package com.airwatch.certpinning;

import android.content.Context;
import android.os.Handler;
import android.os.Looper;
import com.airwatch.certpinning.NetworkReachability;
import com.airwatch.task.IFutureSuccessCallback;
import com.airwatch.task.TaskQueue;
import com.airwatch.util.IOUtils;
import com.airwatch.util.Logger;
import java.io.Closeable;
import java.io.IOException;
import java.io.InputStream;
import java.net.InetAddress;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PublicKey;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.LinkedList;
import java.util.List;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes.dex */
public class AutoDiscoveryTrustManager extends ExtendedX509TrustManager {
    private static final String a = "NetworkReachability";
    private static final String b = "AutoDiscTrustMgr";
    private static final String c = "AutoDiscoveryTrustManager";
    private final List<PublicKey> d;
    private final FailureReporter e;
    private final SSLPinningContext f;
    private final PinningState g;
    private final Context h;
    private final String i;
    private Handler j;
    private NetworkReachability k;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: com.airwatch.certpinning.AutoDiscoveryTrustManager$5, reason: invalid class name */
    /* loaded from: classes.dex */
    public static /* synthetic */ class AnonymousClass5 {
        static final /* synthetic */ int[] a = new int[NetworkReachability.Status.values().length];

        static {
            try {
                a[NetworkReachability.Status.REACHABLE_VIA_CARRIER_DATA_NETWORK.ordinal()] = 1;
            } catch (NoSuchFieldError e) {
            }
            try {
                a[NetworkReachability.Status.REACHABLE_VIA_LOCAL_AREA_NETWORK.ordinal()] = 2;
            } catch (NoSuchFieldError e2) {
            }
        }
    }

    public AutoDiscoveryTrustManager(Context context, String str) {
        this(context, str, "AutoDiscoveryTrust.p12", "airwatch");
    }

    AutoDiscoveryTrustManager(Context context, String str, String str2, String str3) {
        this.i = str;
        this.h = context;
        this.f = (SSLPinningContext) this.h;
        this.g = new PinningState(this.f);
        this.e = new FailureReporter(context);
        try {
            try {
                KeyStore keyStore = KeyStore.getInstance("PKCS12");
                InputStream open = context.getAssets().open(str2);
                keyStore.load(open, str3.toCharArray());
                Enumeration<String> aliases = keyStore.aliases();
                this.d = new LinkedList();
                while (aliases.hasMoreElements()) {
                    this.d.add(((X509Certificate) keyStore.getCertificate(aliases.nextElement())).getPublicKey());
                }
                IOUtils.a((Closeable) open);
            } catch (Throwable th) {
                IOUtils.a((Closeable) null);
                throw th;
            }
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            throw new RuntimeException("could not load auto discovery trust store", e);
        }
    }

    private synchronized Handler a() {
        if (this.j == null) {
            this.j = new Handler(Looper.getMainLooper());
        }
        return this.j;
    }

    private void a(final Runnable runnable, final String str) {
        b().a(a).a(new IFutureSuccessCallback<NetworkReachability.Status>() { // from class: com.airwatch.certpinning.AutoDiscoveryTrustManager.4
            @Override // com.airwatch.task.IFutureSuccessCallback
            public void a(NetworkReachability.Status status) {
                switch (AnonymousClass5.a[status.ordinal()]) {
                    case 1:
                    case 2:
                        TaskQueue.a().a((Object) str, runnable);
                        return;
                    default:
                        return;
                }
            }
        });
    }

    private void a(final String str, final X509Certificate x509Certificate) {
        a().post(new Runnable() { // from class: com.airwatch.certpinning.AutoDiscoveryTrustManager.2
            @Override // java.lang.Runnable
            public void run() {
                AutoDiscoveryTrustManager.this.f.onSSLPinningRequestFailure(str, x509Certificate);
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void a(boolean z, String str, X509Certificate x509Certificate) {
        this.e.a(str);
        b(str, x509Certificate);
        if (z) {
            a(str, x509Certificate);
        }
    }

    private synchronized NetworkReachability b() {
        if (this.k == null) {
            this.k = new NetworkReachability(this.h);
        }
        return this.k;
    }

    private void b(final String str, final X509Certificate x509Certificate) {
        a().post(new Runnable() { // from class: com.airwatch.certpinning.AutoDiscoveryTrustManager.3
            @Override // java.lang.Runnable
            public void run() {
                AutoDiscoveryTrustManager.this.f.onSSLPinningValidationFailure(str, x509Certificate);
            }
        });
    }

    @Override // com.airwatch.certpinning.ExtendedX509TrustManager
    void a(InetAddress inetAddress, X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        boolean z;
        final X509Certificate x509Certificate = x509CertificateArr[0];
        Iterator<PublicKey> it = this.d.iterator();
        while (true) {
            if (!it.hasNext()) {
                z = false;
                break;
            } else if (PinningUtils.a(it.next(), x509Certificate.getPublicKey())) {
                z = true;
                break;
            }
        }
        if (z) {
            return;
        }
        final boolean z2 = PinningState.a() || this.g.a(this.h);
        Logger.e(b, "auto discovery target host %s is not trusted. socket host=%s", this.i, inetAddress.getHostAddress());
        a(new Runnable() { // from class: com.airwatch.certpinning.AutoDiscoveryTrustManager.1
            @Override // java.lang.Runnable
            public void run() {
                AutoDiscoveryTrustManager.this.a(z2, AutoDiscoveryTrustManager.this.i, x509Certificate);
            }
        }, c);
        if (z2) {
            throw new SSLPinningCertificateException(this.i, "auto discovery certificate is not trusted");
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        return null;
    }
}
