package com.apptec360.android.mdm.model;

import com.android.launcher3.InstallShortcutReceiver;
import com.android.launcher3.stats.external.TrackingBundle;
import com.apptec360.android.mdm.Log;
import com.apptec360.android.mdm.helpers.Hashing;
import com.samsung.android.knox.keystore.CertificateProvisioning;
import java.io.ByteArrayInputStream;
import java.security.KeyStore;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import java.util.HashMap;
import java.util.Iterator;
import java.util.concurrent.Semaphore;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: classes.dex */
public class ApptecCertificates {
    private static JSONObject certInstallList;
    private static JSONObject installedCerts;
    private static HashMap<String, String> installedCertAliases = new HashMap<>();
    private static Semaphore semaphore = new Semaphore(1, true);
    private static Semaphore semaphore2 = new Semaphore(1, true);
    private static long systemCertificateListUpdated = 0;

    private static void addCertificateToInstallList(JSONObject jSONObject) {
        X509Certificate x509FromPKCSS12String;
        try {
            semaphore.acquire();
            if (certInstallList == null) {
                try {
                    certInstallList = new JSONObject(ApptecPreferences.getPreference("CertInstallList", "{}"));
                } catch (JSONException e) {
                    certInstallList = null;
                    e.printStackTrace();
                    semaphore.release();
                    return;
                }
            }
            try {
                int i = jSONObject.getInt("type");
                if (i == 0) {
                    x509FromPKCSS12String = getX509FromX509String(jSONObject);
                } else {
                    if (i != 1) {
                        Log.d("can't add unknown type");
                        semaphore.release();
                        return;
                    }
                    x509FromPKCSS12String = getX509FromPKCSS12String(jSONObject);
                }
                String uniqueCertificateHash = getUniqueCertificateHash(x509FromPKCSS12String);
                if (certInstallList.has(uniqueCertificateHash)) {
                    Log.d("cert is already in toInstall list");
                    semaphore.release();
                } else if (isCertInstalled(uniqueCertificateHash) && isCertInstalledInSystem(uniqueCertificateHash)) {
                    Log.d("cert is already installed");
                    semaphore.release();
                } else {
                    jSONObject.put(InstallShortcutReceiver.NAME_KEY, uniqueCertificateHash);
                    certInstallList.put(uniqueCertificateHash, jSONObject);
                    ApptecPreferences.savePreference("CertInstallList", certInstallList.toString());
                    semaphore.release();
                }
            } catch (Exception e2) {
                e2.printStackTrace();
                semaphore.release();
            }
        } catch (InterruptedException e3) {
            e3.printStackTrace();
        }
    }

    private static void addCertificateToInstalledList(JSONObject jSONObject) {
        X509Certificate x509FromPKCSS12String;
        try {
            semaphore2.acquire();
            if (installedCerts == null) {
                try {
                    installedCerts = new JSONObject(ApptecPreferences.getPreference("CertInstalledList", "{}"));
                } catch (JSONException e) {
                    installedCerts = null;
                    e.printStackTrace();
                    semaphore2.release();
                    return;
                }
            }
            try {
                int i = jSONObject.getInt("type");
                if (i == 0) {
                    x509FromPKCSS12String = getX509FromX509String(jSONObject);
                } else {
                    if (i != 1) {
                        Log.d("can't add unknown type");
                        semaphore2.release();
                        return;
                    }
                    x509FromPKCSS12String = getX509FromPKCSS12String(jSONObject);
                }
                String uniqueCertificateHash = getUniqueCertificateHash(x509FromPKCSS12String);
                jSONObject.put(InstallShortcutReceiver.NAME_KEY, uniqueCertificateHash);
                jSONObject.put("date", String.valueOf(System.currentTimeMillis()));
                installedCerts.put(uniqueCertificateHash, jSONObject);
                ApptecPreferences.savePreference("CertInstalledList", installedCerts.toString());
                if (jSONObject.optInt(TrackingBundle.KEY_EVENT_ACTION, 10) == 11) {
                    Log.d("configure wifi");
                    ApptecProfile.configureWiFiFromProfile();
                }
                semaphore2.release();
            } catch (Exception e2) {
                e2.printStackTrace();
                semaphore2.release();
            }
        } catch (InterruptedException e3) {
            e3.printStackTrace();
        }
    }

    public static JSONObject checkCertificates() {
        try {
            semaphore.acquire();
            try {
                if (certInstallList == null) {
                    certInstallList = new JSONObject();
                }
                Iterator<String> keys = certInstallList.keys();
                JSONObject jSONObject = null;
                while (keys.hasNext()) {
                    jSONObject = certInstallList.getJSONObject(keys.next());
                    String string = jSONObject.getString(InstallShortcutReceiver.NAME_KEY);
                    boolean isCertInstalled = isCertInstalled(string);
                    boolean isCertInstalledInSystem = isCertInstalledInSystem(string);
                    if (!isCertInstalled && isCertInstalledInSystem) {
                        keys.remove();
                        String str = installedCertAliases.get(string);
                        if (str != null) {
                            jSONObject.put("internalName", str);
                            addCertificateToInstalledList(jSONObject);
                        }
                    } else {
                        if (!isCertInstalled || !isCertInstalledInSystem) {
                            break;
                        }
                        keys.remove();
                    }
                }
                semaphore.release();
                return jSONObject;
            } catch (Exception e) {
                e.printStackTrace();
                semaphore.release();
                return null;
            }
        } catch (InterruptedException e2) {
            e2.printStackTrace();
            return null;
        }
    }

    private static String computeSHAHash(byte[] bArr) {
        String computeSHA1Hash = Hashing.computeSHA1Hash(bArr);
        return computeSHA1Hash == null ? "default" : computeSHA1Hash;
    }

    public static String getCertFilename(JSONObject jSONObject) {
        readCertInstalledList();
        try {
            int i = jSONObject.getInt("type");
            X509Certificate x509FromX509String = i == 0 ? getX509FromX509String(jSONObject) : i == 1 ? getX509FromPKCSS12String(jSONObject) : null;
            if (x509FromX509String == null) {
                return null;
            }
            String uniqueCertificateHash = getUniqueCertificateHash(x509FromX509String);
            if (installedCerts.has(uniqueCertificateHash)) {
                return uniqueCertificateHash;
            }
            return null;
        } catch (JSONException e) {
            e.printStackTrace();
            return null;
        }
    }

    private static String getUniqueCertificateHash(X509Certificate x509Certificate) {
        try {
            return computeSHAHash(x509Certificate.getEncoded());
        } catch (CertificateEncodingException e) {
            e.printStackTrace();
            return "";
        }
    }

    private static X509Certificate getX509FromPKCSS12String(JSONObject jSONObject) {
        try {
            String optString = jSONObject.optString("pwd", "");
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(jSONObject.getString("cert").getBytes());
            KeyStore keyStore = KeyStore.getInstance(CertificateProvisioning.TYPE_PKCS12);
            keyStore.load(byteArrayInputStream, optString.toCharArray());
            Enumeration<String> aliases = keyStore.aliases();
            if (aliases.hasMoreElements()) {
                return (X509Certificate) keyStore.getCertificate(aliases.nextElement());
            }
        } catch (Exception e) {
            e.printStackTrace();
        }
        Log.e("couldn't convert PKCS12 string certificate json to x509certificate");
        return null;
    }

    private static X509Certificate getX509FromX509String(JSONObject jSONObject) {
        try {
            return (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(jSONObject.getString("cert").getBytes()));
        } catch (Exception e) {
            e.printStackTrace();
            Log.e("couldn't convert X509 string certificate json to x509certificate");
            return null;
        }
    }

    public static void importCertificate(String str, String str2, int i, int i2) {
        promptUserToImportCertificate(str, str2, i, i2);
    }

    private static boolean isCertInstalled(String str) {
        readCertInstalledList();
        return installedCerts.has(str);
    }

    private static boolean isCertInstalledInSystem(String str) {
        if (installedCertAliases.containsKey(str)) {
            return true;
        }
        if (Math.abs(systemCertificateListUpdated - System.currentTimeMillis()) < 60000) {
            return false;
        }
        try {
            KeyStore keyStore = KeyStore.getInstance("AndroidCAStore");
            keyStore.load(null, null);
            Enumeration<String> aliases = keyStore.aliases();
            boolean z = false;
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                if (nextElement.contains("user:")) {
                    try {
                        if (getUniqueCertificateHash((X509Certificate) keyStore.getCertificate(nextElement)).equals(str)) {
                            installedCertAliases.put(str, nextElement);
                            z = true;
                        }
                    } catch (Exception e) {
                        e.printStackTrace();
                        return false;
                    }
                }
            }
            systemCertificateListUpdated = System.currentTimeMillis();
            return z;
        } catch (Exception e2) {
            e2.printStackTrace();
            return false;
        }
    }

    public static boolean isCertificateInstalled(String str, String str2, int i) {
        if (str2 == null) {
            str2 = "";
        }
        try {
            JSONObject jSONObject = new JSONObject();
            jSONObject.put("cert", str);
            jSONObject.put("type", i);
            jSONObject.put("pwd", str2);
            String certFilename = getCertFilename(jSONObject);
            return isCertInstalled(certFilename) && isCertInstalledInSystem(certFilename);
        } catch (Exception e) {
            e.printStackTrace();
            return false;
        }
    }

    private static void promptUserToImportCertificate(String str, String str2, int i, int i2) {
        JSONObject jSONObject = new JSONObject();
        if (str2 == null) {
            str2 = "";
        }
        try {
            jSONObject.put("cert", str);
            jSONObject.put("type", i);
            jSONObject.put("pwd", str2);
            jSONObject.put(TrackingBundle.KEY_EVENT_ACTION, i2);
            addCertificateToInstallList(jSONObject);
        } catch (JSONException e) {
            e.printStackTrace();
        }
    }

    private static void readCertInstalledList() {
        if (installedCerts == null) {
            try {
                semaphore2.acquire();
                try {
                    installedCerts = new JSONObject(ApptecPreferences.getPreference("CertInstalledList", "{}"));
                    semaphore2.release();
                } catch (JSONException e) {
                    e.printStackTrace();
                    semaphore2.release();
                }
            } catch (InterruptedException e2) {
                e2.printStackTrace();
            }
        }
    }

    public static void resetCertCaches() {
        try {
            semaphore.acquire();
            certInstallList = null;
            installedCerts = null;
            installedCertAliases = new HashMap<>();
            semaphore.release();
        } catch (InterruptedException e) {
            e.printStackTrace();
        }
    }
}
