package com.manageengine.mdm.samsung.certificate;

import android.app.enterprise.CertificateInfo;
import android.app.enterprise.EnterpriseDeviceManager;
import android.app.enterprise.SecurityPolicy;
import android.content.Context;
import com.manageengine.mdm.framework.certificate.CertificateInstaller;
import com.manageengine.mdm.framework.core.MDMApplication;
import com.manageengine.mdm.framework.core.MDMDeviceManager;
import com.manageengine.mdm.framework.logging.MDMLogger;
import com.manageengine.mdm.samsung.utils.AgentUtil;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.util.Enumeration;
import java.util.List;

/* loaded from: classes.dex */
public class SamsungCertificateInstaller extends CertificateInstaller {
    public static final int KEYSTORE_LOCKED = 12148;
    public static final int KEYSTORE_NO_ERROR = 12151;
    public static final int KEYSTORE_UNINITIALIZED_TEMPORARY = 12149;
    private static final int PKCS12_PASSWORD_NO_ERROR = 12152;

    private SamsungCertificateInstaller() {
    }

    private Certificate getCertificate(Certificate certificate) {
        Context context = MDMApplication.getContext();
        Certificate certificate2 = null;
        SecurityPolicy securityPolicy = ((EnterpriseDeviceManager) context.getSystemService(EnterpriseDeviceManager.ENTERPRISE_POLICY_SERVICE)).getSecurityPolicy();
        List<CertificateInfo> certificatesFromKeystore = AgentUtil.getInstance().isMDM5_0AndAbove(context) ? securityPolicy.getCertificatesFromKeystore(7) : securityPolicy.getInstalledCertificates();
        if (certificatesFromKeystore != null) {
            for (CertificateInfo certificateInfo : certificatesFromKeystore) {
                if (certificateInfo.getCertificate().equals(certificate)) {
                    certificate2 = certificateInfo.getCertificate();
                }
            }
        }
        return certificate2;
    }

    private Certificate getCertificateFromByteArray(byte[] bArr) {
        try {
            return CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(bArr));
        } catch (Exception e) {
            MDMLogger.error("Exception occured while extracting the certificate", e);
            return null;
        }
    }

    private int getDeviceStatusForCertMgmt(Context context) {
        int credentialStorageStatus = ((EnterpriseDeviceManager) context.getSystemService(EnterpriseDeviceManager.ENTERPRISE_POLICY_SERVICE)).getSecurityPolicy().getCredentialStorageStatus();
        switch (credentialStorageStatus) {
            case 1:
                credentialStorageStatus = KEYSTORE_NO_ERROR;
                break;
            case 2:
                credentialStorageStatus = KEYSTORE_LOCKED;
                break;
            case 3:
                if (!MDMDeviceManager.getInstance(context).getComplianceHandler().isDevicePasswordProtected()) {
                    credentialStorageStatus = 9;
                    break;
                } else {
                    credentialStorageStatus = KEYSTORE_UNINITIALIZED_TEMPORARY;
                    break;
                }
        }
        MDMLogger.info("deviceStatus: " + credentialStorageStatus);
        return credentialStorageStatus;
    }

    private int installCert(String str, byte[] bArr, String str2, String str3) {
        int i;
        int verifyCertificatePassword;
        Context context = MDMApplication.getContext();
        EnterpriseDeviceManager enterpriseDeviceManager = (EnterpriseDeviceManager) context.getSystemService(EnterpriseDeviceManager.ENTERPRISE_POLICY_SERVICE);
        int deviceStatusForCertMgmt = getDeviceStatusForCertMgmt(context);
        if (deviceStatusForCertMgmt == 12151) {
            SecurityPolicy securityPolicy = enterpriseDeviceManager.getSecurityPolicy();
            if (str3 != null && (verifyCertificatePassword = verifyCertificatePassword(bArr, str3)) != PKCS12_PASSWORD_NO_ERROR) {
                return verifyCertificatePassword;
            }
            i = AgentUtil.getInstance().isMDM5_0AndAbove(context) ? (securityPolicy.installCertificateToKeystore(str, bArr, str2, str3, 1) | securityPolicy.installCertificateToKeystore(str, bArr, str2, str3, 2)) | securityPolicy.installCertificateToKeystore(str, bArr, str2, str3, 4) : securityPolicy.installCertificate(str, bArr, str2, str3) ? 0 : 1;
        } else {
            i = deviceStatusForCertMgmt;
        }
        MDMLogger.info("Installation Status of certificate " + str2 + " : " + i);
        return i;
    }

    public static CertificateInstaller newInstance() {
        return new SamsungCertificateInstaller();
    }

    private boolean uninstallCert(Certificate certificate, String str) {
        Context context = MDMApplication.getContext();
        SecurityPolicy securityPolicy = ((EnterpriseDeviceManager) context.getSystemService(EnterpriseDeviceManager.ENTERPRISE_POLICY_SERVICE)).getSecurityPolicy();
        boolean deleteCertificateFromKeystore = AgentUtil.getInstance().isMDM5_0AndAbove(context) ? securityPolicy.deleteCertificateFromKeystore(new CertificateInfo(certificate), 7) : securityPolicy.removeCertificate(str, SecurityPolicy.CA_CERTIFICATE) || securityPolicy.removeCertificate(str, SecurityPolicy.USER_CERTIFICATE);
        MDMLogger.info("Uninstallation of " + str + " : " + (deleteCertificateFromKeystore ? "success" : "failure"));
        return deleteCertificateFromKeystore;
    }

    private int verifyCertificatePassword(byte[] bArr, String str) {
        int i;
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        try {
            try {
                KeyStore.getInstance("pkcs12").load(byteArrayInputStream, str.toCharArray());
                i = PKCS12_PASSWORD_NO_ERROR;
                if (byteArrayInputStream != null) {
                    try {
                        byteArrayInputStream.close();
                    } catch (Exception e) {
                        MDMLogger.error("Exception while closing the Certificate Content ByteArrayInputStream", e);
                    }
                }
            } catch (IOException e2) {
                MDMLogger.error("Incorrect keystore password/ File is corrupted", (Exception) e2);
                i = 2;
                if (byteArrayInputStream != null) {
                    try {
                        byteArrayInputStream.close();
                    } catch (Exception e3) {
                        MDMLogger.error("Exception while closing the Certificate Content ByteArrayInputStream", e3);
                    }
                }
            } catch (KeyStoreException e4) {
                MDMLogger.error("KeyStore is not initialised", (Exception) e4);
                i = 4;
                if (byteArrayInputStream != null) {
                    try {
                        byteArrayInputStream.close();
                    } catch (Exception e5) {
                        MDMLogger.error("Exception while closing the Certificate Content ByteArrayInputStream", e5);
                    }
                }
            } catch (Exception e6) {
                MDMLogger.error("Unknown error", e6);
                i = 3;
                if (byteArrayInputStream != null) {
                    try {
                        byteArrayInputStream.close();
                    } catch (Exception e7) {
                        MDMLogger.error("Exception while closing the Certificate Content ByteArrayInputStream", e7);
                    }
                }
            }
            return i;
        } catch (Throwable th) {
            if (byteArrayInputStream != null) {
                try {
                    byteArrayInputStream.close();
                } catch (Exception e8) {
                    MDMLogger.error("Exception while closing the Certificate Content ByteArrayInputStream", e8);
                }
            }
            throw th;
        }
    }

    @Override // com.manageengine.mdm.framework.certificate.CertificateInstaller
    public int installCert(byte[] bArr, String str) {
        return installCert(SecurityPolicy.TYPE_CERTIFICATE, bArr, str, null);
    }

    @Override // com.manageengine.mdm.framework.certificate.CertificateInstaller
    public int installCert(byte[] bArr, String str, String str2) {
        return installCert(SecurityPolicy.TYPE_PKCS12, bArr, str, str2);
    }

    @Override // com.manageengine.mdm.framework.certificate.CertificateInstaller
    public int uninstallCert(byte[] bArr, String str) {
        int i = 3;
        int deviceStatusForCertMgmt = getDeviceStatusForCertMgmt(MDMApplication.getContext());
        if (deviceStatusForCertMgmt == 12151) {
            Certificate certificateFromByteArray = getCertificateFromByteArray(bArr);
            if (certificateFromByteArray != null) {
                i = uninstallCert(certificateFromByteArray, str) ? 10 : 11;
            }
        } else {
            i = deviceStatusForCertMgmt;
        }
        MDMLogger.info("Uninstallation Status of certificate " + str + " : " + i);
        return i;
    }

    @Override // com.manageengine.mdm.framework.certificate.CertificateInstaller
    public int uninstallCert(byte[] bArr, String str, String str2) {
        int i;
        int deviceStatusForCertMgmt = getDeviceStatusForCertMgmt(MDMApplication.getContext());
        if (deviceStatusForCertMgmt == 12151) {
            ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
            try {
                try {
                    try {
                        try {
                            try {
                                KeyStore keyStore = KeyStore.getInstance("pkcs12");
                                keyStore.load(byteArrayInputStream, str2.toCharArray());
                                MDMLogger.info("Key Store size " + keyStore.size());
                                Enumeration<String> aliases = keyStore.aliases();
                                boolean z = false;
                                while (aliases.hasMoreElements()) {
                                    String nextElement = aliases.nextElement();
                                    if (keyStore.isKeyEntry(nextElement) || keyStore.isCertificateEntry(nextElement)) {
                                        Certificate certificate = getCertificate(keyStore.getCertificate(nextElement));
                                        if (certificate != null) {
                                            z = z || uninstallCert(certificate, str);
                                        } else {
                                            if (!z) {
                                            }
                                            z = true;
                                            MDMLogger.info("There is no certificate in the device keystore: " + nextElement);
                                        }
                                        MDMLogger.info("Uninstallation status : 3");
                                    }
                                }
                                i = z ? 10 : 11;
                                if (byteArrayInputStream != null) {
                                    try {
                                        byteArrayInputStream.close();
                                    } catch (Exception e) {
                                        MDMLogger.error("Exception while closing the Certificate Content ByteArrayInputStream", e);
                                    }
                                }
                            } catch (Throwable th) {
                                if (byteArrayInputStream != null) {
                                    try {
                                        byteArrayInputStream.close();
                                    } catch (Exception e2) {
                                        MDMLogger.error("Exception while closing the Certificate Content ByteArrayInputStream", e2);
                                    }
                                }
                                throw th;
                            }
                        } catch (Exception e3) {
                            MDMLogger.error("Unknown error", e3);
                            i = 3;
                            if (byteArrayInputStream != null) {
                                try {
                                    byteArrayInputStream.close();
                                } catch (Exception e4) {
                                    MDMLogger.error("Exception while closing the Certificate Content ByteArrayInputStream", e4);
                                }
                            }
                        }
                    } catch (CertificateEncodingException e5) {
                        MDMLogger.error("Error in encoding the certificate", (Exception) e5);
                        i = 7;
                        if (byteArrayInputStream != null) {
                            try {
                                byteArrayInputStream.close();
                            } catch (Exception e6) {
                                MDMLogger.error("Exception while closing the Certificate Content ByteArrayInputStream", e6);
                            }
                        }
                    }
                } catch (KeyStoreException e7) {
                    MDMLogger.error("KeyStore is not initialised", (Exception) e7);
                    i = 4;
                    if (byteArrayInputStream != null) {
                        try {
                            byteArrayInputStream.close();
                        } catch (Exception e8) {
                            MDMLogger.error("Exception while closing the Certificate Content ByteArrayInputStream", e8);
                        }
                    }
                } catch (NoSuchAlgorithmException e9) {
                    MDMLogger.error("Algorithm for checking the keystore integrity is not found", (Exception) e9);
                    i = 5;
                    if (byteArrayInputStream != null) {
                        try {
                            byteArrayInputStream.close();
                        } catch (Exception e10) {
                            MDMLogger.error("Exception while closing the Certificate Content ByteArrayInputStream", e10);
                        }
                    }
                }
            } catch (IOException e11) {
                MDMLogger.error("Incorrect keystore password/ File is corrupted", (Exception) e11);
                i = 2;
                if (byteArrayInputStream != null) {
                    try {
                        byteArrayInputStream.close();
                    } catch (Exception e12) {
                        MDMLogger.error("Exception while closing the Certificate Content ByteArrayInputStream", e12);
                    }
                }
            } catch (CertificateException e13) {
                MDMLogger.error("Certificates in the keystore could not be loaded", (Exception) e13);
                i = 8;
                if (byteArrayInputStream != null) {
                    try {
                        byteArrayInputStream.close();
                    } catch (Exception e14) {
                        MDMLogger.error("Exception while closing the Certificate Content ByteArrayInputStream", e14);
                    }
                }
            }
        } else {
            i = deviceStatusForCertMgmt;
        }
        MDMLogger.info("Uninstallation Status of certificate " + str + " : " + i);
        return i;
    }
}
