package net.soti.mobicontrol.vpn;

import android.app.enterprise.CertificateInfo;
import android.app.enterprise.EnterpriseVpnConnection;
import android.app.enterprise.EnterpriseVpnPolicy;
import com.google.common.base.Function;
import com.google.common.base.Optional;
import com.google.common.collect.Lists;
import com.google.inject.Inject;
import java.io.ByteArrayInputStream;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Iterator;
import java.util.List;
import net.soti.mobicontrol.cert.b4;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

/* loaded from: classes2.dex */
public class k1 implements p2 {
    private static final Logger a = LoggerFactory.getLogger((Class<?>) k1.class);

    /* renamed from: b, reason: collision with root package name */
    private final Optional<EnterpriseVpnPolicy> f19563b;

    /* renamed from: c, reason: collision with root package name */
    private final net.soti.mobicontrol.cert.i0 f19564c;

    /* renamed from: d, reason: collision with root package name */
    private final net.soti.mobicontrol.cert.r0 f19565d;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes2.dex */
    public class a implements Function<EnterpriseVpnConnection, String> {
        a() {
        }

        @Override // com.google.common.base.Function
        /* renamed from: a, reason: merged with bridge method [inline-methods] */
        public String apply(EnterpriseVpnConnection enterpriseVpnConnection) {
            return enterpriseVpnConnection == null ? "" : enterpriseVpnConnection.name;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes2.dex */
    public static /* synthetic */ class b {
        static final /* synthetic */ int[] a;

        static {
            int[] iArr = new int[b2.values().length];
            a = iArr;
            try {
                iArr[b2.MANUAL.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                a[b2.AUTOMATIC.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
            try {
                a[b2.UNKNOWN.ordinal()] = 3;
            } catch (NoSuchFieldError unused3) {
            }
        }
    }

    @Inject
    public k1(net.soti.mobicontrol.cert.i0 i0Var, net.soti.mobicontrol.cert.r0 r0Var, p pVar) {
        this.f19564c = i0Var;
        this.f19563b = pVar.a();
        this.f19565d = r0Var;
    }

    private EnterpriseVpnConnection e(k2 k2Var) throws net.soti.mobicontrol.j7.n {
        EnterpriseVpnConnection enterpriseVpnConnection = new EnterpriseVpnConnection();
        enterpriseVpnConnection.name = k2Var.e();
        enterpriseVpnConnection.host = k2Var.h().c();
        enterpriseVpnConnection.type = "anyconnect";
        int i2 = b.a[k2Var.h().f().ordinal()];
        if (i2 == 1) {
            enterpriseVpnConnection.setCertAuthMode("Manual");
        } else {
            if (i2 != 2 && i2 != 3) {
                throw new net.soti.mobicontrol.j7.n(String.format("failed to set AnyConnect VPN payload due to unsupported CertAuthMode : %s", k2Var.h().f()));
            }
            enterpriseVpnConnection.setCertAuthMode("Automatic");
        }
        m(enterpriseVpnConnection, g(k2Var.a()));
        l(enterpriseVpnConnection);
        return enterpriseVpnConnection;
    }

    private static String f(Optional<byte[]> optional, Optional<String> optional2) {
        return net.soti.mobicontrol.cert.j0.l(net.soti.mobicontrol.cert.j0.i(optional2.get(), net.soti.mobicontrol.cert.y0.PKCS12, new ByteArrayInputStream(optional.get())).getSubjectDN().toString());
    }

    private Optional<net.soti.mobicontrol.cert.p0> g(c2 c2Var) {
        return c2Var.f() ? Optional.fromNullable(this.f19565d.h(c2Var.c(), c2Var.d())) : Optional.absent();
    }

    private boolean h(Optional<byte[]> optional, Optional<String> optional2) throws net.soti.mobicontrol.j7.n {
        boolean z;
        if (optional.isPresent() && optional2.isPresent()) {
            try {
                z = this.f19563b.get().installClientCertificate("anyconnect", optional.get(), optional2.get());
            } catch (UnsupportedOperationException e2) {
                throw new net.soti.mobicontrol.j7.n("vpn", "Failed to install certificate, err: %s", e2);
            }
        } else {
            a.error("cannot install pkcs12[{}], password[{}]", Boolean.valueOf(optional.isPresent()), Boolean.valueOf(optional2.isPresent()));
            z = false;
        }
        a.debug("return[{}]", Boolean.valueOf(z));
        return z;
    }

    private boolean i(String str) {
        for (EnterpriseVpnConnection enterpriseVpnConnection : this.f19563b.get().getAllEnterpriseVpnConnections()) {
            if (str.equals(enterpriseVpnConnection.name)) {
                a.info("Profile exists. name:{}, host:{}, type:{}, certMode:{}", enterpriseVpnConnection.name, enterpriseVpnConnection.host, enterpriseVpnConnection.type, enterpriseVpnConnection.getCertAuthMode());
                return true;
            }
        }
        return false;
    }

    private Optional<X509Certificate> j(net.soti.mobicontrol.cert.p0 p0Var) {
        List list;
        Optional<X509Certificate> absent = Optional.absent();
        try {
            list = this.f19563b.get().getClientCertificates("anyconnect");
        } catch (UnsupportedOperationException e2) {
            a.error("getClientCertificates() throw exception", (Throwable) e2);
            list = null;
        }
        if (list == null) {
            a.error("Failed to get installed client certificates");
            return absent;
        }
        Iterator it = list.iterator();
        while (true) {
            if (!it.hasNext()) {
                break;
            }
            X509Certificate x509Certificate = (X509Certificate) ((CertificateInfo) it.next()).getCertificate();
            if (b4.b(x509Certificate, p0Var)) {
                absent = Optional.of(x509Certificate);
                break;
            }
        }
        a.info("{} existing AnyConnect certificate among {} certificates", absent.isPresent() ? "Found" : "Could not find", Integer.valueOf(list.size()));
        return absent;
    }

    private static Function<EnterpriseVpnConnection, String> k() {
        return new a();
    }

    private static void l(EnterpriseVpnConnection enterpriseVpnConnection) {
        a.debug("Enterprise VPN policy \nName: {}\nHost: {}\nType: {}\ncertCN: {}\nVPN certificate auth mode: {}", enterpriseVpnConnection.name, enterpriseVpnConnection.host, enterpriseVpnConnection.type, enterpriseVpnConnection.certCommonName, enterpriseVpnConnection.getCertAuthMode());
    }

    private void m(EnterpriseVpnConnection enterpriseVpnConnection, Optional<net.soti.mobicontrol.cert.p0> optional) throws net.soti.mobicontrol.j7.n {
        if (optional.isPresent()) {
            Optional<X509Certificate> j2 = j(optional.get());
            try {
                if (j2.isPresent()) {
                    enterpriseVpnConnection.certCommonName = net.soti.mobicontrol.cert.j0.l(j2.get().getSubjectDN().getName());
                    enterpriseVpnConnection.certHash = net.soti.mobicontrol.cert.j0.j(j2.get().getEncoded());
                    return;
                }
                Optional<byte[]> fromNullable = Optional.fromNullable(this.f19564c.a(optional.get()));
                Optional<String> fromNullable2 = Optional.fromNullable(this.f19564c.i(optional.get()));
                if (h(fromNullable, fromNullable2)) {
                    enterpriseVpnConnection.certCommonName = f(fromNullable, fromNullable2);
                    enterpriseVpnConnection.certHash = net.soti.mobicontrol.cert.j0.j(fromNullable.get());
                }
            } catch (NoSuchAlgorithmException e2) {
                throw new net.soti.mobicontrol.j7.n("vpn", "Failed to calculate certificate digest, err: %s", e2);
            } catch (CertificateEncodingException e3) {
                throw new net.soti.mobicontrol.j7.n("vpn", "Failed to get encoded, err: %s", e3);
            }
        }
    }

    @Override // net.soti.mobicontrol.vpn.p2
    public boolean a(int i2, k2 k2Var) throws net.soti.mobicontrol.j7.n {
        net.soti.mobicontrol.d9.a0.c(k2Var);
        if (!this.f19563b.isPresent()) {
            throw new net.soti.mobicontrol.j7.n("vpn", "Cannot get EnterpriseVpnPolicy");
        }
        String e2 = k2Var.e();
        if (net.soti.mobicontrol.d9.m2.l(e2)) {
            throw new net.soti.mobicontrol.j7.n("vpn", "Profile name is null or empty.");
        }
        boolean enterpriseVpnConnection = i(e2) ? this.f19563b.get().setEnterpriseVpnConnection(e(k2Var), e2) : this.f19563b.get().setEnterpriseVpnConnection(e(k2Var), (String) null);
        a.debug("{} create/update AnyConnect VPN profile:{}", enterpriseVpnConnection ? "Succeeded" : "Failed", e2);
        return enterpriseVpnConnection;
    }

    @Override // net.soti.mobicontrol.vpn.p2
    public Collection<String> b(int i2) {
        List allEnterpriseVpnConnections = this.f19563b.get().getAllEnterpriseVpnConnections();
        return allEnterpriseVpnConnections == null ? new ArrayList() : Lists.transform(allEnterpriseVpnConnections, k());
    }

    @Override // net.soti.mobicontrol.vpn.p2
    public boolean c(int i2) {
        return i2 == 0;
    }

    @Override // net.soti.mobicontrol.vpn.p2
    public void d(int i2, String str) {
        this.f19563b.get().removeEnterpriseVpnConnection("anyconnect", str);
    }
}
