package com.airwatch.bizlib.policysigning;

import android.content.SharedPreferences;
import android.util.Base64;
import com.airwatch.crypto.openssl.d;
import com.airwatch.gateway.e;
import com.airwatch.sdk.context.SDKContext;
import com.airwatch.sdk.context.SDKContextException;
import com.airwatch.sdk.context.r;
import com.airwatch.storage.h;
import com.airwatch.util.f;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.List;
import java.util.Map;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* loaded from: classes.dex */
public class b {
    public static int a() {
        int i;
        if (!c()) {
            return 1;
        }
        try {
            if (new e(r.a().a().getString("console_version", "")).compareTo(e.h) >= 0) {
                int intValue = ((Integer) new c().call()).intValue();
                if (intValue == 1) {
                    a(true);
                    i = 1;
                } else if (intValue == 0) {
                    a(false);
                    i = 1;
                } else {
                    i = 0;
                }
            } else {
                a(false);
                i = 1;
            }
            return i;
        } catch (SDKContextException e) {
            f.c("PolicySigningHelper", e);
            return 0;
        } catch (Exception e2) {
            f.c("PolicySigningHelper", e2);
            throw new RuntimeException(e2);
        }
    }

    private static int a(byte[] bArr, String str, Map<String, List<String>> map) {
        String str2;
        try {
            int i = map.get("x-aw-policy-signature-oid").get(0).equalsIgnoreCase("1.2.840.10045.4.3.4") ? 0 : -1;
            byte[] f = f();
            if (f == null) {
                f.d("PolicySigningHelper", "Certificate is null");
                return 0;
            }
            if (map.containsKey("x-aw-policy-signature")) {
                str2 = map.get("x-aw-policy-signature").get(0);
                f.a("PolicySigningHelper", "Validating response");
            } else {
                if (!map.containsKey("x-aw-policy-request-path-signature")) {
                    f.d("PolicySigningHelper", "Policy Signing Signature header missing.");
                    return 0;
                }
                str2 = map.get("x-aw-policy-request-path-signature").get(0);
                bArr = str.toLowerCase().getBytes();
                f.a("PolicySigningHelper", "Validating path");
            }
            int a = d.g().a(f, bArr, a(Base64.decode(str2, 0)), i);
            if (a == 1) {
                return 1;
            }
            if (a == 0) {
                f.d("PolicySigningHelper", "Signature validation failed");
                return 0;
            }
            if (a == -1) {
                f.d("PolicySigningHelper", "Signature validation returned error");
                return 0;
            }
            f.d("PolicySigningHelper", "awVerifyEcdsaSignature returned unknown value");
            return 0;
        } catch (NullPointerException e) {
            f.d("PolicySigningHelper", "Policy Signing Signature OID header missing.");
            return 0;
        }
    }

    private static void a(ByteArrayOutputStream byteArrayOutputStream, byte[] bArr) {
        byteArrayOutputStream.write(2);
        byteArrayOutputStream.write((byte) bArr.length);
        byteArrayOutputStream.write(bArr, 0, bArr.length);
    }

    private static void a(boolean z) {
        SharedPreferences.Editor edit = r.a().a().edit();
        edit.putBoolean("policy_signing_enabled", z);
        edit.apply();
    }

    public static void a(String[] strArr, String str, String str2) {
        SharedPreferences.Editor edit = r.a().a().edit();
        edit.putString("policy_signing_certificate", strArr[0]);
        int length = strArr.length;
        StringBuilder sb = new StringBuilder();
        for (String str3 : strArr) {
            sb.append(str3).append(",");
        }
        edit.putInt("policy_signing_cert_chain_length", length);
        edit.putString("policy_signing_cert_chain", sb.toString());
        edit.putString("policy_signing_cert_type", str);
        edit.putString("policy_signing_cert_encoding", str2);
        edit.commit();
    }

    public static boolean a(byte[] bArr, Map<String, List<String>> map, String str, String str2, Object obj) {
        if (!d()) {
            return true;
        }
        if (a(bArr, str2, map) != 1) {
            return b(bArr, map, str, str2, obj);
        }
        f.a("PolicySigningHelper", "Validation success.");
        return true;
    }

    private static byte[] a(byte[] bArr) {
        int length = bArr.length >> 1;
        byte[] a = a(bArr, 0, length);
        byte[] a2 = a(bArr, length, length);
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        byteArrayOutputStream.write(48);
        int length2 = a.length + 2 + 2 + a2.length;
        if (length2 > 127) {
            byteArrayOutputStream.write(129);
            byteArrayOutputStream.write((byte) length2);
        } else {
            byteArrayOutputStream.write((byte) length2);
        }
        a(byteArrayOutputStream, a);
        a(byteArrayOutputStream, a2);
        return byteArrayOutputStream.toByteArray();
    }

    private static byte[] a(byte[] bArr, int i, int i2) {
        byte[] bArr2;
        int i3 = 0;
        if ((bArr[i] & 128) != 0) {
            bArr2 = new byte[i2 + 1];
            bArr2[0] = 0;
            i3 = 1;
        } else {
            bArr2 = new byte[i2];
        }
        System.arraycopy(bArr, i, bArr2, i3, i2);
        return bArr2;
    }

    public static boolean b() {
        h a;
        try {
            a = r.a().a();
        } catch (KeyStoreException e) {
            f.d("PolicySigningHelper", "Exception in validating policy signing certificate: " + e);
        } catch (NoSuchAlgorithmException e2) {
            f.d("PolicySigningHelper", "Exception in validating policy signing certificate: " + e2);
        } catch (CertificateException e3) {
            f.d("PolicySigningHelper", "Policy signing certificate is not valid: " + e3);
        }
        if (a.getInt("policy_signing_cert_chain_length", 0) < 1) {
            f.d("PolicySigningHelper", "Certificate chain is empty");
            return false;
        }
        String[] split = a.getString("policy_signing_cert_chain", "").split(",");
        CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
        X509Certificate[] x509CertificateArr = new X509Certificate[split.length];
        for (int i = 0; i < split.length; i++) {
            x509CertificateArr[i] = (X509Certificate) certificateFactory.generateCertificate(new ByteArrayInputStream(Base64.decode(split[i], 0)));
        }
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init((KeyStore) null);
        TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
        for (TrustManager trustManager : trustManagers) {
            if (trustManager instanceof X509TrustManager) {
                ((X509TrustManager) trustManager).checkServerTrusted(x509CertificateArr, "blah");
                f.a("PolicySigningHelper", "Policy singing certificate validation success");
                return true;
            }
        }
        f.d("PolicySigningHelper", "Policy signing certificate validation failed");
        e();
        return false;
    }

    private static boolean b(byte[] bArr, Map<String, List<String>> map, String str, String str2, Object obj) {
        if (!str.equalsIgnoreCase(r.a().a().getString("host", ""))) {
            return true;
        }
        if (obj instanceof PolicySigningCheckMessage) {
            f.a("PolicySigningHelper", "Skipping validation for PolicySigningCheckMessage");
            return true;
        }
        f.a("PolicySigningHelper", "Validation failed, retrying.");
        a();
        if (!d() || a(bArr, str2, map) == 1) {
            return true;
        }
        f.a("PolicySigningHelper", "Validation retry failed.");
        return false;
    }

    public static boolean c() {
        SDKContext a = r.a();
        if (a.f() != SDKContext.State.IDLE) {
            return com.airwatch.sdk.d.a(a.g()).getBoolean("policySigning", false);
        }
        return false;
    }

    public static boolean d() {
        return c() && r.a().a().getBoolean("policy_signing_enabled", false);
    }

    public static void e() {
        SharedPreferences.Editor edit = r.a().a().edit();
        edit.putString("policy_signing_certificate", "");
        edit.putInt("policy_signing_cert_chain_length", 0);
        edit.putString("policy_signing_cert_chain", "");
        edit.putString("policy_signing_cert_type", "");
        edit.putString("policy_signing_cert_encoding", "");
        edit.commit();
    }

    private static byte[] f() {
        h a = r.a().a();
        String string = a.getString("policy_signing_certificate", "");
        if (string == null || string.equalsIgnoreCase("") || !a.getString("policy_signing_cert_encoding", "").equalsIgnoreCase("Base64")) {
            return null;
        }
        return Base64.decode(string, 0);
    }
}
