package net.pulsesecure.modules.sdp;

import android.annotation.SuppressLint;
import android.content.Context;
import android.content.Intent;
import android.net.Uri;
import android.net.http.SSLUtilities;
import android.os.Build;
import android.text.TextUtils;
import com.facebook.react.bridge.Arguments;
import com.facebook.react.bridge.WritableMap;
import com.pulsesecure.constantsapiservice.ConstantsApiService;
import com.pulsesecure.ztaeventemitter.ZTAEventEmitter;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
import java.util.concurrent.Callable;
import javax.net.ssl.SSLProtocolException;
import net.juniper.junos.pulse.android.JunosApplication;
import net.juniper.junos.pulse.android.PrefUtils;
import net.juniper.junos.pulse.android.session.SDPGatewayProfile;
import net.juniper.junos.pulse.android.session.SessionUtils;
import net.juniper.junos.pulse.android.sql.VpnProfile;
import net.juniper.junos.pulse.android.util.Base64;
import net.juniper.junos.pulse.android.util.IKeystoreCertUtil;
import net.juniper.junos.pulse.android.util.KeystoreCertUtil;
import net.juniper.junos.pulse.android.util.PulseUtil;
import net.juniper.junos.pulse.android.util.SettingsUtil;
import net.juniper.junos.pulse.android.vpnservice.VpnService;
import net.juniper.junos.pulse.android.vpnservice.VpnServiceIcs;
import net.pulsesecure.infra.r;
import net.pulsesecure.modules.proto.CaCertResponseMsg;
import net.pulsesecure.modules.proto.CertificateResponseMsg;
import net.pulsesecure.modules.proto.IWorkspaceRestProtocol;
import net.pulsesecure.modules.proto.ProtoImpl;
import net.pulsesecure.modules.proto.TimeToRenewResponseMsg;
import net.pulsesecure.modules.sdp.m;
import net.pulsesecure.modules.system.IAndroidWrapper;
import net.pulsesecure.modules.vpn.VpnProfileManager;
import net.pulsesecure.pulsesecure.R;
import net.pulsesecure.pws.ui.AAAAuthActivity;
import net.pulsesecure.pws.ui.LoginActivity;
import org.json.JSONArray;
import org.json.JSONObject;
import org.spongycastle.jcajce.provider.asymmetric.x509.CertificateFactory;

/* compiled from: SDPControllerImpl.kt */
/* loaded from: classes2.dex */
public final class p extends net.pulsesecure.infra.d<m.a> implements m {

    /* renamed from: a, reason: collision with root package name */
    private final Context f16295a;

    /* renamed from: b, reason: collision with root package name */
    private final j.f.c f16296b = r.b();

    /* renamed from: c, reason: collision with root package name */
    private IAndroidWrapper f16297c;

    /* renamed from: d, reason: collision with root package name */
    private net.pulsesecure.g.b.d f16298d;

    /* renamed from: e, reason: collision with root package name */
    private net.pulsesecure.modules.vpn.d f16299e;

    /* renamed from: f, reason: collision with root package name */
    private final IKeystoreCertUtil f16300f;

    /* renamed from: g, reason: collision with root package name */
    private SDPEnrollStatusMsg f16301g;

    /* renamed from: h, reason: collision with root package name */
    private final byte f16302h;

    /* renamed from: i, reason: collision with root package name */
    private final int f16303i;

    /* compiled from: SDPControllerImpl.kt */
    /* loaded from: classes2.dex */
    public static final class a {
        private a() {
        }

        public /* synthetic */ a(g.a0.d.g gVar) {
            this();
        }
    }

    /* compiled from: SDPControllerImpl.kt */
    /* loaded from: classes2.dex */
    public /* synthetic */ class b {

        /* renamed from: a, reason: collision with root package name */
        public static final /* synthetic */ int[] f16304a;

        static {
            int[] iArr = new int[q.values().length];
            iArr[q.unregistered.ordinal()] = 1;
            iArr[q.enrolling.ordinal()] = 2;
            iArr[q.registered.ordinal()] = 3;
            iArr[q.sdp_not_allowed.ordinal()] = 4;
            f16304a = iArr;
        }
    }

    /* compiled from: SDPControllerImpl.kt */
    /* loaded from: classes2.dex */
    public static final class c implements net.pulsesecure.g.b.c {

        /* renamed from: b, reason: collision with root package name */
        final /* synthetic */ long f16306b;

        /* renamed from: c, reason: collision with root package name */
        final /* synthetic */ n f16307c;

        c(long j2, n nVar) {
            this.f16306b = j2;
            this.f16307c = nVar;
        }

        @Override // net.pulsesecure.g.b.c
        public void g() {
            p.this.a(this.f16306b, this.f16307c);
        }
    }

    static {
        new a(null);
    }

    public p(Context context) {
        this.f16295a = context;
        net.pulsesecure.infra.k proxy = getProxy(IAndroidWrapper.class, null);
        g.a0.d.j.b(proxy, "getProxy(IAndroidWrapper::class.java, null)");
        this.f16297c = (IAndroidWrapper) proxy;
        this.f16298d = new ProtoImpl(this.f16295a);
        this.f16299e = new VpnProfileManager(JunosApplication.getApplication());
        this.f16300f = new KeystoreCertUtil();
        this.f16303i = 1000;
    }

    private final void K0() {
        long j2 = this.f16297c.T().getLong("SDP_CERT_EXPIRY_NOT_BEFORE", -1L);
        long j3 = this.f16297c.T().getLong("SDP_CERT_EXPIRY_NOT_AFTER", -1L);
        if (j2 == -1 || j3 == -1) {
            this.f16296b.s("SDP cert expire date is not available. Cert renew check cancelled");
            return;
        }
        this.f16296b.d("SDP cert expires in :{} ", new Date(j3));
        Date date = new Date(j2 + (((j3 - j2) / 100) * 90));
        this.f16296b.d("SDP cert renew date :{} ", date);
        if (date.before(new Date())) {
            R0();
        }
    }

    private final void L0() {
        this.f16296b.s("Deleting SDP CA cert");
        IKeystoreCertUtil iKeystoreCertUtil = this.f16300f;
        Context context = this.f16295a;
        g.a0.d.j.a(context);
        iKeystoreCertUtil.deleteCACertificate(context);
    }

    private final void M0() {
        this.f16296b.s("Deleting SDP cert");
        IKeystoreCertUtil iKeystoreCertUtil = this.f16300f;
        Context context = this.f16295a;
        g.a0.d.j.a(context);
        iKeystoreCertUtil.deleteCertificate(context, "PULSE_SDP_CERTIFICATE");
    }

    private final boolean N0() {
        List<CaCertResponseMsg.CertItems> list;
        this.f16296b.s("Fetching the CA certs from server");
        try {
            CaCertResponseMsg caCertResponseMsg = (CaCertResponseMsg) com.cellsec.api.b.b(this.f16298d.a("/certificates/ca/client-trusted", "GET", this.f16297c.T().getString(AAAAuthActivity.PREF_COOKIE, "")).f15830a, CaCertResponseMsg.class);
            j.f.c cVar = this.f16296b;
            Integer num = null;
            if (caCertResponseMsg != null && (list = caCertResponseMsg.items) != null) {
                num = Integer.valueOf(list.size());
            }
            cVar.d("Fetching the CA certs from server is success: Total cert received: {}", num);
            a(caCertResponseMsg);
            this.f16297c.T().a("force_update_ca_cert_chains", false);
            return true;
        } catch (net.pulsesecure.g.b.e e2) {
            this.f16296b.d("Fetching the CA certs from server failed with error : {}", e2.f());
            return false;
        } catch (Exception unused) {
            this.f16296b.s("Exception in CA cert retrieval");
            return false;
        }
    }

    private final IWorkspaceRestProtocol.SdpEnrolRequest O0() {
        IWorkspaceRestProtocol.SdpEnrolRequest sdpEnrolRequest = new IWorkspaceRestProtocol.SdpEnrolRequest();
        sdpEnrolRequest.manufacturer = Build.MANUFACTURER;
        sdpEnrolRequest.model = Build.MODEL;
        sdpEnrolRequest.os_version = Build.VERSION.RELEASE;
        sdpEnrolRequest.os_type = "android";
        sdpEnrolRequest.serial_number = PulseUtil.getAndroidDeviceId();
        sdpEnrolRequest.client_version = JunosApplication.getApplication().getVersionName();
        return sdpEnrolRequest;
    }

    private final void P0() {
        if (this.f16297c.p0() == m.e.VERSION_2_5) {
            T0();
            return;
        }
        if (this.f16297c.p0() == m.e.VERSION_3) {
            if (N0()) {
                T0();
                return;
            }
            m.a client = getClient();
            g.a0.d.j.b(client, "client");
            m.a.C0300a.a(client, m.c.ENROLLMENT_FAILED, null, 2, null);
        }
    }

    private final boolean Q0() {
        List<CaCertResponseMsg.CertItems> list;
        this.f16296b.s("Renewing the CA certs from server");
        this.f16297c.T().getString(AAAAuthActivity.PREF_COOKIE, "");
        try {
            Integer num = null;
            CaCertResponseMsg caCertResponseMsg = (CaCertResponseMsg) com.cellsec.api.b.b(this.f16298d.a("/certificates/ca/client-trusted", "GET", (String) null, false).f15830a, CaCertResponseMsg.class);
            j.f.c cVar = this.f16296b;
            if (caCertResponseMsg != null && (list = caCertResponseMsg.items) != null) {
                num = Integer.valueOf(list.size());
            }
            cVar.d("Renewing the CA certs from server is success: Total cert received: {}", num);
            a(caCertResponseMsg);
            return true;
        } catch (net.pulsesecure.g.b.e e2) {
            this.f16296b.d("Renewing the CA certs from server failed with error : {}", e2.f());
            return false;
        } catch (Exception unused) {
            this.f16296b.s("Exception in CA cert Renewing");
            return false;
        }
    }

    private final void R0() {
        this.f16296b.s("Start SDP cert renewal");
        this.f16298d.a("sdp/devices/certificate/renew", new Callable() { // from class: net.pulsesecure.modules.sdp.g
            @Override // java.util.concurrent.Callable
            public final Object call() {
                Void h2;
                h2 = p.h(p.this);
                return h2;
            }
        }, new net.pulsesecure.modules.proto.l.b() { // from class: net.pulsesecure.modules.sdp.b
            @Override // net.pulsesecure.modules.proto.l.b
            public final void a(String str, boolean z, Exception exc) {
                p.h(p.this, str, z, exc);
            }
        });
    }

    private final void S0() {
        this.f16298d.a("certificates/self/certificates/time_to_renew", new Callable() { // from class: net.pulsesecure.modules.sdp.a
            @Override // java.util.concurrent.Callable
            public final Object call() {
                Void i2;
                i2 = p.i(p.this);
                return i2;
            }
        }, new net.pulsesecure.modules.proto.l.b() { // from class: net.pulsesecure.modules.sdp.c
            @Override // net.pulsesecure.modules.proto.l.b
            public final void a(String str, boolean z, Exception exc) {
                p.i(p.this, str, z, exc);
            }
        });
    }

    private final void T0() {
        this.f16296b.s("Start SDP enrollment");
        this.f16298d.a("clients/enroll", new Callable() { // from class: net.pulsesecure.modules.sdp.e
            @Override // java.util.concurrent.Callable
            public final Object call() {
                Void j2;
                j2 = p.j(p.this);
                return j2;
            }
        }, new net.pulsesecure.modules.proto.l.b() { // from class: net.pulsesecure.modules.sdp.j
            @Override // net.pulsesecure.modules.proto.l.b
            public final void a(String str, boolean z, Exception exc) {
                p.j(p.this, str, z, exc);
            }
        });
    }

    private final void U0() {
        this.f16296b.s("Update device info cert");
        try {
            IWorkspaceRestProtocol.SdpEnrolRequest O0 = O0();
            this.f16296b.d("Update device info cert successful", this.f16298d.a("/sdp/devices/%s/device", "PUT", com.cellsec.api.b.a((com.cellsec.api.a) O0), false).f15830a);
            this.f16297c.t(false);
            this.f16297c.d(O0.os_version);
        } catch (Exception e2) {
            this.f16296b.d("Update device info cert failed with error : {}", e2.getMessage());
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static final Void a(p pVar) {
        SDPEnrollStatusMsg sDPEnrollStatusMsg;
        g.a0.d.j.c(pVar, "this$0");
        try {
            com.cellsec.api.a b2 = com.cellsec.api.b.b(pVar.f16298d.b("/workspaces/%s/sdp/enrollment-status", "GET", null).f15830a, SDPEnrollStatusMsg.class);
            g.a0.d.j.b(b2, "fromJson(strResp, SDPEnrollStatusMsg::class.java)");
            pVar.f16301g = (SDPEnrollStatusMsg) b2;
            sDPEnrollStatusMsg = pVar.f16301g;
        } catch (net.pulsesecure.g.b.e e2) {
            pVar.f16296b.d("SDP enroll status check failed with error : {}", e2.f());
            if (e2.g() == 404) {
                pVar.getClient().onSDPUnEnrolled(m.d.MSG_SERVER_UN_ENROLL);
            } else {
                pVar.getClient().onSDPNotAllowed(m.c.ENROLLMENT_STATUS_CHECK_FAILED, e2.f());
            }
        }
        if (sDPEnrollStatusMsg != null) {
            pVar.a(sDPEnrollStatusMsg);
            return null;
        }
        g.a0.d.j.e("sdpStatus");
        throw null;
    }

    private final void a(long j2) {
        net.pulsesecure.modules.vpn.d dVar = this.f16299e;
        VpnProfile profile = dVar == null ? null : dVar.getProfile(j2);
        if (profile != null) {
            net.pulsesecure.modules.vpn.d dVar2 = this.f16299e;
            if (dVar2 != null) {
                dVar2.deleteConnection(profile);
            }
            this.f16297c.T().putLong("sdpProfileId", -1L);
            JunosApplication.getApplication().refreshProfiles();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public final void a(long j2, n nVar) {
        a(j2);
        M0();
        L0();
        JunosApplication.getApplication().refreshProfiles();
        getClient().onSDPUnEnrolled(m.d.MSG_CLIENT_UN_ENROLL);
        if (nVar != null) {
            nVar.G0();
        }
        net.juniper.junos.pulse.android.f.a.e();
    }

    private final void a(String str, String str2) {
        char[] charArray;
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(Base64.decode(str));
        KeyStore keyStore = KeyStore.getInstance("PKCS12");
        if (str2 == null) {
            charArray = null;
        } else {
            try {
                charArray = str2.toCharArray();
                g.a0.d.j.b(charArray, "this as java.lang.String).toCharArray()");
            } catch (Exception unused) {
                this.f16296b.s("SDP cert expiry date could not be saved");
                return;
            }
        }
        keyStore.load(byteArrayInputStream, charArray);
        String str3 = "";
        if (keyStore.aliases().hasMoreElements()) {
            String nextElement = keyStore.aliases().nextElement();
            g.a0.d.j.b(nextElement, "keyStore.aliases().nextElement()");
            str3 = nextElement;
        }
        Certificate certificate = keyStore.getCertificate(str3);
        if (certificate == null || !(certificate instanceof X509Certificate)) {
            return;
        }
        this.f16296b.d("SDP cert expires in :{} ", ((X509Certificate) certificate).getNotAfter());
        this.f16297c.T().putLong("SDP_CERT_EXPIRY_NOT_BEFORE", ((X509Certificate) certificate).getNotBefore().getTime());
        this.f16297c.T().putLong("SDP_CERT_EXPIRY_NOT_AFTER", ((X509Certificate) certificate).getNotAfter().getTime());
    }

    private final void a(net.pulsesecure.g.b.c cVar) {
        this.f16296b.s("Update SDP unenroll server status");
        try {
            try {
                this.f16296b.d("Update SDP unenroll server status successful", ((this.f16297c.I() || this.f16297c.n()) && this.f16297c.p0() == m.e.VERSION_3) ? this.f16298d.a("/sdp/devices/%s/unenroll", "POST", (String) null, false).f15830a : this.f16298d.a("/afw/spaces/%s/unenroll", net.pulsesecure.g.b.b.Hawk, "POST", (String) null, (String) null).f15830a);
            } catch (IOException e2) {
                this.f16296b.d("Update SDP unenroll server status failed with error : {}", e2.getMessage());
            }
        } finally {
            cVar.g();
        }
    }

    @SuppressLint({"DefaultLocale"})
    private final void a(CaCertResponseMsg caCertResponseMsg) {
        List<CaCertResponseMsg.CertItems> list;
        this.f16296b.s("saveServerCaCertInKeystore");
        ArrayList arrayList = new ArrayList();
        if (caCertResponseMsg != null && (list = caCertResponseMsg.items) != null) {
            for (CaCertResponseMsg.CertItems certItems : list) {
                String upperCase = certItems.format.toString().toUpperCase();
                g.a0.d.j.b(upperCase, "this as java.lang.String).toUpperCase()");
                if (g.a0.d.j.a((Object) upperCase, (Object) "PEM")) {
                    String upperCase2 = certItems.type.toString().toUpperCase();
                    g.a0.d.j.b(upperCase2, "this as java.lang.String).toUpperCase()");
                    if (g.a0.d.j.a((Object) upperCase2, (Object) "SERVER")) {
                        CertificateFactory certificateFactory = new CertificateFactory();
                        String str = certItems.certificate;
                        g.a0.d.j.b(str, "it.certificate");
                        byte[] bytes = str.getBytes(g.g0.d.f14435b);
                        g.a0.d.j.b(bytes, "this as java.lang.String).getBytes(charset)");
                        Collection engineGenerateCertificates = certificateFactory.engineGenerateCertificates(new ByteArrayInputStream(bytes));
                        g.a0.d.j.b(engineGenerateCertificates, "CertificateFactory().eng…ficate.byteInputStream())");
                        for (Object obj : engineGenerateCertificates) {
                            if (obj == null) {
                                throw new NullPointerException("null cannot be cast to non-null type java.security.cert.X509Certificate");
                            }
                            arrayList.add((X509Certificate) obj);
                        }
                    } else {
                        continue;
                    }
                }
            }
        }
        if (!(!arrayList.isEmpty())) {
            this.f16296b.s("Server caCertList is empty");
            return;
        }
        IKeystoreCertUtil iKeystoreCertUtil = this.f16300f;
        Context context = this.f16295a;
        g.a0.d.j.a(context);
        iKeystoreCertUtil.saveSDPServerCACertsInKeystore(context, arrayList);
    }

    private final void a(CertificateResponseMsg certificateResponseMsg) {
        net.pulsesecure.modules.vpn.d dVar;
        this.f16296b.s("SDP enrollment finished successfully");
        boolean b2 = b(certificateResponseMsg);
        this.f16296b.d("SDP certificate installed status - {}: ", Boolean.valueOf(b2));
        k(certificateResponseMsg == null ? null : certificateResponseMsg.ca_cert_pem);
        this.f16297c.u(b2);
        if (b2) {
            a(certificateResponseMsg == null ? null : certificateResponseMsg.certificate, certificateResponseMsg == null ? null : certificateResponseMsg.password);
        }
        String dummyZTAProfile = JunosApplication.getApplication().getDummyZTAProfile();
        g.a0.d.j.b(dummyZTAProfile, "getApplication().getDummyZTAProfile()");
        if (!(dummyZTAProfile.length() == 0)) {
            net.pulsesecure.modules.vpn.d dVar2 = this.f16299e;
            VpnProfile profile = dVar2 != null ? dVar2.getProfile(JunosApplication.getApplication().getZTAConnName()) : null;
            if (profile != null && (dVar = this.f16299e) != null) {
                dVar.deleteConnection(profile);
            }
        }
        a(certificateResponseMsg, b2);
        getClient().onSDPEnrolled();
        JunosApplication.getApplication().killRemoteProcess();
    }

    private final void a(CertificateResponseMsg certificateResponseMsg, boolean z) {
        VpnProfile vpnProfile;
        long j2;
        net.pulsesecure.modules.vpn.d dVar;
        this.f16296b.s("configuring SDP profile");
        ArrayList<String> arrayList = new ArrayList<>();
        long j3 = this.f16297c.T().getLong("sdpProfileId", -1L);
        Long l2 = null;
        String string = this.f16297c.T().getString(LoginActivity.PZT_LOGIN_URL, null);
        String str = "";
        String str2 = z ? "PULSE_SDP_CERTIFICATE" : "";
        if (this.f16297c.p0() == m.e.VERSION_3) {
            if (string != null) {
                if (!(string.length() == 0)) {
                    this.f16296b.s(g.a0.d.j.a("Use Login Url got provisioning headers for PZT : ", (Object) string));
                }
            }
            if ((certificateResponseMsg == null ? null : certificateResponseMsg.login_url) != null) {
                str = certificateResponseMsg.login_url;
                g.a0.d.j.b(str, "certMsg.login_url");
            }
            string = str;
        } else {
            SDPEnrollStatusMsg sDPEnrollStatusMsg = this.f16301g;
            if (sDPEnrollStatusMsg == null) {
                g.a0.d.j.e("sdpStatus");
                throw null;
            }
            string = sDPEnrollStatusMsg.getSdp_login_url();
        }
        this.f16296b.s(g.a0.d.j.a("Final Enrollement url : ", (Object) string));
        String zTAConnName = JunosApplication.getApplication().getZTAConnName();
        g.a0.d.j.b(zTAConnName, "profileName");
        String str3 = zTAConnName.length() == 0 ? string : zTAConnName;
        net.pulsesecure.modules.vpn.d dVar2 = this.f16299e;
        if (dVar2 == null) {
            vpnProfile = null;
            j2 = j3;
        } else {
            String str4 = string;
            vpnProfile = null;
            j2 = j3;
            l2 = Long.valueOf(dVar2.saveConnection(j3, str3, str4, null, 3073, null, null, null, null, str2, certificateResponseMsg == null ? null : certificateResponseMsg.password, true, arrayList, VpnProfile.Trigger.Manual.ordinal(), 0, null));
        }
        net.pulsesecure.modules.system.c T = this.f16297c.T();
        g.a0.d.j.a(l2);
        T.putLong("sdpProfileId", l2.longValue());
        long j4 = j2;
        if (j4 != l2.longValue() && j4 >= 0) {
            net.pulsesecure.modules.vpn.d dVar3 = this.f16299e;
            VpnProfile profile = dVar3 == null ? vpnProfile : dVar3.getProfile(j4);
            if (profile != null && (dVar = this.f16299e) != null) {
                dVar.deleteConnection(profile);
            }
        }
        JunosApplication.getApplication().refreshProfiles();
    }

    private final void a(SDPEnrollStatusMsg sDPEnrollStatusMsg) {
        int i2 = b.f16304a[sDPEnrollStatusMsg.getSdp_status().ordinal()];
        if (i2 == 1) {
            this.f16296b.s("SDP unregistered");
            P0();
            return;
        }
        if (i2 == 2) {
            this.f16296b.s("SDP enrolling");
            return;
        }
        if (i2 == 3) {
            this.f16296b.s("SDP registered");
            K0();
        } else {
            if (i2 != 4) {
                return;
            }
            this.f16296b.s("SDP not supported");
            getClient().onSDPNotAllowed(m.c.NOT_SUPPORTED, "SDP not supported");
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static final void a(p pVar, String str, boolean z, Exception exc) {
        g.a0.d.j.c(pVar, "this$0");
        if (z) {
            return;
        }
        String message = exc.getMessage();
        if (exc instanceof net.pulsesecure.g.b.e) {
            message = ((net.pulsesecure.g.b.e) exc).f();
        }
        pVar.f16296b.d("SDP enroll status check failed with error : {}", message);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static final Void b(p pVar) {
        g.a0.d.j.c(pVar, "this$0");
        try {
            String str = pVar.f16298d.a("/sdp/devices/%s/enrollment-status", "GET", (String) null, false).f15830a;
            pVar.f16296b.s(g.a0.d.j.a("SDP enroll status response :", (Object) str));
            if (((SDPEnrollStatusMsgCert) com.cellsec.api.b.b(str, SDPEnrollStatusMsgCert.class)).getStatus() == q.registered) {
                if (pVar.f16297c.J() || !pVar.f16297c.Y().equals(Build.VERSION.RELEASE)) {
                    pVar.f16296b.s("SDP Device Info Update Required");
                    pVar.U0();
                }
                pVar.S0();
            }
        } catch (SSLProtocolException e2) {
            pVar.f16296b.d("SDP enroll status check failed with error SSLProtocolException : {}", e2.getMessage());
            pVar.I0();
        } catch (net.pulsesecure.g.b.e e3) {
            pVar.f16296b.d("SDP enroll status check failed with error : {}", e3.f());
            if (e3.g() == 404) {
                pVar.I0();
            } else {
                pVar.getClient().onSDPNotAllowed(m.c.ENROLLMENT_STATUS_CHECK_FAILED, e3.f());
            }
        }
        return null;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static final void b(p pVar, String str, boolean z, Exception exc) {
        g.a0.d.j.c(pVar, "this$0");
        if (z) {
            return;
        }
        String message = exc.getMessage();
        if (exc instanceof net.pulsesecure.g.b.e) {
            message = ((net.pulsesecure.g.b.e) exc).f();
        }
        pVar.f16296b.d("SDP enroll status check failed with error : {}", message);
    }

    private final boolean b(CertificateResponseMsg certificateResponseMsg) {
        this.f16296b.s("Install SDP Cert");
        if (certificateResponseMsg == null) {
            return false;
        }
        IKeystoreCertUtil iKeystoreCertUtil = this.f16300f;
        Context context = JunosApplication.getContext();
        g.a0.d.j.b(context, "getContext()");
        String str = certificateResponseMsg.certificate;
        g.a0.d.j.b(str, "certMsg.certificate");
        String str2 = certificateResponseMsg.password;
        g.a0.d.j.b(str2, "certMsg.password");
        return iKeystoreCertUtil.saveCertificateInKeystore(context, "PULSE_SDP_CERTIFICATE", str, str2) != null;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static final Void h(p pVar) {
        g.a0.d.j.c(pVar, "this$0");
        try {
            CertificateResponseMsg certificateResponseMsg = (CertificateResponseMsg) com.cellsec.api.b.b(pVar.f16298d.a("/sdp/devices/%s/certificate/renew", "POST", (String) null, false).f15830a, CertificateResponseMsg.class);
            pVar.f16296b.s("SDP cert renewal successful");
            pVar.a(certificateResponseMsg == null ? null : certificateResponseMsg.certificate, certificateResponseMsg == null ? null : certificateResponseMsg.password);
            pVar.b(certificateResponseMsg);
            pVar.k(certificateResponseMsg == null ? null : certificateResponseMsg.ca_cert_pem);
            pVar.f16297c.T().a("force_update_ca_cert_chains", false);
            pVar.J0();
        } catch (net.pulsesecure.g.b.e e2) {
            pVar.f16296b.d("SDP cert renew failed with error : {}", e2.getMessage());
        }
        return null;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static final void h(p pVar, String str, boolean z, Exception exc) {
        g.a0.d.j.c(pVar, "this$0");
        if (z) {
            return;
        }
        String message = exc.getMessage();
        if (exc instanceof net.pulsesecure.g.b.e) {
            message = ((net.pulsesecure.g.b.e) exc).f();
        }
        pVar.f16296b.d("SDP cert renew failed with error : {}", message);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static final Void i(p pVar) {
        g.a0.d.j.c(pVar, "this$0");
        try {
            TimeToRenewResponseMsg timeToRenewResponseMsg = (TimeToRenewResponseMsg) com.cellsec.api.b.b(pVar.f16298d.a("/certificates/self/certificates/time_to_renew", "POST", (String) null, false).f15830a, TimeToRenewResponseMsg.class);
            j.f.c cVar = pVar.f16296b;
            g.a0.d.j.a(timeToRenewResponseMsg);
            cVar.d("SDP cert Time To Renew Status :{}", Boolean.valueOf(timeToRenewResponseMsg.time_to_renew));
            boolean b2 = pVar.f16297c.T().b("force_update_ca_cert_chains", true);
            pVar.f16296b.d("SDP cert forceUpdate :{}", Boolean.valueOf(b2));
            if ((timeToRenewResponseMsg.time_to_renew || b2) && pVar.Q0()) {
                pVar.R0();
            }
        } catch (net.pulsesecure.g.b.e e2) {
            pVar.f16296b.d("SDP cert Time To Renew failed with error : {}", e2.getMessage());
        }
        return null;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static final void i(p pVar, String str, boolean z, Exception exc) {
        g.a0.d.j.c(pVar, "this$0");
        if (z) {
            return;
        }
        String message = exc.getMessage();
        if (exc instanceof net.pulsesecure.g.b.e) {
            message = ((net.pulsesecure.g.b.e) exc).f();
        }
        pVar.f16296b.d("SDP cert Time To Renew renew failed with error : {}", message);
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static final Void j(p pVar) {
        IWorkspaceRestProtocol.SdpEnrolRequest O0;
        net.pulsesecure.g.b.a a2;
        CertificateResponseMsg certificateResponseMsg;
        g.a0.d.j.c(pVar, "this$0");
        try {
            O0 = pVar.O0();
            a2 = pVar.f16298d.a("/clients/enroll", "POST", com.cellsec.api.b.a((com.cellsec.api.a) O0), pVar.f16297c.T().getString(AAAAuthActivity.PREF_COOKIE, ""));
            certificateResponseMsg = (CertificateResponseMsg) com.cellsec.api.b.b(a2.f15830a, CertificateResponseMsg.class);
        } catch (net.pulsesecure.g.b.e e2) {
            if (!TextUtils.isEmpty(e2.f()) && e2.g() == 400) {
                pVar.f16296b.d("SDP enroll failed with error HTTP_STATUS_CODE_BAD_REQUEST : {}", e2.f());
                pVar.getClient().onSDPNotAllowed(m.c.BAD_REQUEST, e2.f());
            } else if (e2.g() == 409) {
                pVar.f16296b.d("SDP enroll failed with error HTTP_STATUS_CODE_CONFLICT : {}", e2.f());
                pVar.getClient().onSDPNotAllowed(m.c.ENROLLMENT_LIMIT_REACHED, pVar.f16297c.getString(R.string.maximum_enrolment_limit_reached));
            } else {
                pVar.f16296b.d("SDP enroll failed with error : {}", e2.f());
                pVar.getClient().onSDPNotAllowed(m.c.ENROLLMENT_FAILED, e2.f());
            }
        }
        if (certificateResponseMsg == null && a2.f15831b != 204) {
            m.a client = pVar.getClient();
            g.a0.d.j.b(client, "client");
            m.a.C0300a.a(client, m.c.ENROLLMENT_FAILED, null, 2, null);
            return null;
        }
        pVar.f16297c.T().putString("workspaceId", certificateResponseMsg.id);
        pVar.f16297c.t(false);
        pVar.f16297c.d(O0.os_version);
        pVar.a(certificateResponseMsg);
        return null;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static final void j(p pVar, String str, boolean z, Exception exc) {
        g.a0.d.j.c(pVar, "this$0");
        if (z) {
            return;
        }
        String message = exc.getMessage();
        if (exc instanceof net.pulsesecure.g.b.e) {
            message = ((net.pulsesecure.g.b.e) exc).f();
        }
        pVar.f16296b.d("SDP enroll failed with error : {}", message);
        pVar.getClient().onSDPNotAllowed(m.c.ENROLLMENT_FAILED, message);
    }

    private final void k(String str) {
        ByteArrayInputStream byteArrayInputStream;
        this.f16296b.s("saveClientCaCertInKeystore");
        ArrayList arrayList = new ArrayList();
        CertificateFactory certificateFactory = new CertificateFactory();
        if (str == null) {
            byteArrayInputStream = null;
        } else {
            byte[] bytes = str.getBytes(g.g0.d.f14435b);
            g.a0.d.j.b(bytes, "this as java.lang.String).getBytes(charset)");
            byteArrayInputStream = new ByteArrayInputStream(bytes);
        }
        Collection engineGenerateCertificates = certificateFactory.engineGenerateCertificates(byteArrayInputStream);
        g.a0.d.j.b(engineGenerateCertificates, "CertificateFactory().eng…icate?.byteInputStream())");
        for (Object obj : engineGenerateCertificates) {
            if (obj == null) {
                throw new NullPointerException("null cannot be cast to non-null type java.security.cert.X509Certificate");
            }
            arrayList.add((X509Certificate) obj);
        }
        if (!(!arrayList.isEmpty())) {
            this.f16296b.s("Client caCertList is empty");
            return;
        }
        IKeystoreCertUtil iKeystoreCertUtil = this.f16300f;
        Context context = this.f16295a;
        g.a0.d.j.a(context);
        iKeystoreCertUtil.saveSDPClientCACertsInKeystore(context, arrayList);
    }

    public final void H0() {
        this.f16296b.s("check SDP enroll status cert");
        if (!TextUtils.isEmpty(this.f16297c.T().getString("workspaceId", ""))) {
            this.f16298d.a("sdp/devices/enrollment-status", new Callable() { // from class: net.pulsesecure.modules.sdp.d
                @Override // java.util.concurrent.Callable
                public final Object call() {
                    Void b2;
                    b2 = p.b(p.this);
                    return b2;
                }
            }, new net.pulsesecure.modules.proto.l.b() { // from class: net.pulsesecure.modules.sdp.i
                @Override // net.pulsesecure.modules.proto.l.b
                public final void a(String str, boolean z, Exception exc) {
                    p.b(p.this, str, z, exc);
                }
            });
        } else {
            this.f16296b.s("No Saved Workspace ID");
            P0();
        }
    }

    public final void I0() {
        if (!(!PrefUtils.getBooleanPrefs(JunosApplication.getContext(), PrefUtils.KEY_ENABLE_REACT_UI))) {
            getClient().onSDPUnEnrolled(m.d.MSG_SERVER_UN_ENROLL);
            return;
        }
        WritableMap createMap = Arguments.createMap();
        createMap.putBoolean(ConstantsApiService.K_CONNECTION_IS_ZTA, true);
        ZTAEventEmitter.getInstance().sendEvent(ConstantsApiService.K_CONNECTION_STATUS_EVENT_CERT_REVOKED, createMap);
    }

    public final synchronized void J0() {
        this.f16296b.s("resume Gateway Session called");
        SSLUtilities.clearSessionCert();
        String sdpGatewayPolicies = SettingsUtil.getSdpGatewayPolicies(JunosApplication.getApplication().getActiveProfile().getUrl());
        List<SDPGatewayProfile> generateGatewaylistDataFromXml = !TextUtils.isEmpty(sdpGatewayPolicies) ? new SessionUtils().generateGatewaylistDataFromXml(sdpGatewayPolicies) : null;
        if (generateGatewaylistDataFromXml != null) {
            Iterator<SDPGatewayProfile> it = generateGatewaylistDataFromXml.iterator();
            while (it.hasNext()) {
                SDPGatewayProfile next = it.next();
                this.f16296b.s(g.a0.d.j.a("gatewayList item : ", (Object) (next == null ? null : next.getGatewayUri())));
                Intent intent = new Intent();
                intent.setAction(VpnService.SDP_GATEWAY_RESUME_SESSION_RETRY);
                intent.setClassName(JunosApplication.getContext(), VpnServiceIcs.SDP_GATEWAY_RESUME_RECEIVER);
                intent.putExtra(VpnService.GATEWAY_RESUME_NAME, next == null ? null : next.getGatewayUri());
                intent.putExtra(JunosApplication.GATEWAY_RESUME_FROM_XPLATFORM, true);
                JunosApplication.getContext().sendBroadcast(intent);
            }
        } else {
            this.f16296b.s("gatewayList is empty");
        }
    }

    @Override // net.pulsesecure.modules.sdp.m
    public void a(long j2, boolean z, n nVar) {
        if (j2 != -1) {
            this.f16296b.s("Unenroll SDP profile");
            SSLUtilities.setConnectionType(this.f16302h);
            if (z) {
                a(new c(j2, nVar));
            } else {
                a(j2, nVar);
            }
        } else if (nVar != null) {
            nVar.G0();
        }
        this.f16298d = new ProtoImpl(this.f16295a);
    }

    @Override // net.pulsesecure.modules.sdp.m
    public void a(String str, VpnProfile vpnProfile) {
        g.a0.d.j.c(str, "certAlias");
        g.a0.d.j.c(vpnProfile, "sdpProfile");
        vpnProfile.setCertAlias(str);
        vpnProfile.setFlags(2049);
        net.pulsesecure.modules.vpn.d dVar = this.f16299e;
        if (dVar != null) {
            dVar.updateProfile(vpnProfile);
        }
        JunosApplication.getApplication().refreshProfiles();
    }

    @Override // net.pulsesecure.modules.sdp.m
    public void a(ArrayList<Uri> arrayList, String str) {
        g.a0.d.j.c(arrayList, "uriList");
        g.a0.d.j.c(str, "url");
        this.f16296b.s("Uploading zip file ...");
        try {
            net.pulsesecure.g.b.a a2 = this.f16298d.a(str, net.pulsesecure.g.b.b.NoAuth, "PUT", arrayList, null, true);
            this.f16296b.d("sendHttpsFileUpLoadRequest : Server Response: {}", a2.f15830a);
            if (a2.f15831b == 201) {
                getClient().onReceivedIsZipUpload(true, a2.f15831b);
            } else {
                getClient().onReceivedIsZipUpload(false, a2.f15831b);
            }
        } catch (net.pulsesecure.g.b.e e2) {
            getClient().onReceivedIsZipUpload(false, this.f16303i);
            this.f16296b.d("Exception Fetching the Signed Url for upload log", e2.toString());
        } catch (Exception e3) {
            this.f16296b.d("Exception Fetching the Signed Url for upload log", e3.toString());
            getClient().onReceivedIsZipUpload(false, this.f16303i);
        }
    }

    @Override // net.pulsesecure.modules.sdp.m
    public void a(VpnProfile vpnProfile) {
        g.a0.d.j.c(vpnProfile, "sdpProfile");
        vpnProfile.setCertAlias(null);
        net.pulsesecure.modules.vpn.d dVar = this.f16299e;
        if (dVar == null) {
            return;
        }
        dVar.updateProfile(vpnProfile);
    }

    @Override // net.pulsesecure.modules.sdp.m
    public void checkSDPEnrollStatus() {
        this.f16296b.s("check SDP enroll status");
        if ((this.f16297c.I() || this.f16297c.n()) && this.f16297c.p0() == m.e.VERSION_3) {
            H0();
        } else {
            this.f16298d.a("sdp/enrollment-status", new Callable() { // from class: net.pulsesecure.modules.sdp.f
                @Override // java.util.concurrent.Callable
                public final Object call() {
                    Void a2;
                    a2 = p.a(p.this);
                    return a2;
                }
            }, new net.pulsesecure.modules.proto.l.b() { // from class: net.pulsesecure.modules.sdp.h
                @Override // net.pulsesecure.modules.proto.l.b
                public final void a(String str, boolean z, Exception exc) {
                    p.a(p.this, str, z, exc);
                }
            });
        }
    }

    @Override // net.pulsesecure.modules.sdp.m
    public void r(boolean z) {
        this.f16296b.s("Uploading log status ...");
        try {
            net.pulsesecure.g.b.a a2 = this.f16298d.a("/api/clients/self/logs/status", net.pulsesecure.g.b.b.NoAuth, "PUT", true, z);
            if (a2 == null) {
                getClient().onReceivedUploadStatus(false, this.f16303i);
                return;
            }
            this.f16296b.d("sendHttpsLogUploadStatus : Server Response: {}", a2.f15830a);
            if (a2.f15831b == 204) {
                getClient().onReceivedUploadStatus(true, a2.f15831b);
            } else {
                getClient().onReceivedUploadStatus(false, a2.f15831b);
            }
        } catch (net.pulsesecure.g.b.e e2) {
            getClient().onReceivedUploadStatus(false, this.f16303i);
            this.f16296b.d("Exception, Uploading log status", e2.toString());
        } catch (Exception e3) {
            this.f16296b.d("Exception, Uploading log status", e3.toString());
            getClient().onReceivedUploadStatus(false, this.f16303i);
        }
    }

    @Override // net.pulsesecure.modules.sdp.m
    public void w0() {
        this.f16296b.s("getSignedUrlsforLogUpload ...");
        try {
            net.pulsesecure.g.b.a a2 = this.f16298d.a("/api/clients/self/log-urls", net.pulsesecure.g.b.b.Cert, "POST", null, null, true, null, null);
            if (a2 == null) {
                getClient().onReceivedSignedUrl("", this.f16303i);
                return;
            }
            String str = a2.f15830a;
            this.f16296b.b("Fetching the Signed Url for upload log : Server Response: {}", "resp :", str, "logUrls.urls: ");
            if (a2.f15831b != 200) {
                getClient().onReceivedSignedUrl("", a2.f15831b);
                return;
            }
            ArrayList arrayList = new ArrayList();
            JSONArray jSONArray = new JSONObject(str).getJSONArray("urls");
            int length = jSONArray.length();
            for (int i2 = 0; i2 < length; i2++) {
                arrayList.add(jSONArray.getString(i2));
            }
            m.a client = getClient();
            String string = jSONArray.getString(0);
            g.a0.d.j.b(string, "array.getString(0)");
            client.onReceivedSignedUrl(string, a2.f15831b);
        } catch (net.pulsesecure.g.b.e e2) {
            this.f16296b.d("Exception: Fetching the Signed Url for upload log failed : {}", e2.f());
            getClient().onReceivedSignedUrl("", this.f16303i);
        } catch (Exception e3) {
            this.f16296b.d("Exception Fetching the Signed Url for upload log", e3.toString());
            getClient().onReceivedSignedUrl("", this.f16303i);
        }
    }
}
