package net.soti.mobicontrol.vpn;

import android.app.enterprise.CertificateInfo;
import android.app.enterprise.EnterpriseVpnConnection;
import android.app.enterprise.EnterpriseVpnPolicy;
import com.google.common.base.Function;
import com.google.common.base.Optional;
import com.google.common.collect.Lists;
import com.google.inject.Inject;
import java.io.ByteArrayInputStream;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import net.soti.mobicontrol.am.df;

/* loaded from: classes5.dex */
public class bk implements cp {

    /* renamed from: a, reason: collision with root package name */
    private final net.soti.mobicontrol.cz.r f19940a;

    /* renamed from: b, reason: collision with root package name */
    private final Optional<EnterpriseVpnPolicy> f19941b;

    /* renamed from: c, reason: collision with root package name */
    private final net.soti.mobicontrol.am.z f19942c;

    /* renamed from: d, reason: collision with root package name */
    private final net.soti.mobicontrol.am.ai f19943d;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: net.soti.mobicontrol.vpn.bk$2, reason: invalid class name */
    /* loaded from: classes5.dex */
    public static /* synthetic */ class AnonymousClass2 {

        /* renamed from: a, reason: collision with root package name */
        static final /* synthetic */ int[] f19944a = new int[cb.values().length];

        static {
            try {
                f19944a[cb.MANUAL.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                f19944a[cb.AUTOMATIC.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
            try {
                f19944a[cb.UNKNOWN.ordinal()] = 3;
            } catch (NoSuchFieldError unused3) {
            }
        }
    }

    @Inject
    public bk(net.soti.mobicontrol.am.z zVar, net.soti.mobicontrol.am.ai aiVar, q qVar, net.soti.mobicontrol.cz.r rVar) {
        this.f19940a = rVar;
        this.f19942c = zVar;
        this.f19941b = qVar.a();
        this.f19943d = aiVar;
    }

    private EnterpriseVpnConnection a(ck ckVar) throws net.soti.mobicontrol.dy.k {
        EnterpriseVpnConnection enterpriseVpnConnection = new EnterpriseVpnConnection();
        enterpriseVpnConnection.name = ckVar.h();
        enterpriseVpnConnection.host = ckVar.b().b();
        enterpriseVpnConnection.type = "anyconnect";
        int i = AnonymousClass2.f19944a[ckVar.b().f().ordinal()];
        if (i == 1) {
            enterpriseVpnConnection.setCertAuthMode("Manual");
        } else {
            if (i != 2 && i != 3) {
                throw new net.soti.mobicontrol.dy.k(String.format("failed to set AnyConnect VPN payload due to unsupported CertAuthMode : %s", ckVar.b().f()));
            }
            enterpriseVpnConnection.setCertAuthMode("Automatic");
        }
        a(enterpriseVpnConnection, a(ckVar.e()));
        a(enterpriseVpnConnection);
        return enterpriseVpnConnection;
    }

    private static Function<EnterpriseVpnConnection, String> a() {
        return new Function<EnterpriseVpnConnection, String>() { // from class: net.soti.mobicontrol.vpn.bk.1
            @Override // com.google.common.base.Function
            /* renamed from: a, reason: merged with bridge method [inline-methods] */
            public String apply(EnterpriseVpnConnection enterpriseVpnConnection) {
                return enterpriseVpnConnection == null ? "" : enterpriseVpnConnection.name;
            }
        };
    }

    private Optional<X509Certificate> a(net.soti.mobicontrol.am.ag agVar) {
        List list;
        Optional<X509Certificate> absent = Optional.absent();
        try {
            list = this.f19941b.get().getClientCertificates("anyconnect");
        } catch (UnsupportedOperationException e2) {
            this.f19940a.e("[SamsungMdmV4AnyConnectSettingsManager][isExistingCertificate] getClientCertificates() throw exception", e2);
            list = null;
        }
        if (list == null) {
            this.f19940a.e("[SamsungMdmV4AnyConnectSettingsManager][isExistingCertificate] Failed to get installed client certificates", new Object[0]);
            return absent;
        }
        Iterator it = list.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            X509Certificate x509Certificate = (X509Certificate) ((CertificateInfo) it.next()).getCertificate();
            if (df.a(x509Certificate, agVar)) {
                absent = Optional.of(x509Certificate);
                break;
            }
        }
        net.soti.mobicontrol.cz.r rVar = this.f19940a;
        Object[] objArr = new Object[2];
        objArr[0] = absent.isPresent() ? "Found" : "Could not find";
        objArr[1] = Integer.valueOf(list.size());
        rVar.c("[SamsungMdmV4AnyConnectSettingsManager][isExistingCertificate] %s existing AnyConnect certificate among %d certificates", objArr);
        return absent;
    }

    private Optional<net.soti.mobicontrol.am.ag> a(cc ccVar) {
        return ccVar.c() ? Optional.fromNullable(this.f19943d.a(ccVar.a(), ccVar.b())) : Optional.absent();
    }

    private void a(EnterpriseVpnConnection enterpriseVpnConnection) {
        this.f19940a.b("[SamsungMdmV4AnyConnectSettingsManager][printVpnConnectionProfile] Enterprise VPN policy \nName: %s\nHost: %s\nType: %s\ncertCN: %s\nVPN certificate auth mode: %s", enterpriseVpnConnection.name, enterpriseVpnConnection.host, enterpriseVpnConnection.type, enterpriseVpnConnection.certCommonName, enterpriseVpnConnection.getCertAuthMode());
    }

    private void a(EnterpriseVpnConnection enterpriseVpnConnection, Optional<net.soti.mobicontrol.am.ag> optional) throws net.soti.mobicontrol.dy.k {
        if (optional.isPresent()) {
            Optional<X509Certificate> a2 = a(optional.get());
            try {
                if (a2.isPresent()) {
                    enterpriseVpnConnection.certCommonName = net.soti.mobicontrol.am.aa.a(a2.get().getSubjectDN().getName());
                    enterpriseVpnConnection.certHash = net.soti.mobicontrol.am.aa.a(a2.get().getEncoded());
                    return;
                }
                Optional<byte[]> fromNullable = Optional.fromNullable(this.f19942c.a(optional.get()));
                Optional<String> fromNullable2 = Optional.fromNullable(this.f19942c.b(optional.get()));
                if (a(fromNullable, fromNullable2)) {
                    enterpriseVpnConnection.certCommonName = b(fromNullable, fromNullable2);
                    enterpriseVpnConnection.certHash = net.soti.mobicontrol.am.aa.a(fromNullable.get());
                }
            } catch (NoSuchAlgorithmException e2) {
                throw new net.soti.mobicontrol.dy.k("vpn", "Failed to calculate certificate digest, err: %s", e2);
            } catch (CertificateEncodingException e3) {
                throw new net.soti.mobicontrol.dy.k("vpn", "Failed to get encoded, err: %s", e3);
            }
        }
    }

    private boolean a(Optional<byte[]> optional, Optional<String> optional2) throws net.soti.mobicontrol.dy.k {
        boolean z;
        if (optional.isPresent() && optional2.isPresent()) {
            try {
                z = this.f19941b.get().installClientCertificate("anyconnect", optional.get(), optional2.get());
            } catch (UnsupportedOperationException e2) {
                throw new net.soti.mobicontrol.dy.k("vpn", "Failed to install certificate, err: %s", e2);
            }
        } else {
            this.f19940a.e("[SamsungMdmV4AnyConnectSettingsManager][installClientCertification] cannot install pkcs12[%s], password[%s]", Boolean.valueOf(optional.isPresent()), Boolean.valueOf(optional2.isPresent()));
            z = false;
        }
        this.f19940a.b("[SamsungMdmV4AnyConnectSettingsManager][installClientCertification] return[%s]", Boolean.valueOf(z));
        return z;
    }

    private boolean a(String str) {
        for (EnterpriseVpnConnection enterpriseVpnConnection : this.f19941b.get().getAllEnterpriseVpnConnections()) {
            if (str.equals(enterpriseVpnConnection.name)) {
                this.f19940a.c("[SamsungMdmV4AnyConnectSettingsManager][isExistProfile] Profile exists. name:%s, host:%s, type:%s, certMode:%s", enterpriseVpnConnection.name, enterpriseVpnConnection.host, enterpriseVpnConnection.type, enterpriseVpnConnection.getCertAuthMode());
                return true;
            }
        }
        return false;
    }

    private static String b(Optional<byte[]> optional, Optional<String> optional2) {
        return net.soti.mobicontrol.am.aa.a(net.soti.mobicontrol.am.aa.a(optional2.get(), net.soti.mobicontrol.am.ap.PKCS12, new ByteArrayInputStream(optional.get())).getSubjectDN().toString());
    }

    @Override // net.soti.mobicontrol.vpn.cp
    public Collection<String> a(int i) {
        List allEnterpriseVpnConnections = this.f19941b.get().getAllEnterpriseVpnConnections();
        return allEnterpriseVpnConnections == null ? new ArrayList() : Lists.transform(allEnterpriseVpnConnections, a());
    }

    @Override // net.soti.mobicontrol.vpn.cp
    public void a(int i, String str) {
        this.f19941b.get().removeEnterpriseVpnConnection("anyconnect", str);
    }

    @Override // net.soti.mobicontrol.vpn.cp
    public boolean a(int i, ck ckVar) throws net.soti.mobicontrol.dy.k {
        net.soti.mobicontrol.fo.u.a(ckVar);
        if (!this.f19941b.isPresent()) {
            throw new net.soti.mobicontrol.dy.k("vpn", "Cannot get EnterpriseVpnPolicy");
        }
        String h2 = ckVar.h();
        if (net.soti.mobicontrol.fo.cg.a((CharSequence) h2)) {
            throw new net.soti.mobicontrol.dy.k("vpn", "Profile name is null or empty.");
        }
        boolean enterpriseVpnConnection = a(h2) ? this.f19941b.get().setEnterpriseVpnConnection(a(ckVar), h2) : this.f19941b.get().setEnterpriseVpnConnection(a(ckVar), (String) null);
        net.soti.mobicontrol.cz.r rVar = this.f19940a;
        Object[] objArr = new Object[2];
        objArr[0] = enterpriseVpnConnection ? "Succeeded" : "Failed";
        objArr[1] = h2;
        rVar.b("[SamsungMdmV4AnyConnectSettingsManager][setProfile] %s create/update AnyConnect VPN profile:%s", objArr);
        return enterpriseVpnConnection;
    }

    @Override // net.soti.mobicontrol.vpn.cp
    public boolean b(int i) {
        return i == 0;
    }
}
