package net.soti.mobicontrol.cert;

import android.os.Build;
import com.google.common.base.Optional;
import com.samsung.android.knox.keystore.CertificateInfo;
import com.samsung.android.knox.keystore.CertificateProvisioning;
import java.security.cert.X509Certificate;
import java.util.Iterator;
import java.util.List;
import javax.inject.Inject;
import javax.inject.Singleton;
import net.soti.c;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@Singleton
/* loaded from: classes9.dex */
public class by implements av {

    /* renamed from: a, reason: collision with root package name */
    private static final Logger f12872a = LoggerFactory.getLogger((Class<?>) by.class);

    /* renamed from: b, reason: collision with root package name */
    private static final int f12873b = 7;

    /* renamed from: c, reason: collision with root package name */
    private final CertificateProvisioning f12874c;

    /* renamed from: d, reason: collision with root package name */
    private final cs f12875d;

    @Inject
    public by(CertificateProvisioning certificateProvisioning, cs csVar) {
        this.f12874c = certificateProvisioning;
        this.f12875d = csVar;
    }

    private static int a(byte[] bArr, ap apVar) {
        if (apVar != ap.CERT || aa.c(aa.c(bArr))) {
            return 7;
        }
        f12872a.debug("CERT is NOT a CA");
        return 6;
    }

    private Optional<CertificateInfo> b(final String str) {
        return net.soti.mobicontrol.fx.a.a.b.a(this.f12874c.getCertificatesFromKeystore(7)).a((net.soti.mobicontrol.fx.a.b.c) new net.soti.mobicontrol.fx.a.b.c<CertificateInfo>() { // from class: net.soti.mobicontrol.cert.by.1
            @Override // net.soti.mobicontrol.fx.a.b.a
            /* renamed from: a, reason: merged with bridge method [inline-methods] */
            public Boolean f(CertificateInfo certificateInfo) {
                return Boolean.valueOf(str.equals(certificateInfo.getAlias()));
            }
        });
    }

    @Override // net.soti.mobicontrol.cert.av
    public boolean a(String str) {
        List<CertificateInfo> certificatesFromKeystore = this.f12874c.getCertificatesFromKeystore(7);
        if (certificatesFromKeystore == null || certificatesFromKeystore.isEmpty()) {
            return false;
        }
        Iterator<CertificateInfo> it = certificatesFromKeystore.iterator();
        while (it.hasNext()) {
            if (dn.a((X509Certificate) it.next().getCertificate(), str)) {
                f12872a.warn("A valid CERT with the same alias is already installed!");
                return true;
            }
        }
        return false;
    }

    @Override // net.soti.mobicontrol.cert.av
    public boolean a(String str, boolean z) {
        boolean z2;
        try {
            Optional<CertificateInfo> b2 = b(str);
            if (!b2.isPresent()) {
                return true;
            }
            boolean deleteCertificateFromKeystore = this.f12874c.deleteCertificateFromKeystore(b2.get(), 1);
            int credentialStorageStatus = this.f12874c.getCredentialStorageStatus();
            if (1 == credentialStorageStatus) {
                z2 = this.f12874c.deleteCertificateFromKeystore(b2.get(), 6);
            } else {
                f12872a.error("Keystore error. KeyStore status [{}]", Integer.valueOf(credentialStorageStatus));
                z2 = false;
            }
            return deleteCertificateFromKeystore || z2;
        } catch (Exception e2) {
            f12872a.error(c.o.f9806a, (Throwable) e2);
            return false;
        }
    }

    @Override // net.soti.mobicontrol.cert.av
    public boolean a(String str, byte[] bArr, ap apVar, String str2) {
        boolean z;
        try {
            if (b(str).isPresent()) {
                return true;
            }
            int credentialStorageStatus = this.f12874c.getCredentialStorageStatus();
            if (1 == credentialStorageStatus) {
                z = this.f12874c.installCertificateToKeystore(apVar.asString(), bArr, str, str2, a(bArr, apVar));
                f12872a.debug("Cert installation result: {}", Boolean.valueOf(z));
            } else {
                f12872a.error("Keystore error. KeyStore status [{}]", Integer.valueOf(credentialStorageStatus));
                z = false;
            }
            if (z && ap.PKCS12 == apVar && Build.VERSION.SDK_INT >= 28 && net.soti.mobicontrol.fq.g.c("MCMR-21790")) {
                this.f12875d.a(str);
            }
            return z;
        } catch (Exception e2) {
            f12872a.error(c.o.f9806a, (Throwable) e2);
            return false;
        }
    }
}
