package com.airwatch.mutualtls;

import android.content.ContentResolver;
import android.content.ContentUris;
import android.content.ContentValues;
import android.database.Cursor;
import android.net.Uri;
import android.util.Log;
import androidx.annotation.NonNull;
import androidx.annotation.Nullable;
import androidx.annotation.RestrictTo;
import androidx.annotation.VisibleForTesting;
import com.airwatch.crypto.provider.AWSecurityProvider;
import com.airwatch.mutualtls.a;
import com.airwatch.sdk.context.SDKContext;
import com.airwatch.util.x;
import java.io.IOException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.UnrecoverableEntryException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.util.Enumeration;

@RestrictTo({RestrictTo.Scope.LIBRARY})
/* loaded from: classes.dex */
public class h implements c {

    /* renamed from: a, reason: collision with root package name */
    private static final String f1801a = "h";

    /* renamed from: b, reason: collision with root package name */
    private static final String f1802b = "PKCS12";
    private final Uri c;
    private final ContentResolver d;
    private final KeyStore e;
    private final SDKContext f;

    public h(@NonNull SDKContext sDKContext) throws KeyStoreException, ClientTLSCertificateStorageException {
        try {
            this.e = KeyStore.getInstance(AWSecurityProvider.e);
            this.e.load(null);
            this.c = Uri.parse("content://" + (sDKContext.m().getPackageName() + ".securepreferences")).buildUpon().appendPath(d.f1795a).build();
            this.f = sDKContext;
            this.d = sDKContext.m().getContentResolver();
        } catch (IOException | NoSuchAlgorithmException | CertificateException e) {
            x.d(f1801a, "Exception while loading airwatch keystore", (Throwable) e);
            throw new ClientTLSCertificateStorageException("Loading client TLS auth storage failed.", e);
        }
    }

    @Override // com.airwatch.mutualtls.c
    @Nullable
    public synchronized g a() throws ClientTLSCertificateStorageException, UnrecoverableEntryException, NoSuchAlgorithmException, IOException, CertificateException {
        g a2 = b.a(this.f).a();
        if (a2 != null) {
            return a2;
        }
        return b.a(this.f).a(this.d.query(this.c, null, null, null, null), this.e);
    }

    @Override // com.airwatch.mutualtls.c
    public synchronized void a(@NonNull String str) throws ClientTLSCertificateStorageException {
        try {
            Certificate[] certificateChain = this.e.getCertificateChain(str);
            Key key = this.e.getKey(str, null);
            this.e.deleteEntry(str);
            if (!c(str)) {
                if (certificateChain != null && key != null) {
                    this.e.setKeyEntry(str, key, null, certificateChain);
                }
                throw new ClientTLSCertificateStorageException("Unable to delete key-entry");
            }
            b.a(this.f).a(str);
        } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException e) {
            x.d(f1801a, "Unable to delete key-entry", (Throwable) e);
            throw new ClientTLSCertificateStorageException("Unable to delete key-entry", e);
        }
    }

    @Override // com.airwatch.mutualtls.c
    public synchronized void a(@NonNull String str, @NonNull a aVar) throws ClientTLSCertificateStorageException {
        if (!b(str, aVar)) {
            throw new ClientTLSCertificateStorageException("Unable to update the RenewalPolicy");
        }
        b.a(this.f).c();
    }

    @Override // com.airwatch.mutualtls.c
    public synchronized void a(@NonNull String str, @NonNull PrivateKey privateKey, @NonNull Certificate[] certificateArr, @Nullable a aVar) throws ClientTLSCertificateStorageException {
        try {
            this.e.setKeyEntry(str, privateKey, null, certificateArr);
            if (aVar == null) {
                aVar = new a.C0070a().a();
            }
            if (!c(str, aVar)) {
                this.e.deleteEntry(str);
                throw new ClientTLSCertificateStorageException("Unable to store key-entry");
            }
            b.a(this.f).a(str, privateKey, certificateArr, aVar);
        } catch (KeyStoreException e) {
            x.d(f1801a, "Unable to store key-entry", (Throwable) e);
            throw new ClientTLSCertificateStorageException("Unable to store key-entry", e);
        }
    }

    @Override // com.airwatch.mutualtls.c
    public synchronized void a(@NonNull KeyStore keyStore, @NonNull char[] cArr, @Nullable a aVar) throws ClientTLSCertificateStorageException, UnrecoverableEntryException, NoSuchAlgorithmException {
        try {
            if (!f1802b.equalsIgnoreCase(keyStore.getType())) {
                Log.e(f1801a, "Keystore is not of PKCS12 content, so throwing exception");
                throw new ClientTLSCertificateStorageException("Keystore is not a PKCS12 content");
            }
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                if (keyStore.entryInstanceOf(nextElement, KeyStore.PrivateKeyEntry.class)) {
                    KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) keyStore.getEntry(nextElement, new KeyStore.PasswordProtection(cArr));
                    a(nextElement, privateKeyEntry.getPrivateKey(), privateKeyEntry.getCertificateChain(), aVar);
                }
            }
        } catch (KeyStoreException e) {
            x.d(f1801a, "Unable to store key-entry", (Throwable) e);
            throw new ClientTLSCertificateStorageException("Unable to store key-entry", e);
        } catch (NoSuchAlgorithmException e2) {
            e = e2;
            x.d(f1801a, "Unable to store key-entry", e);
            throw e;
        } catch (UnrecoverableEntryException e3) {
            e = e3;
            x.d(f1801a, "Unable to store key-entry", e);
            throw e;
        }
    }

    @VisibleForTesting(otherwise = 2)
    a b(@NonNull String str) {
        Cursor query = this.d.query(this.c, null, d.c + "=?", new String[]{str}, null);
        if (query != null) {
            try {
                if (query.moveToFirst()) {
                    a.C0070a c0070a = new a.C0070a();
                    c0070a.a(query.getLong(query.getColumnIndex(d.d)));
                    c0070a.b(query.getLong(query.getColumnIndex(d.e)));
                    c0070a.a(query.getInt(query.getColumnIndex(d.f)));
                    a a2 = c0070a.a();
                    if (query != null) {
                        query.close();
                    }
                    return a2;
                }
            } finally {
                if (query != null) {
                    query.close();
                }
            }
        }
    }

    /* JADX WARN: Code restructure failed: missing block: B:16:0x0019, code lost:
    
        if (r0.moveToFirst() != false) goto L6;
     */
    /* JADX WARN: Code restructure failed: missing block: B:17:0x001b, code lost:
    
        a(r0.getString(r0.getColumnIndex(com.airwatch.mutualtls.d.c)));
     */
    /* JADX WARN: Code restructure failed: missing block: B:18:0x002c, code lost:
    
        if (r0.moveToNext() != false) goto L19;
     */
    @androidx.annotation.VisibleForTesting(otherwise = 2)
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    void b() throws com.airwatch.mutualtls.ClientTLSCertificateStorageException {
        /*
            r6 = this;
            android.content.ContentResolver r0 = r6.d
            android.net.Uri r1 = r6.c
            r2 = 1
            java.lang.String[] r2 = new java.lang.String[r2]
            java.lang.String r3 = com.airwatch.mutualtls.d.c
            r4 = 0
            r2[r4] = r3
            r3 = 0
            r4 = 0
            r5 = 0
            android.database.Cursor r0 = r0.query(r1, r2, r3, r4, r5)
            if (r0 == 0) goto L2e
            boolean r1 = r0.moveToFirst()     // Catch: java.lang.Throwable -> L3d
            if (r1 == 0) goto L2e
        L1b:
            java.lang.String r1 = com.airwatch.mutualtls.d.c     // Catch: java.lang.Throwable -> L3d
            int r1 = r0.getColumnIndex(r1)     // Catch: java.lang.Throwable -> L3d
            java.lang.String r1 = r0.getString(r1)     // Catch: java.lang.Throwable -> L3d
            r6.a(r1)     // Catch: java.lang.Throwable -> L3d
            boolean r1 = r0.moveToNext()     // Catch: java.lang.Throwable -> L3d
            if (r1 != 0) goto L1b
        L2e:
            com.airwatch.sdk.context.SDKContext r1 = r6.f     // Catch: java.lang.Throwable -> L3d
            com.airwatch.mutualtls.b r1 = com.airwatch.mutualtls.b.a(r1)     // Catch: java.lang.Throwable -> L3d
            r1.c()     // Catch: java.lang.Throwable -> L3d
            if (r0 == 0) goto L3c
            r0.close()
        L3c:
            return
        L3d:
            r1 = move-exception
            if (r0 == 0) goto L43
            r0.close()
        L43:
            throw r1
        */
        throw new UnsupportedOperationException("Method not decompiled: com.airwatch.mutualtls.h.b():void");
    }

    @VisibleForTesting(otherwise = 2)
    protected boolean b(@NonNull String str, @NonNull a aVar) {
        ContentValues contentValues = new ContentValues();
        contentValues.put(d.d, Long.valueOf(aVar.b()));
        contentValues.put(d.e, Long.valueOf(aVar.c()));
        contentValues.put(d.f, Float.valueOf(aVar.a()));
        ContentResolver contentResolver = this.d;
        Uri uri = this.c;
        StringBuilder sb = new StringBuilder();
        sb.append(d.c);
        sb.append("=?");
        return contentResolver.update(uri, contentValues, sb.toString(), new String[]{str}) > 0;
    }

    @VisibleForTesting(otherwise = 2)
    protected boolean c(@NonNull String str) {
        ContentResolver contentResolver = this.d;
        Uri uri = this.c;
        StringBuilder sb = new StringBuilder();
        sb.append(d.c);
        sb.append("=?");
        return contentResolver.delete(uri, sb.toString(), new String[]{str}) > 0;
    }

    @VisibleForTesting(otherwise = 2)
    protected boolean c(@NonNull String str, @NonNull a aVar) {
        ContentValues contentValues = new ContentValues();
        contentValues.put(d.c, str);
        contentValues.put(d.d, Long.valueOf(aVar.b()));
        contentValues.put(d.e, Long.valueOf(aVar.c()));
        contentValues.put(d.f, Float.valueOf(aVar.a()));
        return ContentUris.parseId(this.d.insert(this.c, contentValues)) > 0;
    }
}
