package defpackage;

import android.app.NotificationManager;
import android.app.PendingIntent;
import android.content.Context;
import android.content.Intent;
import android.text.TextUtils;
import androidx.core.app.j;
import com.fiberlink.maas360.android.control.ControlApplication;
import com.fiberlink.maas360.android.control.services.impl.x;
import com.fiberlink.maas360.android.utilities.n;
import com.fiberlink.maas360.android.utilities.o;
import com.fiberlink.maas360.android.utilities.v;
import defpackage.avf;
import defpackage.bho;
import defpackage.bld;
import defpackage.cdu;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import net.sqlcipher.database.SQLiteDatabase;

/* loaded from: classes2.dex */
public class bpw implements cex {

    /* renamed from: a, reason: collision with root package name */
    private static final String f3368a = bpw.class.getSimpleName();

    /* renamed from: b, reason: collision with root package name */
    private static final ControlApplication f3369b = ControlApplication.e();
    private static bpw d;

    /* renamed from: c, reason: collision with root package name */
    private boolean f3370c;
    private long e;

    private bpw() {
    }

    private Intent a(Context context) {
        ckq.b(f3368a, "CP : Creating intent to show cert pinning error message for control agent");
        Intent launchIntentForPackage = context.getPackageManager().getLaunchIntentForPackage(context.getPackageName());
        if (launchIntentForPackage != null) {
            launchIntentForPackage.setAction("com.fiberlink.maas360.MAAS360_SHOW_ERROR_DIALOG_INTENT");
            launchIntentForPackage.putExtra("container_key", "CONTAINER_CERT_PINNING_ERROR");
            launchIntentForPackage.setFlags(32768);
            launchIntentForPackage.addFlags(SQLiteDatabase.CREATE_IF_NECESSARY);
            launchIntentForPackage.addFlags(1073741824);
        } else {
            ckq.c(f3368a, "CP : MaaS360 Agent launcher activity not found in control agent.");
        }
        return launchIntentForPackage;
    }

    public static bpw a() {
        if (d == null) {
            synchronized (bpw.class) {
                if (d == null) {
                    d = new bpw();
                }
            }
        }
        return d;
    }

    private List<X509Certificate> a(cdu.ag agVar) {
        List<cdq> e = agVar.e();
        List<String> a2 = bww.a(e, avf.a.PROXY_PINNED_CERTIFICATE, cld.PROXY_PINNING_CERT);
        if (e.size() == a2.size()) {
            this.f3370c = true;
        } else {
            this.f3370c = false;
        }
        return cfa.a(a2);
    }

    private void a(List<cff> list) {
        ckq.b(f3368a, "CP : Populating MaaS pinning certs");
        String a2 = f3369b.w().a().a("maasPinningUrls");
        if (TextUtils.isEmpty(a2)) {
            ckq.b(f3368a, "CP : Cert Pinning Urls not available");
            return;
        }
        List<String> b2 = x.b(a2);
        cdu.ag v = f3369b.R().v();
        boolean b3 = v.b();
        boolean c2 = v.c();
        if (!b3) {
            ckq.b(f3368a, "CP : MaaS pinning not enabled in policy");
            return;
        }
        if (c2) {
            ckq.b(f3368a, "CP : Populating proxy pinning certs");
            List<X509Certificate> a3 = a(v);
            boolean a4 = f3369b.w().a().a("pcd", false);
            if (this.f3370c) {
                ckq.b(f3368a, "CP : Populating " + a3.size(), " cert(s) for proxy pinning");
                list.add(new cff(ceu.SSL_PROXY, a3));
                if (!a4) {
                    f3369b.w().a().b("pcd", true);
                }
            } else {
                if (!a4) {
                    return;
                }
                ckq.b(f3368a, "CP : Populating empty cert list for proxy pinning");
                list.add(new cff(ceu.SSL_PROXY, new ArrayList()));
            }
        } else {
            ckq.b(f3368a, "CP : SSL inspection not enabled in policy");
            this.f3370c = true;
        }
        list.add(new cff(ceu.MAAS_SERVERS, b(b2)));
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void a(List<cff> list, List<X509Certificate> list2) {
        List<bho> a2 = f3369b.x().c().a();
        HashMap hashMap = new HashMap();
        for (bho bhoVar : a2) {
            String a3 = v.a(bhoVar.e());
            if (!TextUtils.isEmpty(a3) && bho.a.DIRECT == bhoVar.c()) {
                ckq.b(f3368a, "CP : Populating " + list2.size(), " cert(s) for: ", a3);
                hashMap.put(a3, list2);
            }
        }
        if (hashMap.isEmpty()) {
            return;
        }
        list.add(new cff(ceu.GATEWAY, hashMap));
    }

    private Map<String, List<X509Certificate>> b(List<String> list) {
        String a2 = f3369b.w().a().a("maasPinningCerts");
        if (TextUtils.isEmpty(a2)) {
            ckq.b(f3368a, "CP : Cert Pinning Urls to src map not available");
            return Collections.emptyMap();
        }
        HashMap hashMap = new HashMap();
        Map<String, List<String>> c2 = x.c(a2);
        for (String str : list) {
            if (!hashMap.containsKey(str)) {
                hashMap.put(str, new ArrayList());
            }
            List<String> list2 = c2.get(str);
            Iterator<String> it = list2.iterator();
            while (it.hasNext()) {
                File file = new File(f3369b.getFilesDir().getAbsolutePath() + File.separator + "MPC" + File.separator + "MPC_" + it.next());
                if (file.exists()) {
                    try {
                        ((List) hashMap.get(str)).add((X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(dwq.b(new clg(file.getName(), new FileInputStream(file), cld.MAAS_PINNING_CERT)))));
                    } catch (Exception e) {
                        ckq.d(f3368a, e, "CP : Exception in decrypting cert file: ");
                    }
                }
            }
            if (((List) hashMap.get(str)).size() != list2.size()) {
                ckq.c(f3368a, "CP : Looks like some pinned cert file got deleted");
                ((List) hashMap.get(str)).clear();
            }
            ckq.b(f3368a, "CP : Populating " + ((List) hashMap.get(str)).size(), " cert(s) for: ", str);
        }
        return hashMap;
    }

    private void c(final List<cff> list) {
        ckq.b(f3368a, "CP : Populating gateway pinning certs");
        cdu.ae J = f3369b.R().J();
        if (!J.h()) {
            ckq.b(f3368a, "CP : Gateway pinning not enabled in policy");
            return;
        }
        final List<X509Certificate> a2 = cfa.a(bww.a(J.j(), avf.a.GATEWAY_PINNED_CERTIFICATE, cld.GATEWAY_PINNING_CERT));
        if (bem.b()) {
            a(list, a2);
        } else {
            bcs.a().a(new Intent(), new bcq() { // from class: bpw.1
                @Override // defpackage.bcq
                public void a(Context context) {
                    bpw.this.a(list, a2);
                }
            });
        }
    }

    @Override // defpackage.cex
    public void a(String str) {
        if (System.currentTimeMillis() - this.e < 600000) {
            return;
        }
        ckq.b(f3368a, "CP : Show notification for failed request in control agent due to cert pinning for hostname : ", str);
        Intent a2 = a(f3369b);
        if (a2 == null) {
            ckq.c(f3368a, "CP : Could not create cert pinning error intent");
            return;
        }
        PendingIntent a3 = o.a(f3369b, 38, a2, SQLiteDatabase.CREATE_IF_NECESSARY);
        String format = String.format(f3369b.getString(bld.l.notification_message_on_certpinning_error), f3369b.getString(bld.l.app_name));
        String format2 = String.format(f3369b.getString(bld.l.notification_title_on_certpinning_error), f3369b.getString(bld.l.app_name));
        if (cew.a().f().contains(str)) {
            format = f3369b.getString(bld.l.notification_msg_on_gateway_certpinning_error);
            format2 = f3369b.getString(bld.l.notification_title_on_gateway_certpinning_error);
        }
        n.a((NotificationManager) f3369b.getSystemService("notification"), "MDM", 38, new j.b(new j.d(f3369b, "M360INFO").a((CharSequence) format2).a(a3).a(bld.f.maas_notify_small).a(bln.a(f3369b, bld.f.maas_notify, "brandedAndroidAppIcon")).c(0).b((CharSequence) format).c(true).b(true)).a(format).a());
        this.e = System.currentTimeMillis();
    }

    @Override // defpackage.cex
    public synchronized List<cff> b() {
        ArrayList arrayList;
        arrayList = new ArrayList();
        a(arrayList);
        c(arrayList);
        return arrayList;
    }
}
