package com.airwatch.email.smime.storage;

import android.content.ContentResolver;
import android.content.ContentValues;
import android.content.Context;
import android.database.Cursor;
import android.net.Uri;
import android.util.Log;
import com.airwatch.email.Email;
import com.airwatch.email.crypto.CertificateManager;
import com.airwatch.email.smime.storage.BaseEncryptionCertDao;
import com.airwatch.email.utility.AirWatchEmailEnums;
import com.airwatch.emailcommon.provider.EmailContent;
import com.airwatch.exchange.keystore.CertificateUtility;
import java.io.IOException;
import java.security.PublicKey;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.List;
import net.sqlcipher.database.SQLiteDatabase;

/* loaded from: classes.dex */
public class PersistentEncryptionCertDao extends BaseEncryptionCertDao {
    private static final String c = PersistentEncryptionCertDao.class.getSimpleName();
    private static final Uri d = Uri.parse(EmailContent.a + "/encryptioncert");
    private static PersistentEncryptionCertDao e = null;
    private final Context f;
    private final CertificateManager g = Email.f();

    private PersistentEncryptionCertDao(Context context) {
        this.f = context;
    }

    private BaseEncryptionCertDao.ECert a(String str, Cursor cursor) {
        String string = cursor.getString(cursor.getColumnIndexOrThrow("certManagerAlias"));
        X509Certificate b = this.g.b(string);
        if (b == null) {
            Log.e(c, "createECertFromCurrentCursorPosition(): failed to get cert from CertificateManager");
            return null;
        }
        try {
            return new BaseEncryptionCertDao.ECert(str, cursor.getInt(cursor.getColumnIndexOrThrow("preferred")) != 0, b.getEncoded(), string, cursor.getLong(cursor.getColumnIndexOrThrow("notBeforeDate")), cursor.getLong(cursor.getColumnIndexOrThrow("notAfterDate")), cursor.getString(cursor.getColumnIndexOrThrow("algorithm")));
        } catch (CertificateEncodingException e2) {
            Log.e(c, "createECertFromCurrentCursorPosition(): failed to get encoded cert", e2);
            return null;
        }
    }

    private BaseEncryptionCertDao.ECert a(String str, String str2) {
        BaseEncryptionCertDao.ECert eCert = null;
        Cursor query = this.f.getContentResolver().query(d, null, "certManagerAlias='" + str + "'", null, null);
        if (query != null) {
            try {
                if (query.moveToFirst() && str2.equals(query.getString(query.getColumnIndexOrThrow("emailAddress")))) {
                    eCert = a(str2, query);
                }
            } finally {
                query.close();
            }
        }
        return eCert;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static EncryptionCertDao a() {
        return e;
    }

    public static void a(Context context) {
        e = new PersistentEncryptionCertDao(context);
    }

    public static void a(SQLiteDatabase sQLiteDatabase) {
        sQLiteDatabase.execSQL("create table EncryptionCert (_id integer primary key autoincrement, certManagerAlias text unique, emailAddress text, preferred integer, notBeforeDate integer, notAfterDate integer, algorithm text, trustStatus text DEFAULT " + AirWatchEmailEnums.CertTrustStatus.NOT_TRUSTED.toString() + " );");
    }

    /* JADX WARN: Multi-variable type inference failed */
    private boolean a(String str, String str2, boolean z) {
        boolean z2 = false;
        ContentResolver contentResolver = this.f.getContentResolver();
        Cursor query = contentResolver.query(d, new String[]{"preferred"}, "certManagerAlias='" + str2 + "'", null, null);
        if (query == null) {
            Log.w(c, "setPreferred(): no encryption certs found with specified cert alias (null cursor)");
        } else {
            try {
                if (query.getCount() <= 0) {
                    Log.w(c, "setPreferred(): no encryption certs found with specified cert alias");
                } else {
                    query.moveToFirst();
                    if ((query.getInt(0) != 0) == z) {
                        query.close();
                        z2 = true;
                        query = query;
                    } else {
                        query.close();
                        ContentValues contentValues = new ContentValues(1);
                        if (z) {
                            contentValues.put("preferred", (Integer) 0);
                            contentResolver.update(d, contentValues, "emailAddress='" + str + "'", null);
                        }
                        contentValues.put("preferred", Integer.valueOf(z ? 1 : 0));
                        int update = contentResolver.update(d, contentValues, "certManagerAlias='" + str2 + "'", null);
                        if (update != 1) {
                            String str3 = c;
                            StringBuilder sb = new StringBuilder("setPreferred(): cannot update cert with preferred value. updated: ");
                            Log.e(str3, sb.append(update).toString());
                            query = sb;
                        } else {
                            z2 = true;
                            query = contentValues;
                        }
                    }
                }
            } finally {
                query.close();
            }
        }
        return z2;
    }

    public static void b(SQLiteDatabase sQLiteDatabase) {
        sQLiteDatabase.execSQL("create table EncryptionCertV46 (_id integer primary key autoincrement, certManagerAlias text unique, emailAddress text, preferred integer, notBeforeDate integer, notAfterDate integer, algorithm text);");
    }

    public static List<String> c(SQLiteDatabase sQLiteDatabase) {
        net.sqlcipher.Cursor rawQuery = sQLiteDatabase.rawQuery("select certManagerAlias from EncryptionCert where trustStatus=?;", new String[]{AirWatchEmailEnums.CertTrustStatus.TRUSTED.toString()});
        ArrayList arrayList = new ArrayList();
        if (rawQuery != null) {
            while (rawQuery.moveToNext()) {
                try {
                    arrayList.add(rawQuery.getString(0));
                } finally {
                    rawQuery.close();
                }
            }
        }
        return arrayList;
    }

    public static void d(SQLiteDatabase sQLiteDatabase) {
        sQLiteDatabase.execSQL("CREATE TABLE EncryptionCertV46 (_id integer primary key autoincrement, certManagerAlias text unique, emailAddress text, preferred integer, notBeforeDate integer, notAfterDate integer, algorithm text);");
        sQLiteDatabase.execSQL("INSERT INTO EncryptionCertV46 SELECT null,certManagerAlias,emailAddress,preferred,notBeforeDate,notAfterDate,algorithm FROM EncryptionCert;");
        sQLiteDatabase.execSQL("DROP TABLE IF EXISTS EncryptionCert;");
    }

    @Override // com.airwatch.email.smime.storage.BaseEncryptionCertDao
    protected final ArrayList<BaseEncryptionCertDao.ECert> a(String str) {
        String lowerCase = str.trim().toLowerCase();
        ArrayList<BaseEncryptionCertDao.ECert> arrayList = new ArrayList<>();
        Cursor query = this.f.getContentResolver().query(d, null, "emailAddress='" + lowerCase + "'", null, null);
        if (query == null) {
            return arrayList;
        }
        for (int i = 0; i < query.getCount(); i++) {
            try {
                query.moveToPosition(i);
                BaseEncryptionCertDao.ECert a = a(lowerCase, query);
                if (a != null) {
                    arrayList.add(a);
                }
            } finally {
                query.close();
            }
        }
        return arrayList;
    }

    @Override // com.airwatch.email.smime.storage.EncryptionCertDao
    public final void a(String str, byte[] bArr) {
        a(str, bArr, false);
    }

    @Override // com.airwatch.email.smime.storage.EncryptionCertDao
    public final void a(String str, byte[] bArr, boolean z) {
        if (str == null || str.trim().length() == 0) {
            throw new IllegalArgumentException("String emailAddress");
        }
        String lowerCase = str.trim().toLowerCase();
        if (bArr == null || bArr.length == 0) {
            throw new IllegalArgumentException("byte[] cert null or zero-length");
        }
        String a = CertificateUtility.a(bArr);
        BaseEncryptionCertDao.ECert a2 = a(a, lowerCase);
        if (a2 != null) {
            if (a2.b() != z) {
                if (!BaseEncryptionCertDao.ECert.class.isInstance(a2)) {
                    Log.e(c, "setPreferred(): argument \"cert\" is not of type " + BaseEncryptionCertDao.ECert.class.getSimpleName() + ". cert: " + a2);
                    return;
                }
                BaseEncryptionCertDao.ECert eCert = a2;
                if (a(eCert.a(), eCert.f(), z)) {
                    eCert.a(z);
                    return;
                }
                return;
            }
            return;
        }
        if (!this.g.a(a, CertificateManager.CertType.X509, bArr, null)) {
            throw new IllegalArgumentException("cannot add cert to certificate manager");
        }
        try {
            X509Certificate a3 = a(bArr);
            PublicKey publicKey = a3.getPublicKey();
            if (publicKey == null) {
                this.g.a(a);
                throw new IllegalArgumentException("cert does not have a public key");
            }
            ContentValues contentValues = new ContentValues();
            contentValues.put("certManagerAlias", a);
            contentValues.put("emailAddress", lowerCase);
            contentValues.put("notBeforeDate", Long.valueOf(a3.getNotBefore().getTime()));
            contentValues.put("notAfterDate", Long.valueOf(a3.getNotAfter().getTime()));
            contentValues.put("algorithm", publicKey.getAlgorithm());
            if (this.f.getContentResolver().insert(d, contentValues) == null) {
                this.g.a(a);
                throw new IllegalArgumentException("cannot add encryption cert data to db");
            }
            a(lowerCase, a, z);
        } catch (IOException e2) {
            this.g.a(a);
            throw new IllegalArgumentException(e2);
        } catch (CertificateException e3) {
            this.g.a(a);
            throw new IllegalArgumentException(e3);
        }
    }

    @Override // com.airwatch.email.smime.storage.BaseEncryptionCertDao, com.airwatch.email.smime.storage.EncryptionCertDao
    public final /* bridge */ /* synthetic */ EncryptionCert b(String str) {
        return super.b(str);
    }
}
