package com.worklight.common.security;

import com.worklight.common.n;
import com.worklight.nativeandroid.common.WLUtils;
import com.worklight.wlclient.a.s;
import com.worklight.wlclient.o;
import com.worklight.wlclient.r;
import java.io.File;
import java.io.FileInputStream;
import java.security.KeyPair;
import java.security.KeyStore;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateNotYetValidException;
import java.security.cert.X509Certificate;
import java.util.HashMap;
import java.util.Iterator;
import java.util.Map;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.security.auth.x500.X500Principal;
import org.a.a.bc;
import org.a.a.bg;
import org.a.a.bh;
import org.a.a.bj;
import org.json.JSONObject;

/* loaded from: classes.dex */
public class e extends b {
    private static e e;
    private static com.worklight.common.a d = com.worklight.common.a.a("wl.userAuthManager");
    private static String f = ".x509Keystore";
    private static char[] g = "worklight".toCharArray();

    private e() {
        super(f, g);
    }

    public static synchronized e a() {
        e eVar;
        synchronized (e.class) {
            if (e == null) {
                e = new e();
            }
            eVar = e;
        }
        return eVar;
    }

    private Map<String, bc> d() {
        HashMap hashMap = new HashMap();
        hashMap.put("challengepassword", org.a.a.d.c.Z);
        hashMap.put("contenttype", org.a.a.d.c.V);
        hashMap.put("countersignature", org.a.a.d.c.Y);
        hashMap.put("emailaddress", org.a.a.d.c.T);
        hashMap.put("extendedcertificateattributes", org.a.a.d.c.ab);
        hashMap.put("extensionrequest", org.a.a.d.c.ad);
        hashMap.put("friendlyname", org.a.a.d.c.af);
        hashMap.put("localkeyid", org.a.a.d.c.ag);
        hashMap.put("messagedigest", org.a.a.d.c.W);
        hashMap.put("signingdescription", org.a.a.d.c.ac);
        hashMap.put("signingdime", org.a.a.d.c.X);
        hashMap.put("smimecapabilities", org.a.a.d.c.ae);
        hashMap.put("unstructuredaddress", org.a.a.d.c.aa);
        hashMap.put("unstructuredname", org.a.a.d.c.U);
        return hashMap;
    }

    private KeyStore e() {
        KeyStore f2 = f();
        KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm()).init(f2, g);
        return f2;
    }

    private KeyStore f() {
        KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
        File file = new File(this.b.getFilesDir().getAbsolutePath() + "/" + f);
        if (!file.exists()) {
            return null;
        }
        keyStore.load(new FileInputStream(file), g);
        return keyStore;
    }

    public String a(JSONObject jSONObject) {
        return b(jSONObject, "");
    }

    public KeyPair a(int i) {
        return a("", i);
    }

    public JSONObject a(r rVar, s sVar) {
        d.f("Establishing SSL connection with the server using the user certificate from the user certificate realm.");
        JSONObject jSONObject = new JSONObject();
        try {
            com.worklight.wlclient.d.a(e(), g);
            String a = n.a().a("WL-Instance-Id");
            if (!WLUtils.b(a)) {
                com.worklight.wlclient.a.c.b().a("WL-Instance-Id", a);
            }
            s sVar2 = new s();
            if (sVar == null) {
                sVar = sVar2;
            }
            if (rVar == null) {
                rVar = new f(this);
            }
            new o(rVar, sVar, n.a(), this.b).a("sslclientauth");
        } catch (SSLPeerUnverifiedException e2) {
            d.c(e2.getClass() + " : " + e2.getMessage());
        } catch (Throwable th) {
            d.a("Exception while authenticating with user certificate.", th);
            throw th;
        }
        return jSONObject;
    }

    @Override // com.worklight.common.security.b
    public void a(String str, String str2) {
        d.f("Saving certificate for user certificate authentication realm...");
        a("", str, str2);
        d.f("Certificate saved for user certificate authentication realm.");
    }

    @Override // com.worklight.common.security.b
    protected String b(String str) {
        n.a(this.b);
        if (!n.a().b()) {
            return "com.worklight.userenrollment.certificate:" + this.b.getPackageName();
        }
        d.f("Using group support alias for user certificate authentication realm.");
        return "com.worklight.userenrollment.certificate:" + this.b.getApplicationInfo().uid;
    }

    public String b(JSONObject jSONObject, String str) {
        String str2;
        JSONObject jSONObject2 = jSONObject.getJSONObject("subject");
        JSONObject optJSONObject = jSONObject.optJSONObject("attributes");
        Iterator<String> keys = jSONObject2.keys();
        String str3 = "";
        while (true) {
            str2 = str3;
            if (!keys.hasNext()) {
                break;
            }
            String next = keys.next();
            str3 = str2 + next + "=" + jSONObject2.getString(next);
            if (keys.hasNext()) {
                str3 = str3 + ",";
            }
        }
        bj bjVar = null;
        if (optJSONObject != null) {
            Map<String, bc> d2 = d();
            Iterator<String> keys2 = optJSONObject.keys();
            org.a.a.e eVar = new org.a.a.e();
            while (keys2.hasNext()) {
                String next2 = keys2.next();
                if (next2 != null) {
                    String string = optJSONObject.getString(next2);
                    try {
                        bc bcVar = d2.get(next2.toLowerCase());
                        bg bgVar = new bg(string);
                        org.a.a.e eVar2 = new org.a.a.e();
                        org.a.a.e eVar3 = new org.a.a.e();
                        eVar2.a(bcVar);
                        eVar3.a(bgVar);
                        eVar2.a(new bj(eVar3));
                        eVar.a(new bh(eVar2));
                    } catch (Throwable th) {
                        d.a("There was a problem adding attribute " + next2 + "to the CSR.", th);
                    }
                }
            }
            bjVar = new bj(eVar);
        }
        KeyPair keyPair = this.c.get(b(str));
        return com.worklight.c.a.a(new org.a.c.a("SHA1withRSA", new X500Principal(str2), keyPair.getPublic(), bjVar, keyPair.getPrivate()).b(), "UTF-8");
    }

    public boolean b() {
        boolean z;
        try {
            KeyStore.PrivateKeyEntry f2 = f("");
            boolean z2 = f2 != null;
            if (z2) {
                try {
                    ((X509Certificate) f2.getCertificate()).checkValidity();
                    z = true;
                } catch (CertificateExpiredException e2) {
                    d.b("Certificate has expired: " + e2.getMessage());
                    z = false;
                } catch (CertificateNotYetValidException e3) {
                    d.b("Certificate is not yet valid: " + e3.getMessage());
                    z = false;
                }
            } else {
                z = true;
            }
            if (z) {
                d.g("doesValidCertificateExists = " + z2);
                return z2;
            }
            d("");
            d.g("doesValidCertificateExists = false (Certificate not yet valid or expired)");
            return false;
        } catch (Exception e4) {
            d.a("Failed to determine the existence of certificate for device authentication with " + e4.getMessage(), e4);
            return false;
        }
    }

    public void c() {
        c("");
    }
}
