package net.pulsesecure.modules.sdp;

import android.annotation.SuppressLint;
import android.content.Context;
import android.net.http.SSLUtilities;
import android.text.TextUtils;
import ch.qos.logback.core.CoreConstants;
import com.cellsec.api.JsonBase;
import com.cellsec.api.JsonWrapper;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.nio.charset.Charset;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Date;
import java.util.List;
import java.util.concurrent.Callable;
import kotlin.Metadata;
import kotlin.TypeCastException;
import kotlin.jvm.internal.Intrinsics;
import kotlin.text.Charsets;
import net.juniper.junos.pulse.android.JunosApplication;
import net.juniper.junos.pulse.android.sql.VpnProfile;
import net.juniper.junos.pulse.android.util.Base64;
import net.juniper.junos.pulse.android.util.IKeystoreCertUtil;
import net.juniper.junos.pulse.android.util.KeystoreCertUtil;
import net.pulsesecure.infra.BaseModuleImpl;
import net.pulsesecure.infra.IModule;
import net.pulsesecure.infra.PSUtils;
import net.pulsesecure.modules.network.ApiResponse;
import net.pulsesecure.modules.network.IAPIListener;
import net.pulsesecure.modules.network.INetworkManager;
import net.pulsesecure.modules.network.SendHttpException;
import net.pulsesecure.modules.proto.CaCertResponseMsg;
import net.pulsesecure.modules.proto.CertificateResponseMsg;
import net.pulsesecure.modules.proto.ProtoImpl;
import net.pulsesecure.modules.proto.impl.RetryComplete;
import net.pulsesecure.modules.sdp.ISDPController;
import net.pulsesecure.modules.system.IAndroidWrapper;
import net.pulsesecure.modules.system.Prefs;
import net.pulsesecure.modules.vpn.IVpnProfileManager;
import net.pulsesecure.modules.vpn.VpnProfileManager;
import net.pulsesecure.pws.ui.AAAAuthActivity;
import net.pulsesecure.pws.ui.DpcApplication;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;
import org.slf4j.Logger;
import org.spongycastle.jcajce.provider.asymmetric.x509.CertificateFactory;

/* compiled from: SDPControllerImpl.kt */
@Metadata(bv = {1, 0, 2}, d1 = {"\u0000\u008c\u0001\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u0005\n\u0002\b\u0003\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u0002\n\u0002\b\u0003\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u000b\n\u0002\b\u0002\n\u0002\u0010\t\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u000b\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u000e\n\u0002\b\u0005\n\u0002\u0018\u0002\n\u0002\b\u0005\n\u0002\u0018\u0002\n\u0002\b\u0002\u0018\u0000 @2\b\u0012\u0004\u0012\u00020\u00020\u00012\u00020\u0003:\u0001@B\u000f\u0012\b\u0010\u0004\u001a\u0004\u0018\u00010\u0005¢\u0006\u0002\u0010\u0006J\b\u0010\u0018\u001a\u00020\u0019H\u0002J\b\u0010\u001a\u001a\u00020\u0019H\u0016J\u001a\u0010\u001b\u001a\u00020\u00192\b\u0010\u001c\u001a\u0004\u0018\u00010\u001d2\u0006\u0010\u001e\u001a\u00020\u001fH\u0002J\u001a\u0010 \u001a\u00020\u00192\u0006\u0010!\u001a\u00020\"2\b\u0010#\u001a\u0004\u0018\u00010$H\u0002J\b\u0010%\u001a\u00020\u0019H\u0002J\b\u0010&\u001a\u00020\u0019H\u0002J\u0010\u0010'\u001a\u00020\u00192\u0006\u0010!\u001a\u00020\"H\u0002J\b\u0010(\u001a\u00020\u001fH\u0002J\u0010\u0010)\u001a\u00020\u00192\u0006\u0010*\u001a\u00020\u0017H\u0002J\u0012\u0010+\u001a\u00020\u00192\b\u0010\u001c\u001a\u0004\u0018\u00010\u001dH\u0002J\u0012\u0010,\u001a\u00020\u001f2\b\u0010\u001c\u001a\u0004\u0018\u00010\u001dH\u0002J\b\u0010-\u001a\u00020\u0019H\u0002J\b\u0010.\u001a\u00020\u0019H\u0002J\u0012\u0010/\u001a\u00020\u00192\b\u0010\u001c\u001a\u0004\u0018\u000100H\u0003J\u001c\u00101\u001a\u00020\u00192\b\u00102\u001a\u0004\u0018\u0001032\b\u00104\u001a\u0004\u0018\u000103H\u0002J\b\u00105\u001a\u00020\u0019H\u0002J\u0018\u00106\u001a\u00020\u00192\u0006\u00107\u001a\u0002032\u0006\u00108\u001a\u000209H\u0016J\"\u0010:\u001a\u00020\u00192\u0006\u0010!\u001a\u00020\"2\u0006\u0010;\u001a\u00020\u001f2\b\u0010#\u001a\u0004\u0018\u00010$H\u0016J\u0010\u0010<\u001a\u00020\u00192\u0006\u00108\u001a\u000209H\u0016J\u0010\u0010=\u001a\u00020\u00192\u0006\u0010>\u001a\u00020?H\u0002R\u000e\u0010\u0007\u001a\u00020\bX\u0082D¢\u0006\u0002\n\u0000R\u0013\u0010\u0004\u001a\u0004\u0018\u00010\u0005¢\u0006\b\n\u0000\u001a\u0004\b\t\u0010\nR\u000e\u0010\u000b\u001a\u00020\fX\u0082\u000e¢\u0006\u0002\n\u0000R\u000e\u0010\r\u001a\u00020\u000eX\u0082\u0004¢\u0006\u0002\n\u0000R\u0016\u0010\u000f\u001a\n \u0011*\u0004\u0018\u00010\u00100\u0010X\u0082\u0004¢\u0006\u0002\n\u0000R\u000e\u0010\u0012\u001a\u00020\u0013X\u0082\u000e¢\u0006\u0002\n\u0000R\u0010\u0010\u0014\u001a\u0004\u0018\u00010\u0015X\u0082\u000e¢\u0006\u0002\n\u0000R\u000e\u0010\u0016\u001a\u00020\u0017X\u0082.¢\u0006\u0002\n\u0000¨\u0006A"}, d2 = {"Lnet/pulsesecure/modules/sdp/SDPControllerImpl;", "Lnet/pulsesecure/infra/BaseModuleImpl;", "Lnet/pulsesecure/modules/sdp/ISDPController$Client;", "Lnet/pulsesecure/modules/sdp/ISDPController;", CoreConstants.CONTEXT_SCOPE_VALUE, "Landroid/content/Context;", "(Landroid/content/Context;)V", "CONNECTION_TYPE_NONE", "", "getContext", "()Landroid/content/Context;", "mAndroidWrapper", "Lnet/pulsesecure/modules/system/IAndroidWrapper;", "mKeyStoreUtil", "Lnet/juniper/junos/pulse/android/util/IKeystoreCertUtil;", "mLogger", "Lorg/slf4j/Logger;", "kotlin.jvm.PlatformType", "mProto", "Lnet/pulsesecure/modules/network/INetworkManager;", "mVpnManager", "Lnet/pulsesecure/modules/vpn/IVpnProfileManager;", "sdpStatus", "Lnet/pulsesecure/modules/sdp/SDPEnrollStatusMsg;", "checkSDPCertValidity", "", "checkSDPEnrollStatus", "configureSDPProfile", "certMsg", "Lnet/pulsesecure/modules/proto/CertificateResponseMsg;", "isCertInstalled", "", "deleteSDPProfileData", SDPControllerImpl.SDP_PROFILE_ID, "", "resetDataListener", "Lnet/pulsesecure/modules/sdp/ResetDataListener;", "deleteSdpCACert", "deleteSdpCert", "deleteSdpProfile", "fetchCACert", "handleSDPEnrollStatus", "statusMsg", "handleSDPEnrollSuccess", "installSDPCert", "onSDPUnregistered", "renewSDPCert", "saveCaCertInKeystore", "Lnet/pulsesecure/modules/proto/CaCertResponseMsg;", "saveSDPCertExpiryDate", "certificateString", "", "password", "sdpEnroll", "tieCertWithSDPProfile", "certAlias", "sdpProfile", "Lnet/juniper/junos/pulse/android/sql/VpnProfile;", "unEnrollSDP", "isResetAppData", "untieCertFromSDPProfile", "updateSDPUnrollServerStatus", "apiListener", "Lnet/pulsesecure/modules/network/IAPIListener;", "Companion", "app_release"}, k = 1, mv = {1, 1, 11})
/* loaded from: classes2.dex */
public final class SDPControllerImpl extends BaseModuleImpl<ISDPController.Client> implements ISDPController {
    private static final String PKCS_12_FORMAT = "PKCS12";
    private static final String PULSE_SDP_CERTIFICATE = "PULSE_SDP_CERTIFICATE";
    private static final String SDP_CA_CERT_ENDPOINT = "/sdp/ca-certificates";
    private static final String SDP_CERT_EXPIRY_NOT_AFTER = "SDP_CERT_EXPIRY_NOT_AFTER";
    private static final String SDP_CERT_EXPIRY_NOT_BEFORE = "SDP_CERT_EXPIRY_NOT_BEFORE";
    private static final String SDP_CERT_RENEW_ENDPOINT = "/workspaces/%s/sdp/certificate/renew";
    private static final int SDP_CERT_VALIDITY_PERCENTAGE = 90;
    private static final String SDP_ENROLL_ENDPOINT = "/workspaces/%s/sdp/enroll";
    private static final String SDP_ENROLL_STATUS_ENDPOINT = "/workspaces/%s/sdp/enrollment-status";

    @NotNull
    public static final String SDP_PROFILE_ID = "sdpProfileId";
    private static final String SDP_UN_ENROLL_ENDPOINT = "/afw/spaces/%s/unenroll";
    private final byte CONNECTION_TYPE_NONE;

    @Nullable
    private final Context context;
    private IAndroidWrapper mAndroidWrapper;
    private final IKeystoreCertUtil mKeyStoreUtil;
    private final Logger mLogger = PSUtils.getClassLogger();
    private INetworkManager mProto;
    private IVpnProfileManager mVpnManager;
    private SDPEnrollStatusMsg sdpStatus;

    public SDPControllerImpl(@Nullable Context context) {
        this.context = context;
        IModule proxy = getProxy(IAndroidWrapper.class, null);
        Intrinsics.checkExpressionValueIsNotNull(proxy, "getProxy(IAndroidWrapper::class.java, null)");
        this.mAndroidWrapper = (IAndroidWrapper) proxy;
        this.mProto = new ProtoImpl(this.context);
        this.mVpnManager = new VpnProfileManager(DpcApplication.getApplication());
        this.mKeyStoreUtil = new KeystoreCertUtil();
    }

    @NotNull
    public static final /* synthetic */ SDPEnrollStatusMsg access$getSdpStatus$p(SDPControllerImpl sDPControllerImpl) {
        SDPEnrollStatusMsg sDPEnrollStatusMsg = sDPControllerImpl.sdpStatus;
        if (sDPEnrollStatusMsg == null) {
            Intrinsics.throwUninitializedPropertyAccessException("sdpStatus");
        }
        return sDPEnrollStatusMsg;
    }

    private final void checkSDPCertValidity() {
        long j = this.mAndroidWrapper.getPrefs().getLong(SDP_CERT_EXPIRY_NOT_BEFORE, -1L);
        long j2 = this.mAndroidWrapper.getPrefs().getLong(SDP_CERT_EXPIRY_NOT_AFTER, -1L);
        if (j == -1 || j2 == -1) {
            this.mLogger.debug("SDP cert expire date is not available. Cert renew check cancelled");
            return;
        }
        this.mLogger.debug("SDP cert expires in :{} ", new Date(j2));
        Date date = new Date(j + (((j2 - j) / 100) * 90));
        this.mLogger.debug("SDP cert renew date :{} ", date);
        if (date.before(new Date())) {
            renewSDPCert();
        }
    }

    private final void configureSDPProfile(CertificateResponseMsg certMsg, boolean isCertInstalled) {
        String sdp_login_url;
        Long l;
        IVpnProfileManager iVpnProfileManager;
        this.mLogger.debug("configuring SDP profile");
        ArrayList<String> arrayList = new ArrayList<>();
        long j = this.mAndroidWrapper.getPrefs().getLong(SDP_PROFILE_ID, -1L);
        String str = isCertInstalled ? PULSE_SDP_CERTIFICATE : "";
        if (this.mAndroidWrapper.getSDPVersion() == ISDPController.SDPVersion.VERSION_3) {
            if ((certMsg != null ? certMsg.sdp_login_url : null) != null) {
                sdp_login_url = certMsg.sdp_login_url;
                Intrinsics.checkExpressionValueIsNotNull(sdp_login_url, "certMsg.sdp_login_url");
            } else {
                sdp_login_url = "";
            }
        } else {
            SDPEnrollStatusMsg sDPEnrollStatusMsg = this.sdpStatus;
            if (sDPEnrollStatusMsg == null) {
                Intrinsics.throwUninitializedPropertyAccessException("sdpStatus");
            }
            sdp_login_url = sDPEnrollStatusMsg.getSdp_login_url();
        }
        String str2 = sdp_login_url;
        this.mLogger.debug("Final Enrollement url :", str2);
        IVpnProfileManager iVpnProfileManager2 = this.mVpnManager;
        if (iVpnProfileManager2 != null) {
            l = Long.valueOf(iVpnProfileManager2.saveConnection(j, str2, str2, null, 3073, null, null, null, null, str, certMsg != null ? certMsg.password : null, true, arrayList, VpnProfile.Trigger.Manual.ordinal(), 0, null));
        } else {
            l = null;
        }
        Prefs prefs = this.mAndroidWrapper.getPrefs();
        if (l == null) {
            Intrinsics.throwNpe();
        }
        prefs.putLong(SDP_PROFILE_ID, l.longValue());
        if (j != l.longValue() && j >= 0) {
            IVpnProfileManager iVpnProfileManager3 = this.mVpnManager;
            VpnProfile profile = iVpnProfileManager3 != null ? iVpnProfileManager3.getProfile(j) : null;
            if (profile != null && (iVpnProfileManager = this.mVpnManager) != null) {
                iVpnProfileManager.deleteConnection(profile);
            }
        }
        DpcApplication.getApplication().refreshProfiles();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public final void deleteSDPProfileData(long sdpProfileId, ResetDataListener resetDataListener) {
        deleteSdpProfile(sdpProfileId);
        deleteSdpCert();
        deleteSdpCACert();
        DpcApplication.getApplication().refreshProfiles();
        getClient().onSDPUnEnrolled(ISDPController.SDPUnEnrollMsg.MSG_CLIENT_UN_ENROLL);
        if (resetDataListener != null) {
            resetDataListener.onSDPUnEnrollCompleted();
        }
    }

    private final void deleteSdpCACert() {
        this.mLogger.debug("Deleting SDP CA cert");
        IKeystoreCertUtil iKeystoreCertUtil = this.mKeyStoreUtil;
        Context context = this.context;
        if (context == null) {
            Intrinsics.throwNpe();
        }
        iKeystoreCertUtil.deleteCACertificate(context);
    }

    private final void deleteSdpCert() {
        this.mLogger.debug("Deleting SDP cert");
        IKeystoreCertUtil iKeystoreCertUtil = this.mKeyStoreUtil;
        Context context = this.context;
        if (context == null) {
            Intrinsics.throwNpe();
        }
        iKeystoreCertUtil.deleteCertificate(context, PULSE_SDP_CERTIFICATE);
    }

    private final void deleteSdpProfile(long sdpProfileId) {
        IVpnProfileManager iVpnProfileManager = this.mVpnManager;
        VpnProfile profile = iVpnProfileManager != null ? iVpnProfileManager.getProfile(sdpProfileId) : null;
        if (profile != null) {
            IVpnProfileManager iVpnProfileManager2 = this.mVpnManager;
            if (iVpnProfileManager2 != null) {
                iVpnProfileManager2.deleteConnection(profile);
            }
            this.mAndroidWrapper.getPrefs().putLong(SDP_PROFILE_ID, -1L);
            DpcApplication.getApplication().refreshProfiles();
        }
    }

    private final boolean fetchCACert() {
        List<CaCertResponseMsg.CertItems> list;
        this.mLogger.debug("Fetching the CA certs from server");
        try {
            CaCertResponseMsg caCertResponseMsg = (CaCertResponseMsg) JsonWrapper.fromJson(this.mProto.sendCookieHttpRequest(SDP_CA_CERT_ENDPOINT, "GET", this.mAndroidWrapper.getPrefs().getString(AAAAuthActivity.PREF_COOKIE, "")).result, CaCertResponseMsg.class);
            this.mLogger.debug("Fetching the CA certs from server is success: Total cert received: {}", (caCertResponseMsg == null || (list = caCertResponseMsg.items) == null) ? null : Integer.valueOf(list.size()));
            saveCaCertInKeystore(caCertResponseMsg);
            return true;
        } catch (SendHttpException e) {
            this.mLogger.debug("Fetching the CA certs from server failed with error : {}", e.getErrorMessage());
            return false;
        } catch (Exception unused) {
            this.mLogger.debug("Exception in CA cert retrieval");
            return false;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public final void handleSDPEnrollStatus(SDPEnrollStatusMsg statusMsg) {
        switch (statusMsg.getSdp_status()) {
            case unregistered:
                this.mLogger.debug("SDP unregistered");
                onSDPUnregistered();
                return;
            case enrolling:
                this.mLogger.debug("SDP enrolling");
                return;
            case registered:
                this.mLogger.debug("SDP registered");
                checkSDPCertValidity();
                return;
            case sdp_not_allowed:
                this.mLogger.debug("SDP not supported");
                getClient().onSDPNotAllowed(ISDPController.SDPNotAllowedReason.NOT_SUPPORTED, "SDP not supported");
                return;
            default:
                return;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public final void handleSDPEnrollSuccess(CertificateResponseMsg certMsg) {
        this.mLogger.debug("SDP enrollment finished successfully");
        boolean installSDPCert = installSDPCert(certMsg);
        this.mLogger.debug("SDP certificate installed status - {}: ", Boolean.valueOf(installSDPCert));
        this.mAndroidWrapper.setSDPCertInstalled(installSDPCert);
        if (installSDPCert) {
            saveSDPCertExpiryDate(certMsg != null ? certMsg.certificate : null, certMsg != null ? certMsg.password : null);
        }
        configureSDPProfile(certMsg, installSDPCert);
        getClient().onSDPEnrolled();
        JunosApplication.getApplication().killRemoteProcess();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public final boolean installSDPCert(CertificateResponseMsg certMsg) {
        this.mLogger.debug("Install SDP Cert");
        if (certMsg == null) {
            return false;
        }
        IKeystoreCertUtil iKeystoreCertUtil = this.mKeyStoreUtil;
        Context context = JunosApplication.getContext();
        Intrinsics.checkExpressionValueIsNotNull(context, "JunosApplication.getContext()");
        String str = certMsg.certificate;
        Intrinsics.checkExpressionValueIsNotNull(str, "certMsg.certificate");
        String str2 = certMsg.password;
        Intrinsics.checkExpressionValueIsNotNull(str2, "certMsg.password");
        return iKeystoreCertUtil.saveCertificateInKeystore(context, PULSE_SDP_CERTIFICATE, str, str2) != null;
    }

    private final void onSDPUnregistered() {
        if (this.mAndroidWrapper.getSDPVersion() == ISDPController.SDPVersion.VERSION_2_5) {
            sdpEnroll();
        } else if (this.mAndroidWrapper.getSDPVersion() == ISDPController.SDPVersion.VERSION_3) {
            if (fetchCACert()) {
                sdpEnroll();
            } else {
                ISDPController.Client.DefaultImpls.onSDPNotAllowed$default(getClient(), ISDPController.SDPNotAllowedReason.ENROLLMENT_FAILED, null, 2, null);
            }
        }
    }

    private final void renewSDPCert() {
        this.mLogger.debug("Start SDP cert renewal");
        this.mProto.persistentSend("sdp/certificate/renew", new Callable<Void>() { // from class: net.pulsesecure.modules.sdp.SDPControllerImpl$renewSDPCert$1
            @Override // java.util.concurrent.Callable
            @Nullable
            public final Void call() {
                Logger logger;
                INetworkManager iNetworkManager;
                Logger logger2;
                try {
                    iNetworkManager = SDPControllerImpl.this.mProto;
                    CertificateResponseMsg certificateResponseMsg = (CertificateResponseMsg) JsonWrapper.fromJson(iNetworkManager.sendHttpRequest("/workspaces/%s/sdp/certificate/renew", "POST", null).result, CertificateResponseMsg.class);
                    logger2 = SDPControllerImpl.this.mLogger;
                    logger2.debug("SDP cert renewal successful");
                    SDPControllerImpl.this.saveSDPCertExpiryDate(certificateResponseMsg != null ? certificateResponseMsg.certificate : null, certificateResponseMsg != null ? certificateResponseMsg.password : null);
                    SDPControllerImpl.this.installSDPCert(certificateResponseMsg);
                } catch (SendHttpException e) {
                    logger = SDPControllerImpl.this.mLogger;
                    logger.debug("SDP cert renew failed with error : {}", e.getMessage());
                }
                return null;
            }
        }, new RetryComplete() { // from class: net.pulsesecure.modules.sdp.SDPControllerImpl$renewSDPCert$2
            @Override // net.pulsesecure.modules.proto.impl.RetryComplete
            public final void onComplete(String str, boolean z, Exception exc) {
                Logger logger;
                if (z) {
                    return;
                }
                String message = exc.getMessage();
                if (exc instanceof SendHttpException) {
                    message = ((SendHttpException) exc).getErrorMessage();
                }
                logger = SDPControllerImpl.this.mLogger;
                logger.debug("SDP cert renew failed with error : {}", message);
            }
        });
    }

    @SuppressLint({"DefaultLocale"})
    private final void saveCaCertInKeystore(CaCertResponseMsg certMsg) {
        List<CaCertResponseMsg.CertItems> list;
        ArrayList arrayList = new ArrayList();
        if (certMsg != null && (list = certMsg.items) != null) {
            for (CaCertResponseMsg.CertItems certItems : list) {
                String str = certItems.format.toString();
                if (str == null) {
                    throw new TypeCastException("null cannot be cast to non-null type java.lang.String");
                }
                String upperCase = str.toUpperCase();
                Intrinsics.checkExpressionValueIsNotNull(upperCase, "(this as java.lang.String).toUpperCase()");
                if (Intrinsics.areEqual(upperCase, "PEM")) {
                    CertificateFactory certificateFactory = new CertificateFactory();
                    String str2 = certItems.certificate;
                    Intrinsics.checkExpressionValueIsNotNull(str2, "it.certificate");
                    Charset charset = Charsets.UTF_8;
                    if (str2 == null) {
                        throw new TypeCastException("null cannot be cast to non-null type java.lang.String");
                    }
                    byte[] bytes = str2.getBytes(charset);
                    Intrinsics.checkExpressionValueIsNotNull(bytes, "(this as java.lang.String).getBytes(charset)");
                    Collection engineGenerateCertificates = certificateFactory.engineGenerateCertificates(new ByteArrayInputStream(bytes));
                    Intrinsics.checkExpressionValueIsNotNull(engineGenerateCertificates, "CertificateFactory().eng…ficate.byteInputStream())");
                    for (Object obj : engineGenerateCertificates) {
                        if (obj == null) {
                            throw new TypeCastException("null cannot be cast to non-null type java.security.cert.X509Certificate");
                        }
                        arrayList.add((X509Certificate) obj);
                    }
                }
            }
        }
        if (!arrayList.isEmpty()) {
            IKeystoreCertUtil iKeystoreCertUtil = this.mKeyStoreUtil;
            Context context = this.context;
            if (context == null) {
                Intrinsics.throwNpe();
            }
            iKeystoreCertUtil.saveSDPCACertsInKeystore(context, arrayList);
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public final void saveSDPCertExpiryDate(String certificateString, String password) {
        char[] cArr;
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(Base64.decode(certificateString));
        KeyStore keyStore = KeyStore.getInstance("PKCS12");
        try {
            ByteArrayInputStream byteArrayInputStream2 = byteArrayInputStream;
            if (password == null) {
                cArr = null;
            } else {
                if (password == null) {
                    throw new TypeCastException("null cannot be cast to non-null type java.lang.String");
                }
                cArr = password.toCharArray();
                Intrinsics.checkExpressionValueIsNotNull(cArr, "(this as java.lang.String).toCharArray()");
            }
            keyStore.load(byteArrayInputStream2, cArr);
            String str = "";
            if (keyStore.aliases().hasMoreElements()) {
                String nextElement = keyStore.aliases().nextElement();
                Intrinsics.checkExpressionValueIsNotNull(nextElement, "keyStore.aliases().nextElement()");
                str = nextElement;
            }
            Certificate certificate = keyStore.getCertificate(str);
            if (certificate == null || !(certificate instanceof X509Certificate)) {
                return;
            }
            this.mLogger.debug("SDP cert expires in :{} ", ((X509Certificate) certificate).getNotAfter());
            Prefs prefs = this.mAndroidWrapper.getPrefs();
            Date notBefore = ((X509Certificate) certificate).getNotBefore();
            Intrinsics.checkExpressionValueIsNotNull(notBefore, "certificate.notBefore");
            prefs.putLong(SDP_CERT_EXPIRY_NOT_BEFORE, notBefore.getTime());
            Prefs prefs2 = this.mAndroidWrapper.getPrefs();
            Date notAfter = ((X509Certificate) certificate).getNotAfter();
            Intrinsics.checkExpressionValueIsNotNull(notAfter, "certificate.notAfter");
            prefs2.putLong(SDP_CERT_EXPIRY_NOT_AFTER, notAfter.getTime());
        } catch (Exception unused) {
            this.mLogger.debug("SDP cert expiry date could not be saved");
        }
    }

    private final void sdpEnroll() {
        this.mLogger.debug("Start SDP enrollment");
        this.mProto.persistentSend("sdp/enroll", new Callable<Void>() { // from class: net.pulsesecure.modules.sdp.SDPControllerImpl$sdpEnroll$1
            @Override // java.util.concurrent.Callable
            @Nullable
            public final Void call() {
                Logger logger;
                Logger logger2;
                INetworkManager iNetworkManager;
                ApiResponse sendHttpRequest;
                CertificateResponseMsg certificateResponseMsg;
                try {
                    iNetworkManager = SDPControllerImpl.this.mProto;
                    sendHttpRequest = iNetworkManager.sendHttpRequest("/workspaces/%s/sdp/enroll", "POST", null);
                    certificateResponseMsg = (CertificateResponseMsg) JsonWrapper.fromJson(sendHttpRequest.result, CertificateResponseMsg.class);
                } catch (SendHttpException e) {
                    if (TextUtils.isEmpty(e.getErrorMessage()) || e.getStatus() != 400) {
                        logger = SDPControllerImpl.this.mLogger;
                        logger.debug("SDP enroll failed with error : {}", e.getErrorMessage());
                        SDPControllerImpl.this.getClient().onSDPNotAllowed(ISDPController.SDPNotAllowedReason.ENROLLMENT_FAILED, e.getErrorMessage());
                    } else {
                        logger2 = SDPControllerImpl.this.mLogger;
                        logger2.debug("SDP enroll failed with error : {}", e.getErrorMessage());
                        SDPControllerImpl.this.getClient().onSDPNotAllowed(ISDPController.SDPNotAllowedReason.ENROLLMENT_LIMIT_REACHED_OR_BAD_REQUEST, e.getErrorMessage());
                    }
                }
                if (certificateResponseMsg != null || sendHttpRequest.responseCode == 204) {
                    SDPControllerImpl.this.handleSDPEnrollSuccess(certificateResponseMsg);
                    return null;
                }
                ISDPController.Client.DefaultImpls.onSDPNotAllowed$default(SDPControllerImpl.this.getClient(), ISDPController.SDPNotAllowedReason.ENROLLMENT_FAILED, null, 2, null);
                return null;
            }
        }, new RetryComplete() { // from class: net.pulsesecure.modules.sdp.SDPControllerImpl$sdpEnroll$2
            @Override // net.pulsesecure.modules.proto.impl.RetryComplete
            public final void onComplete(String str, boolean z, Exception exc) {
                Logger logger;
                if (z) {
                    return;
                }
                String message = exc.getMessage();
                if (exc instanceof SendHttpException) {
                    message = ((SendHttpException) exc).getErrorMessage();
                }
                logger = SDPControllerImpl.this.mLogger;
                logger.debug("SDP enroll failed with error : {}", message);
                SDPControllerImpl.this.getClient().onSDPNotAllowed(ISDPController.SDPNotAllowedReason.ENROLLMENT_FAILED, message);
            }
        });
    }

    private final void updateSDPUnrollServerStatus(IAPIListener apiListener) {
        this.mLogger.debug("Update SDP unenroll server status");
        try {
            try {
                this.mLogger.debug("Update SDP unenroll server status successful", this.mProto.sendHttpRequest(SDP_UN_ENROLL_ENDPOINT, "POST", null).result);
            } catch (IOException e) {
                this.mLogger.debug("Update SDP unenroll server status failed with error : {}", e.getMessage());
            }
        } finally {
            apiListener.onComplete();
        }
    }

    @Override // net.pulsesecure.modules.sdp.ISDPController
    public void checkSDPEnrollStatus() {
        this.mLogger.debug("check SDP enroll status");
        this.mProto.persistentSend("sdp/enrollment-status", new Callable<Void>() { // from class: net.pulsesecure.modules.sdp.SDPControllerImpl$checkSDPEnrollStatus$1
            @Override // java.util.concurrent.Callable
            @Nullable
            public final Void call() {
                Logger logger;
                INetworkManager iNetworkManager;
                try {
                    iNetworkManager = SDPControllerImpl.this.mProto;
                    String str = iNetworkManager.sendHttpRequest("/workspaces/%s/sdp/enrollment-status", "GET", null).result;
                    SDPControllerImpl sDPControllerImpl = SDPControllerImpl.this;
                    JsonBase fromJson = JsonWrapper.fromJson(str, SDPEnrollStatusMsg.class);
                    Intrinsics.checkExpressionValueIsNotNull(fromJson, "JsonWrapper.fromJson(str…ollStatusMsg::class.java)");
                    sDPControllerImpl.sdpStatus = (SDPEnrollStatusMsg) fromJson;
                    SDPControllerImpl.this.handleSDPEnrollStatus(SDPControllerImpl.access$getSdpStatus$p(SDPControllerImpl.this));
                } catch (SendHttpException e) {
                    logger = SDPControllerImpl.this.mLogger;
                    logger.debug("SDP enroll status check failed with error : {}", e.getErrorMessage());
                    if (e.getStatus() == 404) {
                        SDPControllerImpl.this.getClient().onSDPUnEnrolled(ISDPController.SDPUnEnrollMsg.MSG_SERVER_UN_ENROLL);
                    } else {
                        SDPControllerImpl.this.getClient().onSDPNotAllowed(ISDPController.SDPNotAllowedReason.ENROLLMENT_STATUS_CHECK_FAILED, e.getErrorMessage());
                    }
                }
                return null;
            }
        }, new RetryComplete() { // from class: net.pulsesecure.modules.sdp.SDPControllerImpl$checkSDPEnrollStatus$2
            @Override // net.pulsesecure.modules.proto.impl.RetryComplete
            public final void onComplete(String str, boolean z, Exception exc) {
                Logger logger;
                if (z) {
                    return;
                }
                String message = exc.getMessage();
                if (exc instanceof SendHttpException) {
                    message = ((SendHttpException) exc).getErrorMessage();
                }
                logger = SDPControllerImpl.this.mLogger;
                logger.debug("SDP enroll status check failed with error : {}", message);
            }
        });
    }

    @Nullable
    public final Context getContext() {
        return this.context;
    }

    @Override // net.pulsesecure.modules.sdp.ISDPController
    public void tieCertWithSDPProfile(@NotNull String certAlias, @NotNull VpnProfile sdpProfile) {
        Intrinsics.checkParameterIsNotNull(certAlias, "certAlias");
        Intrinsics.checkParameterIsNotNull(sdpProfile, "sdpProfile");
        sdpProfile.setCertAlias(certAlias);
        sdpProfile.setFlags(2049);
        IVpnProfileManager iVpnProfileManager = this.mVpnManager;
        if (iVpnProfileManager != null) {
            iVpnProfileManager.updateProfile(sdpProfile);
        }
        DpcApplication.getApplication().refreshProfiles();
    }

    @Override // net.pulsesecure.modules.sdp.ISDPController
    public void unEnrollSDP(final long sdpProfileId, boolean isResetAppData, @Nullable final ResetDataListener resetDataListener) {
        if (sdpProfileId != -1) {
            this.mLogger.debug("Unenroll SDP profile");
            SSLUtilities.setConnectionType(this.CONNECTION_TYPE_NONE);
            if (isResetAppData) {
                updateSDPUnrollServerStatus(new IAPIListener() { // from class: net.pulsesecure.modules.sdp.SDPControllerImpl$unEnrollSDP$1
                    @Override // net.pulsesecure.modules.network.IAPIListener
                    public void onComplete() {
                        SDPControllerImpl.this.deleteSDPProfileData(sdpProfileId, resetDataListener);
                    }
                });
            } else {
                deleteSDPProfileData(sdpProfileId, resetDataListener);
            }
        } else if (resetDataListener != null) {
            resetDataListener.onSDPUnEnrollCompleted();
        }
        this.mProto = new ProtoImpl(this.context);
    }

    @Override // net.pulsesecure.modules.sdp.ISDPController
    public void untieCertFromSDPProfile(@NotNull VpnProfile sdpProfile) {
        Intrinsics.checkParameterIsNotNull(sdpProfile, "sdpProfile");
        sdpProfile.setCertAlias((String) null);
        IVpnProfileManager iVpnProfileManager = this.mVpnManager;
        if (iVpnProfileManager != null) {
            iVpnProfileManager.updateProfile(sdpProfile);
        }
    }
}
