package com.microsoft.intune.usercerts.contentcomponent.abstraction;

import com.microsoft.intune.usercerts.domain.scep.IScepCertStateRepo;
import com.microsoft.intune.usercerts.domain.scep.ScepCertConfigItem;
import com.microsoft.intune.usercerts.domain.scep.ScepCertState;
import com.microsoft.intune.utils.LoggingExtensionsKt;
import com.microsoft.intune.utils.Mockable;
import io.reactivex.functions.Predicate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import java.util.logging.Logger;
import kotlin.Metadata;
import kotlin.collections.CollectionsKt__IterablesKt;
import kotlin.jvm.internal.Intrinsics;
import kotlin.jvm.internal.Reflection;
import kotlin.reflect.KClass;
import org.bouncycastle.asn1.ASN1ObjectIdentifier;
import org.bouncycastle.asn1.x509.ExtendedKeyUsage;
import org.bouncycastle.asn1.x509.KeyPurposeId;
import org.bouncycastle.asn1.x509.KeyUsage;

/* compiled from: CertificateAliasProviderModel.kt */
@Metadata(bv = {1, 0, 3}, d1 = {"\u0000*\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010 \n\u0002\u0010\u000e\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u000b\n\u0002\b\u0003\b\u0017\u0018\u0000 \r2\u00020\u0001:\u0001\rB\u000f\b\u0007\u0012\u0006\u0010\u0002\u001a\u00020\u0003¢\u0006\u0002\u0010\u0004J\u000e\u0010\u0005\u001a\b\u0012\u0004\u0012\u00020\u00070\u0006H\u0016J\u000e\u0010\b\u001a\b\u0012\u0004\u0012\u00020\t0\u0006H\u0012J\u0010\u0010\n\u001a\u00020\u000b2\u0006\u0010\f\u001a\u00020\tH\u0017R\u000e\u0010\u0002\u001a\u00020\u0003X\u0092\u0004¢\u0006\u0002\n\u0000¨\u0006\u000e"}, d2 = {"Lcom/microsoft/intune/usercerts/contentcomponent/abstraction/CertificateAliasProviderModel;", "", "scepCertStateRepo", "Lcom/microsoft/intune/usercerts/domain/scep/IScepCertStateRepo;", "(Lcom/microsoft/intune/usercerts/domain/scep/IScepCertStateRepo;)V", "collectPossibleSMIMECertAliases", "", "", "collectPossibleSMIMECerts", "Lcom/microsoft/intune/usercerts/domain/scep/ScepCertState;", "isPossibleSMIMECert", "", "scepCertState", "Companion", "policy_userOfficialRelease"}, k = 1, mv = {1, 4, 0})
@Mockable
/* loaded from: classes2.dex */
public class CertificateAliasProviderModel {
    public static final Logger LOGGER = LoggingExtensionsKt.logger((KClass<?>) Reflection.getOrCreateKotlinClass(CertificateAliasProviderModel.class));
    public final IScepCertStateRepo scepCertStateRepo;

    public CertificateAliasProviderModel(IScepCertStateRepo scepCertStateRepo) {
        Intrinsics.checkNotNullParameter(scepCertStateRepo, "scepCertStateRepo");
        this.scepCertStateRepo = scepCertStateRepo;
    }

    private List<ScepCertState> collectPossibleSMIMECerts() {
        List<ScepCertState> blockingGet = this.scepCertStateRepo.getAll().filter(new Predicate<List<? extends ScepCertState>>() { // from class: com.microsoft.intune.usercerts.contentcomponent.abstraction.CertificateAliasProviderModel$collectPossibleSMIMECerts$1
            @Override // io.reactivex.functions.Predicate
            public /* bridge */ /* synthetic */ boolean test(List<? extends ScepCertState> list) {
                return test2((List<ScepCertState>) list);
            }

            /* renamed from: test, reason: avoid collision after fix types in other method */
            public final boolean test2(List<ScepCertState> it) {
                Intrinsics.checkNotNullParameter(it, "it");
                if ((it instanceof Collection) && it.isEmpty()) {
                    return true;
                }
                Iterator<T> it2 = it.iterator();
                while (it2.hasNext()) {
                    if (!CertificateAliasProviderModel.this.isPossibleSMIMECert((ScepCertState) it2.next())) {
                        return false;
                    }
                }
                return true;
            }
        }).blockingGet();
        Intrinsics.checkNotNullExpressionValue(blockingGet, "scepCertStateRepo.getAll…           .blockingGet()");
        return blockingGet;
    }

    public List<String> collectPossibleSMIMECertAliases() {
        List<ScepCertState> collectPossibleSMIMECerts = collectPossibleSMIMECerts();
        ArrayList arrayList = new ArrayList(CollectionsKt__IterablesKt.collectionSizeOrDefault(collectPossibleSMIMECerts, 10));
        for (ScepCertState scepCertState : collectPossibleSMIMECerts) {
            LOGGER.info("Found possible S/MIME certificate alias: " + scepCertState + ".alias");
            arrayList.add(scepCertState.getAlias());
        }
        return arrayList;
    }

    public boolean isPossibleSMIMECert(ScepCertState scepCertState) {
        boolean z;
        boolean z2;
        boolean z3;
        Intrinsics.checkNotNullParameter(scepCertState, "scepCertState");
        ScepCertConfigItem scepCertConfigItem = scepCertState.getScepCertConfigItem();
        if (scepCertConfigItem == null) {
            return true;
        }
        KeyUsage keyUsage = new KeyUsage(scepCertConfigItem.getKeyUsage());
        boolean hasUsages = keyUsage.hasUsages(128);
        boolean hasUsages2 = keyUsage.hasUsages(32);
        if (!scepCertConfigItem.getEkuOidMapping().isEmpty()) {
            Collection<String> values = scepCertConfigItem.getEkuOidMapping().values();
            ArrayList arrayList = new ArrayList(CollectionsKt__IterablesKt.collectionSizeOrDefault(values, 10));
            Iterator<T> it = values.iterator();
            while (it.hasNext()) {
                arrayList.add(KeyPurposeId.getInstance(new ASN1ObjectIdentifier((String) it.next())));
            }
            Object[] array = arrayList.toArray(new KeyPurposeId[0]);
            if (array == null) {
                throw new NullPointerException("null cannot be cast to non-null type kotlin.Array<T>");
            }
            KeyPurposeId[] keyPurposeIdArr = (KeyPurposeId[]) array;
            z2 = new ExtendedKeyUsage(keyPurposeIdArr).hasKeyPurposeId(KeyPurposeId.anyExtendedKeyUsage);
            z = new ExtendedKeyUsage(keyPurposeIdArr).hasKeyPurposeId(KeyPurposeId.id_kp_emailProtection);
            z3 = true;
        } else {
            z = false;
            z2 = false;
            z3 = false;
        }
        LOGGER.info("Key Usage - Digital Signature: " + hasUsages);
        LOGGER.info("Key Usage - Key Encipherment: " + hasUsages2);
        LOGGER.info("Extended Key Usage - Any Purpose: " + z2);
        LOGGER.info("Extended Key Usage - Email Protection: " + z);
        return hasUsages || hasUsages2 || !z3 || z2 || z;
    }
}
