package com.airwatch.storage;

import android.annotation.SuppressLint;
import android.content.SharedPreferences;
import android.os.Handler;
import android.os.Looper;
import android.support.annotation.NonNull;
import android.support.annotation.Nullable;
import android.support.annotation.VisibleForTesting;
import android.text.TextUtils;
import android.util.Base64;
import com.airwatch.core.AWConstants;
import com.airwatch.crypto.openssl.OpenSSLWrapper;
import com.airwatch.gateway.ConsoleVersion;
import com.airwatch.sdk.context.SDKContextManager;
import com.airwatch.storage.SDKKeyStore;
import com.airwatch.util.Logger;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.Map;
import java.util.WeakHashMap;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: classes.dex */
public class DefaultSDKKeyStore implements SDKKeyStore {
    public static final String a = "Password";
    public static final String b = "Pkcs12";
    private static final String c = "-----BEGIN CERTIFICATE-----\n";
    private static final String d = "-----END CERTIFICATE-----";
    private static final String e = "certificate:";
    private static final String f = "DefaultSDKKeyStore";
    private final SharedPreferences g;
    private final OpenSSLWrapper h;
    private final Map<SDKKeyStore.Listener, Object> i;
    private Handler j;

    public DefaultSDKKeyStore() {
        this.i = Collections.synchronizedMap(new WeakHashMap());
        this.h = new OpenSSLWrapper(SDKContextManager.a().j());
        this.g = SDKContextManager.a().a();
    }

    @VisibleForTesting
    public DefaultSDKKeyStore(@NonNull OpenSSLWrapper openSSLWrapper, @NonNull SharedPreferences sharedPreferences) {
        this.i = Collections.synchronizedMap(new WeakHashMap());
        this.h = openSSLWrapper;
        this.g = sharedPreferences;
    }

    private ConsoleVersion a() {
        try {
            return ConsoleVersion.a(this.g.getString(SDKSecurePreferencesKeys.w, ""));
        } catch (Exception e2) {
            return ConsoleVersion.g;
        }
    }

    private synchronized Handler b() {
        if (this.j == null) {
            this.j = new Handler(Looper.getMainLooper());
        }
        return this.j;
    }

    @Nullable
    private X509Certificate f(@NonNull String str) {
        X509Certificate x509Certificate;
        String string = this.g.getString(e + str, "");
        if (string.isEmpty()) {
            Logger.d(f, "No certificate data in SDKKeyStore with alias: " + str);
            x509Certificate = null;
        } else {
            try {
                byte[] decode = Base64.decode(new JSONObject(string).getString("Pkcs12"), 0);
                if (a().c(ConsoleVersion.m)) {
                    this.h.awFipsModeSet(0);
                    String[] awCertArrayFromPKCS12 = this.h.awCertArrayFromPKCS12(decode, "");
                    if (awCertArrayFromPKCS12 == null || awCertArrayFromPKCS12.length == 0) {
                        Logger.d(f, "Unable to create X509Certificate from pkcs12");
                        return null;
                    }
                    String replace = awCertArrayFromPKCS12[0].replace(c, "").replace(d, "");
                    this.h.awFipsModeSet(1);
                    decode = Base64.decode(replace, 0);
                }
                x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(decode));
            } catch (CertificateException e2) {
                Logger.d(f, "Certificate exception while generating certificate");
                x509Certificate = null;
            } catch (JSONException e3) {
                Logger.d(f, "Json exception while parsing json string response");
                x509Certificate = null;
            }
        }
        return x509Certificate;
    }

    private void g(final String str) {
        final ArrayList arrayList = new ArrayList(this.i.keySet());
        b().post(new Runnable() { // from class: com.airwatch.storage.DefaultSDKKeyStore.1
            @Override // java.lang.Runnable
            public void run() {
                Iterator it = arrayList.iterator();
                while (it.hasNext()) {
                    ((SDKKeyStore.Listener) it.next()).a(str);
                }
            }
        });
    }

    @Override // com.airwatch.storage.SDKKeyStore
    public void a(SDKKeyStore.Listener listener) {
        this.i.put(listener, null);
    }

    @Override // com.airwatch.storage.SDKKeyStore
    @SuppressLint({"CommitPrefEdits"})
    public void a(String str, JSONObject jSONObject) {
        try {
            this.g.edit().putString(e + str, jSONObject.toString(0)).commit();
            g(str);
        } catch (JSONException e2) {
            throw new IllegalArgumentException("could serialize json response", e2);
        }
    }

    @Override // com.airwatch.storage.SDKKeyStore
    public boolean a(String str) {
        return this.g.getString(new StringBuilder().append(e).append(str).toString(), null) != null;
    }

    @Override // com.airwatch.storage.SDKKeyStore
    public void b(SDKKeyStore.Listener listener) {
        this.i.remove(listener);
    }

    /* JADX WARN: Code restructure failed: missing block: B:19:0x0033, code lost:
    
        ((java.security.cert.X509Certificate) ((java.security.KeyStore.PrivateKeyEntry) r2.getEntry(r0, null)).getCertificate()).checkValidity();
     */
    @Override // com.airwatch.storage.SDKKeyStore
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public boolean b(java.lang.String r6) {
        /*
            r5 = this;
            r0 = 0
            r1 = 0
            boolean r2 = android.text.TextUtils.isEmpty(r6)     // Catch: java.lang.Exception -> L11
            if (r2 != 0) goto Lc
            java.security.KeyStore r0 = r5.c(r6)     // Catch: java.lang.Exception -> L11
        Lc:
            r2 = r0
        Ld:
            if (r2 != 0) goto L1d
            r0 = r1
        L10:
            return r0
        L11:
            r2 = move-exception
            java.lang.String r3 = "DefaultSDKKeyStore"
            java.lang.String r4 = "Error getting keystore"
            com.airwatch.util.Logger.d(r3, r4, r2)
            r2 = r0
            goto Ld
        L1d:
            java.util.Enumeration r3 = r2.aliases()     // Catch: java.security.cert.CertificateExpiredException -> L45 java.lang.Exception -> L51 java.security.cert.CertificateNotYetValidException -> L5d
        L21:
            boolean r0 = r3.hasMoreElements()     // Catch: java.security.cert.CertificateExpiredException -> L45 java.lang.Exception -> L51 java.security.cert.CertificateNotYetValidException -> L5d
            if (r0 == 0) goto L43
            java.lang.Object r0 = r3.nextElement()     // Catch: java.security.cert.CertificateExpiredException -> L45 java.lang.Exception -> L51 java.security.cert.CertificateNotYetValidException -> L5d
            java.lang.String r0 = (java.lang.String) r0     // Catch: java.security.cert.CertificateExpiredException -> L45 java.lang.Exception -> L51 java.security.cert.CertificateNotYetValidException -> L5d
            boolean r4 = r2.isKeyEntry(r0)     // Catch: java.security.cert.CertificateExpiredException -> L45 java.lang.Exception -> L51 java.security.cert.CertificateNotYetValidException -> L5d
            if (r4 == 0) goto L21
            r3 = 0
            java.security.KeyStore$Entry r0 = r2.getEntry(r0, r3)     // Catch: java.security.cert.CertificateExpiredException -> L45 java.lang.Exception -> L51 java.security.cert.CertificateNotYetValidException -> L5d
            java.security.KeyStore$PrivateKeyEntry r0 = (java.security.KeyStore.PrivateKeyEntry) r0     // Catch: java.security.cert.CertificateExpiredException -> L45 java.lang.Exception -> L51 java.security.cert.CertificateNotYetValidException -> L5d
            java.security.cert.Certificate r0 = r0.getCertificate()     // Catch: java.security.cert.CertificateExpiredException -> L45 java.lang.Exception -> L51 java.security.cert.CertificateNotYetValidException -> L5d
            java.security.cert.X509Certificate r0 = (java.security.cert.X509Certificate) r0     // Catch: java.security.cert.CertificateExpiredException -> L45 java.lang.Exception -> L51 java.security.cert.CertificateNotYetValidException -> L5d
            r0.checkValidity()     // Catch: java.security.cert.CertificateExpiredException -> L45 java.lang.Exception -> L51 java.security.cert.CertificateNotYetValidException -> L5d
        L43:
            r0 = 1
            goto L10
        L45:
            r0 = move-exception
        L46:
            java.lang.String r0 = "DefaultSDKKeyStore"
            java.lang.String r2 = "Certificate invalid"
            com.airwatch.util.Logger.b(r0, r2)
            r0 = r1
            goto L10
        L51:
            r0 = move-exception
            java.lang.String r2 = "DefaultSDKKeyStore"
            java.lang.String r3 = "Exception while checking IA certificate validity"
            com.airwatch.util.Logger.d(r2, r3, r0)
            r0 = r1
            goto L10
        L5d:
            r0 = move-exception
            goto L46
        */
        throw new UnsupportedOperationException("Method not decompiled: com.airwatch.storage.DefaultSDKKeyStore.b(java.lang.String):boolean");
    }

    @Override // com.airwatch.storage.SDKKeyStore
    public KeyStore c(String str) throws CertificateException, KeyStoreException {
        KeyStore keyStore = null;
        String string = this.g.getString(e + str, "");
        if (string.isEmpty()) {
            return null;
        }
        try {
            JSONObject jSONObject = new JSONObject(string);
            if (jSONObject.isNull("Password")) {
                return null;
            }
            String string2 = jSONObject.getString("Password");
            byte[] decode = Base64.decode(jSONObject.getString("Pkcs12"), 0);
            keyStore = KeyStore.getInstance("PKCS12");
            keyStore.load(new ByteArrayInputStream(decode), string2.toCharArray());
            return keyStore;
        } catch (IOException e2) {
            Logger.d(f, "invalid key store", (Throwable) e2);
            return keyStore;
        } catch (NoSuchAlgorithmException e3) {
            throw new IllegalArgumentException("pkcs12 keystore not available", e3);
        } catch (JSONException e4) {
            Logger.a(f, "exception parsing certificate payload", (Throwable) e4);
            return keyStore;
        }
    }

    @Override // com.airwatch.storage.SDKKeyStore
    @Nullable
    public X509Certificate d(@NonNull String str) {
        X509Certificate x509Certificate = null;
        if (!e(str)) {
            X509Certificate f2 = f(str);
            if (f2 != null) {
                return f2;
            }
            x509Certificate = f2;
        }
        try {
            KeyStore c2 = c(str);
            if (c2 != null) {
                Enumeration<String> aliases = c2.aliases();
                if (aliases.hasMoreElements()) {
                    return (X509Certificate) c2.getCertificate(aliases.nextElement());
                }
            } else {
                Logger.d(f, "Keystore is not loaded with any certificates");
            }
        } catch (KeyStoreException | CertificateException e2) {
            Logger.d(f, "Exception while loading pkcs12 file to keystore", e2);
        }
        return x509Certificate;
    }

    @Override // com.airwatch.storage.SDKKeyStore
    public boolean e(@NonNull String str) {
        String string = this.g.getString(e + str, "");
        if (string.isEmpty()) {
            return false;
        }
        try {
            String optString = new JSONObject(string).optString("Password");
            if (TextUtils.isEmpty(optString)) {
                return false;
            }
            return !AWConstants.aX.equalsIgnoreCase(optString);
        } catch (JSONException e2) {
            Logger.d(f, "Unable to create JSON from json response string", (Throwable) e2);
            return false;
        }
    }
}
