package com.airwatch.email.crypto;

import android.content.Context;
import android.util.Base64;
import android.util.Log;
import com.airwatch.email.ConfigurationManager;
import com.airwatch.email.crypto.CertificateManager;
import com.airwatch.email.utility.AirWatchEmailEnums;
import com.airwatch.emailcommon.utility.ConversionUtilities;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.IOException;
import java.io.Serializable;
import java.lang.reflect.Array;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Collections;
import java.util.Enumeration;
import java.util.Iterator;

/* loaded from: classes.dex */
public class SQLCipherCertificateManager implements CertificateManager {
    private static final String a = SQLCipherCertificateManager.class.getSimpleName();
    private String b;
    private CertificateDao c;
    private Context d;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes.dex */
    public interface CertificateDao {
        int a(String str, AirWatchEmailEnums.CertTrustStatus certTrustStatus);

        boolean a(String str);

        boolean a(String str, CertificateManager.CertType certType, byte[] bArr, byte[] bArr2, byte[] bArr3, byte[] bArr4);

        byte[] b(String str);

        byte[] c(String str);

        byte[] d(String str);

        AirWatchEmailEnums.CertTrustStatus e(String str);
    }

    public SQLCipherCertificateManager(Context context) {
        this.c = new CertificateDaoSQLCipher(context);
        this.d = context;
        try {
            String[] fileList = this.d.fileList();
            if (!(fileList != null ? Arrays.asList(fileList).contains("awemail.keystore") : false)) {
                Log.i(a, "Nothing to migrate");
                return;
            }
            String i = ConfigurationManager.a().i();
            if (i != null) {
                String[] split = i.split(":-:");
                String g = g(split[11]);
                String g2 = g(split[12]);
                byte[] decode = Base64.decode(split[13], 0);
                if (g2 != null) {
                    a(g2, CertificateManager.CertType.PKCS12, decode, g.toCharArray());
                }
            }
            File file = new File(this.d.getFilesDir(), "awemail.keystore");
            if (file.exists()) {
                file.delete();
            }
        } catch (Exception e) {
            Log.e(a, "Error migrating keys", e);
        }
    }

    private static KeyStore a(byte[] bArr, char[] cArr) {
        ByteArrayInputStream byteArrayInputStream;
        try {
            byteArrayInputStream = new ByteArrayInputStream(bArr);
            try {
                KeyStore keyStore = KeyStore.getInstance("PKCS12");
                keyStore.load(byteArrayInputStream, cArr);
                if (byteArrayInputStream != null) {
                    try {
                        byteArrayInputStream.close();
                    } catch (IOException e) {
                    }
                }
                return keyStore;
            } catch (Throwable th) {
                th = th;
                if (byteArrayInputStream != null) {
                    try {
                        byteArrayInputStream.close();
                    } catch (IOException e2) {
                    }
                }
                throw th;
            }
        } catch (Throwable th2) {
            th = th2;
            byteArrayInputStream = null;
        }
    }

    private static String g(String str) {
        if (str.equals("null")) {
            return null;
        }
        return str;
    }

    @Override // com.airwatch.email.crypto.CertificateManager
    public final int a(String str, AirWatchEmailEnums.CertTrustStatus certTrustStatus) {
        return this.c.a(str, certTrustStatus);
    }

    @Override // com.airwatch.email.crypto.CertificateManager
    public final boolean a(String str) {
        if (str != null) {
            return this.c.a(str);
        }
        Log.e(a, "removeCertificate Invalid arguments");
        return false;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r1v29, types: [java.security.cert.X509Certificate[]] */
    /* JADX WARN: Type inference failed for: r4v10, types: [java.security.cert.X509Certificate[]] */
    @Override // com.airwatch.email.crypto.CertificateManager
    public final boolean a(String str, CertificateManager.CertType certType, byte[] bArr, char[] cArr) {
        PrivateKey privateKey;
        X509Certificate x509Certificate;
        Serializable serializable;
        X509Certificate x509Certificate2;
        PrivateKey privateKey2;
        Serializable serializable2;
        if (str == null || certType == null || bArr == null) {
            Log.e(a, "addCertificate Invalid arguments");
            return false;
        }
        try {
            byte[][] bArr2 = (byte[][]) Array.newInstance((Class<?>) Byte.TYPE, 3, 1);
            if (CertificateManager.CertType.PKCS12 == certType) {
                KeyStore a2 = a(bArr, cArr);
                Enumeration<String> aliases = a2.aliases();
                while (true) {
                    if (!aliases.hasMoreElements()) {
                        x509Certificate2 = null;
                        break;
                    }
                    String nextElement = aliases.nextElement();
                    if (a2.isCertificateEntry(nextElement)) {
                        x509Certificate2 = (X509Certificate) a2.getCertificate(nextElement);
                        break;
                    }
                    X509Certificate x509Certificate3 = (X509Certificate) a2.getCertificate(nextElement);
                    if (x509Certificate3 != null) {
                        x509Certificate2 = x509Certificate3;
                        break;
                    }
                }
                Enumeration<String> aliases2 = a2.aliases();
                while (true) {
                    if (!aliases2.hasMoreElements()) {
                        privateKey2 = null;
                        break;
                    }
                    String nextElement2 = aliases2.nextElement();
                    if (a2.isKeyEntry(nextElement2)) {
                        privateKey2 = (PrivateKey) a2.getKey(nextElement2, cArr);
                        break;
                    }
                }
                Enumeration<String> aliases3 = a2.aliases();
                KeyStore.PasswordProtection passwordProtection = new KeyStore.PasswordProtection(cArr);
                Iterator it = Collections.list(aliases3).iterator();
                while (true) {
                    if (!it.hasNext()) {
                        serializable2 = null;
                        break;
                    }
                    String str2 = (String) it.next();
                    if (a2.getEntry(str2, passwordProtection) instanceof KeyStore.PrivateKeyEntry) {
                        Certificate[] certificateChain = a2.getCertificateChain(str2);
                        if (certificateChain == null || certificateChain.length <= 0) {
                            serializable2 = null;
                        } else if (certificateChain instanceof X509Certificate[]) {
                            serializable2 = (X509Certificate[]) certificateChain;
                        } else {
                            ?? r4 = new X509Certificate[certificateChain.length];
                            for (int i = 0; i < certificateChain.length; i++) {
                                r4[i] = (X509Certificate) certificateChain[i];
                            }
                            serializable2 = r4;
                        }
                    }
                }
                privateKey = privateKey2;
                x509Certificate = x509Certificate2;
                serializable = serializable2;
            } else {
                privateKey = null;
                x509Certificate = (X509Certificate) CertificateFactory.getInstance("X509").generateCertificate(new ByteArrayInputStream(bArr));
                serializable = null;
            }
            if (x509Certificate != null) {
                bArr2[0] = ConversionUtilities.a(x509Certificate);
            }
            if (privateKey != null) {
                bArr2[1] = ConversionUtilities.a(privateKey);
            }
            if (serializable != null) {
                bArr2[2] = ConversionUtilities.a(serializable);
            }
            return this.c.a(str, certType, bArr, bArr2[0], bArr2[1], bArr2[2]);
        } catch (Exception e) {
            Log.e(a, "Error parsing certificate", e);
            return false;
        }
    }

    @Override // com.airwatch.email.crypto.CertificateManager
    public final X509Certificate b(String str) {
        if (str == null) {
            Log.e(a, "getCertByAlias Invalid arguments");
            return null;
        }
        byte[] b = this.c.b(str);
        if (b != null) {
            try {
                return (X509Certificate) ConversionUtilities.a(b);
            } catch (IOException e) {
                Log.e(a, "Could not retrieve X509Cert", e);
            } catch (ClassNotFoundException e2) {
                Log.e(a, "Could not retrieve X509Cert", e2);
            }
        }
        return null;
    }

    @Override // com.airwatch.email.crypto.CertificateManager
    public final X509Certificate[] c(String str) {
        if (str == null) {
            Log.e(a, "getCertChainByAlias Invalid arguments");
            return null;
        }
        byte[] d = this.c.d(str);
        if (d != null) {
            try {
                return (X509Certificate[]) ConversionUtilities.a(d);
            } catch (IOException e) {
                Log.e(a, "Could not retrieve certificate chain", e);
            } catch (ClassNotFoundException e2) {
                Log.e(a, "Could not retrieve certificate chain", e2);
            }
        }
        return null;
    }

    @Override // com.airwatch.email.crypto.CertificateManager
    public final PrivateKey d(String str) {
        if (str == null) {
            Log.e(a, "getPrivateKey Invalid arguments");
            return null;
        }
        byte[] c = this.c.c(str);
        if (c != null) {
            try {
                return (PrivateKey) ConversionUtilities.a(c);
            } catch (IOException e) {
                Log.e(a, "Could not retrieve private key", e);
            } catch (ClassNotFoundException e2) {
                Log.e(a, "Could not retrieve private key", e2);
            }
        }
        return null;
    }

    @Override // com.airwatch.email.crypto.CertificateManager
    public final AirWatchEmailEnums.CertTrustStatus e(String str) {
        return this.c.e(str);
    }

    public final void f(String str) {
        this.b = str;
    }
}
