);
        return a2;
    }

    @Override // com.airwatch.sdk.certificate.g
    public boolean b() {
        return this.b.contains("scep_ca_cert_chain_size");
    }
}
