package com.manageengine.mdm.android.certificate;

import android.app.admin.DevicePolicyManager;
import android.content.Context;
import android.os.Build;
import com.manageengine.mdm.framework.certificate.CertificateInstaller;
import com.manageengine.mdm.framework.core.MDMApplication;
import com.manageengine.mdm.framework.core.MDMDeviceManager;
import com.manageengine.mdm.framework.deviceadmin.DeviceAdminMonitor;
import com.manageengine.mdm.framework.logging.MDMLogger;
import com.manageengine.mdm.framework.utils.AgentUtil;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.util.Enumeration;

/* loaded from: classes.dex */
public class AndroidCertificateInstaller extends CertificateInstaller {
    private AndroidCertificateInstaller() {
    }

    private boolean hasPrivateKeyEntry(KeyStore keyStore) {
        try {
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                if (keyStore.isKeyEntry(aliases.nextElement())) {
                    return true;
                }
            }
            return false;
        } catch (Exception e) {
            MDMLogger.error("Exception while checking the private key entry", e);
            return false;
        }
    }

    public static CertificateInstaller newInstance() {
        if (AgentUtil.getInstance().isProfileOwnerOrDeviceOwner(MDMApplication.getContext())) {
            return new AndroidCertificateInstaller();
        }
        return null;
    }

    @Override // com.manageengine.mdm.framework.certificate.CertificateInstaller
    public int installCert(byte[] bArr, String str) {
        int i = 3;
        Context context = MDMApplication.getContext();
        try {
            i = ((DevicePolicyManager) context.getSystemService("device_policy")).installCaCert(DeviceAdminMonitor.getComponentName(context), bArr) ? 0 : 1;
        } catch (Exception e) {
            MDMLogger.error("Exception while installing the certificate " + str, e);
        }
        MDMLogger.info("Installation Status for cert " + str + " : " + i);
        return i;
    }

    @Override // com.manageengine.mdm.framework.certificate.CertificateInstaller
    public int installCert(byte[] bArr, String str, String str2) {
        int i;
        KeyStore keyStore;
        Context context = MDMApplication.getContext();
        DevicePolicyManager devicePolicyManager = (DevicePolicyManager) context.getSystemService("device_policy");
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        boolean isDevicePasswordProtected = MDMDeviceManager.getInstance(context).getComplianceHandler().isDevicePasswordProtected();
        try {
            try {
                try {
                    try {
                        try {
                            keyStore = KeyStore.getInstance("pkcs12");
                            keyStore.load(byteArrayInputStream, str2.toCharArray());
                            MDMLogger.info("Key Store size " + keyStore.size());
                        } catch (Throwable th) {
                            if (byteArrayInputStream != null) {
                                try {
                                    byteArrayInputStream.close();
                                } catch (Exception e) {
                                    MDMLogger.error("Exception while closing the Certificate Content ByteArrayInputStream", e);
                                }
                            }
                            throw th;
                        }
                    } catch (Exception e2) {
                        MDMLogger.error("Unknown error", e2);
                        i = 3;
                        if (byteArrayInputStream != null) {
                            try {
                                byteArrayInputStream.close();
                            } catch (Exception e3) {
                                MDMLogger.error("Exception while closing the Certificate Content ByteArrayInputStream", e3);
                            }
                        }
                    }
                } catch (UnrecoverableKeyException e4) {
                    MDMLogger.error("Incorrect password used for getting the key", (Exception) e4);
                    i = 6;
                    if (byteArrayInputStream != null) {
                        try {
                            byteArrayInputStream.close();
                        } catch (Exception e5) {
                            MDMLogger.error("Exception while closing the Certificate Content ByteArrayInputStream", e5);
                        }
                    }
                } catch (CertificateException e6) {
                    MDMLogger.error("Certificates in the keystore could not be loaded", (Exception) e6);
                    i = 8;
                    if (byteArrayInputStream != null) {
                        try {
                            byteArrayInputStream.close();
                        } catch (Exception e7) {
                            MDMLogger.error("Exception while closing the Certificate Content ByteArrayInputStream", e7);
                        }
                    }
                }
            } catch (IOException e8) {
                MDMLogger.error("Incorrect keystore password/ File is corrupted", (Exception) e8);
                i = 2;
                if (byteArrayInputStream != null) {
                    try {
                        byteArrayInputStream.close();
                    } catch (Exception e9) {
                        MDMLogger.error("Exception while closing the Certificate Content ByteArrayInputStream", e9);
                    }
                }
            } catch (CertificateEncodingException e10) {
                MDMLogger.error("Error in encoding the certificate", (Exception) e10);
                i = 7;
                if (byteArrayInputStream != null) {
                    try {
                        byteArrayInputStream.close();
                    } catch (Exception e11) {
                        MDMLogger.error("Exception while closing the Certificate Content ByteArrayInputStream", e11);
                    }
                }
            }
        } catch (KeyStoreException e12) {
            MDMLogger.error("KeyStore is not initialised", (Exception) e12);
            i = 4;
            if (byteArrayInputStream != null) {
                try {
                    byteArrayInputStream.close();
                } catch (Exception e13) {
                    MDMLogger.error("Exception while closing the Certificate Content ByteArrayInputStream", e13);
                }
            }
        } catch (NoSuchAlgorithmException e14) {
            MDMLogger.error("Algorithm for checking the keystore integrity is not found", (Exception) e14);
            i = 5;
            if (byteArrayInputStream != null) {
                try {
                    byteArrayInputStream.close();
                } catch (Exception e15) {
                    MDMLogger.error("Exception while closing the Certificate Content ByteArrayInputStream", e15);
                }
            }
        }
        if (hasPrivateKeyEntry(keyStore) && !isDevicePasswordProtected) {
            if (byteArrayInputStream != null) {
                try {
                    byteArrayInputStream.close();
                } catch (Exception e16) {
                    MDMLogger.error("Exception while closing the Certificate Content ByteArrayInputStream", e16);
                }
            }
            return 9;
        }
        Enumeration<String> aliases = keyStore.aliases();
        boolean z = true;
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            if (keyStore.isKeyEntry(nextElement)) {
                boolean installKeyPair = devicePolicyManager.installKeyPair(DeviceAdminMonitor.getComponentName(context), (PrivateKey) keyStore.getKey(nextElement, null), keyStore.getCertificate(nextElement), nextElement);
                z = z && installKeyPair;
                MDMLogger.info("Certificate-key pair " + nextElement + " installation status :" + (installKeyPair ? "success" : "failure"));
            } else if (keyStore.isCertificateEntry(nextElement)) {
                z = z && devicePolicyManager.installCaCert(DeviceAdminMonitor.getComponentName(context), keyStore.getCertificate(nextElement).getEncoded());
                MDMLogger.info("Certificate " + nextElement + " installation status :" + (z ? "success" : "failure"));
            }
        }
        i = z ? 0 : 1;
        if (byteArrayInputStream != null) {
            try {
                byteArrayInputStream.close();
            } catch (Exception e17) {
                MDMLogger.error("Exception while closing the Certificate Content ByteArrayInputStream", e17);
            }
        }
        MDMLogger.info("Installation Status for cert " + str + " : " + i);
        return i;
    }

    @Override // com.manageengine.mdm.framework.certificate.CertificateInstaller
    public int uninstallCert(byte[] bArr, String str) {
        Context context = MDMApplication.getContext();
        int i = 3;
        try {
            ((DevicePolicyManager) context.getSystemService("device_policy")).uninstallCaCert(DeviceAdminMonitor.getComponentName(context), bArr);
            i = 10;
        } catch (Exception e) {
            MDMLogger.error("Exception while uninstalling the cert " + str, e);
        }
        MDMLogger.info("Uninstallation Status for cert " + str + " : " + i);
        return i;
    }

    @Override // com.manageengine.mdm.framework.certificate.CertificateInstaller
    public int uninstallCert(byte[] bArr, String str, String str2) {
        int i;
        KeyStore keyStore;
        Enumeration<String> aliases;
        Context context = MDMApplication.getContext();
        DevicePolicyManager devicePolicyManager = (DevicePolicyManager) context.getSystemService("device_policy");
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        boolean isDevicePasswordProtected = MDMDeviceManager.getInstance(context).getComplianceHandler().isDevicePasswordProtected();
        try {
            try {
                try {
                    try {
                        try {
                            try {
                                keyStore = KeyStore.getInstance("pkcs12");
                                keyStore.load(byteArrayInputStream, str2.toCharArray());
                                MDMLogger.info("Key Store size " + keyStore.size());
                                aliases = keyStore.aliases();
                            } catch (Throwable th) {
                                if (byteArrayInputStream != null) {
                                    try {
                                        byteArrayInputStream.close();
                                    } catch (Exception e) {
                                        MDMLogger.error("Exception while closing the Certificate Content ByteArrayInputStream", e);
                                    }
                                }
                                throw th;
                            }
                        } catch (CertificateException e2) {
                            MDMLogger.error("Certificates in the keystore could not be loaded", (Exception) e2);
                            i = 8;
                            if (byteArrayInputStream != null) {
                                try {
                                    byteArrayInputStream.close();
                                } catch (Exception e3) {
                                    MDMLogger.error("Exception while closing the Certificate Content ByteArrayInputStream", e3);
                                }
                            }
                        }
                    } catch (IOException e4) {
                        MDMLogger.error("Incorrect keystore password/ File is corrupted", (Exception) e4);
                        i = 2;
                        if (byteArrayInputStream != null) {
                            try {
                                byteArrayInputStream.close();
                            } catch (Exception e5) {
                                MDMLogger.error("Exception while closing the Certificate Content ByteArrayInputStream", e5);
                            }
                        }
                    }
                } catch (KeyStoreException e6) {
                    MDMLogger.error("KeyStore is not initialised", (Exception) e6);
                    i = 4;
                    if (byteArrayInputStream != null) {
                        try {
                            byteArrayInputStream.close();
                        } catch (Exception e7) {
                            MDMLogger.error("Exception while closing the Certificate Content ByteArrayInputStream", e7);
                        }
                    }
                }
            } catch (NoSuchAlgorithmException e8) {
                MDMLogger.error("Algorithm for checking the keystore integrity is not found", (Exception) e8);
                i = 5;
                if (byteArrayInputStream != null) {
                    try {
                        byteArrayInputStream.close();
                    } catch (Exception e9) {
                        MDMLogger.error("Exception while closing the Certificate Content ByteArrayInputStream", e9);
                    }
                }
            }
        } catch (CertificateEncodingException e10) {
            MDMLogger.error("Error in encoding the certificate", (Exception) e10);
            i = 7;
            if (byteArrayInputStream != null) {
                try {
                    byteArrayInputStream.close();
                } catch (Exception e11) {
                    MDMLogger.error("Exception while closing the Certificate Content ByteArrayInputStream", e11);
                }
            }
        } catch (Exception e12) {
            MDMLogger.error("Unknown error", e12);
            i = 3;
            if (byteArrayInputStream != null) {
                try {
                    byteArrayInputStream.close();
                } catch (Exception e13) {
                    MDMLogger.error("Exception while closing the Certificate Content ByteArrayInputStream", e13);
                }
            }
        }
        if (AgentUtil.getInstance().isVersionCompatible(context, 24).booleanValue() && hasPrivateKeyEntry(keyStore) && !isDevicePasswordProtected) {
            if (byteArrayInputStream != null) {
                try {
                    byteArrayInputStream.close();
                } catch (Exception e14) {
                    MDMLogger.error("Exception while closing the Certificate Content ByteArrayInputStream", e14);
                }
            }
            return 9;
        }
        boolean z = true;
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            if (keyStore.isKeyEntry(nextElement)) {
                if (AgentUtil.getInstance().isVersionCompatible(context, 24).booleanValue()) {
                    boolean removeKeyPair = devicePolicyManager.removeKeyPair(DeviceAdminMonitor.getComponentName(context), nextElement);
                    z = z && removeKeyPair;
                    MDMLogger.info("Certificate-key pair " + nextElement + " uninstallation status :" + (removeKeyPair ? "success" : "failure"));
                } else {
                    MDMLogger.info("OS Version " + Build.VERSION.SDK_INT + " is not supported for private key removal");
                }
            } else if (keyStore.isCertificateEntry(nextElement)) {
                devicePolicyManager.uninstallCaCert(DeviceAdminMonitor.getComponentName(context), keyStore.getCertificate(nextElement).getEncoded());
                z = z;
            }
        }
        i = z ? 10 : 11;
        if (byteArrayInputStream != null) {
            try {
                byteArrayInputStream.close();
            } catch (Exception e15) {
                MDMLogger.error("Exception while closing the Certificate Content ByteArrayInputStream", e15);
            }
        }
        MDMLogger.info("Uninstallation Status for cert " + str + " : " + i);
        return i;
    }
}
