package com.microsoft.intune.usercerts.domain.derivedcreds;

import com.microsoft.intune.core.utils.LoggingExtensionsKt;
import com.microsoft.intune.cryptography.domain.IMessageDigestFactory;
import com.microsoft.intune.usercerts.domain.shared.VerifyCertificateThumbprintResult;
import com.microsoft.intune.usercerts.domain.shared.VerifyCertificateThumbprintUseCase;
import com.microsoft.intune.utils.CertificateExtensionsKt;
import com.microsoft.intune.utils.Mockable;
import io.reactivex.rxjava3.core.Observable;
import io.reactivex.rxjava3.core.Single;
import io.reactivex.rxjava3.core.SingleSource;
import io.reactivex.rxjava3.functions.Function;
import java.security.cert.X509Certificate;
import java.util.List;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.inject.Inject;
import kotlin.Metadata;
import kotlin.NoWhenBranchMatchedException;
import kotlin.jvm.internal.Intrinsics;
import kotlin.jvm.internal.Reflection;
import kotlin.reflect.KClass;
import org.jetbrains.annotations.NotNull;

@Metadata(d1 = {"\u0000H\n\u0002\u0018\u0002\n\u0002\u0010\u0000\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u000e\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\b\u0017\u0018\u0000 \u00162\u00020\u0001:\u0001\u0016B/\b\u0007\u0012\u0006\u0010\u0002\u001a\u00020\u0003\u0012\u0006\u0010\u0004\u001a\u00020\u0005\u0012\u0006\u0010\u0006\u001a\u00020\u0007\u0012\u0006\u0010\b\u001a\u00020\t\u0012\u0006\u0010\n\u001a\u00020\u000b¢\u0006\u0002\u0010\fJ\u001e\u0010\r\u001a\b\u0012\u0004\u0012\u00020\u000f0\u000e2\u0006\u0010\u0010\u001a\u00020\u00112\u0006\u0010\u0012\u001a\u00020\u0013H\u0012J\u000e\u0010\u0014\u001a\b\u0012\u0004\u0012\u00020\u00150\u000eH\u0016R\u000e\u0010\u0004\u001a\u00020\u0005X\u0092\u0004¢\u0006\u0002\n\u0000R\u000e\u0010\b\u001a\u00020\tX\u0092\u0004¢\u0006\u0002\n\u0000R\u000e\u0010\u0006\u001a\u00020\u0007X\u0092\u0004¢\u0006\u0002\n\u0000R\u000e\u0010\n\u001a\u00020\u000bX\u0092\u0004¢\u0006\u0002\n\u0000R\u000e\u0010\u0002\u001a\u00020\u0003X\u0092\u0004¢\u0006\u0002\n\u0000¨\u0006\u0017"}, d2 = {"Lcom/microsoft/intune/usercerts/domain/derivedcreds/GetDerivedCredValidityInventoryUseCase;", "", "verifyCertificateThumbprintUseCase", "Lcom/microsoft/intune/usercerts/domain/shared/VerifyCertificateThumbprintUseCase;", "decryptDerivedCredCertUseCase", "Lcom/microsoft/intune/usercerts/domain/derivedcreds/DecryptDerivedCredCertUseCase;", "derivedCredInventoryFactory", "Lcom/microsoft/intune/usercerts/domain/derivedcreds/DerivedCredInventoryFactory;", "derivedCredCertRepo", "Lcom/microsoft/intune/usercerts/domain/derivedcreds/IDerivedCredCertStateRepo;", "messageDigestFactory", "Lcom/microsoft/intune/cryptography/domain/IMessageDigestFactory;", "(Lcom/microsoft/intune/usercerts/domain/shared/VerifyCertificateThumbprintUseCase;Lcom/microsoft/intune/usercerts/domain/derivedcreds/DecryptDerivedCredCertUseCase;Lcom/microsoft/intune/usercerts/domain/derivedcreds/DerivedCredInventoryFactory;Lcom/microsoft/intune/usercerts/domain/derivedcreds/IDerivedCredCertStateRepo;Lcom/microsoft/intune/cryptography/domain/IMessageDigestFactory;)V", "getCertificateValidity", "Lio/reactivex/rxjava3/core/Single;", "Lcom/microsoft/intune/usercerts/domain/derivedcreds/DerivedCredValidity;", "alias", "", "certificate", "Ljava/security/cert/X509Certificate;", "getDerivedCredsValidityInventory", "Lcom/microsoft/intune/usercerts/domain/derivedcreds/DerivedCredInventory;", "Companion", "policy_userOfficialRelease"}, k = 1, mv = {1, 6, 0}, xi = 48)
@Mockable
/* loaded from: classes2.dex */
public class GetDerivedCredValidityInventoryUseCase {

    @NotNull
    private static final Logger LOGGER = LoggingExtensionsKt.logger((KClass<?>) Reflection.getOrCreateKotlinClass(GetDerivedCredValidityInventoryUseCase.class));

    @NotNull
    private final DecryptDerivedCredCertUseCase decryptDerivedCredCertUseCase;

    @NotNull
    private final IDerivedCredCertStateRepo derivedCredCertRepo;

    @NotNull
    private final DerivedCredInventoryFactory derivedCredInventoryFactory;

    @NotNull
    private final IMessageDigestFactory messageDigestFactory;

    @NotNull
    private final VerifyCertificateThumbprintUseCase verifyCertificateThumbprintUseCase;

    @Inject
    public GetDerivedCredValidityInventoryUseCase(@NotNull VerifyCertificateThumbprintUseCase verifyCertificateThumbprintUseCase, @NotNull DecryptDerivedCredCertUseCase decryptDerivedCredCertUseCase, @NotNull DerivedCredInventoryFactory derivedCredInventoryFactory, @NotNull IDerivedCredCertStateRepo iDerivedCredCertStateRepo, @NotNull IMessageDigestFactory iMessageDigestFactory) {
        Intrinsics.checkNotNullParameter(verifyCertificateThumbprintUseCase, "");
        Intrinsics.checkNotNullParameter(decryptDerivedCredCertUseCase, "");
        Intrinsics.checkNotNullParameter(derivedCredInventoryFactory, "");
        Intrinsics.checkNotNullParameter(iDerivedCredCertStateRepo, "");
        Intrinsics.checkNotNullParameter(iMessageDigestFactory, "");
        this.verifyCertificateThumbprintUseCase = verifyCertificateThumbprintUseCase;
        this.decryptDerivedCredCertUseCase = decryptDerivedCredCertUseCase;
        this.derivedCredInventoryFactory = derivedCredInventoryFactory;
        this.derivedCredCertRepo = iDerivedCredCertStateRepo;
        this.messageDigestFactory = iMessageDigestFactory;
    }

    private Single<DerivedCredValidity> getCertificateValidity(String alias, X509Certificate certificate) {
        final String sha1Thumbprint = CertificateExtensionsKt.getSha1Thumbprint(certificate, this.messageDigestFactory);
        Single map = this.verifyCertificateThumbprintUseCase.verifyInstalledCertificateThumbprint(alias, sha1Thumbprint).map(new Function() { // from class: com.microsoft.intune.usercerts.domain.derivedcreds.GetDerivedCredValidityInventoryUseCase$$ExternalSyntheticLambda1
            @Override // io.reactivex.rxjava3.functions.Function
            public final Object apply(Object obj) {
                DerivedCredValidity m1917getCertificateValidity$lambda6;
                m1917getCertificateValidity$lambda6 = GetDerivedCredValidityInventoryUseCase.m1917getCertificateValidity$lambda6(sha1Thumbprint, (VerifyCertificateThumbprintResult) obj);
                return m1917getCertificateValidity$lambda6;
            }
        });
        Intrinsics.checkNotNullExpressionValue(map, "");
        return map;
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* renamed from: getCertificateValidity$lambda-6, reason: not valid java name */
    public static final DerivedCredValidity m1917getCertificateValidity$lambda6(String str, VerifyCertificateThumbprintResult verifyCertificateThumbprintResult) {
        Intrinsics.checkNotNullParameter(str, "");
        if (verifyCertificateThumbprintResult instanceof VerifyCertificateThumbprintResult.CertificateChainEmpty ? true : verifyCertificateThumbprintResult instanceof VerifyCertificateThumbprintResult.FailedToObtainCertChain ? true : verifyCertificateThumbprintResult instanceof VerifyCertificateThumbprintResult.ThumbprintMismatch) {
            String str2 = "CE does not have access to certificate with thumbprint " + str + ". Reason: " + verifyCertificateThumbprintResult + ", reporting certificate as untrusted.";
            if (verifyCertificateThumbprintResult instanceof VerifyCertificateThumbprintResult.FailedToObtainCertChain) {
                LOGGER.log(Level.WARNING, str2, (Throwable) ((VerifyCertificateThumbprintResult.FailedToObtainCertChain) verifyCertificateThumbprintResult).getException());
            } else {
                LOGGER.warning(str2);
            }
            return DerivedCredValidity.Untrusted;
        }
        if (verifyCertificateThumbprintResult instanceof VerifyCertificateThumbprintResult.ThumbprintMatch) {
            LOGGER.info("Derived Cred with thumbprint " + str + " is still installed on the system. Reporting as valid.");
            return DerivedCredValidity.Valid;
        }
        if (!Intrinsics.areEqual(verifyCertificateThumbprintResult, VerifyCertificateThumbprintResult.KeyChainLocked.INSTANCE)) {
            throw new NoWhenBranchMatchedException();
        }
        LOGGER.info("KeyChain is locked, unable to verify cred with thumbprint " + str + ". Reporting as valid.");
        return DerivedCredValidity.Valid;
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* renamed from: getDerivedCredsValidityInventory$lambda-5, reason: not valid java name */
    public static final SingleSource m1918getDerivedCredsValidityInventory$lambda5(final GetDerivedCredValidityInventoryUseCase getDerivedCredValidityInventoryUseCase, List list) {
        Intrinsics.checkNotNullParameter(getDerivedCredValidityInventoryUseCase, "");
        return Observable.fromIterable(list).flatMapSingle(new Function() { // from class: com.microsoft.intune.usercerts.domain.derivedcreds.GetDerivedCredValidityInventoryUseCase$$ExternalSyntheticLambda4
            @Override // io.reactivex.rxjava3.functions.Function
            public final Object apply(Object obj) {
                SingleSource m1919getDerivedCredsValidityInventory$lambda5$lambda3;
                m1919getDerivedCredsValidityInventory$lambda5$lambda3 = GetDerivedCredValidityInventoryUseCase.m1919getDerivedCredsValidityInventory$lambda5$lambda3(GetDerivedCredValidityInventoryUseCase.this, (DerivedCredCertState) obj);
                return m1919getDerivedCredsValidityInventory$lambda5$lambda3;
            }
        }).toList().flatMap(new Function() { // from class: com.microsoft.intune.usercerts.domain.derivedcreds.GetDerivedCredValidityInventoryUseCase$$ExternalSyntheticLambda5
            @Override // io.reactivex.rxjava3.functions.Function
            public final Object apply(Object obj) {
                SingleSource m1923getDerivedCredsValidityInventory$lambda5$lambda4;
                m1923getDerivedCredsValidityInventory$lambda5$lambda4 = GetDerivedCredValidityInventoryUseCase.m1923getDerivedCredsValidityInventory$lambda5$lambda4(GetDerivedCredValidityInventoryUseCase.this, (List) obj);
                return m1923getDerivedCredsValidityInventory$lambda5$lambda4;
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* renamed from: getDerivedCredsValidityInventory$lambda-5$lambda-3, reason: not valid java name */
    public static final SingleSource m1919getDerivedCredsValidityInventory$lambda5$lambda3(final GetDerivedCredValidityInventoryUseCase getDerivedCredValidityInventoryUseCase, final DerivedCredCertState derivedCredCertState) {
        Intrinsics.checkNotNullParameter(getDerivedCredValidityInventoryUseCase, "");
        DecryptDerivedCredCertUseCase decryptDerivedCredCertUseCase = getDerivedCredValidityInventoryUseCase.decryptDerivedCredCertUseCase;
        Intrinsics.checkNotNullExpressionValue(derivedCredCertState, "");
        return decryptDerivedCredCertUseCase.decryptPublicKeyCertificate(derivedCredCertState).flatMap(new Function() { // from class: com.microsoft.intune.usercerts.domain.derivedcreds.GetDerivedCredValidityInventoryUseCase$$ExternalSyntheticLambda2
            @Override // io.reactivex.rxjava3.functions.Function
            public final Object apply(Object obj) {
                SingleSource m1920getDerivedCredsValidityInventory$lambda5$lambda3$lambda1;
                m1920getDerivedCredsValidityInventory$lambda5$lambda3$lambda1 = GetDerivedCredValidityInventoryUseCase.m1920getDerivedCredsValidityInventory$lambda5$lambda3$lambda1(DerivedCredCertState.this, getDerivedCredValidityInventoryUseCase, (X509Certificate) obj);
                return m1920getDerivedCredsValidityInventory$lambda5$lambda3$lambda1;
            }
        }).onErrorReturn(new Function() { // from class: com.microsoft.intune.usercerts.domain.derivedcreds.GetDerivedCredValidityInventoryUseCase$$ExternalSyntheticLambda3
            @Override // io.reactivex.rxjava3.functions.Function
            public final Object apply(Object obj) {
                CertStatusData m1922getDerivedCredsValidityInventory$lambda5$lambda3$lambda2;
                m1922getDerivedCredsValidityInventory$lambda5$lambda3$lambda2 = GetDerivedCredValidityInventoryUseCase.m1922getDerivedCredsValidityInventory$lambda5$lambda3$lambda2(DerivedCredCertState.this, (Throwable) obj);
                return m1922getDerivedCredsValidityInventory$lambda5$lambda3$lambda2;
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* renamed from: getDerivedCredsValidityInventory$lambda-5$lambda-3$lambda-1, reason: not valid java name */
    public static final SingleSource m1920getDerivedCredsValidityInventory$lambda5$lambda3$lambda1(final DerivedCredCertState derivedCredCertState, GetDerivedCredValidityInventoryUseCase getDerivedCredValidityInventoryUseCase, X509Certificate x509Certificate) {
        Single<DerivedCredValidity> certificateValidity;
        Intrinsics.checkNotNullParameter(getDerivedCredValidityInventoryUseCase, "");
        if (derivedCredCertState.getEncryptedCertificate().isEmpty() || derivedCredCertState.getEncryptedPrivateKey().isEmpty()) {
            String alias = derivedCredCertState.getAlias();
            Intrinsics.checkNotNullExpressionValue(x509Certificate, "");
            certificateValidity = getDerivedCredValidityInventoryUseCase.getCertificateValidity(alias, x509Certificate);
        } else {
            certificateValidity = Single.just(DerivedCredValidity.Valid);
        }
        return certificateValidity.map(new Function() { // from class: com.microsoft.intune.usercerts.domain.derivedcreds.GetDerivedCredValidityInventoryUseCase$$ExternalSyntheticLambda6
            @Override // io.reactivex.rxjava3.functions.Function
            public final Object apply(Object obj) {
                CertStatusData m1921x745f4b69;
                m1921x745f4b69 = GetDerivedCredValidityInventoryUseCase.m1921x745f4b69(DerivedCredCertState.this, (DerivedCredValidity) obj);
                return m1921x745f4b69;
            }
        });
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* renamed from: getDerivedCredsValidityInventory$lambda-5$lambda-3$lambda-1$lambda-0, reason: not valid java name */
    public static final CertStatusData m1921x745f4b69(DerivedCredCertState derivedCredCertState, DerivedCredValidity derivedCredValidity) {
        String alias = derivedCredCertState.getAlias();
        String thumbprint = derivedCredCertState.getThumbprint();
        Intrinsics.checkNotNullExpressionValue(derivedCredValidity, "");
        return new CertStatusData(thumbprint, alias, derivedCredValidity);
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* renamed from: getDerivedCredsValidityInventory$lambda-5$lambda-3$lambda-2, reason: not valid java name */
    public static final CertStatusData m1922getDerivedCredsValidityInventory$lambda5$lambda3$lambda2(DerivedCredCertState derivedCredCertState, Throwable th) {
        LOGGER.log(Level.WARNING, "Failed to decrypt ``" + derivedCredCertState + "``. Reporting as Untrusted so that the service knows the cert was lost.", th);
        return new CertStatusData(derivedCredCertState.getThumbprint(), derivedCredCertState.getAlias(), DerivedCredValidity.Untrusted);
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* renamed from: getDerivedCredsValidityInventory$lambda-5$lambda-4, reason: not valid java name */
    public static final SingleSource m1923getDerivedCredsValidityInventory$lambda5$lambda4(GetDerivedCredValidityInventoryUseCase getDerivedCredValidityInventoryUseCase, List list) {
        Intrinsics.checkNotNullParameter(getDerivedCredValidityInventoryUseCase, "");
        DerivedCredInventoryFactory derivedCredInventoryFactory = getDerivedCredValidityInventoryUseCase.derivedCredInventoryFactory;
        Intrinsics.checkNotNullExpressionValue(list, "");
        return derivedCredInventoryFactory.getInventory(list);
    }

    @NotNull
    public Single<DerivedCredInventory> getDerivedCredsValidityInventory() {
        Single flatMap = this.derivedCredCertRepo.getCompletedCertStates().flatMap(new Function() { // from class: com.microsoft.intune.usercerts.domain.derivedcreds.GetDerivedCredValidityInventoryUseCase$$ExternalSyntheticLambda0
            @Override // io.reactivex.rxjava3.functions.Function
            public final Object apply(Object obj) {
                SingleSource m1918getDerivedCredsValidityInventory$lambda5;
                m1918getDerivedCredsValidityInventory$lambda5 = GetDerivedCredValidityInventoryUseCase.m1918getDerivedCredsValidityInventory$lambda5(GetDerivedCredValidityInventoryUseCase.this, (List) obj);
                return m1918getDerivedCredsValidityInventory$lambda5;
            }
        });
        Intrinsics.checkNotNullExpressionValue(flatMap, "");
        return flatMap;
    }
}
