package net.soti.ssl;

import android.os.Bundle;
import android.text.TextUtils;
import com.google.common.base.Optional;
import com.google.inject.Inject;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import net.soti.comm.Constants;
import net.soti.comm.connectionsettings.ConnectionSettings;
import net.soti.comm.misc.AlgSHA1;
import net.soti.mobicontrol.logging.Logger;
import net.soti.mobicontrol.settings.SettingsStorage;
import net.soti.mobicontrol.settings.SettingsStorageSection;
import net.soti.mobicontrol.settings.StorageKey;
import net.soti.mobicontrol.settings.StorageValue;
import net.soti.mobicontrol.util.KeyValueString;
import net.soti.mobicontrol.util.StringUtils;
import org.jetbrains.annotations.Nullable;

/* loaded from: classes.dex */
public class RootCertificateStorage {
    public static final int ALL_TLS_MODES = 7;
    public static final String ENT_ROOT_CERT_SECTION = "EntCAs";
    public static final String MC_ROOT_CERT_SECTION = "MCCAs";
    public static final int TLS_MODE_MOBICONTROL = 1;
    private final ConnectionSettings connectionSettings;
    private final Logger logger;
    private final SettingsStorage storage;
    public static final StorageKey FULL_COMM_ROOT_CA_CERT = StorageKey.forSectionAndKey(Constants.SECTION_COMM, "RootCA_Cert");
    public static final StorageKey TLS_MODE_STORAGE_KEY = StorageKey.forSectionAndKey(Constants.SECTION_COMM, Constants.TLS_MODE_KEY);
    private static final StorageKey USER_TRUSTED_KEY = StorageKey.forSectionAndKey(Constants.SECTION_COMM, "userTrusted");

    @Inject
    public RootCertificateStorage(SettingsStorage settingsStorage, Logger logger, ConnectionSettings connectionSettings) {
        this.connectionSettings = connectionSettings;
        this.storage = settingsStorage;
        this.logger = logger;
    }

    private void addSectionToBundle(String str, Bundle bundle) {
        SettingsStorageSection section = this.storage.getSection(str);
        KeyValueString keyValueString = new KeyValueString();
        for (String str2 : section.keySet()) {
            keyValueString.addString(str2, section.get(str2).getString().orNull());
        }
        bundle.putString(section.getName(), keyValueString.toString());
    }

    private static char[] doCalculatePassword(String str, String str2) throws NoSuchAlgorithmException {
        byte[] bytes = str.getBytes();
        byte[] bytes2 = str2.getBytes();
        MessageDigest messageDigest = MessageDigest.getInstance(AlgSHA1.ALGORITHM_NAME);
        messageDigest.reset();
        messageDigest.update(bytes);
        messageDigest.update(bytes2);
        messageDigest.update(bytes);
        messageDigest.update(bytes2);
        messageDigest.update(bytes);
        return StringUtils.byteArrayToHex(messageDigest.digest()).toCharArray();
    }

    private String getFullRootCa() {
        return this.storage.getValue(FULL_COMM_ROOT_CA_CERT).getString().orNull();
    }

    private List<String> importCerts(String str) {
        SettingsStorageSection section = this.storage.getSection(str);
        ArrayList arrayList = new ArrayList();
        if (section.size() == 0) {
            this.logger.info("[ssl][importCerts] empty, nothing to import.  Keeping previous certs section[%s]", str);
        } else {
            Iterator<String> it = section.keySet().iterator();
            while (it.hasNext()) {
                String orNull = section.get(it.next()).getString().orNull();
                if (!TextUtils.isEmpty(orNull)) {
                    arrayList.add(orNull);
                }
            }
        }
        return arrayList;
    }

    private void setFullRootCa(String str) {
        this.storage.setValue(FULL_COMM_ROOT_CA_CERT, StorageValue.fromString(str));
    }

    private void setTlsMode(int i) {
        this.storage.setValue(Constants.TLS_MODE_STORAGE_KEY, StorageValue.fromInt(i));
    }

    private void writeSectionToSettings(String str, Bundle bundle) {
        String string = bundle.getString(str);
        if (string == null) {
            return;
        }
        for (Map.Entry<String, Object> entry : new KeyValueString(string).getHashtable().entrySet()) {
            this.storage.setValue(StorageKey.forSectionAndKey(str, entry.getKey()), StorageValue.fromString(entry.getValue().toString()));
        }
    }

    public void backupToBundle(Bundle bundle) {
        bundle.putString(FULL_COMM_ROOT_CA_CERT.getKey(), getFullRootCa());
        bundle.putInt(TLS_MODE_STORAGE_KEY.getKey(), getTlsMode());
        addSectionToBundle(MC_ROOT_CERT_SECTION, bundle);
        addSectionToBundle(ENT_ROOT_CERT_SECTION, bundle);
    }

    public void clear() {
        this.storage.deleteSection(ENT_ROOT_CERT_SECTION);
        this.storage.deleteSection(MC_ROOT_CERT_SECTION);
    }

    public List<String> getEnterpriseRootCertsFromStorage() {
        return importCerts(ENT_ROOT_CERT_SECTION);
    }

    @Nullable
    public char[] getKeyStorePassword() {
        Optional<String> siteName = this.connectionSettings.getSiteName();
        Optional<String> deviceClass = this.connectionSettings.getDeviceClass();
        if (!siteName.isPresent() || !deviceClass.isPresent()) {
            return null;
        }
        try {
            return doCalculatePassword(siteName.get(), deviceClass.get());
        } catch (NoSuchAlgorithmException e) {
            this.logger.error("Error calculating ssl store password:", e);
            return null;
        }
    }

    public List<String> getMcRootCertsFromStorage() {
        return importCerts(MC_ROOT_CERT_SECTION);
    }

    public String getRootCaAndDelete() {
        String fullRootCa = getFullRootCa();
        if (!TextUtils.isEmpty(fullRootCa)) {
            this.storage.deleteKey(FULL_COMM_ROOT_CA_CERT);
        }
        return fullRootCa;
    }

    public int getTlsMode() {
        return this.storage.getValue(Constants.TLS_MODE_STORAGE_KEY).getInteger().or((Optional<Integer>) 7).intValue();
    }

    boolean hasKeystorePassword() {
        return (TextUtils.isEmpty(this.connectionSettings.getSiteName().orNull()) || TextUtils.isEmpty(this.connectionSettings.getDeviceClass().orNull())) ? false : true;
    }

    public boolean hasPassword() {
        return (TextUtils.isEmpty(this.storage.getValue(Constants.FULL_SITE_NAME).getString().or((Optional<String>) "")) || TextUtils.isEmpty(this.storage.getValue(Constants.FULL_DEVICE_CLASS).getString().or((Optional<String>) ""))) ? false : true;
    }

    boolean isMobiControlEnabled() {
        return (getTlsMode() & 1) != 0;
    }

    public boolean isUserTrusted() {
        return this.storage.getValue(USER_TRUSTED_KEY).getBoolean().or((Optional<Boolean>) false).booleanValue();
    }

    public void restoreFromBundle(Bundle bundle) {
        setFullRootCa(bundle.getString(FULL_COMM_ROOT_CA_CERT.getKey()));
        setTlsMode(bundle.getInt(TLS_MODE_STORAGE_KEY.getKey()));
    }

    public void setUserTrusted(boolean z) {
        this.storage.setValue(USER_TRUSTED_KEY, StorageValue.fromBoolean(z));
    }
}
