package com.airwatch.sdk.net;

import android.util.Base64;
import com.airwatch.afw.lib.AfwApp;
import com.airwatch.agent.al;
import com.airwatch.agent.utility.aj;
import com.airwatch.bizlib.c.g;
import com.airwatch.bizlib.model.CertificateDefinitionAnchorApp;
import com.airwatch.executor.priority.PriorityRunnableTask;
import com.airwatch.util.Logger;
import java.io.ByteArrayInputStream;
import java.net.MalformedURLException;
import java.security.KeyStore;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.List;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: classes.dex */
public class SDKCertAuthSendThread extends PriorityRunnableTask {
    private static final String CRED_KEY = "Password";
    private static final String DATA_KEY = "Pkcs12";
    private static final String MESSAGE_KEY = "Message";
    private static final String SUCCESS_KEY = "Success";
    private static final HashMap<String, String> portHash = new a();
    private String mAllowedSites;

    public SDKCertAuthSendThread() {
        super(PriorityRunnableTask.EnumPriorityRunnable.LOWEST);
        this.mAllowedSites = al.c().cf();
    }

    private void addNewCertAuthPair(String str, String str2) {
        List<String> parseAllowedSites = parseAllowedSites();
        if (parseAllowedSites == null || parseAllowedSites.isEmpty()) {
            return;
        }
        new g(AfwApp.d()).a(parseAllowedSites, new CertificateDefinitionAnchorApp(str, str2));
    }

    private boolean isValidKeyStore(String str, String str2) {
        if (str == null || str2 == null) {
            return false;
        }
        try {
            KeyStore.getInstance("PKCS12").load(new ByteArrayInputStream(Base64.decode(str, 0)), str2.toCharArray());
            return true;
        } catch (Exception e) {
            return false;
        }
    }

    private List<String> parseAllowedSites() {
        if (this.mAllowedSites == null || this.mAllowedSites.length() < 1) {
            return null;
        }
        String[] split = this.mAllowedSites.split(",");
        ArrayList arrayList = new ArrayList();
        for (String str : split) {
            String[] split2 = str.split(":");
            switch (split2.length) {
                case 2:
                    if (portHash.get(split2[0].toLowerCase()) != null) {
                        str = split2[1] + portHash.get(split2[0].toLowerCase());
                        break;
                    } else {
                        break;
                    }
                case 3:
                    str = split2[1] + ":" + split2[2];
                    break;
                default:
                    str = str + ":443";
                    break;
            }
            arrayList.add(str.replace("/", ""));
        }
        return arrayList;
    }

    @Override // java.lang.Runnable
    public void run() {
        if (al.c().B()) {
            sendCertRequest();
        }
    }

    public void sendCertRequest() {
        SDKCertAuthMessage sDKCertAuthMessage = new SDKCertAuthMessage();
        sDKCertAuthMessage.setHMACHeader(aj.a().b());
        try {
            sDKCertAuthMessage.send();
            if (sDKCertAuthMessage.getResponseStatusCode() != 200) {
                Logger.d("There was an error communicating with the server. Status code: " + sDKCertAuthMessage.getResponseStatusCode());
            } else {
                JSONObject jSONObject = new JSONObject(new String(sDKCertAuthMessage.getServerResponse()));
                int i = jSONObject.getInt(SUCCESS_KEY);
                String string = jSONObject.getString(MESSAGE_KEY);
                String string2 = jSONObject.getString("Pkcs12");
                String string3 = jSONObject.getString("Password");
                if (i == 0) {
                    Logger.e("The Certificate Endpoint returned no certificate data. : " + string);
                } else if (isValidKeyStore(string2, string3)) {
                    addNewCertAuthPair(string2, string3);
                } else {
                    Logger.e("The Certificate Endpoint returned invalid certificate data.");
                }
            }
        } catch (MalformedURLException e) {
            Logger.e("There was an error sending the CertAuthMessage", e);
        } catch (JSONException e2) {
            Logger.e("There was an error parsing the JSON response", e2);
        }
    }
}
