package com.manageengine.mdm.android.certificate;

import android.app.admin.DevicePolicyManager;
import android.content.Context;
import android.os.Build;
import com.manageengine.mdm.framework.certificate.CertificateInstaller;
import com.manageengine.mdm.framework.core.MDMApplication;
import com.manageengine.mdm.framework.core.MDMDeviceManager;
import com.manageengine.mdm.framework.deviceadmin.DeviceAdminMonitor;
import com.manageengine.mdm.framework.logging.MDMLogger;
import com.manageengine.mdm.framework.logging.MDMProfileLogger;
import com.manageengine.mdm.framework.utils.AgentUtil;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.util.Enumeration;

/* loaded from: classes.dex */
public class AndroidCertificateInstaller extends CertificateInstaller {
    private AndroidCertificateInstaller() {
    }

    private boolean hasPrivateKeyEntry(KeyStore keyStore) {
        try {
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                if (keyStore.isKeyEntry(aliases.nextElement())) {
                    return true;
                }
            }
            return false;
        } catch (Exception e) {
            MDMProfileLogger.error("Exception while checking the private key entry", e);
            return false;
        }
    }

    public static CertificateInstaller newInstance() {
        if (AgentUtil.getInstance().isProfileOwnerOrDeviceOwner(MDMApplication.getContext())) {
            return new AndroidCertificateInstaller();
        }
        return null;
    }

    @Override // com.manageengine.mdm.framework.certificate.CertificateInstaller
    public int installCert(byte[] bArr, String str) {
        int i;
        Context context = MDMApplication.getContext();
        try {
            i = !((DevicePolicyManager) context.getSystemService("device_policy")).installCaCert(DeviceAdminMonitor.getComponentName(context), bArr) ? 1 : 0;
        } catch (Exception e) {
            MDMProfileLogger.error("Exception while installing the certificate " + str, e);
            i = 3;
        }
        MDMProfileLogger.protectedInfo("Installation Status for cert " + str + " : " + i);
        return i;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v20, types: [java.lang.StringBuilder] */
    /* JADX WARN: Type inference failed for: r16v0, types: [com.manageengine.mdm.android.certificate.AndroidCertificateInstaller] */
    /* JADX WARN: Type inference failed for: r2v10 */
    /* JADX WARN: Type inference failed for: r2v12 */
    /* JADX WARN: Type inference failed for: r2v14 */
    /* JADX WARN: Type inference failed for: r2v16 */
    /* JADX WARN: Type inference failed for: r2v18 */
    /* JADX WARN: Type inference failed for: r2v19, types: [int] */
    /* JADX WARN: Type inference failed for: r2v2, types: [android.app.admin.DevicePolicyManager] */
    /* JADX WARN: Type inference failed for: r2v20 */
    /* JADX WARN: Type inference failed for: r2v22 */
    /* JADX WARN: Type inference failed for: r2v4 */
    /* JADX WARN: Type inference failed for: r2v6 */
    /* JADX WARN: Type inference failed for: r2v8 */
    @Override // com.manageengine.mdm.framework.certificate.CertificateInstaller
    public int installCert(byte[] bArr, String str, String str2) {
        KeyStore keyStore;
        Context context = MDMApplication.getContext();
        ?? r2 = (DevicePolicyManager) context.getSystemService("device_policy");
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        boolean isDevicePasswordProtected = MDMDeviceManager.getInstance(context).getComplianceHandler().isDevicePasswordProtected();
        try {
        } catch (Throwable th) {
            th = th;
        }
        try {
            try {
                keyStore = KeyStore.getInstance("pkcs12");
                keyStore.load(byteArrayInputStream, str2.toCharArray());
                MDMProfileLogger.protectedInfo("Key Store size " + keyStore.size());
            } catch (Exception e) {
                MDMProfileLogger.error("Exception while closing the Certificate Content ByteArrayInputStream", e);
            }
            try {
            } catch (IOException e2) {
                e = e2;
                MDMProfileLogger.error("Incorrect keystore password/ File is corrupted", (Exception) e);
                r2 = 2;
                byteArrayInputStream.close();
                MDMProfileLogger.protectedInfo("Installation Status for cert " + str + " : " + r2);
                return r2;
            } catch (KeyStoreException e3) {
                e = e3;
                MDMProfileLogger.error("KeyStore is not initialised", (Exception) e);
                r2 = 4;
                byteArrayInputStream.close();
                MDMProfileLogger.protectedInfo("Installation Status for cert " + str + " : " + r2);
                return r2;
            } catch (NoSuchAlgorithmException e4) {
                e = e4;
                MDMProfileLogger.error("Algorithm for checking the keystore integrity is not found", (Exception) e);
                r2 = 5;
                byteArrayInputStream.close();
                MDMProfileLogger.protectedInfo("Installation Status for cert " + str + " : " + r2);
                return r2;
            } catch (UnrecoverableKeyException e5) {
                e = e5;
                MDMProfileLogger.error("Incorrect password used for getting the key", (Exception) e);
                r2 = 6;
                byteArrayInputStream.close();
                MDMProfileLogger.protectedInfo("Installation Status for cert " + str + " : " + r2);
                return r2;
            } catch (CertificateEncodingException e6) {
                e = e6;
                MDMProfileLogger.error("Error in encoding the certificate", (Exception) e);
                r2 = 7;
                byteArrayInputStream.close();
                MDMProfileLogger.protectedInfo("Installation Status for cert " + str + " : " + r2);
                return r2;
            } catch (CertificateException e7) {
                e = e7;
                MDMProfileLogger.error("Certificates in the keystore could not be loaded", (Exception) e);
                r2 = 8;
                byteArrayInputStream.close();
                MDMProfileLogger.protectedInfo("Installation Status for cert " + str + " : " + r2);
                return r2;
            } catch (Exception e8) {
                e = e8;
                MDMProfileLogger.error("Unknown error", e);
                r2 = 3;
                byteArrayInputStream.close();
                MDMProfileLogger.protectedInfo("Installation Status for cert " + str + " : " + r2);
                return r2;
            }
        } catch (IOException e9) {
            e = e9;
        } catch (KeyStoreException e10) {
            e = e10;
        } catch (NoSuchAlgorithmException e11) {
            e = e11;
        } catch (UnrecoverableKeyException e12) {
            e = e12;
        } catch (CertificateEncodingException e13) {
            e = e13;
        } catch (CertificateException e14) {
            e = e14;
        } catch (Exception e15) {
            e = e15;
        } catch (Throwable th2) {
            th = th2;
            Throwable th3 = th;
            try {
                byteArrayInputStream.close();
                throw th3;
            } catch (Exception e16) {
                MDMProfileLogger.error("Exception while closing the Certificate Content ByteArrayInputStream", e16);
                throw th3;
            }
        }
        if (hasPrivateKeyEntry(keyStore) && !isDevicePasswordProtected) {
            try {
                byteArrayInputStream.close();
            } catch (Exception e17) {
                MDMProfileLogger.error("Exception while closing the Certificate Content ByteArrayInputStream", e17);
            }
            return 9;
        }
        Enumeration<String> aliases = keyStore.aliases();
        char c = 1;
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            if (keyStore.isKeyEntry(nextElement)) {
                boolean installKeyPair = r2.installKeyPair(DeviceAdminMonitor.getComponentName(context), (PrivateKey) keyStore.getKey(nextElement, null), keyStore.getCertificate(nextElement), nextElement);
                c = (c == 0 || !installKeyPair) ? (char) 0 : (char) 1;
                StringBuilder sb = new StringBuilder();
                sb.append("Certificate-key pair ");
                sb.append(nextElement);
                sb.append(" installation status :");
                sb.append(installKeyPair ? "success" : "failure");
                MDMProfileLogger.protectedInfo(sb.toString());
            } else if (keyStore.isCertificateEntry(nextElement)) {
                c = (c == 0 || !r2.installCaCert(DeviceAdminMonitor.getComponentName(context), keyStore.getCertificate(nextElement).getEncoded())) ? (char) 0 : (char) 1;
                StringBuilder sb2 = new StringBuilder();
                sb2.append("Certificate ");
                sb2.append(nextElement);
                sb2.append(" installation status :");
                sb2.append(c != 0 ? "success" : "failure");
                MDMProfileLogger.protectedInfo(sb2.toString());
            }
        }
        int i = c ^ 1;
        byteArrayInputStream.close();
        r2 = i;
        MDMProfileLogger.protectedInfo("Installation Status for cert " + str + " : " + r2);
        return r2;
    }

    @Override // com.manageengine.mdm.framework.certificate.CertificateInstaller
    public int uninstallCert(byte[] bArr, String str) {
        int i;
        Context context = MDMApplication.getContext();
        try {
            ((DevicePolicyManager) context.getSystemService("device_policy")).uninstallCaCert(DeviceAdminMonitor.getComponentName(context), bArr);
            i = 10;
        } catch (Exception e) {
            MDMProfileLogger.error("Exception while uninstalling the cert " + str, e);
            i = 3;
        }
        MDMProfileLogger.protectedInfo("Uninstallation Status for cert " + str + " : " + i);
        return i;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r11v0, types: [com.manageengine.mdm.android.certificate.AndroidCertificateInstaller] */
    /* JADX WARN: Type inference failed for: r12v10 */
    /* JADX WARN: Type inference failed for: r12v12 */
    /* JADX WARN: Type inference failed for: r12v14 */
    /* JADX WARN: Type inference failed for: r12v16 */
    /* JADX WARN: Type inference failed for: r12v18, types: [int] */
    /* JADX WARN: Type inference failed for: r12v23 */
    /* JADX WARN: Type inference failed for: r12v24 */
    /* JADX WARN: Type inference failed for: r12v6 */
    /* JADX WARN: Type inference failed for: r12v8 */
    /* JADX WARN: Type inference failed for: r14v8, types: [java.lang.StringBuilder] */
    @Override // com.manageengine.mdm.framework.certificate.CertificateInstaller
    public int uninstallCert(byte[] bArr, String str, String str2) {
        ?? r12;
        KeyStore keyStore;
        Enumeration<String> aliases;
        Context context = MDMApplication.getContext();
        DevicePolicyManager devicePolicyManager = (DevicePolicyManager) context.getSystemService("device_policy");
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        boolean isDevicePasswordProtected = MDMDeviceManager.getInstance(context).getComplianceHandler().isDevicePasswordProtected();
        try {
            try {
                try {
                    try {
                        try {
                            try {
                                try {
                                    try {
                                        keyStore = KeyStore.getInstance("pkcs12");
                                        keyStore.load(byteArrayInputStream, str2.toCharArray());
                                        MDMProfileLogger.protectedInfo("Key Store size " + keyStore.size());
                                        aliases = keyStore.aliases();
                                    } catch (Exception e) {
                                        MDMProfileLogger.error("Exception while closing the Certificate Content ByteArrayInputStream", e);
                                        r12 = isDevicePasswordProtected;
                                    }
                                } catch (IOException e2) {
                                    MDMProfileLogger.error("Incorrect keystore password/ File is corrupted", (Exception) e2);
                                    r12 = 2;
                                    byteArrayInputStream.close();
                                }
                            } catch (NoSuchAlgorithmException e3) {
                                MDMProfileLogger.error("Algorithm for checking the keystore integrity is not found", (Exception) e3);
                                r12 = 5;
                                byteArrayInputStream.close();
                            }
                        } catch (CertificateEncodingException e4) {
                            MDMProfileLogger.error("Error in encoding the certificate", (Exception) e4);
                            r12 = 7;
                            byteArrayInputStream.close();
                        }
                    } catch (CertificateException e5) {
                        MDMProfileLogger.error("Certificates in the keystore could not be loaded", (Exception) e5);
                        r12 = 8;
                        byteArrayInputStream.close();
                    }
                } catch (Exception e6) {
                    MDMProfileLogger.error("Unknown error", e6);
                    r12 = 3;
                    byteArrayInputStream.close();
                }
            } catch (KeyStoreException e7) {
                MDMProfileLogger.error("KeyStore is not initialised", (Exception) e7);
                r12 = 4;
                byteArrayInputStream.close();
            }
            if (AgentUtil.getInstance().isVersionCompatible(context, 24).booleanValue() && hasPrivateKeyEntry(keyStore) && !isDevicePasswordProtected) {
                try {
                    byteArrayInputStream.close();
                } catch (Exception e8) {
                    MDMProfileLogger.error("Exception while closing the Certificate Content ByteArrayInputStream", e8);
                }
                return 9;
            }
            isDevicePasswordProtected = true;
            boolean z = true;
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                if (keyStore.isKeyEntry(nextElement)) {
                    if (AgentUtil.getInstance().isVersionCompatible(context, 24).booleanValue()) {
                        boolean removeKeyPair = devicePolicyManager.removeKeyPair(DeviceAdminMonitor.getComponentName(context), nextElement);
                        z = z && removeKeyPair;
                        StringBuilder sb = new StringBuilder();
                        sb.append("Certificate-key pair ");
                        sb.append(nextElement);
                        sb.append(" uninstallation status :");
                        sb.append(removeKeyPair ? "success" : "failure");
                        MDMProfileLogger.protectedInfo(sb.toString());
                    } else {
                        MDMLogger.protectedInfo("OS Version " + Build.VERSION.SDK_INT + " is not supported for private key removal");
                    }
                } else if (keyStore.isCertificateEntry(nextElement)) {
                    devicePolicyManager.uninstallCaCert(DeviceAdminMonitor.getComponentName(context), keyStore.getCertificate(nextElement).getEncoded());
                }
            }
            char c = z ? '\n' : (char) 11;
            byteArrayInputStream.close();
            r12 = c;
            MDMProfileLogger.protectedInfo("Uninstallation Status for cert " + str + " : " + r12);
            return r12;
        } catch (Throwable th) {
            try {
                byteArrayInputStream.close();
            } catch (Exception e9) {
                MDMProfileLogger.error("Exception while closing the Certificate Content ByteArrayInputStream", e9);
            }
            throw th;
        }
    }
}
