package com.norton.staplerclassifiers.devicedetections.untrustedcertificate;

import android.content.Context;
import android.util.Base64;
import com.norton.staplerclassifiers.BaseTask;
import e.i.v.c.untrustedcertificate.IKeyStoreProvider;
import e.i.v.c.untrustedcertificate.KeyStoreProvider;
import e.i.v.config.IConfigurationProvider;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.LinkedHashMap;
import java.util.List;
import java.util.Map;
import javax.security.auth.x500.X500Principal;
import kotlin.Metadata;
import kotlin.Pair;
import kotlin.collections.CollectionsKt___CollectionsKt;
import kotlin.collections.EmptyList;
import kotlin.collections.y0;
import kotlin.collections.z0;
import kotlin.collections.z1;
import kotlin.jvm.functions.Function1;
import kotlin.jvm.internal.f0;
import kotlin.sequences.EmptySequence;
import kotlin.sequences.Sequence;
import kotlin.sequences.SequencesKt__SequencesKt;
import kotlin.sequences.SequencesKt___SequencesKt;
import kotlin.text.v;
import kotlinx.serialization.KSerializer;
import l.serialization.json.Json;
import o.d.b.d;
import o.d.b.e;

@Metadata(d1 = {"\u0000H\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010\u000e\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010$\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0010\u0002\n\u0002\b\u0002\b\u0000\u0018\u0000 \u00172\u00020\u0001:\u0001\u0017B'\u0012\u0006\u0010\u0002\u001a\u00020\u0003\u0012\u0006\u0010\u0004\u001a\u00020\u0005\u0012\u0006\u0010\u0006\u001a\u00020\u0007\u0012\b\b\u0002\u0010\b\u001a\u00020\t¢\u0006\u0002\u0010\nJ\u001c\u0010\u000b\u001a\u00020\f2\u0012\u0010\r\u001a\u000e\u0012\u0004\u0012\u00020\u0007\u0012\u0004\u0012\u00020\u000f0\u000eH\u0002J*\u0010\u0010\u001a\u001c\u0012\u0018\u0012\u0016\u0012\f\u0012\n \u0013*\u0004\u0018\u00010\u00070\u0007\u0012\u0004\u0012\u00020\u000f0\u00120\u00112\u0006\u0010\u0014\u001a\u00020\u0007H\u0002J\b\u0010\u0015\u001a\u00020\u0016H\u0016R\u000e\u0010\b\u001a\u00020\tX\u0082\u0004¢\u0006\u0002\n\u0000¨\u0006\u0018"}, d2 = {"Lcom/norton/staplerclassifiers/devicedetections/untrustedcertificate/UntrustedCertificateTask;", "Lcom/norton/staplerclassifiers/BaseTask;", "context", "Landroid/content/Context;", "configurationProvider", "Lcom/norton/staplerclassifiers/config/IConfigurationProvider;", "configurationKey", "", "keyStoreProvider", "Lcom/norton/staplerclassifiers/devicedetections/untrustedcertificate/IKeyStoreProvider;", "(Landroid/content/Context;Lcom/norton/staplerclassifiers/config/IConfigurationProvider;Ljava/lang/String;Lcom/norton/staplerclassifiers/devicedetections/untrustedcertificate/IKeyStoreProvider;)V", "buildTelemetryPayload", "Lcom/norton/staplerclassifiers/BaseTask$DetectionTelemetryPayload;", "untrustedCertificates", "", "Ljava/security/cert/Certificate;", "getInstalledCertificates", "Lkotlin/sequences/Sequence;", "Lkotlin/Pair;", "kotlin.jvm.PlatformType", "aliasPrefix", "scan", "", "Companion", "device-detections_debug"}, k = 1, mv = {1, 6, 0}, xi = 48)
/* loaded from: classes2.dex */
public final class UntrustedCertificateTask extends BaseTask {

    /* renamed from: g, reason: collision with root package name */
    @d
    public final IKeyStoreProvider f7253g;

    /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
    public UntrustedCertificateTask(Context context, IConfigurationProvider iConfigurationProvider, String str, IKeyStoreProvider iKeyStoreProvider, int i2) {
        super(context, iConfigurationProvider, str);
        KeyStoreProvider keyStoreProvider = (i2 & 8) != 0 ? new KeyStoreProvider() : null;
        f0.f(context, "context");
        f0.f(iConfigurationProvider, "configurationProvider");
        f0.f(str, "configurationKey");
        f0.f(keyStoreProvider, "keyStoreProvider");
        this.f7253g = keyStoreProvider;
        d(UntrustedCertificateClassifier.NAME);
        this.f7195d = 0;
    }

    @Override // com.norton.staplerclassifiers.BaseTask
    public void c() {
        boolean z;
        LinkedHashMap linkedHashMap = new LinkedHashMap();
        for (Pair<String, Certificate> pair : f("user:")) {
            String component1 = pair.component1();
            Certificate component2 = pair.component2();
            Iterator<Pair<String, Certificate>> it = f("system:").iterator();
            while (true) {
                z = true;
                boolean z2 = false;
                if (!it.hasNext()) {
                    z = false;
                    break;
                }
                Certificate component22 = it.next().component2();
                f0.f(component2, "<this>");
                f0.f(component22, "certificate");
                try {
                    component2.verify(component22.getPublicKey());
                    z2 = true;
                } catch (Exception unused) {
                }
                if (z2) {
                    break;
                }
            }
            if (!z) {
                f0.e(component1, "alias");
                linkedHashMap.put(component1, component2);
            }
        }
        if (linkedHashMap.isEmpty()) {
            this.f7194c.c(BaseTask.StateType.SAFE, "No untrusted certificates found on device");
            BaseTask.d dVar = this.f7194c;
            dVar.f7208d = EmptyList.INSTANCE;
            dVar.f7209e = e(z1.d());
            return;
        }
        this.f7194c.c(BaseTask.StateType.UNSAFE, "Found untrusted certificates on device");
        this.f7194c.f7208d = CollectionsKt___CollectionsKt.f0(linkedHashMap.keySet());
        this.f7194c.f7209e = e(linkedHashMap);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r13v0 */
    /* JADX WARN: Type inference failed for: r13v1, types: [java.lang.Iterable] */
    /* JADX WARN: Type inference failed for: r13v2, types: [java.util.ArrayList] */
    public final BaseTask.c e(Map<String, ? extends Certificate> map) {
        EmptyList emptyList;
        ?? r13;
        Collection<List<?>> subjectAlternativeNames;
        X500Principal subjectX500Principal;
        X500Principal issuerX500Principal;
        Json.a aVar = Json.f36558a;
        KSerializer<TelemetryPayload> serializer = TelemetryPayload.INSTANCE.serializer();
        Collection<? extends Certificate> values = map.values();
        ArrayList arrayList = new ArrayList(y0.k(values, 10));
        for (Certificate certificate : values) {
            X509Certificate x509Certificate = certificate instanceof X509Certificate ? (X509Certificate) certificate : null;
            String name = (x509Certificate == null || (issuerX500Principal = x509Certificate.getIssuerX500Principal()) == null) ? null : issuerX500Principal.getName("RFC2253");
            if (name == null) {
                name = "";
            } else {
                f0.e(name, "x509Certificate?.issuerX…0Principal.RFC2253) ?: \"\"");
            }
            String name2 = (x509Certificate == null || (subjectX500Principal = x509Certificate.getSubjectX500Principal()) == null) ? null : subjectX500Principal.getName("RFC2253");
            if (name2 == null) {
                name2 = "";
            } else {
                f0.e(name2, "x509Certificate?.subject…0Principal.RFC2253) ?: \"\"");
            }
            if (x509Certificate != null) {
                f0.f(x509Certificate, "<this>");
                try {
                    subjectAlternativeNames = x509Certificate.getSubjectAlternativeNames();
                } catch (Exception unused) {
                    emptyList = EmptyList.INSTANCE;
                }
                if (subjectAlternativeNames != null) {
                    r13 = new ArrayList();
                    Iterator it = subjectAlternativeNames.iterator();
                    while (it.hasNext()) {
                        List list = (List) it.next();
                        if (f0.a(list.get(0), 2)) {
                            Object obj = list.get(1);
                            String str = obj instanceof String ? (String) obj : null;
                            if (str != null) {
                                r13.add(str);
                            }
                        }
                    }
                    if (r13 != 0 && (r5 = CollectionsKt___CollectionsKt.a0(r13, 5)) != null) {
                        f0.f(certificate, "<this>");
                        String encodeToString = Base64.encodeToString(certificate.getPublicKey().getEncoded(), 0);
                        f0.e(encodeToString, "encodeToString(this.publ….encoded, Base64.DEFAULT)");
                        arrayList.add(new UntrustedCertificateTelemetry(name, name2, r5, v.q(encodeToString, "\n", "", false, 4)));
                    }
                } else {
                    emptyList = EmptyList.INSTANCE;
                    r13 = emptyList;
                    if (r13 != 0) {
                        f0.f(certificate, "<this>");
                        String encodeToString2 = Base64.encodeToString(certificate.getPublicKey().getEncoded(), 0);
                        f0.e(encodeToString2, "encodeToString(this.publ….encoded, Base64.DEFAULT)");
                        arrayList.add(new UntrustedCertificateTelemetry(name, name2, r5, v.q(encodeToString2, "\n", "", false, 4)));
                    }
                }
            }
            List list2 = EmptyList.INSTANCE;
            f0.f(certificate, "<this>");
            String encodeToString22 = Base64.encodeToString(certificate.getPublicKey().getEncoded(), 0);
            f0.e(encodeToString22, "encodeToString(this.publ….encoded, Base64.DEFAULT)");
            arrayList.add(new UntrustedCertificateTelemetry(name, name2, list2, v.q(encodeToString22, "\n", "", false, 4)));
        }
        return new BaseTask.c(null, aVar.d(serializer, new TelemetryPayload(arrayList)));
    }

    public final Sequence<Pair<String, Certificate>> f(final String str) {
        final KeyStore a2 = this.f7253g.a();
        if (a2 == null) {
            return EmptySequence.f34771a;
        }
        Enumeration<String> aliases = a2.aliases();
        f0.e(aliases, "keyStore.aliases()");
        f0.f(aliases, "<this>");
        return SequencesKt___SequencesKt.t(SequencesKt___SequencesKt.k(SequencesKt__SequencesKt.c(new z0(aliases)), new Function1<String, Boolean>() { // from class: com.norton.staplerclassifiers.devicedetections.untrustedcertificate.UntrustedCertificateTask$getInstalledCertificates$1$1
            /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
            {
                super(1);
            }

            @Override // kotlin.jvm.functions.Function1
            @d
            public final Boolean invoke(String str2) {
                f0.e(str2, "it");
                return Boolean.valueOf(v.t(str2, str, true));
            }
        }), new Function1<String, Pair<? extends String, ? extends Certificate>>() { // from class: com.norton.staplerclassifiers.devicedetections.untrustedcertificate.UntrustedCertificateTask$getInstalledCertificates$1$2
            /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
            {
                super(1);
            }

            @Override // kotlin.jvm.functions.Function1
            @e
            public final Pair<String, Certificate> invoke(String str2) {
                try {
                    Certificate certificate = a2.getCertificate(str2);
                    if (certificate != null) {
                        return new Pair<>(str2, certificate);
                    }
                    return null;
                } catch (Exception e2) {
                    e.o.r.d.a(6, "UntrustedCertificateTask", e2.getMessage(), e2);
                    return null;
                }
            }
        });
    }
}
