package com.promobitech.mobilock.handler;

import android.net.wifi.WifiEnterpriseConfig;
import com.promobitech.bamboo.Bamboo;
import com.promobitech.mobilock.certmanager.certificates.ClientCertificateSchema;
import com.promobitech.mobilock.certmanager.common.CertManagerApplication;
import com.promobitech.mobilock.certmanager.common.di.CertCompositionRoot;
import com.promobitech.mobilock.certmanager.common.helper.CertUtilsKt;
import com.promobitech.mobilock.certmanager.common.helper.CertificateKotlinExtensionHelperKt;
import com.promobitech.mobilock.certmanager.crypto.StreamCryptoHelper;
import com.promobitech.mobilock.certmanager.repository.CertificateRepository;
import com.promobitech.mobilock.utils.Utils;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.List;
import kotlin.jvm.internal.Intrinsics;

/* loaded from: classes2.dex */
public final class WifiEnterpriseConfigHelper {
    public static final WifiEnterpriseConfigHelper a = new WifiEnterpriseConfigHelper();

    private WifiEnterpriseConfigHelper() {
    }

    public final WifiEnterpriseConfig a(CertManagerApplication application, String wifiServiceIdentifier) {
        Object obj;
        Intrinsics.c(application, "application");
        Intrinsics.c(wifiServiceIdentifier, "wifiServiceIdentifier");
        if (!Utils.d()) {
            return null;
        }
        CertCompositionRoot b = application.b();
        CertificateRepository c = b.c();
        StreamCryptoHelper n = b.n();
        List<ClientCertificateSchema> a2 = c.a();
        String a3 = c.a(wifiServiceIdentifier);
        List<String> b2 = c.b(wifiServiceIdentifier);
        WifiEnterpriseConfig wifiEnterpriseConfig = new WifiEnterpriseConfig();
        if (!Intrinsics.a((Object) a3, (Object) "-1")) {
            Iterator<T> it = a2.iterator();
            while (true) {
                if (!it.hasNext()) {
                    obj = null;
                    break;
                }
                obj = it.next();
                if (Intrinsics.a((Object) String.valueOf(((ClientCertificateSchema) obj).b()), (Object) a3)) {
                    break;
                }
            }
            ClientCertificateSchema clientCertificateSchema = (ClientCertificateSchema) obj;
            if (clientCertificateSchema != null) {
                String a4 = n.a(clientCertificateSchema.f());
                KeyStore g = b.g();
                CertificateKotlinExtensionHelperKt.a(g, a4, clientCertificateSchema.h());
                Enumeration<String> aliases = g.aliases();
                Intrinsics.b(aliases, "ks.aliases()");
                ArrayList list = Collections.list(aliases);
                Intrinsics.b(list, "java.util.Collections.list(this)");
                ArrayList<String> arrayList = list;
                String h = clientCertificateSchema.h();
                if (h == null) {
                    throw new NullPointerException("null cannot be cast to non-null type java.lang.String");
                }
                char[] charArray = h.toCharArray();
                Intrinsics.b(charArray, "(this as java.lang.String).toCharArray()");
                KeyStore.PasswordProtection passwordProtection = new KeyStore.PasswordProtection(charArray);
                for (String alias : arrayList) {
                    Intrinsics.b(alias, "alias");
                    if (CertUtilsKt.a(alias, g)) {
                        KeyStore.Entry entry = g.getEntry(alias, passwordProtection);
                        if (entry == null) {
                            throw new NullPointerException("null cannot be cast to non-null type java.security.KeyStore.PrivateKeyEntry");
                        }
                        KeyStore.PrivateKeyEntry privateKeyEntry = (KeyStore.PrivateKeyEntry) entry;
                        if (Utils.l()) {
                            Certificate[] chain = g.getCertificateChain(alias);
                            Intrinsics.b(chain, "chain");
                            ArrayList arrayList2 = new ArrayList(chain.length);
                            for (Certificate certificate : chain) {
                                if (certificate == null) {
                                    throw new NullPointerException("null cannot be cast to non-null type java.security.cert.X509Certificate");
                                }
                                arrayList2.add((X509Certificate) certificate);
                            }
                            Object[] array = arrayList2.toArray(new X509Certificate[0]);
                            if (array == null) {
                                throw new NullPointerException("null cannot be cast to non-null type kotlin.Array<T>");
                            }
                            wifiEnterpriseConfig.setClientKeyEntryWithCertificateChain(privateKeyEntry.getPrivateKey(), (X509Certificate[]) array);
                            Bamboo.c("wifi enterprise config private cert chain added", new Object[0]);
                        } else if (Utils.d()) {
                            Certificate certificate2 = g.getCertificate(alias);
                            if (certificate2 == null) {
                                throw new NullPointerException("null cannot be cast to non-null type java.security.cert.X509Certificate");
                            }
                            wifiEnterpriseConfig.setClientKeyEntry(privateKeyEntry.getPrivateKey(), (X509Certificate) certificate2);
                            Bamboo.c("wifi enterprise config private certificate added", new Object[0]);
                        } else {
                            Bamboo.c("wifi enterprise config private certificate api below 18 not supported", new Object[0]);
                        }
                    }
                }
            }
        }
        if (!b2.isEmpty()) {
            ArrayList arrayList3 = new ArrayList();
            for (Object obj2 : a2) {
                if (b2.contains(String.valueOf(((ClientCertificateSchema) obj2).b()))) {
                    arrayList3.add(obj2);
                }
            }
            CertificateFactory h2 = b.h();
            ArrayList arrayList4 = new ArrayList();
            Iterator it2 = arrayList3.iterator();
            while (it2.hasNext()) {
                Certificate a5 = CertificateKotlinExtensionHelperKt.a(h2, n.a(((ClientCertificateSchema) it2.next()).f()));
                if (!(a5 instanceof X509Certificate)) {
                    a5 = null;
                }
                X509Certificate x509Certificate = (X509Certificate) a5;
                if (x509Certificate != null) {
                    arrayList4.add(x509Certificate);
                } else {
                    Bamboo.c("Trusted certificate is null", new Object[0]);
                }
            }
            ArrayList arrayList5 = arrayList4;
            if (!arrayList5.isEmpty()) {
                if (Utils.j()) {
                    Object[] array2 = arrayList5.toArray(new X509Certificate[0]);
                    if (array2 == null) {
                        throw new NullPointerException("null cannot be cast to non-null type kotlin.Array<T>");
                    }
                    wifiEnterpriseConfig.setCaCertificates((X509Certificate[]) array2);
                    Bamboo.c("wifi enterprise config server certificates added", new Object[0]);
                } else if (Utils.d()) {
                    wifiEnterpriseConfig.setCaCertificate((X509Certificate) arrayList4.get(0));
                    Bamboo.c("wifi enterprise config only single server certificate added", new Object[0]);
                } else {
                    Bamboo.c("wifi enterprise config server certificate api below 18 not supported", new Object[0]);
                }
            }
        }
        return wifiEnterpriseConfig;
    }
}
