package com.mobileiron.acom.core.utils.cert;

import android.net.http.SslCertificate;
import com.mobileiron.acom.core.utils.k;
import com.mobileiron.acom.core.utils.m;
import com.samsung.android.knox.keystore.CertificateProvisioning;
import java.io.ByteArrayInputStream;
import java.io.Closeable;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.lang.reflect.Field;
import java.nio.charset.Charset;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Enumeration;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.spongycastle.asn1.ASN1InputStream;
import org.spongycastle.asn1.DEROctetString;
import org.spongycastle.asn1.cms.ContentInfo;
import org.spongycastle.asn1.x509.BasicConstraints;
import org.spongycastle.util.io.pem.PemObject;
import org.spongycastle.util.io.pem.PemReader;

/* loaded from: classes.dex */
public final class CertificateUtils {

    /* renamed from: a, reason: collision with root package name */
    private static final Logger f10498a = k.a("CertificateUtils");

    /* loaded from: classes.dex */
    public enum PemParsingType {
        X509,
        PKCS7
    }

    public static String a(X509Certificate x509Certificate) {
        String name = x509Certificate.getSubjectX500Principal().getName();
        String[] split = name.split(",");
        for (String str : split) {
            if (str.contains("CN")) {
                String[] split2 = str.split("=");
                if (split2.length > 1) {
                    return split2[1];
                }
            }
        }
        return split.length == 0 ? name : split[0];
    }

    /* JADX WARN: Not initialized variable reg: 8, insn: 0x02a6: MOVE (r4 I:??[OBJECT, ARRAY]) = (r8 I:??[OBJECT, ARRAY]), block:B:181:0x02a6 */
    /* JADX WARN: Removed duplicated region for block: B:103:0x01e7  */
    /* JADX WARN: Removed duplicated region for block: B:106:0x01f0 A[Catch: UnrecoverableKeyException -> 0x01e1, NoSuchAlgorithmException -> 0x01e3, KeyStoreException -> 0x01e5, TryCatch #8 {KeyStoreException -> 0x01e5, NoSuchAlgorithmException -> 0x01e3, UnrecoverableKeyException -> 0x01e1, blocks: (B:145:0x01dc, B:104:0x01e8, B:106:0x01f0, B:109:0x01ff, B:153:0x01bd), top: B:144:0x01dc }] */
    /* JADX WARN: Removed duplicated region for block: B:109:0x01ff A[Catch: UnrecoverableKeyException -> 0x01e1, NoSuchAlgorithmException -> 0x01e3, KeyStoreException -> 0x01e5, TRY_LEAVE, TryCatch #8 {KeyStoreException -> 0x01e5, NoSuchAlgorithmException -> 0x01e3, UnrecoverableKeyException -> 0x01e1, blocks: (B:145:0x01dc, B:104:0x01e8, B:106:0x01f0, B:109:0x01ff, B:153:0x01bd), top: B:144:0x01dc }] */
    /* JADX WARN: Removed duplicated region for block: B:116:0x0226  */
    /* JADX WARN: Removed duplicated region for block: B:144:0x01dc A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:31:0x007e  */
    /* JADX WARN: Removed duplicated region for block: B:56:0x00dd  */
    /* JADX WARN: Removed duplicated region for block: B:62:0x00f1  */
    /* JADX WARN: Removed duplicated region for block: B:67:0x028e  */
    /* JADX WARN: Removed duplicated region for block: B:73:0x0101  */
    /* JADX WARN: Removed duplicated region for block: B:86:0x020b A[SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:90:0x015b A[SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static com.mobileiron.acom.core.utils.cert.b b(java.lang.String r18, byte[] r19, java.lang.String r20, java.util.ArrayList<java.security.cert.X509Certificate> r21, java.util.ArrayList<java.security.PrivateKey> r22) {
        /*
            Method dump skipped, instructions count: 692
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.mobileiron.acom.core.utils.cert.CertificateUtils.b(java.lang.String, byte[], java.lang.String, java.util.ArrayList, java.util.ArrayList):com.mobileiron.acom.core.utils.cert.b");
    }

    public static b c(byte[] bArr, String str, ArrayList<X509Certificate> arrayList, ArrayList<PrivateKey> arrayList2) {
        return b(null, bArr, str, arrayList, arrayList2);
    }

    public static byte[] d(byte[] bArr, String str) {
        KeyStore j = j(bArr, str);
        if (j == null) {
            return null;
        }
        try {
            Enumeration<String> aliases = j.aliases();
            while (aliases.hasMoreElements()) {
                Certificate certificate = j.getCertificate(aliases.nextElement());
                if (certificate != null) {
                    return certificate.getEncoded();
                }
            }
        } catch (KeyStoreException | CertificateEncodingException e2) {
            f10498a.warn("getEncodedIdFromPkcs12 failed: ", e2);
        }
        return null;
    }

    public static String e(byte[] bArr, String str) {
        KeyStore j = j(bArr, str);
        String str2 = null;
        if (j == null) {
            return null;
        }
        try {
            Enumeration<String> aliases = j.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                try {
                    if (j.getCertificate(nextElement) != null) {
                        return nextElement;
                    }
                    str2 = nextElement;
                } catch (KeyStoreException e2) {
                    e = e2;
                    str2 = nextElement;
                    f10498a.warn("Exception in getP12CertAliasAsIs(...): ", (Throwable) e);
                    return str2;
                }
            }
            return str2;
        } catch (KeyStoreException e3) {
            e = e3;
        }
    }

    public static String f(String str) {
        if (StringUtils.isBlank(str)) {
            return "";
        }
        if (com.mobileiron.acom.core.android.d.B()) {
            return str;
        }
        char[] charArray = str.toCharArray();
        for (int i2 = 0; i2 < charArray.length; i2++) {
            if (!Character.isLetterOrDigit(charArray[i2])) {
                charArray[i2] = '_';
            }
        }
        return new String(charArray);
    }

    public static X509Certificate g(SslCertificate sslCertificate) {
        try {
            Field declaredField = SslCertificate.class.getDeclaredField("mX509Certificate");
            declaredField.setAccessible(true);
            return (X509Certificate) declaredField.get(sslCertificate);
        } catch (IllegalAccessException | IllegalArgumentException | NoSuchFieldException e2) {
            f10498a.warn("Exception in getX509CertFromSslCert(...): ", e2);
            return null;
        }
    }

    public static boolean h(X509Certificate x509Certificate) {
        ASN1InputStream aSN1InputStream;
        byte[] extensionValue = x509Certificate.getExtensionValue("2.5.29.19");
        if (extensionValue == null) {
            return false;
        }
        ASN1InputStream aSN1InputStream2 = null;
        try {
            ASN1InputStream aSN1InputStream3 = new ASN1InputStream(extensionValue);
            try {
                aSN1InputStream = new ASN1InputStream(((DEROctetString) aSN1InputStream3.readObject()).getOctets());
                try {
                    boolean isCA = BasicConstraints.getInstance(aSN1InputStream.readObject()).isCA();
                    m.c(aSN1InputStream3, "isCaCertificate is1");
                    m.c(aSN1InputStream, "isCaCertificate is2");
                    return isCA;
                } catch (IOException unused) {
                    aSN1InputStream2 = aSN1InputStream3;
                    m.c(aSN1InputStream2, "isCaCertificate is1");
                    m.c(aSN1InputStream, "isCaCertificate is2");
                    return false;
                } catch (Throwable th) {
                    th = th;
                    aSN1InputStream2 = aSN1InputStream3;
                    m.c(aSN1InputStream2, "isCaCertificate is1");
                    m.c(aSN1InputStream, "isCaCertificate is2");
                    throw th;
                }
            } catch (IOException unused2) {
                aSN1InputStream = null;
            } catch (Throwable th2) {
                th = th2;
                aSN1InputStream = null;
            }
        } catch (IOException unused3) {
            aSN1InputStream = null;
        } catch (Throwable th3) {
            th = th3;
            aSN1InputStream = null;
        }
    }

    private static KeyStore i(InputStream inputStream, String str, String str2) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
        KeyStore keyStore = KeyStore.getInstance(str2);
        keyStore.load(inputStream, str != null ? str.toCharArray() : null);
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            Certificate[] certificateChain = keyStore.getCertificateChain(nextElement);
            if (certificateChain != null) {
                f10498a.debug("Certificate chain '{}'", nextElement);
                for (int i2 = 0; i2 < certificateChain.length; i2++) {
                    if (certificateChain[i2] instanceof X509Certificate) {
                        X509Certificate x509Certificate = (X509Certificate) certificateChain[i2];
                        if (f10498a.isDebugEnabled()) {
                            f10498a.debug(" Certificate {}:", Integer.valueOf(i2 + 1));
                            f10498a.debug("  Subject DN: {}", x509Certificate.getSubjectDN());
                            f10498a.debug("  Signature Algorithm: {}", x509Certificate.getSigAlgName());
                            f10498a.debug("  Valid from: {}", x509Certificate.getNotBefore());
                            f10498a.debug("  Valid until: {}", x509Certificate.getNotAfter());
                            f10498a.debug("  Issuer: {}", x509Certificate.getIssuerDN());
                        }
                    }
                }
            }
        }
        return keyStore;
    }

    /* JADX WARN: Not initialized variable reg: 2, insn: 0x004b: MOVE (r1 I:??[OBJECT, ARRAY]) = (r2 I:??[OBJECT, ARRAY]), block:B:22:0x004b */
    public static KeyStore j(byte[] bArr, String str) {
        ByteArrayInputStream byteArrayInputStream;
        Closeable closeable;
        Closeable closeable2 = null;
        try {
            try {
                byteArrayInputStream = new ByteArrayInputStream(bArr);
                try {
                    KeyStore i2 = i(byteArrayInputStream, str, CertificateProvisioning.TYPE_PKCS12);
                    m.c(byteArrayInputStream, "openPkcs12");
                    return i2;
                } catch (IOException e2) {
                    e = e2;
                    f10498a.debug("PKSC12 format: I/O error: {}", e.getMessage());
                    if (e.getMessage() != null && e.getMessage().matches(".*failed to decrypt safe contents entry.*")) {
                        f10498a.debug("   Password error");
                    }
                    m.c(byteArrayInputStream, "openPkcs12");
                    return null;
                } catch (Exception unused) {
                    f10498a.trace("PKSC12 format: not detected.");
                    m.c(byteArrayInputStream, "openPkcs12");
                    return null;
                }
            } catch (Throwable th) {
                th = th;
                closeable2 = closeable;
                m.c(closeable2, "openPkcs12");
                throw th;
            }
        } catch (IOException e3) {
            e = e3;
            byteArrayInputStream = null;
        } catch (Exception unused2) {
            byteArrayInputStream = null;
        } catch (Throwable th2) {
            th = th2;
            m.c(closeable2, "openPkcs12");
            throw th;
        }
    }

    private static ContentInfo k(PemObject pemObject) {
        ASN1InputStream aSN1InputStream;
        ASN1InputStream aSN1InputStream2 = null;
        try {
            aSN1InputStream = new ASN1InputStream(pemObject.getContent());
            try {
                try {
                    ContentInfo contentInfo = ContentInfo.getInstance(aSN1InputStream.readObject());
                    m.c(aSN1InputStream, "parseObjectAsPkcs7");
                    return contentInfo;
                } catch (Exception unused) {
                    f10498a.debug("CertificateUtils", "parseObjectAsPkcs7: Problem parsing PKCS7 object.");
                    m.c(aSN1InputStream, "parseObjectAsPkcs7");
                    return null;
                }
            } catch (Throwable th) {
                th = th;
                aSN1InputStream2 = aSN1InputStream;
                m.c(aSN1InputStream2, "parseObjectAsPkcs7");
                throw th;
            }
        } catch (Exception unused2) {
            aSN1InputStream = null;
        } catch (Throwable th2) {
            th = th2;
            m.c(aSN1InputStream2, "parseObjectAsPkcs7");
            throw th;
        }
    }

    private static Certificate l(PemObject pemObject) {
        ByteArrayInputStream byteArrayInputStream;
        ByteArrayInputStream byteArrayInputStream2 = null;
        try {
            byteArrayInputStream = new ByteArrayInputStream(pemObject.getContent());
            try {
                try {
                    Certificate generateCertificate = CertificateFactory.getInstance("X.509").generateCertificate(byteArrayInputStream);
                    m.c(byteArrayInputStream, "parseObjectAsX509");
                    return generateCertificate;
                } catch (Exception unused) {
                    f10498a.trace("PEM format: parseObjectAsX509 failed parsing cert.");
                    m.c(byteArrayInputStream, "parseObjectAsX509");
                    return null;
                }
            } catch (Throwable th) {
                th = th;
                byteArrayInputStream2 = byteArrayInputStream;
                m.c(byteArrayInputStream2, "parseObjectAsX509");
                throw th;
            }
        } catch (Exception unused2) {
            byteArrayInputStream = null;
        } catch (Throwable th2) {
            th = th2;
            m.c(byteArrayInputStream2, "parseObjectAsX509");
            throw th;
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r9v0, types: [byte[]] */
    /* JADX WARN: Type inference failed for: r9v2 */
    /* JADX WARN: Type inference failed for: r9v4 */
    /* JADX WARN: Type inference failed for: r9v6, types: [java.io.Closeable] */
    /* JADX WARN: Type inference failed for: r9v8 */
    /* JADX WARN: Type inference failed for: r9v9, types: [java.io.Closeable, java.io.Reader, java.io.InputStreamReader] */
    public static ArrayList<Object> m(byte[] bArr, PemParsingType pemParsingType) {
        ByteArrayInputStream byteArrayInputStream;
        Closeable closeable;
        PemReader pemReader;
        Closeable closeable2 = null;
        try {
            try {
                byteArrayInputStream = new ByteArrayInputStream(bArr);
            } catch (Throwable th) {
                th = th;
            }
        } catch (Exception unused) {
            bArr = 0;
            byteArrayInputStream = null;
            pemReader = null;
        } catch (Throwable th2) {
            th = th2;
            byteArrayInputStream = null;
            closeable = null;
        }
        try {
            bArr = new InputStreamReader(byteArrayInputStream, Charset.defaultCharset());
        } catch (Exception unused2) {
            bArr = 0;
            pemReader = null;
        } catch (Throwable th3) {
            th = th3;
            closeable = null;
            m.c(closeable2, "processDataAsPem isr");
            m.c(byteArrayInputStream, "processDataAsPem bais");
            m.c(closeable, "processDataAsPem pr");
            throw th;
        }
        try {
            ArrayList<Object> arrayList = new ArrayList<>();
            pemReader = new PemReader(bArr);
            while (true) {
                try {
                    PemObject readPemObject = pemReader.readPemObject();
                    if (readPemObject == null) {
                        f10498a.trace("PEM format: PEMReader returned no object");
                        m.c(bArr, "processDataAsPem isr");
                        m.c(byteArrayInputStream, "processDataAsPem bais");
                        m.c(pemReader, "processDataAsPem pr");
                        return arrayList;
                    }
                    Object l = pemParsingType == PemParsingType.X509 ? l(readPemObject) : pemParsingType == PemParsingType.PKCS7 ? k(readPemObject) : null;
                    if (l != null) {
                        arrayList.add(l);
                    }
                } catch (Exception unused3) {
                    f10498a.trace("PEM format: not detected.");
                    m.c(bArr, "processDataAsPem isr");
                    m.c(byteArrayInputStream, "processDataAsPem bais");
                    m.c(pemReader, "processDataAsPem pr");
                    return null;
                }
            }
        } catch (Exception unused4) {
            pemReader = null;
        } catch (Throwable th4) {
            th = th4;
            closeable = null;
            closeable2 = bArr;
            th = th;
            m.c(closeable2, "processDataAsPem isr");
            m.c(byteArrayInputStream, "processDataAsPem bais");
            m.c(closeable, "processDataAsPem pr");
            throw th;
        }
    }
}
