package com.promobitech.mobilock.handler;

import android.net.wifi.WifiEnterpriseConfig;
import androidx.annotation.WorkerThread;
import com.promobitech.bamboo.Bamboo;
import com.promobitech.mobilock.certmanager.certificates.ClientCertificateSchema;
import com.promobitech.mobilock.certmanager.common.CertManagerApplication;
import com.promobitech.mobilock.certmanager.common.di.CertCompositionRoot;
import com.promobitech.mobilock.certmanager.common.helper.CertUtilsKt;
import com.promobitech.mobilock.certmanager.common.helper.CertificateKotlinExtensionHelperKt;
import com.promobitech.mobilock.certmanager.crypto.StreamCryptoHelper;
import com.promobitech.mobilock.certmanager.repository.CertificateRepository;
import com.promobitech.mobilock.utils.Utils;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.List;
import kotlin.jvm.internal.Intrinsics;

/* loaded from: classes2.dex */
public final class WifiEnterpriseConfigHelper {

    /* renamed from: a, reason: collision with root package name */
    public static final WifiEnterpriseConfigHelper f4655a = new WifiEnterpriseConfigHelper();

    private WifiEnterpriseConfigHelper() {
    }

    @WorkerThread
    public final WifiEnterpriseConfig a(CertManagerApplication application, String wifiServiceIdentifier) {
        Object obj;
        Intrinsics.f(application, "application");
        Intrinsics.f(wifiServiceIdentifier, "wifiServiceIdentifier");
        if (!Utils.j1()) {
            return null;
        }
        CertCompositionRoot a2 = application.a();
        CertificateRepository j = a2.j();
        StreamCryptoHelper o = a2.o();
        List<ClientCertificateSchema> b2 = j.b();
        String h2 = j.h(wifiServiceIdentifier);
        List<String> k = j.k(wifiServiceIdentifier);
        WifiEnterpriseConfig wifiEnterpriseConfig = new WifiEnterpriseConfig();
        if (!Intrinsics.a(h2, "-1")) {
            Iterator<T> it = b2.iterator();
            while (true) {
                if (!it.hasNext()) {
                    obj = null;
                    break;
                }
                obj = it.next();
                if (Intrinsics.a(String.valueOf(((ClientCertificateSchema) obj).n()), h2)) {
                    break;
                }
            }
            ClientCertificateSchema clientCertificateSchema = (ClientCertificateSchema) obj;
            if (clientCertificateSchema != null) {
                String a3 = o.a(clientCertificateSchema.h());
                KeyStore s = a2.s();
                CertificateKotlinExtensionHelperKt.c(s, a3, clientCertificateSchema.l());
                Enumeration<String> aliases = s.aliases();
                Intrinsics.e(aliases, "ks.aliases()");
                ArrayList<String> list = Collections.list(aliases);
                Intrinsics.e(list, "list(this)");
                char[] charArray = clientCertificateSchema.l().toCharArray();
                Intrinsics.e(charArray, "this as java.lang.String).toCharArray()");
                KeyStore.PasswordProtection passwordProtection = new KeyStore.PasswordProtection(charArray);
                for (String alias : list) {
                    Intrinsics.e(alias, "alias");
                    if (CertUtilsKt.n(alias, s)) {
                        KeyStore.Entry entry = s.getEntry(alias, passwordProtection);
                        Intrinsics.d(entry, "null cannot be cast to non-null type java.security.KeyStore.PrivateKeyEntry");
                        KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) entry;
                        if (Utils.v1()) {
                            Certificate[] chain = s.getCertificateChain(alias);
                            Intrinsics.e(chain, "chain");
                            ArrayList arrayList = new ArrayList(chain.length);
                            for (Certificate certificate : chain) {
                                Intrinsics.d(certificate, "null cannot be cast to non-null type java.security.cert.X509Certificate");
                                arrayList.add((X509Certificate) certificate);
                            }
                            wifiEnterpriseConfig.setClientKeyEntryWithCertificateChain(privateKeyEntry.getPrivateKey(), (X509Certificate[]) arrayList.toArray(new X509Certificate[0]));
                            Bamboo.l("wifi enterprise config private cert chain added", new Object[0]);
                        } else if (Utils.j1()) {
                            Certificate certificate2 = s.getCertificate(alias);
                            Intrinsics.d(certificate2, "null cannot be cast to non-null type java.security.cert.X509Certificate");
                            wifiEnterpriseConfig.setClientKeyEntry(privateKeyEntry.getPrivateKey(), (X509Certificate) certificate2);
                            Bamboo.l("wifi enterprise config private certificate added", new Object[0]);
                        } else {
                            Bamboo.l("wifi enterprise config private certificate api below 18 not supported", new Object[0]);
                        }
                    }
                }
            }
        }
        if (!k.isEmpty()) {
            ArrayList arrayList2 = new ArrayList();
            for (Object obj2 : b2) {
                if (k.contains(String.valueOf(((ClientCertificateSchema) obj2).n()))) {
                    arrayList2.add(obj2);
                }
            }
            CertificateFactory y = a2.y();
            ArrayList arrayList3 = new ArrayList();
            Iterator it2 = arrayList2.iterator();
            while (it2.hasNext()) {
                Certificate a4 = CertificateKotlinExtensionHelperKt.a(y, o.a(((ClientCertificateSchema) it2.next()).h()));
                X509Certificate x509Certificate = a4 instanceof X509Certificate ? (X509Certificate) a4 : null;
                if (x509Certificate != null) {
                    arrayList3.add(x509Certificate);
                } else {
                    Bamboo.l("Trusted certificate is null", new Object[0]);
                }
            }
            if (!arrayList3.isEmpty()) {
                if (Utils.q1()) {
                    wifiEnterpriseConfig.setCaCertificates((X509Certificate[]) arrayList3.toArray(new X509Certificate[0]));
                    Bamboo.l("wifi enterprise config server certificates added", new Object[0]);
                } else if (Utils.j1()) {
                    wifiEnterpriseConfig.setCaCertificate((X509Certificate) arrayList3.get(0));
                    Bamboo.l("wifi enterprise config only single server certificate added", new Object[0]);
                } else {
                    Bamboo.l("wifi enterprise config server certificate api below 18 not supported", new Object[0]);
                }
            }
        }
        return wifiEnterpriseConfig;
    }
}
