package com.microsoft.omadm.platforms.android.wifimgr;

import com.microsoft.intune.common.exception.MdmException;
import com.microsoft.intune.common.xml.XMLUtils;
import com.microsoft.omadm.exception.OMADMException;
import com.microsoft.omadm.exception.OMADMUnsupportedElementException;
import com.microsoft.omadm.utils.CertSearchCriteria;
import com.microsoft.omadm.utils.CertUtils;
import com.microsoft.omadm.utils.WifiUtils;
import java.util.HashMap;
import java.util.List;
import java.util.Map;
import java.util.Properties;
import java.util.logging.Level;
import java.util.logging.Logger;
import javax.xml.xpath.XPathExpressionException;
import org.apache.commons.lang3.StringUtils;
import org.w3c.dom.Document;

/* loaded from: classes3.dex */
public class OneX {
    public static final String AN_ENABLED = "Enabled";
    public static final String ET_FALSE = "false";
    public static final String ET_TRUE = "true";
    private static final Logger LOGGER = Logger.getLogger(OneX.class.getName());
    public static final String NSTAG_EAPC = "ec";
    public static final String NSTAG_EAPHC = "ehc";
    public static final String NSTAG_EAP_BASE_CONN_V1 = "ebc";
    public static final String NSTAG_EAP_BASE_USERPROP = "eup";
    public static final String NSTAG_EAP_GENERIC_USERCRED = "eguc";
    public static final String NSTAG_EAP_MSCHAPV2_CONNRPROP = "msc2cp";
    public static final String NSTAG_EAP_MSCHAPV2_USERPROP = "msc2up";
    public static final String NSTAG_EAP_PEAP_V1 = "peap1";
    public static final String NSTAG_EAP_PEAP_V2 = "peap2";
    public static final String NSTAG_EAP_TLS_USERPROP = "tlsup";
    public static final String NSTAG_EAP_TLS_V1 = "tls";
    public static final String NSTAG_EAP_TLS_V2 = "tls2";
    public static final String NSTAG_EAP_TLS_V3 = "tls3";
    public static final String NSTAG_EAP_TTLS = "ttls";
    public static final String NSTAG_EAP_TTLS_USERPROP = "ttlsup";
    public static final String NSTAG_ONEX = "oneX";
    public static final String NS_EAPC = "http://www.microsoft.com/provisioning/EapCommon";
    public static final String NS_EAPHC = "http://www.microsoft.com/provisioning/EapHostConfig";
    public static final String NS_EAP_BASE_CONN_V1 = "http://www.microsoft.com/provisioning/BaseEapConnectionPropertiesV1";
    public static final String NS_EAP_BASE_USERPROP = "http://www.microsoft.com/provisioning/BaseEapUserPropertiesV1";
    public static final String NS_EAP_GENERIC_USERCRED = "http://www.microsoft.com/provisioning/EapGenericUserCredentials";
    public static final String NS_EAP_MSCHAPV2_CONNRPROP = "http://www.microsoft.com/provisioning/MsChapV2ConnectionPropertiesV1";
    public static final String NS_EAP_MSCHAPV2_USERPROP = "http://www.microsoft.com/provisioning/MsChapV2UserPropertiesV1";
    public static final String NS_EAP_PEAP_V1 = "http://www.microsoft.com/provisioning/MsPeapConnectionPropertiesV1";
    public static final String NS_EAP_PEAP_V2 = "http://www.microsoft.com/provisioning/MsPeapConnectionPropertiesV2";
    public static final String NS_EAP_TLS_USERPROP = "http://www.microsoft.com/provisioning/EapTlsUserPropertiesV1";
    public static final String NS_EAP_TLS_V1 = "http://www.microsoft.com/provisioning/EapTlsConnectionPropertiesV1";
    public static final String NS_EAP_TLS_V2 = "http://www.microsoft.com/provisioning/EapTlsConnectionPropertiesV2";
    public static final String NS_EAP_TLS_V3 = "http://www.microsoft.com/provisioning/EapTlsConnectionPropertiesV3";
    public static final String NS_EAP_TTLS = "http://www.microsoft.com/provisioning/EapTtlsConnectionPropertiesV1";
    public static final String NS_EAP_TTLS_USERPROP = "http://www.microsoft.com/provisioning/EapTtlsUserPropertiesV1";
    public static final String NS_ONEX = "http://www.microsoft.com/networking/OneX/v1";
    public static final String XP_EAP_CONFIG_EAP = "/wl:WLANProfile/wl:MSM/wl:security/oneX:OneX/oneX:EAPConfig/ehc:EapHostConfig/ehc:Config/ebc:Eap";
    static final String XP_EAP_GENERIC_DOMAIN = "//eguc:Domain";
    static final String XP_EAP_GENERIC_PASSWORD = "//eguc:Password";
    static final String XP_EAP_GENERIC_USERNAME = "//eguc:UserName";
    public static final String XP_EAP_HOSTCONFIG = "/wl:WLANProfile/wl:MSM/wl:security/oneX:OneX/oneX:EAPConfig/ehc:EapHostConfig";
    static final String XP_EAP_MSCHAPV2_DOMAIN = "//msc2cp:EapType/msc2cp:LogonDomain";
    static final String XP_EAP_MSCHAPV2_PASSWORD = "//msc2cp:EapType/msc2cp:Password";
    static final String XP_EAP_MSCHAPV2_USERNAME = "//msc2cp:EapType/msc2cp:Username";
    static final String XP_EAP_P2_TLS2_SERVERVAL = "/wl:WLANProfile/wl:MSM/wl:security/oneX:OneX/oneX:EAPConfig/ehc:EapHostConfig/ehc:Config/ebc:Eap/tls:EapType/tls2:PerformServerValidation";
    static final String XP_EAP_P2_TLS_CACERT_THUMBPRINT = "//tls:EapType/tls:ServerValidation/tls:TrustedRootCA";
    static final String XP_EAP_P2_TLS_CREDSRC_CERTSTORE = "//tls:EapType/tls:CredentialsSource/tls:CertificateStore";
    static final String XP_EAP_P2_TLS_CREDSRC_CERTSTORE_SIMSEL = "//tls:EapType/tls:CredentialsSource/tls:CertificateStore/tls:SimpleCertSelection";
    static final String XP_EAP_P2_TLS_CREDSRC_SMRTCARD = "//tls:EapType/tls:CredentialsSource/tls:SmartCard";
    public static final String XP_EAP_P2_TLS_EKU_MAP = "//tls:EapType/tls2:TLSExtensions/tls3:FilteringInfo/tls3:EKUMapping/tls3:EKUMap";
    static final String XP_EAP_P2_TLS_SERVERVAL = "//tls:EapType/tls:PerformServerValidation";
    static final String XP_EAP_PEAP_ANONIDENTITY = "/wl:WLANProfile/wl:MSM/wl:security/oneX:OneX/oneX:EAPConfig/ehc:EapHostConfig/ehc:Config/ebc:Eap/peap1:EapType//peap2:AnonymousUserName";
    static final String XP_EAP_PEAP_CACERT_THUMBPRINT = "/wl:WLANProfile/wl:MSM/wl:security/oneX:OneX/oneX:EAPConfig/ehc:EapHostConfig/ehc:Config/ebc:Eap/peap1:EapType/peap1:ServerValidation/peap1:TrustedRootCA";
    static final String XP_EAP_PEAP_P2AUTH = "/wl:WLANProfile/wl:MSM/wl:security/oneX:OneX/oneX:EAPConfig/ehc:EapHostConfig/ehc:Config/ebc:Eap/peap1:EapType/ebc:Eap/ebc:Type";
    static final String XP_EAP_PEAP_SERVERVAL = "/wl:WLANProfile/wl:MSM/wl:security/oneX:OneX/oneX:EAPConfig/ehc:EapHostConfig/ehc:Config/ebc:Eap/peap1:EapType/peap1:PeapExtensions/peap2:PerformServerValidation";
    static final String XP_EAP_PEAP_TRUSTED_SERVER_NAMES = "/wl:WLANProfile/wl:MSM/wl:security/oneX:OneX/oneX:EAPConfig/ehc:EapHostConfig/ehc:Config/ebc:Eap/peap1:EapType/peap1:ServerValidation/peap1:ServerNames";
    static final String XP_EAP_TLS2_SERVERVAL = "/wl:WLANProfile/wl:MSM/wl:security/oneX:OneX/oneX:EAPConfig/ehc:EapHostConfig/ehc:Config/ebc:Eap/tls:EapType/tls2:PerformServerValidation";
    static final String XP_EAP_TLS_CACERT_THUMBPRINT = "/wl:WLANProfile/wl:MSM/wl:security/oneX:OneX/oneX:EAPConfig/ehc:EapHostConfig/ehc:Config/ebc:Eap/tls:EapType/tls:ServerValidation/tls:TrustedRootCA";
    static final String XP_EAP_TLS_CREDSRC_CERTSTORE = "/wl:WLANProfile/wl:MSM/wl:security/oneX:OneX/oneX:EAPConfig/ehc:EapHostConfig/ehc:Config/ebc:Eap/tls:EapType/tls:CredentialsSource/tls:CertificateStore";
    static final String XP_EAP_TLS_CREDSRC_CERTSTORE_SIMSEL = "/wl:WLANProfile/wl:MSM/wl:security/oneX:OneX/oneX:EAPConfig/ehc:EapHostConfig/ehc:Config/ebc:Eap/tls:EapType/tls:CredentialsSource/tls:CertificateStore/tls:SimpleCertSelection";
    static final String XP_EAP_TLS_CREDSRC_SMRTCARD = "/wl:WLANProfile/wl:MSM/wl:security/oneX:OneX/oneX:EAPConfig/ehc:EapHostConfig/ehc:Config/ebc:Eap/tls:EapType/tls:CredentialsSource/tls:SmartCard";
    public static final String XP_EAP_TLS_EKU_MAP = "/wl:WLANProfile/wl:MSM/wl:security/oneX:OneX/oneX:EAPConfig/ehc:EapHostConfig/ehc:Config/ebc:Eap/tls:EapType/tls2:TLSExtensions/tls3:FilteringInfo/tls3:EKUMapping/tls3:EKUMap";
    static final String XP_EAP_TLS_SERVERVAL = "/wl:WLANProfile/wl:MSM/wl:security/oneX:OneX/oneX:EAPConfig/ehc:EapHostConfig/ehc:Config/ebc:Eap/tls:EapType/tls:PerformServerValidation";
    static final String XP_EAP_TLS_TRUSTED_SERVER_NAMES = "/wl:WLANProfile/wl:MSM/wl:security/oneX:OneX/oneX:EAPConfig/ehc:EapHostConfig/ehc:Config/ebc:Eap/tls:EapType/tls:ServerValidation/tls:ServerNames";
    static final String XP_EAP_TLS_USERNAME = "/wl:WLANProfile/wl:MSM/wl:security/oneX:OneX/oneX:EAPConfig/ehc:EapHostConfig/ehc:Config/ebc:Eap/tlsup:EapType/tlsup:Username";
    static final String XP_EAP_TTLS = "/wl:WLANProfile/wl:MSM/wl:security/oneX:OneX/oneX:EAPConfig/ehc:EapHostConfig/ehc:Config/ttls:EapTtls";
    static final String XP_EAP_TTLSUP_PASSWORD = "/wl:WLANProfile/wl:MSM/wl:security/oneX:OneX/oneX:EAPConfig/ehc:EapHostConfig/ehc:Config/ebc:Eap/ttlsup:EapTtls/ttlsup:TtlsCred/ttlsup:Password";
    static final String XP_EAP_TTLSUP_USERNAME = "/wl:WLANProfile/wl:MSM/wl:security/oneX:OneX/oneX:EAPConfig/ehc:EapHostConfig/ehc:Config/ebc:Eap/ttlsup:EapTtls/ttlsup:TtlsCred/ttlsup:Username";
    static final String XP_EAP_TTLS_ANONIDENTITY = "/wl:WLANProfile/wl:MSM/wl:security/oneX:OneX/oneX:EAPConfig/ehc:EapHostConfig/ehc:Config/ttls:EapTtls/ttls:Phase1Identity/ttls:AnonymousIdentity";
    static final String XP_EAP_TTLS_CACERT = "/wl:WLANProfile/wl:MSM/wl:security/oneX:OneX/oneX:EAPConfig/ehc:EapHostConfig/ehc:Config/ttls:EapTtls/ttls:ServerValidation/ttls:TrustedRootCAHash";
    static final String XP_EAP_TTLS_P2AUTH = "/wl:WLANProfile/wl:MSM/wl:security/oneX:OneX/oneX:EAPConfig/ehc:EapHostConfig/ehc:Config/ttls:EapTtls/ttls:Phase2Authentication";
    static final String XP_EAP_TTLS_P2_EAPTYPE = "/wl:WLANProfile/wl:MSM/wl:security/oneX:OneX/oneX:EAPConfig/ehc:EapHostConfig/ehc:Config/ttls:EapTtls/ttls:Phase2Authentication/ehc:EapHostConfig/ehc:Config/ebc:Eap/ebc:Type";
    static final String XP_EAP_TTLS_P2_MSCHAP = "/wl:WLANProfile/wl:MSM/wl:security/oneX:OneX/oneX:EAPConfig/ehc:EapHostConfig/ehc:Config/ttls:EapTtls/ttls:Phase2Authentication/ttls:MSCHAPAuthentication";
    static final String XP_EAP_TTLS_P2_MSCHAPV2 = "/wl:WLANProfile/wl:MSM/wl:security/oneX:OneX/oneX:EAPConfig/ehc:EapHostConfig/ehc:Config/ttls:EapTtls/ttls:Phase2Authentication/ttls:MSCHAPv2Authentication";
    static final String XP_EAP_TTLS_P2_PAP = "/wl:WLANProfile/wl:MSM/wl:security/oneX:OneX/oneX:EAPConfig/ehc:EapHostConfig/ehc:Config/ttls:EapTtls/ttls:Phase2Authentication/ttls:PAPAuthentication";
    static final String XP_EAP_TTLS_TRUSTED_SERVER_NAMES = "/wl:WLANProfile/wl:MSM/wl:security/oneX:OneX/oneX:EAPConfig/ehc:EapHostConfig/ehc:Config/ttls:EapTtls/ttls:ServerValidation/ttls:ServerNames";
    static final String XP_EAP_TYPE = "/wl:WLANProfile/wl:MSM/wl:security/oneX:OneX/oneX:EAPConfig/ehc:EapHostConfig/ehc:EapMethod/ec:Type";
    public static final String XP_FC_EAP_TLS_EKU_NAME = "./tls3:EKUName";
    public static final String XP_FC_EAP_TLS_EKU_OID = "./tls3:EKUOID";
    public String anonymousIdentity;
    public CertSearchCriteria certSearchCriteria;
    public CredentialsSource credentialsSource;
    public String domainSuffixMatch;
    public EAPType eapType;
    public String identity;
    public String password;
    public String trustedRootCertThumbPrint;
    public EAPPhase2Type phase2Type = EAPPhase2Type.NONE;
    public boolean performServerValidation = true;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: com.microsoft.omadm.platforms.android.wifimgr.OneX$1, reason: invalid class name */
    /* loaded from: classes3.dex */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$com$microsoft$omadm$platforms$android$wifimgr$OneX$EAPPhase2Type;
        static final /* synthetic */ int[] $SwitchMap$com$microsoft$omadm$platforms$android$wifimgr$OneX$EAPType;

        static {
            int[] iArr = new int[EAPPhase2Type.values().length];
            $SwitchMap$com$microsoft$omadm$platforms$android$wifimgr$OneX$EAPPhase2Type = iArr;
            try {
                iArr[EAPPhase2Type.PAP.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                $SwitchMap$com$microsoft$omadm$platforms$android$wifimgr$OneX$EAPPhase2Type[EAPPhase2Type.GTC.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
            try {
                $SwitchMap$com$microsoft$omadm$platforms$android$wifimgr$OneX$EAPPhase2Type[EAPPhase2Type.MSCHAP.ordinal()] = 3;
            } catch (NoSuchFieldError unused3) {
            }
            try {
                $SwitchMap$com$microsoft$omadm$platforms$android$wifimgr$OneX$EAPPhase2Type[EAPPhase2Type.MSCHAPV2.ordinal()] = 4;
            } catch (NoSuchFieldError unused4) {
            }
            try {
                $SwitchMap$com$microsoft$omadm$platforms$android$wifimgr$OneX$EAPPhase2Type[EAPPhase2Type.NONE.ordinal()] = 5;
            } catch (NoSuchFieldError unused5) {
            }
            int[] iArr2 = new int[EAPType.values().length];
            $SwitchMap$com$microsoft$omadm$platforms$android$wifimgr$OneX$EAPType = iArr2;
            try {
                iArr2[EAPType.TLS.ordinal()] = 1;
            } catch (NoSuchFieldError unused6) {
            }
            try {
                $SwitchMap$com$microsoft$omadm$platforms$android$wifimgr$OneX$EAPType[EAPType.PWD.ordinal()] = 2;
            } catch (NoSuchFieldError unused7) {
            }
            try {
                $SwitchMap$com$microsoft$omadm$platforms$android$wifimgr$OneX$EAPType[EAPType.PEAP.ordinal()] = 3;
            } catch (NoSuchFieldError unused8) {
            }
            try {
                $SwitchMap$com$microsoft$omadm$platforms$android$wifimgr$OneX$EAPType[EAPType.TTLS.ordinal()] = 4;
            } catch (NoSuchFieldError unused9) {
            }
        }
    }

    /* loaded from: classes3.dex */
    public enum CredentialsSource {
        SmartCard,
        CertificateStore;

        public boolean simpleCertSelection;

        public static CredentialsSource getEnum(String str) {
            if (str == null) {
                return null;
            }
            return valueOf(str);
        }
    }

    /* loaded from: classes3.dex */
    public enum EAPPhase2Type {
        NONE(0),
        GTC(6),
        TLS(13),
        MSCHAPV2(26),
        PAP(98),
        MSCHAP(99);

        private static final Map<Integer, EAPPhase2Type> INT_TO_EAP_TYPE_MAP = new HashMap();
        private final int value;

        static {
            for (EAPPhase2Type eAPPhase2Type : values()) {
                INT_TO_EAP_TYPE_MAP.put(Integer.valueOf(eAPPhase2Type.value), eAPPhase2Type);
            }
        }

        EAPPhase2Type(int i) {
            this.value = i;
        }

        public static EAPPhase2Type fromInt(int i) throws OMADMUnsupportedElementException {
            EAPPhase2Type eAPPhase2Type = INT_TO_EAP_TYPE_MAP.get(Integer.valueOf(i));
            if (eAPPhase2Type != null) {
                return eAPPhase2Type;
            }
            throw new OMADMUnsupportedElementException("Unknown EAP Phase 2 type value: " + i);
        }

        public static int fromPhase2Type(EAPPhase2Type eAPPhase2Type) throws OMADMUnsupportedElementException {
            int i = AnonymousClass1.$SwitchMap$com$microsoft$omadm$platforms$android$wifimgr$OneX$EAPPhase2Type[eAPPhase2Type.ordinal()];
            int i2 = 1;
            if (i != 1) {
                i2 = 4;
                if (i != 2) {
                    if (i == 3) {
                        return 2;
                    }
                    if (i == 4) {
                        return 3;
                    }
                    if (i == 5) {
                        return 0;
                    }
                    throw new OMADMUnsupportedElementException("Unhandled EAP Phase 2 type: " + eAPPhase2Type);
                }
            }
            return i2;
        }
    }

    /* loaded from: classes3.dex */
    public enum EAPType {
        TLS(13),
        TTLS(21),
        PEAP(25),
        PWD(52);

        private static final Map<Integer, EAPType> INT_TO_EAP_TYPE_MAP = new HashMap();
        private final int value;

        static {
            for (EAPType eAPType : values()) {
                INT_TO_EAP_TYPE_MAP.put(Integer.valueOf(eAPType.value), eAPType);
            }
        }

        EAPType(int i) {
            this.value = i;
        }

        public static int fromEAPType(EAPType eAPType) throws OMADMUnsupportedElementException {
            int i = AnonymousClass1.$SwitchMap$com$microsoft$omadm$platforms$android$wifimgr$OneX$EAPType[eAPType.ordinal()];
            int i2 = 1;
            if (i != 1) {
                i2 = 3;
                if (i != 2) {
                    if (i == 3) {
                        return 0;
                    }
                    if (i == 4) {
                        return 2;
                    }
                    throw new OMADMUnsupportedElementException("Unhandled EAP type: " + eAPType);
                }
            }
            return i2;
        }

        public static EAPType fromInt(int i) throws OMADMUnsupportedElementException {
            EAPType eAPType = INT_TO_EAP_TYPE_MAP.get(Integer.valueOf(i));
            if (eAPType != null) {
                return eAPType;
            }
            throw new OMADMUnsupportedElementException("Unknown EAP type value: " + i);
        }
    }

    private static void extractCertSearchCriteriaFromPhase2TLSXML(XMLUtils xMLUtils, OneX oneX) throws OMADMUnsupportedElementException, OMADMException, XPathExpressionException {
        List<String> nodeListStringContents = xMLUtils.getNodeListStringContents(XP_EAP_P2_TLS_CACERT_THUMBPRINT);
        if (nodeListStringContents != null && !nodeListStringContents.isEmpty()) {
            if (nodeListStringContents.size() > 1) {
                throw new OMADMUnsupportedElementException("Only one Root/CA certificate is supported, cannot configure 802.1x.");
            }
            oneX.setTrustedRootCertThumbPrint(nodeListStringContents.get(0));
        }
        if (xMLUtils.nodeExists(XP_EAP_P2_TLS_CREDSRC_CERTSTORE)) {
            CredentialsSource credentialsSource = CredentialsSource.CertificateStore;
            oneX.credentialsSource = credentialsSource;
            credentialsSource.simpleCertSelection = xMLUtils.getNodeBooleanContent(XP_EAP_P2_TLS_CREDSRC_CERTSTORE_SIMSEL, "true", true, true);
        } else if (xMLUtils.nodeExists(XP_EAP_P2_TLS_CREDSRC_SMRTCARD)) {
            throw new OMADMUnsupportedElementException("Invalid/unsupported TLS Credentials Source. Smart card is not applicable for Android. Cannot configure 802.1x.");
        }
        if (xMLUtils.nodeExists(XP_EAP_P2_TLS_SERVERVAL)) {
            oneX.performServerValidation = xMLUtils.getNodeBooleanContent(XP_EAP_TLS_SERVERVAL, "true", true).booleanValue();
        } else if (xMLUtils.nodeExists("/wl:WLANProfile/wl:MSM/wl:security/oneX:OneX/oneX:EAPConfig/ehc:EapHostConfig/ehc:Config/ebc:Eap/tls:EapType/tls2:PerformServerValidation")) {
            oneX.performServerValidation = xMLUtils.getNodeBooleanContent("/wl:WLANProfile/wl:MSM/wl:security/oneX:OneX/oneX:EAPConfig/ehc:EapHostConfig/ehc:Config/ebc:Eap/tls:EapType/tls2:PerformServerValidation", "true", true, false);
        }
        if (oneX.certSearchCriteria == null) {
            CertSearchCriteria certSearchCriteria = new CertSearchCriteria();
            oneX.certSearchCriteria = certSearchCriteria;
            certSearchCriteria.requireUpnInSubjectAlternativeNames = true;
        }
        oneX.certSearchCriteria.updateFromTtlsPhase2EapXml(xMLUtils);
    }

    public static OneX fromXML(XMLUtils xMLUtils) throws OMADMUnsupportedElementException, MdmException {
        try {
            LOGGER.finest("Starting to parse OneX from Wifi XML.");
            OneX oneX = new OneX();
            oneX.eapType = EAPType.fromInt(Integer.parseInt(xMLUtils.getNodeStringContent(XP_EAP_TYPE)));
            int i = AnonymousClass1.$SwitchMap$com$microsoft$omadm$platforms$android$wifimgr$OneX$EAPType[oneX.eapType.ordinal()];
            if (i == 1) {
                List<String> nodeListStringContents = xMLUtils.getNodeListStringContents(XP_EAP_TLS_CACERT_THUMBPRINT);
                if (nodeListStringContents != null && !nodeListStringContents.isEmpty()) {
                    if (nodeListStringContents.size() > 1) {
                        throw new OMADMUnsupportedElementException("Only one Root/CA certificate is supported, cannot configure 802.1x.");
                    }
                    oneX.setTrustedRootCertThumbPrint(nodeListStringContents.get(0));
                }
                oneX.domainSuffixMatch = xMLUtils.getNodeStringContent(XP_EAP_TLS_TRUSTED_SERVER_NAMES);
                oneX.identity = xMLUtils.getNodeStringContent(XP_EAP_TLS_USERNAME);
                if (xMLUtils.nodeExists(XP_EAP_TLS_CREDSRC_CERTSTORE)) {
                    CredentialsSource credentialsSource = CredentialsSource.CertificateStore;
                    oneX.credentialsSource = credentialsSource;
                    credentialsSource.simpleCertSelection = xMLUtils.getNodeBooleanContent(XP_EAP_TLS_CREDSRC_CERTSTORE_SIMSEL, "true", true, true);
                } else if (xMLUtils.nodeExists(XP_EAP_TLS_CREDSRC_SMRTCARD)) {
                    throw new OMADMUnsupportedElementException("Invalid/unsupported TLS Credentials Source. Smart card is not applicable for Android. Cannot configure 802.1x.");
                }
                if (xMLUtils.nodeExists(XP_EAP_TLS_SERVERVAL)) {
                    oneX.performServerValidation = xMLUtils.getNodeBooleanContent(XP_EAP_TLS_SERVERVAL, "true", true).booleanValue();
                } else if (xMLUtils.nodeExists("/wl:WLANProfile/wl:MSM/wl:security/oneX:OneX/oneX:EAPConfig/ehc:EapHostConfig/ehc:Config/ebc:Eap/tls:EapType/tls2:PerformServerValidation")) {
                    oneX.performServerValidation = xMLUtils.getNodeBooleanContent("/wl:WLANProfile/wl:MSM/wl:security/oneX:OneX/oneX:EAPConfig/ehc:EapHostConfig/ehc:Config/ebc:Eap/tls:EapType/tls2:PerformServerValidation", "true", true, false);
                }
                if (oneX.certSearchCriteria == null) {
                    CertSearchCriteria certSearchCriteria = new CertSearchCriteria();
                    oneX.certSearchCriteria = certSearchCriteria;
                    certSearchCriteria.requireUpnInSubjectAlternativeNames = true;
                }
                oneX.certSearchCriteria.updateFromTlsEapXml(xMLUtils);
            } else if (i == 2) {
                oneX.identity = getIdentity(XP_EAP_GENERIC_USERNAME, XP_EAP_GENERIC_DOMAIN, xMLUtils);
                oneX.password = xMLUtils.getNodeStringContent(XP_EAP_GENERIC_PASSWORD);
            } else if (i == 3) {
                String nodeStringContent = xMLUtils.getNodeStringContent(XP_EAP_PEAP_P2AUTH);
                oneX.phase2Type = nodeStringContent == null ? EAPPhase2Type.NONE : EAPPhase2Type.fromInt(Integer.parseInt(nodeStringContent));
                if (EAPPhase2Type.TLS == oneX.phase2Type) {
                    extractCertSearchCriteriaFromPhase2TLSXML(xMLUtils, oneX);
                    oneX.phase2Type = EAPPhase2Type.NONE;
                }
                List<String> nodeListStringContents2 = xMLUtils.getNodeListStringContents(XP_EAP_PEAP_CACERT_THUMBPRINT);
                if (nodeListStringContents2 != null && !nodeListStringContents2.isEmpty()) {
                    if (nodeListStringContents2.size() > 1) {
                        throw new OMADMUnsupportedElementException("Only one Root/CA certificate is supported, cannot configure 802.1x.");
                    }
                    oneX.setTrustedRootCertThumbPrint(nodeListStringContents2.get(0));
                }
                oneX.domainSuffixMatch = xMLUtils.getNodeStringContent(XP_EAP_PEAP_TRUSTED_SERVER_NAMES);
                if (xMLUtils.nodeExists(XP_EAP_PEAP_SERVERVAL)) {
                    oneX.performServerValidation = xMLUtils.getNodeBooleanContent(XP_EAP_PEAP_SERVERVAL, "true", true).booleanValue();
                }
                oneX.anonymousIdentity = xMLUtils.getNodeStringContent(XP_EAP_PEAP_ANONIDENTITY);
            } else {
                if (i != 4) {
                    throw new OMADMUnsupportedElementException("Invalid/unsupported EAP type, cannot configure 802.1x.");
                }
                if (xMLUtils.nodeExists(XP_EAP_TTLS_P2_PAP)) {
                    oneX.phase2Type = EAPPhase2Type.PAP;
                } else if (xMLUtils.nodeExists(XP_EAP_TTLS_P2_MSCHAP)) {
                    oneX.phase2Type = EAPPhase2Type.MSCHAP;
                } else if (xMLUtils.nodeExists(XP_EAP_TTLS_P2_MSCHAPV2)) {
                    oneX.phase2Type = EAPPhase2Type.MSCHAPV2;
                } else if (xMLUtils.nodeExists(XP_EAP_TTLS_P2_EAPTYPE)) {
                    String nodeStringContent2 = xMLUtils.getNodeStringContent(XP_EAP_TTLS_P2_EAPTYPE);
                    if (nodeStringContent2 == null) {
                        throw new OMADMUnsupportedElementException("Invalid/unsupported TTLS Phase 2 Authentication type, cannot configure 802.1x.");
                    }
                    oneX.phase2Type = EAPPhase2Type.fromInt(Integer.parseInt(nodeStringContent2));
                    if (EAPPhase2Type.TLS == oneX.phase2Type) {
                        extractCertSearchCriteriaFromPhase2TLSXML(xMLUtils, oneX);
                        oneX.phase2Type = EAPPhase2Type.NONE;
                    }
                } else if (xMLUtils.nodeExists(XP_EAP_TTLS_P2AUTH)) {
                    throw new OMADMUnsupportedElementException("Invalid/unsupported TTLS Phase 2 Authentication type, cannot configure 802.1x.");
                }
                List<String> nodeListStringContents3 = xMLUtils.getNodeListStringContents(XP_EAP_TTLS_CACERT);
                if (nodeListStringContents3 != null && !nodeListStringContents3.isEmpty()) {
                    if (nodeListStringContents3.size() > 1) {
                        throw new OMADMUnsupportedElementException("Only one Root/CA certificate is supported, cannot configure 802.1x.");
                    }
                    oneX.setTrustedRootCertThumbPrint(nodeListStringContents3.get(0));
                }
                oneX.domainSuffixMatch = xMLUtils.getNodeStringContent(XP_EAP_TTLS_TRUSTED_SERVER_NAMES);
                oneX.identity = xMLUtils.getNodeStringContent(XP_EAP_TTLSUP_USERNAME);
                oneX.anonymousIdentity = xMLUtils.getNodeStringContent(XP_EAP_TTLS_ANONIDENTITY);
                oneX.password = xMLUtils.getNodeStringContent(XP_EAP_TTLSUP_PASSWORD);
            }
            if (EAPPhase2Type.MSCHAPV2 == oneX.phase2Type) {
                oneX.identity = getIdentity(XP_EAP_MSCHAPV2_USERNAME, XP_EAP_MSCHAPV2_DOMAIN, xMLUtils);
                oneX.password = xMLUtils.getNodeStringContent(XP_EAP_MSCHAPV2_PASSWORD);
            }
            LOGGER.finest("Completed parsing OneX from Wifi XML.");
            return oneX;
        } catch (OMADMException e) {
            LOGGER.log(Level.WARNING, "Parsing WiFi XML caught OMADM exception.", (Throwable) e);
            throw e;
        } catch (Exception e2) {
            LOGGER.log(Level.WARNING, "Parsing OneX from Wifi XML caught exception.", (Throwable) e2);
            throw new OMADMException("Parsing OneX from Wifi XML caught exception: ", e2);
        }
    }

    private static String getIdentity(String str, String str2, XMLUtils xMLUtils) throws XPathExpressionException {
        String nodeStringContent = xMLUtils.getNodeStringContent(str);
        String nodeStringContent2 = xMLUtils.getNodeStringContent(str2);
        if (nodeStringContent != null) {
            return nodeStringContent2 != null ? String.format("{0}\\{1}", nodeStringContent2, nodeStringContent) : nodeStringContent;
        }
        return null;
    }

    public static void replaceMSChapV2Password(XMLUtils xMLUtils, String str) throws XPathExpressionException, MdmException {
        xMLUtils.updateNode(XP_EAP_MSCHAPV2_PASSWORD, str);
    }

    public static String toXML(String str, OneX oneX) throws MdmException, OMADMException {
        try {
            XMLUtils xMLUtils = new XMLUtils(str, WifiUtils.getWifiNamespaceContext());
            if (fromXML(xMLUtils).areSettingsEquivalent(oneX)) {
                return str;
            }
            updateOneXXMLDoc(xMLUtils, oneX);
            Properties properties = new Properties();
            properties.setProperty("omit-xml-declaration", "no");
            properties.setProperty("indent", "no");
            Document domdoc = xMLUtils.getDomdoc();
            domdoc.setXmlStandalone(true);
            String addExplicitEapHostConfigNamespace = XMLUtils.addExplicitEapHostConfigNamespace(XMLUtils.addExplicitClosingTags(XMLUtils.getXMLUnderNode(domdoc, properties)));
            LOGGER.finest("Completed creating Wifi XML from profile.");
            return addExplicitEapHostConfigNamespace;
        } catch (Exception e) {
            LOGGER.log(Level.WARNING, "Creating WiFi XML caught exception.");
            throw new OMADMException("Creating WiFi XML caught exception: ", e);
        }
    }

    private static void updateMSChapV2IdentificationInAppliedOneX(OneX oneX, XMLUtils xMLUtils) throws XPathExpressionException, MdmException {
        String str;
        if (EAPPhase2Type.MSCHAPV2 != oneX.phase2Type || (str = oneX.identity) == null) {
            return;
        }
        if (str.indexOf(92) >= 0) {
            String[] split = oneX.identity.split("\\\\");
            xMLUtils.updateNode(XP_EAP_MSCHAPV2_USERNAME, split[0]);
            xMLUtils.updateNode(XP_EAP_MSCHAPV2_DOMAIN, split[1]);
        } else {
            xMLUtils.updateNode(XP_EAP_MSCHAPV2_USERNAME, oneX.identity);
            xMLUtils.removeNode(XP_EAP_MSCHAPV2_DOMAIN);
        }
        xMLUtils.updateNode(XP_EAP_MSCHAPV2_PASSWORD, oneX.password);
    }

    public static void updateOneXXMLDoc(XMLUtils xMLUtils, OneX oneX) throws XPathExpressionException, MdmException {
        xMLUtils.updateNode(XP_EAP_TYPE, Integer.toString(oneX.eapType.value));
        int i = AnonymousClass1.$SwitchMap$com$microsoft$omadm$platforms$android$wifimgr$OneX$EAPType[oneX.eapType.ordinal()];
        if (i == 1) {
            xMLUtils.updateNode(XP_EAP_TLS_CACERT_THUMBPRINT, CertUtils.formatCertThumbprintForExport(oneX.trustedRootCertThumbPrint));
            xMLUtils.updateNode(XP_EAP_TLS_USERNAME, oneX.identity);
            xMLUtils.updateNode(XP_EAP_TLS_TRUSTED_SERVER_NAMES, oneX.domainSuffixMatch);
            if (CredentialsSource.CertificateStore == oneX.credentialsSource) {
                xMLUtils.addEmptyNode(XP_EAP_TLS_CREDSRC_CERTSTORE, false);
                xMLUtils.removeNode(XP_EAP_TLS_CREDSRC_SMRTCARD);
                xMLUtils.updateNode(XP_EAP_TLS_CREDSRC_CERTSTORE_SIMSEL, oneX.credentialsSource.simpleCertSelection ? "true" : "false");
            } else if (CredentialsSource.SmartCard == oneX.credentialsSource) {
                xMLUtils.addEmptyNode(XP_EAP_TLS_CREDSRC_CERTSTORE, false);
                xMLUtils.removeNode(XP_EAP_TLS_CREDSRC_SMRTCARD);
                xMLUtils.removeNode(XP_EAP_TLS_CREDSRC_CERTSTORE_SIMSEL);
            }
            if (xMLUtils.nodeExists(XP_EAP_TLS_SERVERVAL)) {
                xMLUtils.updateNode(XP_EAP_TLS_SERVERVAL, oneX.performServerValidation ? "true" : "false");
            } else {
                xMLUtils.updateNode("/wl:WLANProfile/wl:MSM/wl:security/oneX:OneX/oneX:EAPConfig/ehc:EapHostConfig/ehc:Config/ebc:Eap/tls:EapType/tls2:PerformServerValidation", oneX.performServerValidation ? "true" : "false");
            }
        } else if (i == 2) {
            int indexOf = oneX.identity.indexOf(92);
            if (indexOf >= 0) {
                xMLUtils.updateNode(XP_EAP_GENERIC_USERNAME, oneX.identity.substring(indexOf + 1));
                xMLUtils.updateNode(XP_EAP_GENERIC_DOMAIN, oneX.identity.substring(0, indexOf));
            } else {
                xMLUtils.updateNode(XP_EAP_GENERIC_USERNAME, oneX.identity);
                xMLUtils.removeNode(XP_EAP_GENERIC_DOMAIN);
            }
            xMLUtils.updateNode(XP_EAP_GENERIC_PASSWORD, oneX.password);
        } else if (i == 3) {
            xMLUtils.updateNode(XP_EAP_PEAP_P2AUTH, Integer.toString(oneX.phase2Type.value));
            xMLUtils.updateNode(XP_EAP_PEAP_CACERT_THUMBPRINT, oneX.trustedRootCertThumbPrint);
            xMLUtils.updateNode(XP_EAP_PEAP_SERVERVAL, oneX.performServerValidation ? "true" : "false");
            xMLUtils.updateNode(XP_EAP_PEAP_ANONIDENTITY, oneX.anonymousIdentity);
        } else {
            if (i != 4) {
                throw new OMADMException("Invalid/unsupported EAP type, cannot configure 802.1x.");
            }
            xMLUtils.removeNode(XP_EAP_TTLS_P2AUTH);
            int i2 = AnonymousClass1.$SwitchMap$com$microsoft$omadm$platforms$android$wifimgr$OneX$EAPPhase2Type[oneX.phase2Type.ordinal()];
            if (i2 == 1) {
                xMLUtils.addEmptyNode(XP_EAP_TTLS_P2_PAP, false);
            } else if (i2 == 3) {
                xMLUtils.addEmptyNode(XP_EAP_TTLS_P2_MSCHAP, false);
            } else if (i2 == 4) {
                xMLUtils.addEmptyNode(XP_EAP_TTLS_P2_MSCHAPV2, false);
            }
            xMLUtils.updateNode(XP_EAP_TTLS_CACERT, CertUtils.formatCertThumbprintForExport(oneX.trustedRootCertThumbPrint));
            xMLUtils.updateNode(XP_EAP_TTLSUP_USERNAME, oneX.identity);
            xMLUtils.updateNode(XP_EAP_TTLS_ANONIDENTITY, oneX.anonymousIdentity);
            xMLUtils.updateNode(XP_EAP_TTLSUP_PASSWORD, oneX.password);
        }
        updateMSChapV2IdentificationInAppliedOneX(oneX, xMLUtils);
    }

    public boolean areSettingsEquivalent(OneX oneX) {
        return this.eapType == oneX.eapType && this.phase2Type == oneX.phase2Type && (!StringUtils.isEmpty(this.trustedRootCertThumbPrint) ? !this.trustedRootCertThumbPrint.equalsIgnoreCase(oneX.trustedRootCertThumbPrint) : !StringUtils.isEmpty(oneX.trustedRootCertThumbPrint)) && (StringUtils.isEmpty(this.identity) || this.identity.equalsIgnoreCase(oneX.identity)) && ((StringUtils.isEmpty(this.anonymousIdentity) || this.anonymousIdentity.equalsIgnoreCase(oneX.anonymousIdentity)) && ((StringUtils.isEmpty(this.password) || this.password.equals(oneX.password)) && (StringUtils.isEmpty(this.domainSuffixMatch) || this.domainSuffixMatch.equals(oneX.domainSuffixMatch))));
    }

    public void setTrustedRootCertThumbPrint(String str) {
        this.trustedRootCertThumbPrint = CertUtils.normalizeThumbPrint(str);
        if (this.certSearchCriteria == null) {
            CertSearchCriteria certSearchCriteria = new CertSearchCriteria();
            this.certSearchCriteria = certSearchCriteria;
            certSearchCriteria.requireUpnInSubjectAlternativeNames = true;
        }
        this.certSearchCriteria.rootCertThumbprint = CertUtils.normalizeThumbPrint(str);
    }
}
