package com.mobileiron.acom.core.utils.a;

import android.net.http.SslCertificate;
import com.mobileiron.acom.core.utils.a.d;
import com.mobileiron.acom.core.utils.n;
import com.mobileiron.acom.core.utils.p;
import com.samsung.android.knox.keystore.CertificateProvisioning;
import java.io.ByteArrayInputStream;
import java.io.Closeable;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.lang.reflect.Field;
import java.nio.charset.Charset;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.List;
import org.apache.commons.lang3.StringUtils;
import org.slf4j.Logger;
import org.spongycastle.asn1.ASN1InputStream;
import org.spongycastle.asn1.DEROctetString;
import org.spongycastle.asn1.x509.BasicConstraints;
import org.spongycastle.util.io.pem.PemObject;
import org.spongycastle.util.io.pem.PemReader;

/* loaded from: classes.dex */
public final class c {

    /* renamed from: a, reason: collision with root package name */
    private static final Logger f2218a = n.a("CertificateUtils");

    public static b a(byte[] bArr, String str, ArrayList<X509Certificate> arrayList, ArrayList<PrivateKey> arrayList2) {
        b bVar;
        b a2;
        if (bArr == null || bArr.length == 0) {
            f2218a.error("Null or empty byte array sent to getCertificates.");
            return null;
        }
        b a3 = a(bArr, arrayList);
        if (a3 != null && a3.a()) {
            f2218a.trace("Match found for DER.");
            return a3;
        }
        ArrayList<Object> a4 = a(bArr);
        if (a4 != null) {
            ArrayList arrayList3 = new ArrayList();
            Iterator<Object> it = a4.iterator();
            String str2 = null;
            while (it.hasNext()) {
                Object next = it.next();
                if (next instanceof X509Certificate) {
                    f2218a.trace("PEM format: PEMReader returned object class: {}", next.getClass());
                    if (str2 == null) {
                        str2 = b((X509Certificate) next);
                    }
                    if (arrayList != null) {
                        arrayList.add((X509Certificate) next);
                    }
                    arrayList3.add(new a((X509Certificate) next));
                } else {
                    f2218a.trace("PEM format: PEMReader returned invalid object class: {}", next.getClass());
                }
            }
            if (!arrayList3.isEmpty()) {
                if (str2 == null) {
                    str2 = "PEM Package";
                }
                bVar = new b(str2, arrayList3);
                if (bVar == null && bVar.a()) {
                    f2218a.trace("Match found for PEM.");
                    return bVar;
                }
                a2 = a(bArr, str, arrayList2, arrayList);
                if (a2 == null && a2.a()) {
                    f2218a.trace("Match found for PKCS12.");
                    return a2;
                }
                f2218a.warn("No match found - unable to successfully parse certificate file.");
                return null;
            }
        }
        bVar = null;
        if (bVar == null) {
        }
        a2 = a(bArr, str, arrayList2, arrayList);
        if (a2 == null) {
        }
        f2218a.warn("No match found - unable to successfully parse certificate file.");
        return null;
    }

    private static b a(byte[] bArr, String str, List<PrivateKey> list, ArrayList<X509Certificate> arrayList) {
        if (StringUtils.isBlank(str)) {
            f2218a.trace("Password empty -- cannot process data as PKCS12/PFX.");
        }
        KeyStore d = d(bArr, str);
        if (d == null) {
            return null;
        }
        StringBuilder sb = new StringBuilder();
        if (list == null) {
            list = new ArrayList<>();
        }
        ArrayList<X509Certificate> a2 = a(d, str, list, sb);
        if (!a2.isEmpty()) {
            Iterator<X509Certificate> it = a2.iterator();
            boolean z = false;
            boolean z2 = false;
            while (it.hasNext()) {
                X509Certificate next = it.next();
                if (arrayList != null) {
                    arrayList.add(next);
                }
                if (a(next)) {
                    z = true;
                } else {
                    z2 = true;
                }
            }
            try {
                ArrayList arrayList2 = new ArrayList();
                arrayList2.add(new d(new d.a().a(bArr).a(str).b(sb.toString()).c(!list.isEmpty()).a(z).b(z2)));
                return new b(sb.toString(), arrayList2);
            } catch (IllegalArgumentException e) {
                f2218a.warn("IllegalArgumentException: ", (Throwable) e);
            }
        }
        return null;
    }

    private static b a(byte[] bArr, ArrayList<X509Certificate> arrayList) {
        ByteArrayInputStream byteArrayInputStream;
        b bVar;
        try {
            ArrayList arrayList2 = new ArrayList();
            CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
            byteArrayInputStream = new ByteArrayInputStream(bArr);
            String str = null;
            while (byteArrayInputStream.available() > 0) {
                try {
                    try {
                        X509Certificate x509Certificate = (X509Certificate) certificateFactory.generateCertificate(byteArrayInputStream);
                        String b = b(x509Certificate);
                        arrayList2.add(new a(x509Certificate));
                        if (arrayList != null) {
                            arrayList.add(x509Certificate);
                        }
                        str = b;
                    } catch (Exception unused) {
                        f2218a.trace("DER format: not detected.");
                        p.a(byteArrayInputStream, "openCertificateAsDer");
                        return null;
                    }
                } catch (Throwable th) {
                    th = th;
                    p.a(byteArrayInputStream, "openCertificateAsDer");
                    throw th;
                }
            }
            if (arrayList2.isEmpty()) {
                bVar = null;
            } else {
                if (str == null) {
                    str = "DER Package";
                }
                bVar = new b(str, arrayList2);
            }
            p.a(byteArrayInputStream, "openCertificateAsDer");
            return bVar;
        } catch (Exception unused2) {
            byteArrayInputStream = null;
        } catch (Throwable th2) {
            th = th2;
            byteArrayInputStream = null;
            p.a(byteArrayInputStream, "openCertificateAsDer");
            throw th;
        }
    }

    private static String a(String str) {
        if (StringUtils.isBlank(str)) {
            return "";
        }
        if (com.mobileiron.acom.core.android.c.i()) {
            return str;
        }
        char[] charArray = str.toCharArray();
        for (int i = 0; i < charArray.length; i++) {
            if (!Character.isLetterOrDigit(charArray[i])) {
                charArray[i] = '_';
            }
        }
        return new String(charArray);
    }

    public static String a(byte[] bArr, String str) {
        KeyStore d = d(bArr, str);
        String str2 = null;
        if (d == null) {
            return null;
        }
        try {
            Enumeration<String> aliases = d.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                try {
                    if (d.getCertificate(nextElement) != null) {
                        return nextElement;
                    }
                    str2 = nextElement;
                } catch (KeyStoreException e) {
                    e = e;
                    str2 = nextElement;
                    f2218a.warn("Exception in getP12CertAliasAsIs(...): ", (Throwable) e);
                    return str2;
                }
            }
            return str2;
        } catch (KeyStoreException e2) {
            e = e2;
        }
    }

    private static KeyStore a(InputStream inputStream, String str, String str2) throws KeyStoreException, NoSuchAlgorithmException, CertificateException, IOException {
        KeyStore keyStore = KeyStore.getInstance(str2);
        keyStore.load(inputStream, str != null ? str.toCharArray() : null);
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            Certificate[] certificateChain = keyStore.getCertificateChain(nextElement);
            if (certificateChain != null) {
                f2218a.debug("Certificate chain '{}'", nextElement);
                for (int i = 0; i < certificateChain.length; i++) {
                    if (certificateChain[i] instanceof X509Certificate) {
                        X509Certificate x509Certificate = (X509Certificate) certificateChain[i];
                        if (f2218a.isDebugEnabled()) {
                            f2218a.debug(" Certificate {}:", Integer.valueOf(i + 1));
                            f2218a.debug("  Subject DN: {}", x509Certificate.getSubjectDN());
                            f2218a.debug("  Signature Algorithm: {}", x509Certificate.getSigAlgName());
                            f2218a.debug("  Valid from: {}", x509Certificate.getNotBefore());
                            f2218a.debug("  Valid until: {}", x509Certificate.getNotAfter());
                            f2218a.debug("  Issuer: {}", x509Certificate.getIssuerDN());
                        }
                    }
                }
            }
        }
        return keyStore;
    }

    private static Certificate a(PemObject pemObject) {
        ByteArrayInputStream byteArrayInputStream;
        try {
            byteArrayInputStream = new ByteArrayInputStream(pemObject.getContent());
            try {
                try {
                    Certificate generateCertificate = CertificateFactory.getInstance("X.509").generateCertificate(byteArrayInputStream);
                    p.a(byteArrayInputStream, "parseObjectAsX509");
                    return generateCertificate;
                } catch (Exception unused) {
                    f2218a.trace("PEM format: parseObjectAsX509 failed parsing cert.");
                    p.a(byteArrayInputStream, "parseObjectAsX509");
                    return null;
                }
            } catch (Throwable th) {
                th = th;
                p.a(byteArrayInputStream, "parseObjectAsX509");
                throw th;
            }
        } catch (Exception unused2) {
            byteArrayInputStream = null;
        } catch (Throwable th2) {
            th = th2;
            byteArrayInputStream = null;
            p.a(byteArrayInputStream, "parseObjectAsX509");
            throw th;
        }
    }

    public static X509Certificate a(SslCertificate sslCertificate) {
        try {
            Field declaredField = SslCertificate.class.getDeclaredField("mX509Certificate");
            declaredField.setAccessible(true);
            return (X509Certificate) declaredField.get(sslCertificate);
        } catch (IllegalAccessException | IllegalArgumentException | NoSuchFieldException e) {
            f2218a.warn("Exception in getX509CertFromSslCert(...): ", e);
            return null;
        }
    }

    private static ArrayList<X509Certificate> a(KeyStore keyStore, String str, List<PrivateKey> list, StringBuilder sb) {
        ArrayList<X509Certificate> arrayList = new ArrayList<>();
        try {
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                f2218a.debug("alias: {} (isKey={}, isCert={})", nextElement, Boolean.valueOf(keyStore.isKeyEntry(nextElement)), Boolean.valueOf(keyStore.isCertificateEntry(nextElement)));
                Certificate[] certificateChain = keyStore.getCertificateChain(nextElement);
                if (certificateChain != null) {
                    if (sb.length() == 0) {
                        f2218a.debug("Picked alias: {}", nextElement);
                        sb.append(a(nextElement));
                    }
                    for (Certificate certificate : certificateChain) {
                        arrayList.add((X509Certificate) certificate);
                    }
                } else {
                    f2218a.debug("alias: {} -- cert chain is null.", nextElement);
                    Certificate certificate2 = keyStore.getCertificate(nextElement);
                    if (certificate2 != null) {
                        arrayList.add((X509Certificate) certificate2);
                    } else {
                        f2218a.debug("alias: {} -- cert is null.", nextElement);
                    }
                }
                PrivateKey privateKey = (PrivateKey) keyStore.getKey(nextElement, str != null ? str.toCharArray() : null);
                if (privateKey != null) {
                    if (list != null) {
                        list.add(privateKey);
                    }
                    f2218a.debug("   key: {}", privateKey.getFormat());
                } else {
                    f2218a.debug("alias: {} -- key is null.", nextElement);
                }
            }
        } catch (KeyStoreException | NoSuchAlgorithmException | UnrecoverableKeyException e) {
            f2218a.debug("Exception in openKeyStore(...):", e);
        }
        return arrayList;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r3v0 */
    /* JADX WARN: Type inference failed for: r3v1 */
    /* JADX WARN: Type inference failed for: r3v10, types: [org.spongycastle.util.io.pem.PemReader, java.io.Closeable] */
    /* JADX WARN: Type inference failed for: r3v2 */
    /* JADX WARN: Type inference failed for: r3v3, types: [java.io.Closeable] */
    /* JADX WARN: Type inference failed for: r3v4 */
    /* JADX WARN: Type inference failed for: r3v5, types: [java.io.Closeable] */
    /* JADX WARN: Type inference failed for: r3v6 */
    /* JADX WARN: Type inference failed for: r3v7 */
    /* JADX WARN: Type inference failed for: r3v8 */
    /* JADX WARN: Type inference failed for: r3v9 */
    private static ArrayList<Object> a(byte[] bArr) {
        ByteArrayInputStream byteArrayInputStream;
        ?? r3;
        InputStreamReader inputStreamReader;
        Throwable th;
        try {
            byteArrayInputStream = new ByteArrayInputStream(bArr);
            try {
                inputStreamReader = new InputStreamReader(byteArrayInputStream, Charset.defaultCharset());
                try {
                    ArrayList<Object> arrayList = new ArrayList<>();
                    r3 = new PemReader(inputStreamReader);
                    while (true) {
                        try {
                            try {
                                PemObject readPemObject = r3.readPemObject();
                                if (readPemObject == null) {
                                    f2218a.trace("PEM format: PEMReader returned no object");
                                    p.a(inputStreamReader, "processDataAsPem isr");
                                    p.a(byteArrayInputStream, "processDataAsPem bais");
                                    p.a((Closeable) r3, "processDataAsPem pr");
                                    return arrayList;
                                }
                                Certificate a2 = a(readPemObject);
                                if (a2 != null) {
                                    arrayList.add(a2);
                                }
                            } catch (Exception unused) {
                                f2218a.trace("PEM format: not detected.");
                                p.a(inputStreamReader, "processDataAsPem isr");
                                p.a(byteArrayInputStream, "processDataAsPem bais");
                                p.a((Closeable) r3, "processDataAsPem pr");
                                return null;
                            }
                        } catch (Throwable th2) {
                            th = th2;
                            p.a(inputStreamReader, "processDataAsPem isr");
                            p.a(byteArrayInputStream, "processDataAsPem bais");
                            p.a((Closeable) r3, "processDataAsPem pr");
                            throw th;
                        }
                    }
                } catch (Exception unused2) {
                    r3 = 0;
                } catch (Throwable th3) {
                    r3 = 0;
                    th = th3;
                    p.a(inputStreamReader, "processDataAsPem isr");
                    p.a(byteArrayInputStream, "processDataAsPem bais");
                    p.a((Closeable) r3, "processDataAsPem pr");
                    throw th;
                }
            } catch (Exception unused3) {
                inputStreamReader = null;
                r3 = 0;
            } catch (Throwable th4) {
                th = th4;
                r3 = 0;
                th = th;
                inputStreamReader = r3;
                p.a(inputStreamReader, "processDataAsPem isr");
                p.a(byteArrayInputStream, "processDataAsPem bais");
                p.a((Closeable) r3, "processDataAsPem pr");
                throw th;
            }
        } catch (Exception unused4) {
            inputStreamReader = null;
            byteArrayInputStream = null;
            r3 = 0;
        } catch (Throwable th5) {
            th = th5;
            byteArrayInputStream = null;
            r3 = 0;
        }
    }

    public static boolean a(X509Certificate x509Certificate) {
        ASN1InputStream aSN1InputStream;
        byte[] extensionValue = x509Certificate.getExtensionValue("2.5.29.19");
        if (extensionValue == null) {
            return false;
        }
        ASN1InputStream aSN1InputStream2 = null;
        try {
            aSN1InputStream = new ASN1InputStream(extensionValue);
            try {
                ASN1InputStream aSN1InputStream3 = new ASN1InputStream(((DEROctetString) aSN1InputStream.readObject()).getOctets());
                try {
                    boolean isCA = BasicConstraints.getInstance(aSN1InputStream3.readObject()).isCA();
                    p.a(aSN1InputStream, "isCaCertificate is1");
                    p.a(aSN1InputStream3, "isCaCertificate is2");
                    return isCA;
                } catch (IOException unused) {
                    aSN1InputStream2 = aSN1InputStream3;
                    p.a(aSN1InputStream, "isCaCertificate is1");
                    p.a(aSN1InputStream2, "isCaCertificate is2");
                    return false;
                } catch (Throwable th) {
                    th = th;
                    aSN1InputStream2 = aSN1InputStream3;
                    p.a(aSN1InputStream, "isCaCertificate is1");
                    p.a(aSN1InputStream2, "isCaCertificate is2");
                    throw th;
                }
            } catch (IOException unused2) {
            } catch (Throwable th2) {
                th = th2;
            }
        } catch (IOException unused3) {
            aSN1InputStream = null;
        } catch (Throwable th3) {
            th = th3;
            aSN1InputStream = null;
        }
    }

    public static String b(X509Certificate x509Certificate) {
        String name = x509Certificate.getSubjectX500Principal().getName();
        String[] split = name.split(",");
        for (String str : split) {
            if (str.contains("CN")) {
                String[] split2 = str.split("=");
                if (split2.length > 1) {
                    return split2[1];
                }
            }
        }
        return split.length == 0 ? name : split[0];
    }

    public static String b(byte[] bArr, String str) {
        return a(a(bArr, str));
    }

    public static byte[] c(byte[] bArr, String str) {
        KeyStore d = d(bArr, str);
        if (d == null) {
            return null;
        }
        try {
            Enumeration<String> aliases = d.aliases();
            while (aliases.hasMoreElements()) {
                Certificate certificate = d.getCertificate(aliases.nextElement());
                if (certificate != null) {
                    return certificate.getEncoded();
                }
            }
        } catch (KeyStoreException | CertificateEncodingException e) {
            f2218a.warn("getEncodedIdFromPkcs12 failed: ", e);
        }
        return null;
    }

    private static KeyStore d(byte[] bArr, String str) {
        ByteArrayInputStream byteArrayInputStream;
        try {
            try {
                byteArrayInputStream = new ByteArrayInputStream(bArr);
                try {
                    KeyStore a2 = a(byteArrayInputStream, str, CertificateProvisioning.TYPE_PKCS12);
                    p.a(byteArrayInputStream, "openPkcs12");
                    return a2;
                } catch (IOException e) {
                    e = e;
                    f2218a.debug("PKSC12 format: I/O error: {}", e.getMessage());
                    if (e.getMessage().matches(".*failed to decrypt safe contents entry.*")) {
                        f2218a.debug("   Password error");
                    }
                    p.a(byteArrayInputStream, "openPkcs12");
                    return null;
                } catch (Exception unused) {
                    f2218a.trace("PKSC12 format: not detected.");
                    p.a(byteArrayInputStream, "openPkcs12");
                    return null;
                }
            } catch (Throwable th) {
                th = th;
                p.a((Closeable) null, "openPkcs12");
                throw th;
            }
        } catch (IOException e2) {
            e = e2;
            byteArrayInputStream = null;
        } catch (Exception unused2) {
            byteArrayInputStream = null;
        } catch (Throwable th2) {
            th = th2;
            p.a((Closeable) null, "openPkcs12");
            throw th;
        }
    }
}
