package com.airwatch.agent.interrogator.certificate;

import com.airwatch.afw.lib.AfwApp;
import com.airwatch.agent.enterprise.container.Container;
import com.airwatch.agent.interrogator.classes.CertificateEntry;
import com.airwatch.agent.utility.av;
import com.airwatch.agent.utility.bd;
import com.airwatch.bizlib.c.g;
import com.airwatch.bizlib.c.v;
import com.airwatch.bizlib.model.CertificateDefinitionAnchorApp;
import com.airwatch.bizlib.profile.e;
import com.airwatch.interrogator.SamplerType;
import com.airwatch.util.ad;
import com.samsung.android.knox.keystore.CertificateProvisioning;
import com.workspaceone.peoplesdk.internal.util.Commons;
import java.io.BufferedInputStream;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.UnsupportedEncodingException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import org.apache.commons.io.IOUtils;

/* loaded from: classes2.dex */
public class a extends com.airwatch.agent.interrogator.b<CertificateSamplePayload> {
    private com.airwatch.agent.f.a c;
    private final Set<CertificateEntry> d;

    public a() {
        super(SamplerType.CERTIFICATE_LIST);
        this.c = new com.airwatch.agent.f.a(AfwApp.d());
        this.d = new HashSet();
    }

    private void a(CertificateDefinitionAnchorApp certificateDefinitionAnchorApp) {
        ad.a("CertificateListSampler", "deleteOrphanCerts() ");
        g gVar = new g(AfwApp.d());
        v vVar = new v(v.a("data"), certificateDefinitionAnchorApp.r_());
        vVar.b(v.a("uuid"), certificateDefinitionAnchorApp.getUuid());
        gVar.a(vVar);
    }

    private void a(CertificateDefinitionAnchorApp certificateDefinitionAnchorApp, e eVar) {
        try {
            ad.a("CertificateListSampler", "addCertificates() ");
            String password = certificateDefinitionAnchorApp.getPassword();
            if (password == null || password.length() <= 0) {
                ad.a("CertificateListSampler", "addCertificates() X509 ");
                a((X509Certificate) CertificateFactory.getInstance("X509").generateCertificate(new ByteArrayInputStream(certificateDefinitionAnchorApp.getCertificateData())), new CertificateEntry(), certificateDefinitionAnchorApp, eVar);
            } else {
                ad.a("CertificateListSampler", "addCertificates() PKCS12");
                b(certificateDefinitionAnchorApp, eVar);
            }
        } catch (Exception e) {
            this.c.d("Exception adding cert " + certificateDefinitionAnchorApp.getUuid() + e.toString());
            ad.d("CertificateListSampler", "addCertificates() exception with certificate ", e);
        }
    }

    private synchronized void a(X509Certificate x509Certificate, CertificateEntry certificateEntry) throws UnsupportedEncodingException, CertificateEncodingException {
        certificateEntry.certificateName = x509Certificate.getSubjectDN().getName();
        certificateEntry.certificateType = x509Certificate.getType();
        certificateEntry.commonNameSize = (short) x509Certificate.getSubjectDN().getName().getBytes("UTF-8").length;
        certificateEntry.commonNameData = x509Certificate.getSubjectDN().getName().getBytes("UTF-8");
        certificateEntry.certificateData = x509Certificate.getEncoded();
        certificateEntry.certificateSize = (short) x509Certificate.getEncoded().length;
        this.d.add(certificateEntry);
    }

    private boolean a(com.airwatch.agent.enterprise.e eVar, Container container) {
        com.airwatch.agent.database.a a = com.airwatch.agent.database.a.a();
        return !(eVar.I_() || container.d()) || (a.e("com.airwatch.android.certificate").isEmpty() && a.e("com.airwatch.android.container.certificate").isEmpty());
    }

    private void b(CertificateDefinitionAnchorApp certificateDefinitionAnchorApp, e eVar) throws IOException, KeyStoreException, NoSuchAlgorithmException, CertificateException {
        KeyStore keyStore = KeyStore.getInstance(CertificateProvisioning.TYPE_PKCS12);
        keyStore.load(new ByteArrayInputStream(certificateDefinitionAnchorApp.getCertificateData()), certificateDefinitionAnchorApp.getPassword().toCharArray());
        Iterator it = Collections.list(keyStore.aliases()).iterator();
        while (it.hasNext()) {
            String str = (String) it.next();
            CertificateEntry certificateEntry = new CertificateEntry();
            certificateEntry.isIdentity = (short) 1;
            a((X509Certificate) keyStore.getCertificate(str), certificateEntry, certificateDefinitionAnchorApp, eVar);
        }
    }

    @Override // com.airwatch.interrogator.c
    protected com.airwatch.interrogator.a X_() {
        return new b(this);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.airwatch.agent.interrogator.b
    public synchronized void a(CertificateSamplePayload certificateSamplePayload) {
        this.d.addAll(certificateSamplePayload.a());
    }

    void a(X509Certificate x509Certificate, CertificateEntry certificateEntry, CertificateDefinitionAnchorApp certificateDefinitionAnchorApp, Container container) throws UnsupportedEncodingException, CertificateEncodingException {
        ad.a("CertificateListSampler", "addTimaCertificate() ");
        if (!container.b()) {
            ad.a("CertificateListSampler", "addTimaCertificate() container is not Active , so reporting");
            a(x509Certificate, certificateEntry);
        } else if (container.a(x509Certificate, certificateDefinitionAnchorApp)) {
            ad.a("CertificateListSampler", "addTimaCertificate() container is  Active and cert installed ");
            a(x509Certificate, certificateEntry);
        }
    }

    void a(X509Certificate x509Certificate, CertificateEntry certificateEntry, CertificateDefinitionAnchorApp certificateDefinitionAnchorApp, e eVar) throws CertificateEncodingException, UnsupportedEncodingException {
        Container i = AfwApp.d().k().i();
        if (x509Certificate == null || certificateEntry == null) {
            return;
        }
        if (!av.a(certificateDefinitionAnchorApp)) {
            a(x509Certificate, certificateEntry);
            return;
        }
        if (AfwApp.d().k().b().a(x509Certificate, certificateDefinitionAnchorApp)) {
            a(x509Certificate, certificateEntry);
            return;
        }
        if (certificateDefinitionAnchorApp.getEnableTima()) {
            a(x509Certificate, certificateEntry, certificateDefinitionAnchorApp, i);
        } else {
            if (certificateDefinitionAnchorApp.getEnableTima() || !"com.airwatch.android.container.certificate".equals(eVar.Y_())) {
                return;
            }
            a(x509Certificate, certificateEntry);
        }
    }

    @Override // com.airwatch.agent.interrogator.b
    protected synchronized void c() {
        com.airwatch.agent.f.a aVar;
        String str;
        com.airwatch.agent.enterprise.e b;
        List<CertificateDefinitionAnchorApp> emptyList = Collections.emptyList();
        try {
            try {
                this.d.clear();
                b = AfwApp.d().k().b();
            } finally {
                String str2 = this.d.size() == emptyList.size() ? "Success for cert list sample: " : "Error for cert list sample: ";
                this.c.d(str2 + emptyList.size() + Commons.COMMA_STRING + this.d.size());
            }
        } catch (Exception e) {
            this.c.d("Exception getting cert data " + emptyList.size() + Commons.COMMA_STRING + this.d.size() + Commons.COMMA_STRING + e.toString());
            ad.d("CertificateListSampler", "There was an error getting certificate data", e);
            String str3 = this.d.size() == emptyList.size() ? "Success for cert list sample: " : "Error for cert list sample: ";
            aVar = this.c;
            str = str3 + emptyList.size() + Commons.COMMA_STRING + this.d.size();
        }
        if (a(b, AfwApp.d().k().i()) && b.M()) {
            return;
        }
        emptyList = new g(AfwApp.d()).a();
        this.c.a("start certificate list sample: " + emptyList.size());
        if (emptyList.isEmpty()) {
            com.airwatch.agent.database.a a = com.airwatch.agent.database.a.a();
            if (a.e("com.airwatch.android.certificate").size() + a.e("com.airwatch.android.androidwork.certificate").size() > 0) {
                this.c.d("certificate profiles present but absent from certificate database");
                ad.b("CertificateListSampler", "certificate profiles present but absent from certificate database");
            }
        }
        for (CertificateDefinitionAnchorApp certificateDefinitionAnchorApp : emptyList) {
            e j = com.airwatch.agent.database.a.a().j(certificateDefinitionAnchorApp.getUuid());
            if (j != null || bd.a(certificateDefinitionAnchorApp.getUuid(), certificateDefinitionAnchorApp.r_())) {
                if (j != null) {
                    CertificateDefinitionAnchorApp certificateDefinitionAnchorApp2 = new CertificateDefinitionAnchorApp(j);
                    certificateDefinitionAnchorApp.b(certificateDefinitionAnchorApp2.e());
                    certificateDefinitionAnchorApp.setEnableTima(certificateDefinitionAnchorApp2.getEnableTima());
                }
                this.c.a("add cert sample: " + certificateDefinitionAnchorApp.getUuid());
                a(certificateDefinitionAnchorApp, j);
            } else {
                this.c.d("deleting OrphanCerts: " + certificateDefinitionAnchorApp.getUuid());
                ad.e("CertificateListSampler", "sampleData() certificate was bound to profile group, but profile is missing now.");
                a(certificateDefinitionAnchorApp);
            }
        }
        if (this.d.isEmpty() && !emptyList.isEmpty()) {
            this.c.d("AirWatch adding the placeholder cert");
            ad.d("AirWatch adding the placeholder cert");
            d();
        }
        String str4 = this.d.size() == emptyList.size() ? "Success for cert list sample: " : "Error for cert list sample: ";
        aVar = this.c;
        str = str4 + emptyList.size() + Commons.COMMA_STRING + this.d.size();
        aVar.d(str);
    }

    void d() {
        BufferedInputStream bufferedInputStream;
        InputStream inputStream = null;
        try {
            try {
                InputStream open = AfwApp.d().getAssets().open("placeholder.cer", 0);
                try {
                    bufferedInputStream = new BufferedInputStream(open);
                    try {
                        X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(bufferedInputStream);
                        CertificateEntry certificateEntry = new CertificateEntry();
                        certificateEntry.isIdentity = (short) 0;
                        a(x509Certificate, certificateEntry);
                        IOUtils.closeQuietly(open);
                    } catch (IOException e) {
                        e = e;
                        inputStream = open;
                        this.c.d("Error loading placeholder certificate." + e.toString());
                        ad.d("CertificateListSampler", "Error loading placeholder certificate.", e);
                        IOUtils.closeQuietly(inputStream);
                        IOUtils.closeQuietly((InputStream) bufferedInputStream);
                    } catch (CertificateException e2) {
                        e = e2;
                        inputStream = open;
                        this.c.d("Error generating placeholder certificate." + e.toString());
                        ad.d("CertificateListSampler", "Error generating placeholder certificate.", e);
                        IOUtils.closeQuietly(inputStream);
                        IOUtils.closeQuietly((InputStream) bufferedInputStream);
                    } catch (Throwable th) {
                        th = th;
                        inputStream = open;
                        IOUtils.closeQuietly(inputStream);
                        IOUtils.closeQuietly((InputStream) bufferedInputStream);
                        throw th;
                    }
                } catch (IOException e3) {
                    e = e3;
                    bufferedInputStream = null;
                } catch (CertificateException e4) {
                    e = e4;
                    bufferedInputStream = null;
                } catch (Throwable th2) {
                    th = th2;
                    bufferedInputStream = null;
                }
            } catch (Throwable th3) {
                th = th3;
            }
        } catch (IOException e5) {
            e = e5;
            bufferedInputStream = null;
        } catch (CertificateException e6) {
            e = e6;
            bufferedInputStream = null;
        } catch (Throwable th4) {
            th = th4;
            bufferedInputStream = null;
        }
        IOUtils.closeQuietly((InputStream) bufferedInputStream);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.airwatch.agent.interrogator.b
    /* renamed from: e, reason: merged with bridge method [inline-methods] */
    public synchronized CertificateSamplePayload a() {
        return new CertificateSamplePayload(new ArrayList(this.d));
    }

    public synchronized List<CertificateEntry> f() {
        return new ArrayList(this.d);
    }
}
