package com.manageengine.mdm.framework.security;

import android.app.KeyguardManager;
import android.app.admin.DevicePolicyManager;
import android.content.ComponentName;
import android.content.Context;
import android.util.Base64;
import com.manageengine.mdm.framework.core.CommandConstants;
import com.manageengine.mdm.framework.core.MDMDeviceManager;
import com.manageengine.mdm.framework.db.MDMAgentParamsTableHandler;
import com.manageengine.mdm.framework.deviceadmin.DeviceAdminMonitor;
import com.manageengine.mdm.framework.logging.MDMLogger;
import com.manageengine.mdm.framework.utils.AgentUtil;
import java.security.SecureRandom;

/* loaded from: classes.dex */
public class PasscodePolicyManager {
    private static final String PASSWORD_RESET_TOKEN = "PasswordResetToken";
    private static final String PENDING_RESET_PASSWORD = "PendingResetPassword";
    public static final int STATUS_PASSWORD_CLEAR_FAILED_DEVICE_ENCRYPTED = 12142;
    public static final int STATUS_PASSWORD_CLEAR_FAILURE_UNKNOWN = 4608;
    public static final int STATUS_PASSWORD_CLEAR_INVALID_ADMIN = 4607;
    public static final int STATUS_PASSWORD_CLEAR_NOT_SUPPORTED = 4610;
    public static final int STATUS_PASSWORD_CLEAR_SUCCESS = 4609;
    public static final int STATUS_PASSWORD_RESET_AUTH_REQUIRED = 4604;
    public static final int STATUS_PASSWORD_RESET_INSUFFICIENT_QUALITY = 4603;
    public static final int STATUS_PASSWORD_RESET_INVALID_ADMIN = 4606;
    public static final int STATUS_PASSWORD_RESET_SUCCESS = 0;
    public static final int STATUS_PASSWORD_RESET_UNKNOWN = 4600;
    public static final int STATUS_TOKEN_ACTIVATED = 2;
    public static final int STATUS_TOKEN_ACTIVATION_UNKNOWN = 4605;
    public static final int STATUS_TOKEN_GENERATION_FAILURE = 4602;

    private void clearResetPasswordToken(Context context) {
        getDevicePolicyManager(context).clearResetPasswordToken(DeviceAdminMonitor.getComponentName(context));
        MDMAgentParamsTableHandler.getInstance(context).removeValue(PASSWORD_RESET_TOKEN);
    }

    private byte[] generateNewPasswordToken(Context context) {
        byte[] bArr = new byte[32];
        new SecureRandom().nextBytes(bArr);
        if (!getDevicePolicyManager(context).setResetPasswordToken(DeviceAdminMonitor.getComponentName(context), bArr)) {
            MDMAgentParamsTableHandler.getInstance(context).removeValue(PASSWORD_RESET_TOKEN);
            MDMLogger.info("Token is not set. Requires User Authentication");
            return null;
        }
        MDMLogger.info("Token is set successfully");
        String encodeToString = Base64.encodeToString(bArr, 0);
        MDMLogger.info("Encoded byte String " + encodeToString);
        MDMAgentParamsTableHandler.getInstance(context).addStringValue(PASSWORD_RESET_TOKEN, encodeToString);
        return bArr;
    }

    private DevicePolicyManager getDevicePolicyManager(Context context) {
        return (DevicePolicyManager) context.getSystemService("device_policy");
    }

    private byte[] getGeneratedResetPasswordToken(Context context) {
        String stringValue = MDMAgentParamsTableHandler.getInstance(context).getStringValue(PASSWORD_RESET_TOKEN);
        if (stringValue != null) {
            return Base64.decode(stringValue, 0);
        }
        return null;
    }

    private KeyguardManager getKeyguardManager(Context context) {
        return (KeyguardManager) context.getSystemService("keyguard");
    }

    private String getPendingResetPassword(Context context) {
        return MDMAgentParamsTableHandler.getInstance(context).getStringValue(PENDING_RESET_PASSWORD);
    }

    private boolean isResetPasswordTokenActive(Context context) {
        return getDevicePolicyManager(context).isResetPasswordTokenActive(DeviceAdminMonitor.getComponentName(context));
    }

    private int resetPassword(Context context, String str, byte[] bArr) {
        try {
            if (getDevicePolicyManager(context).resetPasswordWithToken(DeviceAdminMonitor.getComponentName(context), str, bArr, 0)) {
                return 0;
            }
            return STATUS_PASSWORD_RESET_INSUFFICIENT_QUALITY;
        } catch (IllegalArgumentException e) {
            MDMLogger.error("Exception while resetting the password. Invalid reset token.", (Exception) e);
            return STATUS_PASSWORD_RESET_UNKNOWN;
        } catch (SecurityException e2) {
            MDMLogger.error("Exception while resetting the pasword. Invalid admin.", (Exception) e2);
            return STATUS_PASSWORD_RESET_UNKNOWN;
        } catch (Exception e3) {
            MDMLogger.error("Exception while resetting the password. Unknown error.", e3);
            return STATUS_PASSWORD_RESET_UNKNOWN;
        }
    }

    private int resetPasswordBelowOreo(Context context, String str) {
        int i = getDevicePolicyManager(context).resetPassword(str, 0) ? 0 : STATUS_PASSWORD_RESET_INSUFFICIENT_QUALITY;
        if (i == 0) {
            getDevicePolicyManager(context).lockNow();
        }
        return i;
    }

    private int resetPasswordOreo(Context context, String str) {
        int i = STATUS_PASSWORD_RESET_UNKNOWN;
        if (str == null) {
            str = "";
        }
        if (AgentUtil.getInstance().isProfileOwnerOrDeviceOwner(context)) {
            int activateResetPasswordToken = activateResetPasswordToken(context);
            if (activateResetPasswordToken == 2) {
                if (!str.isEmpty()) {
                    resetPassword(context, "", getGeneratedResetPasswordToken(context));
                }
                i = resetPassword(context, str, getGeneratedResetPasswordToken(context));
            } else {
                i = activateResetPasswordToken;
            }
            if (i == 0) {
                getDevicePolicyManager(context).lockNow();
            } else {
                MDMAgentParamsTableHandler.getInstance(context).addStringValue(PENDING_RESET_PASSWORD, str);
            }
            MDMLogger.info("Password reset status : " + i);
        }
        return i;
    }

    public int activateResetPasswordToken(Context context) {
        byte[] generatedResetPasswordToken = getGeneratedResetPasswordToken(context);
        if (generatedResetPasswordToken == null) {
            generatedResetPasswordToken = generateNewPasswordToken(context);
        }
        if (generatedResetPasswordToken == null) {
            MDMLogger.error("ResetPassword :  Token generation failure");
            return STATUS_TOKEN_GENERATION_FAILURE;
        }
        if (isResetPasswordTokenActive(context)) {
            MDMLogger.info("ResetPassword : Reset Token is already activated");
            return 2;
        }
        MDMLogger.info("ResetPassword : Reset Token is not activated. Generating a new token");
        if (generateNewPasswordToken(context) == null) {
            MDMLogger.error("ResetPassword :  Token generation failure");
            return STATUS_TOKEN_GENERATION_FAILURE;
        }
        if (getKeyguardManager(context).createConfirmDeviceCredentialIntent(CommandConstants.MSG_AUTHORIZATION, "Authorize the admin to two reset") == null) {
            MDMLogger.info("ResetPassword : Reset Token is now activated. Proceeding to reset password");
            return 2;
        }
        MDMLogger.info("ResetPassword : Authorization required ");
        getDevicePolicyManager(context).lockNow();
        return STATUS_PASSWORD_RESET_AUTH_REQUIRED;
    }

    public int clearPassword(Context context) {
        DevicePolicyManager devicePolicyManager = getDevicePolicyManager(context);
        if (AgentUtil.getInstance().isVersionCompatible(context, 26).booleanValue()) {
            return AgentUtil.getInstance().isProfileOwnerOrDeviceOwner(context) ? resetPassword(context, "") == 0 ? STATUS_PASSWORD_CLEAR_SUCCESS : STATUS_PASSWORD_CLEAR_FAILURE_UNKNOWN : STATUS_PASSWORD_CLEAR_INVALID_ADMIN;
        }
        if (AgentUtil.getInstance().isVersionCompatible(context, 24).booleanValue()) {
            return AgentUtil.getInstance().isProfileOwner(context) ? STATUS_PASSWORD_CLEAR_NOT_SUPPORTED : AgentUtil.getInstance().isDeviceOwner(context) ? resetPassword(context, "") == 0 ? STATUS_PASSWORD_CLEAR_SUCCESS : STATUS_PASSWORD_CLEAR_FAILURE_UNKNOWN : STATUS_PASSWORD_CLEAR_INVALID_ADMIN;
        }
        int resetPassword = resetPassword(context, "");
        if (resetPassword == 0) {
            MDMLogger.info("Successfully cleared the passcode ");
            return STATUS_PASSWORD_CLEAR_SUCCESS;
        }
        MDMLogger.info("Cannot clear passcode!!!!");
        if (!AgentUtil.getInstance().isVersion3AndAbove().booleanValue()) {
            return resetPassword;
        }
        MDMLogger.debug("The Android version is 3 or above , so going to check encryption status");
        int storageEncryptionStatus = devicePolicyManager.getStorageEncryptionStatus();
        if (storageEncryptionStatus == 2 || storageEncryptionStatus == 3 || storageEncryptionStatus == 4 || storageEncryptionStatus == 5) {
            return 12142;
        }
        return resetPassword;
    }

    public void clearPendingResetPassword(Context context) {
        MDMAgentParamsTableHandler.getInstance(context).removeValue(PENDING_RESET_PASSWORD);
    }

    public boolean isPasswordPolicyCompliant(Context context) {
        return getDevicePolicyManager(context).isActivePasswordSufficient();
    }

    public int resetPassword(Context context, String str) {
        int i = STATUS_PASSWORD_RESET_UNKNOWN;
        try {
            ComponentName componentName = DeviceAdminMonitor.getComponentName(context);
            DevicePolicyManager devicePolicyManager = getDevicePolicyManager(context);
            int passwordQuality = devicePolicyManager.getPasswordQuality(componentName);
            int passwordMinimumLength = devicePolicyManager.getPasswordMinimumLength(componentName);
            int maximumFailedPasswordsForWipe = devicePolicyManager.getMaximumFailedPasswordsForWipe(componentName);
            devicePolicyManager.setPasswordQuality(componentName, 0);
            devicePolicyManager.setPasswordMinimumLength(componentName, 0);
            i = AgentUtil.getInstance().isVersionCompatible(context, 26).booleanValue() ? MDMDeviceManager.getInstance(context).getAgentUtil().isProfileOwnerOrDeviceOwner(context) ? resetPasswordOreo(context, str) : STATUS_PASSWORD_RESET_INVALID_ADMIN : resetPasswordBelowOreo(context, str);
            devicePolicyManager.setPasswordQuality(componentName, passwordQuality);
            devicePolicyManager.setPasswordMinimumLength(componentName, passwordMinimumLength);
            devicePolicyManager.setMaximumFailedPasswordsForWipe(componentName, maximumFailedPasswordsForWipe);
        } catch (Exception e) {
            MDMLogger.error("Exception while resetting the password", e);
        }
        return i;
    }

    public void resetPasswordIfPending(Context context) {
        if (getPendingResetPassword(context) != null) {
            resetWithPendingPassword(context);
        }
    }

    public int resetWithPendingPassword(Context context) {
        return resetPassword(context, getPendingResetPassword(context));
    }
}
