package net.pulsesecure.modules.sdp;

import android.annotation.SuppressLint;
import android.content.Context;
import android.content.Intent;
import android.net.Uri;
import android.net.http.SSLUtilities;
import android.os.Build;
import android.text.TextUtils;
import com.facebook.react.bridge.Arguments;
import com.facebook.react.bridge.WritableMap;
import com.pulsesecure.constantsapiservice.ConstantsApiService;
import com.pulsesecure.ztaeventemitter.ZTAEventEmitter;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.nio.charset.Charset;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
import java.util.concurrent.Callable;
import javax.net.ssl.SSLProtocolException;
import net.juniper.junos.pulse.android.JunosApplication;
import net.juniper.junos.pulse.android.PrefUtils;
import net.juniper.junos.pulse.android.session.SDPGatewayProfile;
import net.juniper.junos.pulse.android.session.SessionUtils;
import net.juniper.junos.pulse.android.sql.VpnProfile;
import net.juniper.junos.pulse.android.util.Base64;
import net.juniper.junos.pulse.android.util.IKeystoreCertUtil;
import net.juniper.junos.pulse.android.util.KeystoreCertUtil;
import net.juniper.junos.pulse.android.util.PulseUtil;
import net.juniper.junos.pulse.android.util.SettingsUtil;
import net.juniper.junos.pulse.android.vpnservice.VpnService;
import net.juniper.junos.pulse.android.vpnservice.VpnServiceIcs;
import net.pulsesecure.infra.q;
import net.pulsesecure.modules.proto.CaCertResponseMsg;
import net.pulsesecure.modules.proto.CertificateResponseMsg;
import net.pulsesecure.modules.proto.IWorkspaceRestProtocol;
import net.pulsesecure.modules.proto.ProtoImpl;
import net.pulsesecure.modules.proto.TimeToRenewResponseMsg;
import net.pulsesecure.modules.sdp.c;
import net.pulsesecure.modules.system.IAndroidWrapper;
import net.pulsesecure.modules.vpn.VpnProfileManager;
import net.pulsesecure.pulsesecure.R;
import net.pulsesecure.pws.ui.AAAAuthActivity;
import org.json.JSONArray;
import org.json.JSONObject;
import org.spongycastle.jcajce.provider.asymmetric.x509.CertificateFactory;

/* compiled from: SDPControllerImpl.kt */
/* loaded from: classes2.dex */
public final class f extends net.pulsesecure.infra.c<c.a> implements net.pulsesecure.modules.sdp.c {

    /* renamed from: a, reason: collision with root package name */
    private final j.f.c f15751a = q.b();

    /* renamed from: b, reason: collision with root package name */
    private IAndroidWrapper f15752b;

    /* renamed from: c, reason: collision with root package name */
    private net.pulsesecure.g.b.d f15753c;

    /* renamed from: d, reason: collision with root package name */
    private net.pulsesecure.modules.vpn.d f15754d;

    /* renamed from: e, reason: collision with root package name */
    private final IKeystoreCertUtil f15755e;

    /* renamed from: f, reason: collision with root package name */
    private SDPEnrollStatusMsg f15756f;

    /* renamed from: g, reason: collision with root package name */
    private final byte f15757g;

    /* renamed from: h, reason: collision with root package name */
    private final int f15758h;

    /* renamed from: i, reason: collision with root package name */
    private final Context f15759i;

    /* compiled from: SDPControllerImpl.kt */
    /* loaded from: classes2.dex */
    public static final class a {
        private a() {
        }

        public /* synthetic */ a(g.z.d.g gVar) {
            this();
        }
    }

    /* compiled from: SDPControllerImpl.kt */
    /* loaded from: classes2.dex */
    static final class b<V> implements Callable<Void> {
        b() {
        }

        @Override // java.util.concurrent.Callable
        public final Void call() {
            try {
                String str = f.this.f15753c.b("/workspaces/%s/sdp/enrollment-status", "GET", null).f15272a;
                f fVar = f.this;
                com.cellsec.api.a b2 = com.cellsec.api.b.b(str, SDPEnrollStatusMsg.class);
                g.z.d.j.b(b2, "JsonWrapper.fromJson(str…ollStatusMsg::class.java)");
                fVar.f15756f = (SDPEnrollStatusMsg) b2;
                f.this.a(f.e(f.this));
            } catch (net.pulsesecure.g.b.e e2) {
                f.this.f15751a.d("SDP enroll status check failed with error : {}", e2.f());
                if (e2.g() == 404) {
                    f.this.getClient().onSDPUnEnrolled(c.d.MSG_SERVER_UN_ENROLL);
                } else {
                    f.this.getClient().onSDPNotAllowed(c.EnumC0291c.ENROLLMENT_STATUS_CHECK_FAILED, e2.f());
                }
            }
            return null;
        }
    }

    /* compiled from: SDPControllerImpl.kt */
    /* loaded from: classes2.dex */
    static final class c implements net.pulsesecure.modules.proto.l.b {
        c() {
        }

        @Override // net.pulsesecure.modules.proto.l.b
        public final void a(String str, boolean z, Exception exc) {
            if (z) {
                return;
            }
            String message = exc.getMessage();
            if (exc instanceof net.pulsesecure.g.b.e) {
                message = ((net.pulsesecure.g.b.e) exc).f();
            }
            f.this.f15751a.d("SDP enroll status check failed with error : {}", message);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* compiled from: SDPControllerImpl.kt */
    /* loaded from: classes2.dex */
    public static final class d<V> implements Callable<Void> {
        d() {
        }

        @Override // java.util.concurrent.Callable
        public final Void call() {
            try {
                String str = f.this.f15753c.a("/sdp/devices/%s/enrollment-status", "GET", (String) null, false).f15272a;
                f.this.f15751a.s("SDP enroll status response :" + str);
                if (((SDPEnrollStatusMsgCert) com.cellsec.api.b.b(str, SDPEnrollStatusMsgCert.class)).getStatus() == net.pulsesecure.modules.sdp.h.registered) {
                    if (f.this.f15752b.K() || !f.this.f15752b.Z().equals(Build.VERSION.RELEASE)) {
                        f.this.f15751a.s("SDP Device Info Update Required");
                        f.this.W0();
                    }
                    f.this.U0();
                }
            } catch (SSLProtocolException e2) {
                f.this.f15751a.d("SDP enroll status check failed with error SSLProtocolException : {}", e2.getMessage());
                f.this.K0();
            } catch (net.pulsesecure.g.b.e e3) {
                f.this.f15751a.d("SDP enroll status check failed with error : {}", e3.f());
                if (e3.g() == 404) {
                    f.this.K0();
                } else {
                    f.this.getClient().onSDPNotAllowed(c.EnumC0291c.ENROLLMENT_STATUS_CHECK_FAILED, e3.f());
                }
            }
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* compiled from: SDPControllerImpl.kt */
    /* loaded from: classes2.dex */
    public static final class e implements net.pulsesecure.modules.proto.l.b {
        e() {
        }

        @Override // net.pulsesecure.modules.proto.l.b
        public final void a(String str, boolean z, Exception exc) {
            if (z) {
                return;
            }
            String message = exc.getMessage();
            if (exc instanceof net.pulsesecure.g.b.e) {
                message = ((net.pulsesecure.g.b.e) exc).f();
            }
            f.this.f15751a.d("SDP enroll status check failed with error : {}", message);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* compiled from: SDPControllerImpl.kt */
    /* renamed from: net.pulsesecure.modules.sdp.f$f, reason: collision with other inner class name */
    /* loaded from: classes2.dex */
    public static final class CallableC0292f<V> implements Callable<Void> {
        CallableC0292f() {
        }

        @Override // java.util.concurrent.Callable
        public final Void call() {
            try {
                CertificateResponseMsg certificateResponseMsg = (CertificateResponseMsg) com.cellsec.api.b.b(f.this.f15753c.a("/sdp/devices/%s/certificate/renew", "POST", (String) null, false).f15272a, CertificateResponseMsg.class);
                f.this.f15751a.s("SDP cert renewal successful");
                f.this.a(certificateResponseMsg != null ? certificateResponseMsg.certificate : null, certificateResponseMsg != null ? certificateResponseMsg.password : null);
                f.this.b(certificateResponseMsg);
                f.this.l(certificateResponseMsg != null ? certificateResponseMsg.ca_cert_pem : null);
                f.this.f15752b.U().a("force_update_ca_cert_chains", false);
                f.this.L0();
            } catch (net.pulsesecure.g.b.e e2) {
                f.this.f15751a.d("SDP cert renew failed with error : {}", e2.getMessage());
            }
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* compiled from: SDPControllerImpl.kt */
    /* loaded from: classes2.dex */
    public static final class g implements net.pulsesecure.modules.proto.l.b {
        g() {
        }

        @Override // net.pulsesecure.modules.proto.l.b
        public final void a(String str, boolean z, Exception exc) {
            if (z) {
                return;
            }
            String message = exc.getMessage();
            if (exc instanceof net.pulsesecure.g.b.e) {
                message = ((net.pulsesecure.g.b.e) exc).f();
            }
            f.this.f15751a.d("SDP cert renew failed with error : {}", message);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* compiled from: SDPControllerImpl.kt */
    /* loaded from: classes2.dex */
    public static final class h<V> implements Callable<Void> {
        h() {
        }

        @Override // java.util.concurrent.Callable
        public final Void call() {
            try {
                TimeToRenewResponseMsg timeToRenewResponseMsg = (TimeToRenewResponseMsg) com.cellsec.api.b.b(f.this.f15753c.a("/certificates/self/certificates/time_to_renew", "POST", (String) null, false).f15272a, TimeToRenewResponseMsg.class);
                j.f.c cVar = f.this.f15751a;
                g.z.d.j.a(timeToRenewResponseMsg);
                cVar.d("SDP cert Time To Renew Status :{}", Boolean.valueOf(timeToRenewResponseMsg.time_to_renew));
                boolean b2 = f.this.f15752b.U().b("force_update_ca_cert_chains", true);
                f.this.f15751a.d("SDP cert forceUpdate :{}", Boolean.valueOf(b2));
                if ((timeToRenewResponseMsg.time_to_renew || b2) && f.this.S0()) {
                    f.this.T0();
                }
            } catch (net.pulsesecure.g.b.e e2) {
                f.this.f15751a.d("SDP cert Time To Renew failed with error : {}", e2.getMessage());
            }
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* compiled from: SDPControllerImpl.kt */
    /* loaded from: classes2.dex */
    public static final class i implements net.pulsesecure.modules.proto.l.b {
        i() {
        }

        @Override // net.pulsesecure.modules.proto.l.b
        public final void a(String str, boolean z, Exception exc) {
            if (z) {
                return;
            }
            String message = exc.getMessage();
            if (exc instanceof net.pulsesecure.g.b.e) {
                message = ((net.pulsesecure.g.b.e) exc).f();
            }
            f.this.f15751a.d("SDP cert Time To Renew renew failed with error : {}", message);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* compiled from: SDPControllerImpl.kt */
    /* loaded from: classes2.dex */
    public static final class j<V> implements Callable<Void> {
        j() {
        }

        @Override // java.util.concurrent.Callable
        public final Void call() {
            IWorkspaceRestProtocol.SdpEnrolRequest Q0;
            net.pulsesecure.g.b.a a2;
            CertificateResponseMsg certificateResponseMsg;
            try {
                Q0 = f.this.Q0();
                a2 = f.this.f15753c.a("/clients/enroll", "POST", com.cellsec.api.b.a((com.cellsec.api.a) Q0), f.this.f15752b.U().getString(AAAAuthActivity.PREF_COOKIE, ""));
                certificateResponseMsg = (CertificateResponseMsg) com.cellsec.api.b.b(a2.f15272a, CertificateResponseMsg.class);
            } catch (net.pulsesecure.g.b.e e2) {
                if (!TextUtils.isEmpty(e2.f()) && e2.g() == 400) {
                    f.this.f15751a.d("SDP enroll failed with error HTTP_STATUS_CODE_BAD_REQUEST : {}", e2.f());
                    f.this.getClient().onSDPNotAllowed(c.EnumC0291c.BAD_REQUEST, e2.f());
                } else if (e2.g() == 409) {
                    f.this.f15751a.d("SDP enroll failed with error HTTP_STATUS_CODE_CONFLICT : {}", e2.f());
                    f.this.getClient().onSDPNotAllowed(c.EnumC0291c.ENROLLMENT_LIMIT_REACHED, f.this.f15752b.getString(R.string.maximum_enrolment_limit_reached));
                } else {
                    f.this.f15751a.d("SDP enroll failed with error : {}", e2.f());
                    f.this.getClient().onSDPNotAllowed(c.EnumC0291c.ENROLLMENT_FAILED, e2.f());
                }
            }
            if (certificateResponseMsg == null && a2.f15273b != 204) {
                c.a.C0290a.a(f.this.getClient(), c.EnumC0291c.ENROLLMENT_FAILED, null, 2, null);
                return null;
            }
            f.this.f15752b.U().putString("workspaceId", certificateResponseMsg.id);
            f.this.f15752b.t(false);
            f.this.f15752b.e(Q0.os_version);
            f.this.a(certificateResponseMsg);
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* compiled from: SDPControllerImpl.kt */
    /* loaded from: classes2.dex */
    public static final class k implements net.pulsesecure.modules.proto.l.b {
        k() {
        }

        @Override // net.pulsesecure.modules.proto.l.b
        public final void a(String str, boolean z, Exception exc) {
            if (z) {
                return;
            }
            String message = exc.getMessage();
            if (exc instanceof net.pulsesecure.g.b.e) {
                message = ((net.pulsesecure.g.b.e) exc).f();
            }
            f.this.f15751a.d("SDP enroll failed with error : {}", message);
            f.this.getClient().onSDPNotAllowed(c.EnumC0291c.ENROLLMENT_FAILED, message);
        }
    }

    /* compiled from: SDPControllerImpl.kt */
    /* loaded from: classes2.dex */
    public static final class l implements net.pulsesecure.g.b.c {

        /* renamed from: b, reason: collision with root package name */
        final /* synthetic */ long f15771b;

        /* renamed from: c, reason: collision with root package name */
        final /* synthetic */ net.pulsesecure.modules.sdp.d f15772c;

        l(long j2, net.pulsesecure.modules.sdp.d dVar) {
            this.f15771b = j2;
            this.f15772c = dVar;
        }

        @Override // net.pulsesecure.g.b.c
        public void g() {
            f.this.a(this.f15771b, this.f15772c);
        }
    }

    static {
        new a(null);
    }

    public f(Context context) {
        this.f15759i = context;
        net.pulsesecure.infra.j proxy = getProxy(IAndroidWrapper.class, null);
        g.z.d.j.b(proxy, "getProxy(IAndroidWrapper::class.java, null)");
        this.f15752b = (IAndroidWrapper) proxy;
        this.f15753c = new ProtoImpl(this.f15759i);
        this.f15754d = new VpnProfileManager(JunosApplication.getApplication());
        this.f15755e = new KeystoreCertUtil();
        this.f15758h = 1000;
    }

    private final void M0() {
        long j2 = this.f15752b.U().getLong("SDP_CERT_EXPIRY_NOT_BEFORE", -1L);
        long j3 = this.f15752b.U().getLong("SDP_CERT_EXPIRY_NOT_AFTER", -1L);
        if (j2 == -1 || j3 == -1) {
            this.f15751a.s("SDP cert expire date is not available. Cert renew check cancelled");
            return;
        }
        this.f15751a.d("SDP cert expires in :{} ", new Date(j3));
        Date date = new Date(j2 + (((j3 - j2) / 100) * 90));
        this.f15751a.d("SDP cert renew date :{} ", date);
        if (date.before(new Date())) {
            T0();
        }
    }

    private final void N0() {
        this.f15751a.s("Deleting SDP CA cert");
        IKeystoreCertUtil iKeystoreCertUtil = this.f15755e;
        Context context = this.f15759i;
        g.z.d.j.a(context);
        iKeystoreCertUtil.deleteCACertificate(context);
    }

    private final void O0() {
        this.f15751a.s("Deleting SDP cert");
        IKeystoreCertUtil iKeystoreCertUtil = this.f15755e;
        Context context = this.f15759i;
        g.z.d.j.a(context);
        iKeystoreCertUtil.deleteCertificate(context, "PULSE_SDP_CERTIFICATE");
    }

    private final boolean P0() {
        List<CaCertResponseMsg.CertItems> list;
        this.f15751a.s("Fetching the CA certs from server");
        try {
            CaCertResponseMsg caCertResponseMsg = (CaCertResponseMsg) com.cellsec.api.b.b(this.f15753c.a("/certificates/ca/client-trusted", "GET", this.f15752b.U().getString(AAAAuthActivity.PREF_COOKIE, "")).f15272a, CaCertResponseMsg.class);
            this.f15751a.d("Fetching the CA certs from server is success: Total cert received: {}", (caCertResponseMsg == null || (list = caCertResponseMsg.items) == null) ? null : Integer.valueOf(list.size()));
            a(caCertResponseMsg);
            this.f15752b.U().a("force_update_ca_cert_chains", false);
            return true;
        } catch (net.pulsesecure.g.b.e e2) {
            this.f15751a.d("Fetching the CA certs from server failed with error : {}", e2.f());
            return false;
        } catch (Exception unused) {
            this.f15751a.s("Exception in CA cert retrieval");
            return false;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public final IWorkspaceRestProtocol.SdpEnrolRequest Q0() {
        IWorkspaceRestProtocol.SdpEnrolRequest sdpEnrolRequest = new IWorkspaceRestProtocol.SdpEnrolRequest();
        sdpEnrolRequest.manufacturer = Build.MANUFACTURER;
        sdpEnrolRequest.model = Build.MODEL;
        sdpEnrolRequest.os_version = Build.VERSION.RELEASE;
        sdpEnrolRequest.os_type = "android";
        sdpEnrolRequest.serial_number = PulseUtil.getAndroidDeviceId();
        JunosApplication application = JunosApplication.getApplication();
        g.z.d.j.b(application, "JunosApplication.getApplication()");
        sdpEnrolRequest.client_version = application.getVersionName();
        return sdpEnrolRequest;
    }

    private final void R0() {
        if (this.f15752b.q0() == c.e.VERSION_2_5) {
            V0();
        } else if (this.f15752b.q0() == c.e.VERSION_3) {
            if (P0()) {
                V0();
            } else {
                c.a.C0290a.a(getClient(), c.EnumC0291c.ENROLLMENT_FAILED, null, 2, null);
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public final boolean S0() {
        List<CaCertResponseMsg.CertItems> list;
        this.f15751a.s("Renewing the CA certs from server");
        this.f15752b.U().getString(AAAAuthActivity.PREF_COOKIE, "");
        try {
            Integer num = null;
            CaCertResponseMsg caCertResponseMsg = (CaCertResponseMsg) com.cellsec.api.b.b(this.f15753c.a("/certificates/ca/client-trusted", "GET", (String) null, false).f15272a, CaCertResponseMsg.class);
            j.f.c cVar = this.f15751a;
            if (caCertResponseMsg != null && (list = caCertResponseMsg.items) != null) {
                num = Integer.valueOf(list.size());
            }
            cVar.d("Renewing the CA certs from server is success: Total cert received: {}", num);
            a(caCertResponseMsg);
            return true;
        } catch (net.pulsesecure.g.b.e e2) {
            this.f15751a.d("Renewing the CA certs from server failed with error : {}", e2.f());
            return false;
        } catch (Exception unused) {
            this.f15751a.s("Exception in CA cert Renewing");
            return false;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public final void T0() {
        this.f15751a.s("Start SDP cert renewal");
        this.f15753c.a("sdp/devices/certificate/renew", new CallableC0292f(), new g());
    }

    /* JADX INFO: Access modifiers changed from: private */
    public final void U0() {
        this.f15753c.a("certificates/self/certificates/time_to_renew", new h(), new i());
    }

    private final void V0() {
        this.f15751a.s("Start SDP enrollment");
        this.f15753c.a("clients/enroll", new j(), new k());
    }

    /* JADX INFO: Access modifiers changed from: private */
    public final void W0() {
        this.f15751a.s("Update device info cert");
        try {
            IWorkspaceRestProtocol.SdpEnrolRequest Q0 = Q0();
            this.f15751a.d("Update device info cert successful", this.f15753c.a("/sdp/devices/%s/device", "PUT", com.cellsec.api.b.a((com.cellsec.api.a) Q0), false).f15272a);
            this.f15752b.t(false);
            this.f15752b.e(Q0.os_version);
        } catch (Exception e2) {
            this.f15751a.d("Update device info cert failed with error : {}", e2.getMessage());
        }
    }

    private final void a(long j2) {
        net.pulsesecure.modules.vpn.d dVar = this.f15754d;
        VpnProfile profile = dVar != null ? dVar.getProfile(j2) : null;
        if (profile != null) {
            net.pulsesecure.modules.vpn.d dVar2 = this.f15754d;
            if (dVar2 != null) {
                dVar2.deleteConnection(profile);
            }
            this.f15752b.U().putLong("sdpProfileId", -1L);
            JunosApplication.getApplication().refreshProfiles();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public final void a(long j2, net.pulsesecure.modules.sdp.d dVar) {
        a(j2);
        O0();
        N0();
        JunosApplication.getApplication().refreshProfiles();
        getClient().onSDPUnEnrolled(c.d.MSG_CLIENT_UN_ENROLL);
        if (dVar != null) {
            dVar.I0();
        }
        net.juniper.junos.pulse.android.f.a.e();
    }

    /* JADX INFO: Access modifiers changed from: private */
    public final void a(String str, String str2) {
        char[] cArr;
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(Base64.decode(str));
        KeyStore keyStore = KeyStore.getInstance("PKCS12");
        try {
            if (str2 == null) {
                cArr = null;
            } else {
                if (str2 == null) {
                    throw new NullPointerException("null cannot be cast to non-null type java.lang.String");
                }
                cArr = str2.toCharArray();
                g.z.d.j.b(cArr, "(this as java.lang.String).toCharArray()");
            }
            keyStore.load(byteArrayInputStream, cArr);
            String str3 = "";
            if (keyStore.aliases().hasMoreElements()) {
                String nextElement = keyStore.aliases().nextElement();
                g.z.d.j.b(nextElement, "keyStore.aliases().nextElement()");
                str3 = nextElement;
            }
            Certificate certificate = keyStore.getCertificate(str3);
            if (certificate == null || !(certificate instanceof X509Certificate)) {
                return;
            }
            this.f15751a.d("SDP cert expires in :{} ", ((X509Certificate) certificate).getNotAfter());
            net.pulsesecure.modules.system.c U = this.f15752b.U();
            Date notBefore = ((X509Certificate) certificate).getNotBefore();
            g.z.d.j.b(notBefore, "certificate.notBefore");
            U.putLong("SDP_CERT_EXPIRY_NOT_BEFORE", notBefore.getTime());
            net.pulsesecure.modules.system.c U2 = this.f15752b.U();
            Date notAfter = ((X509Certificate) certificate).getNotAfter();
            g.z.d.j.b(notAfter, "certificate.notAfter");
            U2.putLong("SDP_CERT_EXPIRY_NOT_AFTER", notAfter.getTime());
        } catch (Exception unused) {
            this.f15751a.s("SDP cert expiry date could not be saved");
        }
    }

    private final void a(net.pulsesecure.g.b.c cVar) {
        this.f15751a.s("Update SDP unenroll server status");
        try {
            try {
                this.f15751a.d("Update SDP unenroll server status successful", ((this.f15752b.J() || this.f15752b.n()) && this.f15752b.q0() == c.e.VERSION_3) ? this.f15753c.a("/sdp/devices/%s/unenroll", "POST", (String) null, false).f15272a : this.f15753c.a("/afw/spaces/%s/unenroll", net.pulsesecure.g.b.b.Hawk, "POST", (String) null, (String) null).f15272a);
            } catch (IOException e2) {
                this.f15751a.d("Update SDP unenroll server status failed with error : {}", e2.getMessage());
            }
        } finally {
            cVar.g();
        }
    }

    @SuppressLint({"DefaultLocale"})
    private final void a(CaCertResponseMsg caCertResponseMsg) {
        List<CaCertResponseMsg.CertItems> list;
        this.f15751a.s("saveServerCaCertInKeystore");
        ArrayList arrayList = new ArrayList();
        if (caCertResponseMsg != null && (list = caCertResponseMsg.items) != null) {
            for (CaCertResponseMsg.CertItems certItems : list) {
                String str = certItems.format.toString();
                if (str == null) {
                    throw new NullPointerException("null cannot be cast to non-null type java.lang.String");
                }
                String upperCase = str.toUpperCase();
                g.z.d.j.b(upperCase, "(this as java.lang.String).toUpperCase()");
                if (g.z.d.j.a((Object) upperCase, (Object) "PEM")) {
                    String str2 = certItems.type.toString();
                    if (str2 == null) {
                        throw new NullPointerException("null cannot be cast to non-null type java.lang.String");
                    }
                    String upperCase2 = str2.toUpperCase();
                    g.z.d.j.b(upperCase2, "(this as java.lang.String).toUpperCase()");
                    if (g.z.d.j.a((Object) upperCase2, (Object) "SERVER")) {
                        CertificateFactory certificateFactory = new CertificateFactory();
                        String str3 = certItems.certificate;
                        g.z.d.j.b(str3, "it.certificate");
                        Charset charset = g.e0.d.f14014a;
                        if (str3 == null) {
                            throw new NullPointerException("null cannot be cast to non-null type java.lang.String");
                        }
                        byte[] bytes = str3.getBytes(charset);
                        g.z.d.j.b(bytes, "(this as java.lang.String).getBytes(charset)");
                        Collection engineGenerateCertificates = certificateFactory.engineGenerateCertificates(new ByteArrayInputStream(bytes));
                        g.z.d.j.b(engineGenerateCertificates, "CertificateFactory().eng…ficate.byteInputStream())");
                        for (Object obj : engineGenerateCertificates) {
                            if (obj == null) {
                                throw new NullPointerException("null cannot be cast to non-null type java.security.cert.X509Certificate");
                            }
                            arrayList.add((X509Certificate) obj);
                        }
                    } else {
                        continue;
                    }
                }
            }
        }
        if (!(!arrayList.isEmpty())) {
            this.f15751a.s("Server caCertList is empty");
            return;
        }
        IKeystoreCertUtil iKeystoreCertUtil = this.f15755e;
        Context context = this.f15759i;
        g.z.d.j.a(context);
        iKeystoreCertUtil.saveSDPServerCACertsInKeystore(context, arrayList);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public final void a(CertificateResponseMsg certificateResponseMsg) {
        this.f15751a.s("SDP enrollment finished successfully");
        boolean b2 = b(certificateResponseMsg);
        this.f15751a.d("SDP certificate installed status - {}: ", Boolean.valueOf(b2));
        l(certificateResponseMsg != null ? certificateResponseMsg.ca_cert_pem : null);
        this.f15752b.u(b2);
        if (b2) {
            a(certificateResponseMsg != null ? certificateResponseMsg.certificate : null, certificateResponseMsg != null ? certificateResponseMsg.password : null);
        }
        a(certificateResponseMsg, b2);
        getClient().onSDPEnrolled();
        JunosApplication.getApplication().killRemoteProcess();
    }

    /* JADX WARN: Removed duplicated region for block: B:15:0x0098  */
    /* JADX WARN: Removed duplicated region for block: B:25:0x00f0  */
    /* JADX WARN: Removed duplicated region for block: B:30:0x00f5  */
    /* JADX WARN: Removed duplicated region for block: B:35:0x00c8  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private final void a(net.pulsesecure.modules.proto.CertificateResponseMsg r27, boolean r28) {
        /*
            Method dump skipped, instructions count: 272
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: net.pulsesecure.modules.sdp.f.a(net.pulsesecure.modules.proto.CertificateResponseMsg, boolean):void");
    }

    /* JADX INFO: Access modifiers changed from: private */
    public final void a(SDPEnrollStatusMsg sDPEnrollStatusMsg) {
        int i2 = net.pulsesecure.modules.sdp.g.f15773a[sDPEnrollStatusMsg.getSdp_status().ordinal()];
        if (i2 == 1) {
            this.f15751a.s("SDP unregistered");
            R0();
            return;
        }
        if (i2 == 2) {
            this.f15751a.s("SDP enrolling");
            return;
        }
        if (i2 == 3) {
            this.f15751a.s("SDP registered");
            M0();
        } else {
            if (i2 != 4) {
                return;
            }
            this.f15751a.s("SDP not supported");
            getClient().onSDPNotAllowed(c.EnumC0291c.NOT_SUPPORTED, "SDP not supported");
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public final boolean b(CertificateResponseMsg certificateResponseMsg) {
        this.f15751a.s("Install SDP Cert");
        if (certificateResponseMsg == null) {
            return false;
        }
        IKeystoreCertUtil iKeystoreCertUtil = this.f15755e;
        Context context = JunosApplication.getContext();
        g.z.d.j.b(context, "JunosApplication.getContext()");
        String str = certificateResponseMsg.certificate;
        g.z.d.j.b(str, "certMsg.certificate");
        String str2 = certificateResponseMsg.password;
        g.z.d.j.b(str2, "certMsg.password");
        return iKeystoreCertUtil.saveCertificateInKeystore(context, "PULSE_SDP_CERTIFICATE", str, str2) != null;
    }

    public static final /* synthetic */ SDPEnrollStatusMsg e(f fVar) {
        SDPEnrollStatusMsg sDPEnrollStatusMsg = fVar.f15756f;
        if (sDPEnrollStatusMsg != null) {
            return sDPEnrollStatusMsg;
        }
        g.z.d.j.e("sdpStatus");
        throw null;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public final void l(String str) {
        ByteArrayInputStream byteArrayInputStream;
        this.f15751a.s("saveClientCaCertInKeystore");
        ArrayList arrayList = new ArrayList();
        CertificateFactory certificateFactory = new CertificateFactory();
        if (str != null) {
            Charset charset = g.e0.d.f14014a;
            if (str == null) {
                throw new NullPointerException("null cannot be cast to non-null type java.lang.String");
            }
            byte[] bytes = str.getBytes(charset);
            g.z.d.j.b(bytes, "(this as java.lang.String).getBytes(charset)");
            byteArrayInputStream = new ByteArrayInputStream(bytes);
        } else {
            byteArrayInputStream = null;
        }
        Collection engineGenerateCertificates = certificateFactory.engineGenerateCertificates(byteArrayInputStream);
        g.z.d.j.b(engineGenerateCertificates, "CertificateFactory().eng…icate?.byteInputStream())");
        for (Object obj : engineGenerateCertificates) {
            if (obj == null) {
                throw new NullPointerException("null cannot be cast to non-null type java.security.cert.X509Certificate");
            }
            arrayList.add((X509Certificate) obj);
        }
        if (!(!arrayList.isEmpty())) {
            this.f15751a.s("Client caCertList is empty");
            return;
        }
        IKeystoreCertUtil iKeystoreCertUtil = this.f15755e;
        Context context = this.f15759i;
        g.z.d.j.a(context);
        iKeystoreCertUtil.saveSDPClientCACertsInKeystore(context, arrayList);
    }

    public final void J0() {
        this.f15751a.s("check SDP enroll status cert");
        if (!TextUtils.isEmpty(this.f15752b.U().getString("workspaceId", ""))) {
            this.f15753c.a("sdp/devices/enrollment-status", new d(), new e());
        } else {
            this.f15751a.s("No Saved Workspace ID");
            R0();
        }
    }

    public final void K0() {
        if (!(!PrefUtils.getBooleanPrefs(JunosApplication.getContext(), PrefUtils.KEY_ENABLE_REACT_UI))) {
            getClient().onSDPUnEnrolled(c.d.MSG_SERVER_UN_ENROLL);
            return;
        }
        WritableMap createMap = Arguments.createMap();
        createMap.putBoolean(ConstantsApiService.K_CONNECTION_IS_ZTA, true);
        ZTAEventEmitter.getInstance().sendEvent(ConstantsApiService.K_CONNECTION_STATUS_EVENT_CERT_REVOKED, createMap);
    }

    public final synchronized void L0() {
        this.f15751a.s("resume Gateway Session called");
        SSLUtilities.clearSessionCert();
        String sdpGatewayPolicies = SettingsUtil.getSdpGatewayPolicies(JunosApplication.getApplication().getActiveProfile().getUrl());
        List<SDPGatewayProfile> generateGatewaylistDataFromXml = !TextUtils.isEmpty(sdpGatewayPolicies) ? new SessionUtils().generateGatewaylistDataFromXml(sdpGatewayPolicies) : null;
        if (generateGatewaylistDataFromXml != null) {
            Iterator<SDPGatewayProfile> it = generateGatewaylistDataFromXml.iterator();
            while (it.hasNext()) {
                SDPGatewayProfile next = it.next();
                j.f.c cVar = this.f15751a;
                StringBuilder sb = new StringBuilder();
                sb.append("gatewayList item : ");
                sb.append(next != null ? next.getGatewayUri() : null);
                cVar.s(sb.toString());
                Intent intent = new Intent();
                intent.setAction(VpnService.SDP_GATEWAY_RESUME_SESSION_RETRY);
                intent.setClassName(JunosApplication.getContext(), VpnServiceIcs.SDP_GATEWAY_RESUME_RECEIVER);
                intent.putExtra(VpnService.GATEWAY_RESUME_NAME, next != null ? next.getGatewayUri() : null);
                intent.putExtra(JunosApplication.GATEWAY_RESUME_FROM_XPLATFORM, true);
                JunosApplication.getContext().sendBroadcast(intent);
            }
        } else {
            this.f15751a.s("gatewayList is empty");
        }
    }

    @Override // net.pulsesecure.modules.sdp.c
    public void a(long j2, boolean z, net.pulsesecure.modules.sdp.d dVar) {
        if (j2 != -1) {
            this.f15751a.s("Unenroll SDP profile");
            SSLUtilities.setConnectionType(this.f15757g);
            if (z) {
                a(new l(j2, dVar));
            } else {
                a(j2, dVar);
            }
        } else if (dVar != null) {
            dVar.I0();
        }
        this.f15753c = new ProtoImpl(this.f15759i);
    }

    @Override // net.pulsesecure.modules.sdp.c
    public void a(String str, VpnProfile vpnProfile) {
        g.z.d.j.c(str, "certAlias");
        g.z.d.j.c(vpnProfile, "sdpProfile");
        vpnProfile.setCertAlias(str);
        vpnProfile.setFlags(2049);
        net.pulsesecure.modules.vpn.d dVar = this.f15754d;
        if (dVar != null) {
            dVar.updateProfile(vpnProfile);
        }
        JunosApplication.getApplication().refreshProfiles();
    }

    @Override // net.pulsesecure.modules.sdp.c
    public void a(ArrayList<Uri> arrayList, String str) {
        g.z.d.j.c(arrayList, "uriList");
        g.z.d.j.c(str, "url");
        this.f15751a.s("Uploading zip file ...");
        try {
            net.pulsesecure.g.b.a a2 = this.f15753c.a(str, net.pulsesecure.g.b.b.NoAuth, "PUT", arrayList, null, true);
            this.f15751a.d("sendHttpsFileUpLoadRequest : Server Response: {}", a2.f15272a);
            if (a2.f15273b == 201) {
                getClient().onReceivedIsZipUpload(true, a2.f15273b);
            } else {
                getClient().onReceivedIsZipUpload(false, a2.f15273b);
            }
        } catch (net.pulsesecure.g.b.e e2) {
            getClient().onReceivedIsZipUpload(false, this.f15758h);
            this.f15751a.d("Exception Fetching the Signed Url for upload log", e2.toString());
        } catch (Exception e3) {
            this.f15751a.d("Exception Fetching the Signed Url for upload log", e3.toString());
            getClient().onReceivedIsZipUpload(false, this.f15758h);
        }
    }

    @Override // net.pulsesecure.modules.sdp.c
    public void a(VpnProfile vpnProfile) {
        g.z.d.j.c(vpnProfile, "sdpProfile");
        vpnProfile.setCertAlias(null);
        net.pulsesecure.modules.vpn.d dVar = this.f15754d;
        if (dVar != null) {
            dVar.updateProfile(vpnProfile);
        }
    }

    @Override // net.pulsesecure.modules.sdp.c
    public void checkSDPEnrollStatus() {
        this.f15751a.s("check SDP enroll status");
        if ((this.f15752b.J() || this.f15752b.n()) && this.f15752b.q0() == c.e.VERSION_3) {
            J0();
        } else {
            this.f15753c.a("sdp/enrollment-status", new b(), new c());
        }
    }

    @Override // net.pulsesecure.modules.sdp.c
    public void r(boolean z) {
        this.f15751a.s("Uploading log status ...");
        try {
            net.pulsesecure.g.b.a a2 = this.f15753c.a("/api/clients/self/logs/status", net.pulsesecure.g.b.b.NoAuth, "PUT", true, z);
            if (a2 == null) {
                getClient().onReceivedUploadStatus(false, this.f15758h);
                return;
            }
            this.f15751a.d("sendHttpsLogUploadStatus : Server Response: {}", a2.f15272a);
            if (a2.f15273b == 204) {
                getClient().onReceivedUploadStatus(true, a2.f15273b);
            } else {
                getClient().onReceivedUploadStatus(false, a2.f15273b);
            }
        } catch (net.pulsesecure.g.b.e e2) {
            getClient().onReceivedUploadStatus(false, this.f15758h);
            this.f15751a.d("Exception, Uploading log status", e2.toString());
        } catch (Exception e3) {
            this.f15751a.d("Exception, Uploading log status", e3.toString());
            getClient().onReceivedUploadStatus(false, this.f15758h);
        }
    }

    @Override // net.pulsesecure.modules.sdp.c
    public void x0() {
        this.f15751a.s("getSignedUrlsforLogUpload ...");
        try {
            net.pulsesecure.g.b.a a2 = this.f15753c.a("/api/clients/self/log-urls", net.pulsesecure.g.b.b.Cert, "POST", null, null, true, null, null);
            if (a2 == null) {
                getClient().onReceivedSignedUrl("", this.f15758h);
                return;
            }
            String str = a2.f15272a;
            this.f15751a.b("Fetching the Signed Url for upload log : Server Response: {}", "resp :", str, "logUrls.urls: ");
            if (a2.f15273b != 200) {
                getClient().onReceivedSignedUrl("", a2.f15273b);
                return;
            }
            ArrayList arrayList = new ArrayList();
            JSONArray jSONArray = new JSONObject(str).getJSONArray("urls");
            int length = jSONArray.length();
            for (int i2 = 0; i2 < length; i2++) {
                arrayList.add(jSONArray.getString(i2));
            }
            c.a client = getClient();
            String string = jSONArray.getString(0);
            g.z.d.j.b(string, "array.getString(0)");
            client.onReceivedSignedUrl(string, a2.f15273b);
        } catch (net.pulsesecure.g.b.e e2) {
            this.f15751a.d("Exception: Fetching the Signed Url for upload log failed : {}", e2.f());
            getClient().onReceivedSignedUrl("", this.f15758h);
        } catch (Exception e3) {
            this.f15751a.d("Exception Fetching the Signed Url for upload log", e3.toString());
            getClient().onReceivedSignedUrl("", this.f15758h);
        }
    }
}
