package com.worklight.common.security;

import com.worklight.common.Logger;
import com.worklight.common.WLConfig;
import com.worklight.nativeandroid.common.WLUtils;
import com.worklight.utils.Base64;
import com.worklight.wlclient.HttpClientManager;
import com.worklight.wlclient.WLRequest;
import com.worklight.wlclient.WLRequestListener;
import com.worklight.wlclient.api.WLClient;
import com.worklight.wlclient.api.WLFailResponse;
import com.worklight.wlclient.api.WLRequestOptions;
import com.worklight.wlclient.api.WLResponse;
import com.xiaomi.mipush.sdk.Constants;
import java.io.File;
import java.io.FileInputStream;
import java.security.KeyPair;
import java.security.KeyStore;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import javax.net.ssl.KeyManagerFactory;
import javax.security.auth.x500.X500Principal;
import org.b.a.bl;
import org.b.a.bp;
import org.b.a.bq;
import org.b.a.bt;
import org.b.a.e;
import org.b.a.u.t;
import org.b.e.f;
import org.json.JSONObject;

/* loaded from: classes2.dex */
public class WLUserAuthManager extends WLCertManager {
    private static final String CERTIFICATE_ALIAS = "com.worklight.userenrollment.certificate";
    private static String KEYSTORE_FILENAME = ".x509Keystore";
    private static final String PROVISIONING_ENTITY = "";
    private static WLUserAuthManager instance;
    private static Logger logger = Logger.getInstance("wl.userAuthManager");
    private static char[] keyStorePassword = "worklight".toCharArray();

    private WLUserAuthManager() {
        super(KEYSTORE_FILENAME, keyStorePassword);
    }

    private Map<String, bl> getCSRAttributesOIDMap() {
        HashMap hashMap = new HashMap();
        hashMap.put("challengepassword", t.aa);
        hashMap.put("contenttype", t.W);
        hashMap.put("countersignature", t.Z);
        hashMap.put("emailaddress", t.U);
        hashMap.put("extendedcertificateattributes", t.ac);
        hashMap.put("extensionrequest", t.ae);
        hashMap.put("friendlyname", t.ag);
        hashMap.put("localkeyid", t.ah);
        hashMap.put("messagedigest", t.X);
        hashMap.put("signingdescription", t.ad);
        hashMap.put("signingdime", t.Y);
        hashMap.put("smimecapabilities", t.af);
        hashMap.put("unstructuredaddress", t.ab);
        hashMap.put("unstructuredname", t.V);
        return hashMap;
    }

    private KeyStore getCertificateKeyStore() {
        KeyStore loadKeyStore = loadKeyStore();
        KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()).init(loadKeyStore, keyStorePassword);
        return loadKeyStore;
    }

    public static synchronized WLUserAuthManager getInstance() {
        WLUserAuthManager wLUserAuthManager;
        synchronized (WLUserAuthManager.class) {
            if (instance == null) {
                instance = new WLUserAuthManager();
            }
            wLUserAuthManager = instance;
        }
        return wLUserAuthManager;
    }

    private KeyStore loadKeyStore() {
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        File file = new File(this.context.getFilesDir().getAbsolutePath() + "/" + KEYSTORE_FILENAME);
        if (!file.exists()) {
            return null;
        }
        keyStore.load(new FileInputStream(file), keyStorePassword);
        return keyStore;
    }

    public JSONObject authenticateToTheServerWithCertificate() {
        logger.debug("Establishing SSL connection with the server using the user certificate from the user certificate realm.");
        JSONObject jSONObject = new JSONObject();
        HttpClientManager.setSSLSocketFactory(getCertificateKeyStore(), keyStorePassword);
        String readWLPref = WLConfig.getInstance().readWLPref("WL-Instance-Id");
        if (!WLUtils.isStringEmpty(readWLPref)) {
            WLClient.getInstance().addGlobalHeader("WL-Instance-Id", readWLPref);
        }
        new WLRequest(new WLRequestListener() { // from class: com.worklight.common.security.WLUserAuthManager.1
            @Override // com.worklight.wlclient.WLRequestListener
            public void onFailure(WLFailResponse wLFailResponse) {
            }

            @Override // com.worklight.wlclient.WLRequestListener
            public void onSuccess(WLResponse wLResponse) {
            }
        }, new WLRequestOptions(), WLConfig.getInstance(), this.context).makeRequest(WLRequest.RequestPaths.SSL_CLIENT_AUTH);
        return jSONObject;
    }

    public void clearKeystore() {
        clearKeystore("");
    }

    public String createSignedCSR(JSONObject jSONObject) {
        return createSignedCSR(jSONObject, "");
    }

    public String createSignedCSR(JSONObject jSONObject, String str) {
        JSONObject jSONObject2 = jSONObject.getJSONObject("subject");
        JSONObject optJSONObject = jSONObject.optJSONObject("attributes");
        Iterator<String> keys = jSONObject2.keys();
        String str2 = "";
        while (keys.hasNext()) {
            String next = keys.next();
            str2 = str2 + next + "=" + jSONObject2.getString(next);
            if (keys.hasNext()) {
                str2 = str2 + Constants.ACCEPT_TIME_SEPARATOR_SP;
            }
        }
        bt btVar = null;
        if (optJSONObject != null) {
            Map<String, bl> cSRAttributesOIDMap = getCSRAttributesOIDMap();
            Iterator<String> keys2 = optJSONObject.keys();
            e eVar = new e();
            while (keys2.hasNext()) {
                String next2 = keys2.next();
                if (next2 != null) {
                    String string = optJSONObject.getString(next2);
                    try {
                        bl blVar = cSRAttributesOIDMap.get(next2.toLowerCase());
                        bp bpVar = new bp(string);
                        e eVar2 = new e();
                        e eVar3 = new e();
                        eVar2.a(blVar);
                        eVar3.a(bpVar);
                        eVar2.a(new bt(eVar3));
                        eVar.a(new bq(eVar2));
                    } catch (Throwable th) {
                        logger.error("There was a problem adding attribute " + next2 + "to the CSR.", th);
                    }
                }
            }
            btVar = new bt(eVar);
        }
        KeyPair keyPair = this.keyPairHash.get(getAlias(str));
        return Base64.encode(new f("SHA1withRSA", new X500Principal(str2), keyPair.getPublic(), btVar, keyPair.getPrivate()).a(), "UTF-8");
    }

    /* JADX WARN: Removed duplicated region for block: B:12:0x0060 A[Catch: Exception -> 0x0077, TRY_LEAVE, TryCatch #1 {Exception -> 0x0077, blocks: (B:3:0x0001, B:15:0x000f, B:9:0x0053, B:12:0x0060, B:18:0x001a, B:21:0x0036), top: B:2:0x0001, inners: #3 }] */
    /* JADX WARN: Removed duplicated region for block: B:9:0x0053 A[Catch: Exception -> 0x0077, TryCatch #1 {Exception -> 0x0077, blocks: (B:3:0x0001, B:15:0x000f, B:9:0x0053, B:12:0x0060, B:18:0x001a, B:21:0x0036), top: B:2:0x0001, inners: #3 }] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public boolean doesValidCertificateExist() {
        /*
            r6 = this;
            r0 = 0
            java.lang.String r1 = ""
            java.security.KeyStore$PrivateKeyEntry r1 = r6.getPrivateKeyEntry(r1)     // Catch: java.lang.Exception -> L77
            r2 = 1
            if (r1 == 0) goto Lc
            r3 = 1
            goto Ld
        Lc:
            r3 = 0
        Ld:
            if (r3 == 0) goto L51
            java.security.cert.Certificate r1 = r1.getCertificate()     // Catch: java.security.cert.CertificateExpiredException -> L19 java.security.cert.CertificateNotYetValidException -> L35 java.lang.Exception -> L77
            java.security.cert.X509Certificate r1 = (java.security.cert.X509Certificate) r1     // Catch: java.security.cert.CertificateExpiredException -> L19 java.security.cert.CertificateNotYetValidException -> L35 java.lang.Exception -> L77
            r1.checkValidity()     // Catch: java.security.cert.CertificateExpiredException -> L19 java.security.cert.CertificateNotYetValidException -> L35 java.lang.Exception -> L77
            goto L51
        L19:
            r1 = move-exception
            com.worklight.common.Logger r2 = com.worklight.common.security.WLUserAuthManager.logger     // Catch: java.lang.Exception -> L77
            java.lang.StringBuilder r4 = new java.lang.StringBuilder     // Catch: java.lang.Exception -> L77
            r4.<init>()     // Catch: java.lang.Exception -> L77
            java.lang.String r5 = "Certificate has expired: "
            r4.append(r5)     // Catch: java.lang.Exception -> L77
            java.lang.String r1 = r1.getMessage()     // Catch: java.lang.Exception -> L77
            r4.append(r1)     // Catch: java.lang.Exception -> L77
            java.lang.String r1 = r4.toString()     // Catch: java.lang.Exception -> L77
            r2.error(r1)     // Catch: java.lang.Exception -> L77
            goto L50
        L35:
            r1 = move-exception
            com.worklight.common.Logger r2 = com.worklight.common.security.WLUserAuthManager.logger     // Catch: java.lang.Exception -> L77
            java.lang.StringBuilder r4 = new java.lang.StringBuilder     // Catch: java.lang.Exception -> L77
            r4.<init>()     // Catch: java.lang.Exception -> L77
            java.lang.String r5 = "Certificate is not yet valid: "
            r4.append(r5)     // Catch: java.lang.Exception -> L77
            java.lang.String r1 = r1.getMessage()     // Catch: java.lang.Exception -> L77
            r4.append(r1)     // Catch: java.lang.Exception -> L77
            java.lang.String r1 = r4.toString()     // Catch: java.lang.Exception -> L77
            r2.error(r1)     // Catch: java.lang.Exception -> L77
        L50:
            r2 = 0
        L51:
            if (r2 != 0) goto L60
            java.lang.String r1 = ""
            r6.removeEntityKeyStoreValues(r1)     // Catch: java.lang.Exception -> L77
            com.worklight.common.Logger r1 = com.worklight.common.security.WLUserAuthManager.logger     // Catch: java.lang.Exception -> L77
            java.lang.String r2 = "doesValidCertificateExists = false (Certificate not yet valid or expired)"
            r1.trace(r2)     // Catch: java.lang.Exception -> L77
            return r0
        L60:
            com.worklight.common.Logger r1 = com.worklight.common.security.WLUserAuthManager.logger     // Catch: java.lang.Exception -> L77
            java.lang.StringBuilder r2 = new java.lang.StringBuilder     // Catch: java.lang.Exception -> L77
            r2.<init>()     // Catch: java.lang.Exception -> L77
            java.lang.String r4 = "doesValidCertificateExists = "
            r2.append(r4)     // Catch: java.lang.Exception -> L77
            r2.append(r3)     // Catch: java.lang.Exception -> L77
            java.lang.String r2 = r2.toString()     // Catch: java.lang.Exception -> L77
            r1.trace(r2)     // Catch: java.lang.Exception -> L77
            return r3
        L77:
            r1 = move-exception
            com.worklight.common.Logger r2 = com.worklight.common.security.WLUserAuthManager.logger
            java.lang.StringBuilder r3 = new java.lang.StringBuilder
            r3.<init>()
            java.lang.String r4 = "Failed to determine the existence of certificate for device authentication with "
            r3.append(r4)
            java.lang.String r4 = r1.getMessage()
            r3.append(r4)
            java.lang.String r3 = r3.toString()
            r2.error(r3, r1)
            return r0
        */
        throw new UnsupportedOperationException("Method not decompiled: com.worklight.common.security.WLUserAuthManager.doesValidCertificateExist():boolean");
    }

    public KeyPair generateKeyPair(int i) {
        return generateKeyPair("", i);
    }

    @Override // com.worklight.common.security.WLCertManager
    protected String getAlias(String str) {
        WLConfig.createInstance(this.context);
        if (!WLConfig.getInstance().isShareUserCert()) {
            return "com.worklight.userenrollment.certificate:" + this.context.getPackageName();
        }
        logger.debug("Using group support alias for user certificate authentication realm.");
        return "com.worklight.userenrollment.certificate:" + this.context.getApplicationInfo().uid;
    }

    public void saveCertificate(String str, String str2) {
        logger.debug("Saving certificate for user certificate authentication realm...");
        saveCertificate("", str, str2);
        logger.debug("Certificate saved for user certificate authentication realm.");
    }
}
