package com.manageengine.mdm.framework.profile.scep;

import android.app.admin.DevicePolicyManager;
import android.content.Context;
import android.util.Base64;
import com.manageengine.mdm.framework.R;
import com.manageengine.mdm.framework.certificate.CertificateInstaller;
import com.manageengine.mdm.framework.certificate.ScepClient;
import com.manageengine.mdm.framework.core.CommandConstants;
import com.manageengine.mdm.framework.core.MDMApplication;
import com.manageengine.mdm.framework.core.MDMContainer;
import com.manageengine.mdm.framework.core.MDMDeviceManager;
import com.manageengine.mdm.framework.core.OnWakeUpCompletedListener;
import com.manageengine.mdm.framework.core.Request;
import com.manageengine.mdm.framework.core.Response;
import com.manageengine.mdm.framework.db.SCEPPayloadTableHandler;
import com.manageengine.mdm.framework.deviceadmin.DeviceAdminMonitor;
import com.manageengine.mdm.framework.logging.MDMLogger;
import com.manageengine.mdm.framework.logging.MDMProfileLogger;
import com.manageengine.mdm.framework.policy.PolicyUtil;
import com.manageengine.mdm.framework.profile.PayloadConstants;
import com.manageengine.mdm.framework.profile.PayloadRequest;
import com.manageengine.mdm.framework.profile.PayloadRequestHandler;
import com.manageengine.mdm.framework.profile.PayloadResponse;
import com.manageengine.mdm.framework.utils.AgentUtil;
import com.samsung.android.knox.keystore.CertificateProvisioning;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.security.KeyStore;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: classes.dex */
public class ScepPayloadRequestHandler extends PayloadRequestHandler {
    private static final int CERTIFCATE_REQUEST_FAILED = 80802;
    protected static final int INSTALL_FAILED = 12153;
    protected static final int KEYSTORE_ERROR = 12147;
    protected static final int REMOVE_FAILED = 12152;
    private Context context;
    String encodedString;
    private Request request;
    private ScepClient scepClient;
    private SCEPPayloadTableHandler scepPayloadTableHandler;

    private byte[] certificateBytesArray(String str) throws IOException {
        byte[] bArr;
        Throwable th;
        FileInputStream fileInputStream;
        File file;
        int i;
        int read;
        FileInputStream fileInputStream2 = null;
        byte[] bArr2 = null;
        FileInputStream fileInputStream3 = null;
        try {
            try {
                file = new File(str);
                fileInputStream = new FileInputStream(file);
            } catch (Throwable th2) {
                FileInputStream fileInputStream4 = fileInputStream2;
                th = th2;
                fileInputStream = fileInputStream4;
            }
        } catch (FileNotFoundException unused) {
            bArr = null;
        }
        try {
            bArr2 = new byte[(int) file.length()];
            i = 0;
            while (i < bArr2.length && (read = fileInputStream.read(bArr2, i, bArr2.length - i)) >= 0) {
                i += read;
            }
        } catch (FileNotFoundException unused2) {
            byte[] bArr3 = bArr2;
            fileInputStream3 = fileInputStream;
            bArr = bArr3;
            MDMLogger.error("Unable to convert into byte array");
            fileInputStream3.close();
            fileInputStream2 = fileInputStream3;
            return bArr;
        } catch (Throwable th3) {
            th = th3;
            fileInputStream.close();
            throw th;
        }
        if (i < bArr2.length) {
            throw new IOException("The file was not completely read");
        }
        fileInputStream.close();
        bArr = bArr2;
        fileInputStream2 = bArr2;
        return bArr;
    }

    private byte[] getKeystore(String str, String str2) {
        byte[] bArr = null;
        try {
            File file = new File(str);
            KeyStore keyStore = KeyStore.getInstance(CertificateProvisioning.TYPE_PKCS12);
            keyStore.load(new FileInputStream(file), str2.toCharArray());
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            keyStore.store(byteArrayOutputStream, str2.toCharArray());
            bArr = byteArrayOutputStream.toByteArray();
            this.encodedString = Base64.encodeToString(bArr, 0);
            MDMProfileLogger.info("ScepPayloadRequestHandler: Keystore created from the location data");
            return bArr;
        } catch (Exception e) {
            MDMProfileLogger.error("ScepPayladRequestHandler: Error while retrieving keystore ", e);
            return bArr;
        }
    }

    private void removeScepLater(JSONObject jSONObject) {
        try {
            this.request.getContainer().registerWakeUpCompletedListener(new OnWakeUpCompletedListener() { // from class: com.manageengine.mdm.framework.profile.scep.ScepPayloadRequestHandler.1
                @Override // com.manageengine.mdm.framework.core.OnWakeUpCompletedListener
                public void onWakeUpCompleted(MDMContainer mDMContainer, Object obj) {
                    File file = new File(AgentUtil.getInstance().getInternalAgentDirectory(), ScepConfig.KEYSTORE_NAME);
                    try {
                        if (AgentUtil.getInstance().isVersionCompatible(ScepPayloadRequestHandler.this.context, 23).booleanValue()) {
                            if (file.delete()) {
                                MDMProfileLogger.info("ScepPayloadRequestHandler: File successfully deleted");
                            } else {
                                MDMProfileLogger.error("ScepPayloadRequestHandler: File deletion failed");
                            }
                        }
                    } catch (Exception e) {
                        MDMProfileLogger.error("ScepPayloadRequestHandler: Error while requesting storage permissions ", e);
                    }
                    ScepPayloadRequestHandler.this.scepPayloadTableHandler.clearSensitiveScepData(ScepConfig.alias);
                }
            }, jSONObject);
        } catch (Exception e) {
            MDMProfileLogger.error("ScepPayloadHandler: Error while registering to remove Scep onWakeUpComplete ", e);
        }
    }

    protected void handleResponse(int i, Response response, PayloadResponse payloadResponse) {
        Context context = MDMApplication.getContext();
        String string = context.getResources().getString(R.string.mdm_agent_payload_scep_certificate_keystoreError);
        if (i != 0) {
            int i2 = KEYSTORE_ERROR;
            try {
                if (i != 1 && i != 2 && i != 7) {
                    switch (i) {
                        case 9:
                            MDMProfileLogger.error("ScepPayloadRequestHandler: Device does not have a password. So unable to install the cert.");
                            if (PolicyUtil.getInstance().getComplianceSettingsConfigured(context, "Password") != 1 || MDMDeviceManager.getInstance(context).getRestrictionPolicyManager().isActivePasswordSufficient()) {
                                response.setRemarks(context.getResources().getString(R.string.mdm_agent_payload_wifi_certificate_passcodePolicyError));
                            } else {
                                response.setRemarks(context.getResources().getString(R.string.mdm_agent_payload_scep_certificate_passcodeUnderComp));
                            }
                            MDMProfileLogger.error("ScepPayloadRequestHandler: Sending Not now status for scep");
                            MDMProfileLogger.error("ScepPayloadRequestHandler: Response error code: " + i);
                            payloadResponse.status = CommandConstants.NOT_NOW_STATUS;
                            return;
                        case 10:
                            return;
                        case 11:
                            i2 = REMOVE_FAILED;
                            MDMProfileLogger.error("ScepPayloadRequestHandler: Failed to remove the certificate");
                            string = context.getResources().getString(R.string.mdm_agent_payload_scep_certificate_removeFailedError);
                            break;
                    }
                } else {
                    i2 = INSTALL_FAILED;
                    string = context.getResources().getString(R.string.mdm_agent_payload_scep_certificate_installFailedError);
                }
            } catch (Exception e) {
                MDMProfileLogger.error("ScepPayloadRequestHandler: Exception while handling certificate install/uninstall response", e);
            }
            payloadResponse.setErrorCode(i2);
            payloadResponse.setErrorMsg(string);
        }
    }

    @Override // com.manageengine.mdm.framework.profile.PayloadRequestHandler
    public void processInstallPayload(Request request, Response response, PayloadRequest payloadRequest, PayloadResponse payloadResponse) {
        String str;
        try {
            MDMProfileLogger.info(" \n**************************************************\n  Going to Install Profile " + ((JSONObject) request.requestData).optString(PayloadConstants.PAYLOAD_DISPLAY_NAME, "") + " - SCEP Payload\n**************************************************\n");
            this.request = request;
            this.context = request.getContainer().getApplicationContext();
            JSONObject payloadData = payloadRequest.getPayloadData();
            MDMProfileLogger.protectedInfo("payload data -> " + payloadData);
            ScepConfig scepConfig = new ScepConfig(payloadData);
            this.scepPayloadTableHandler = new SCEPPayloadTableHandler(request.getContainer().getApplicationContext());
            this.scepClient = new ScepClient(scepConfig, request);
            if (this.scepClient.requestCertificate() == -1) {
                MDMProfileLogger.info("Scep certificate request failed");
                payloadResponse.setErrorCode(CERTIFCATE_REQUEST_FAILED);
            } else {
                MDMProfileLogger.info("ScepPayloadRequestHandler: Scep certificate request success");
            }
            try {
                str = payloadData.getString(ScepConfig.ALIAS);
            } catch (JSONException e) {
                MDMProfileLogger.error("ScepPayloadRequestHandler: Error while getting alias from JSON ", (Exception) e);
                str = null;
            }
            MDMProfileLogger.info("ScepPayloadRequestHandler: Retrieving Keystore location and password from DB");
            JSONObject retrieveDatafromDB = this.scepPayloadTableHandler.retrieveDatafromDB(str);
            String optString = retrieveDatafromDB.optString("location", null);
            String optString2 = retrieveDatafromDB.optString("password", null);
            byte[] keystore = getKeystore(optString, optString2);
            CertificateInstaller certificateInstaller = MDMDeviceManager.getInstance(MDMApplication.getContext()).getCertificateInstaller();
            if (certificateInstaller != null) {
                MDMLogger.info("ScepPayloadRequestHandler: Installing the client certificate (begins)");
                int installCert = certificateInstaller.installCert(keystore, str, optString2);
                handleResponse(installCert, response, payloadResponse);
                if (installCert == 0) {
                    MDMProfileLogger.info("ScepPayloadRequestHandler :Certificate Successfully Installed");
                }
            }
            removeScepLater(payloadData);
        } catch (Exception e2) {
            MDMProfileLogger.error("ScepPayloadRequestHandler: Exception ", e2);
        }
    }

    @Override // com.manageengine.mdm.framework.profile.PayloadRequestHandler
    public void processModifyPayload(Request request, Response response, PayloadRequest payloadRequest, PayloadRequest payloadRequest2, PayloadResponse payloadResponse) {
        MDMProfileLogger.info(" \n**************************************************\n               Modify - SCEP Payload\n**************************************************\n");
        processInstallPayload(request, response, payloadRequest2, payloadResponse);
    }

    @Override // com.manageengine.mdm.framework.profile.PayloadRequestHandler
    public void processRemovePayload(Request request, Response response, PayloadRequest payloadRequest, PayloadResponse payloadResponse) {
        MDMProfileLogger.info(" \n**************************************************\n               Remove - SCEP Payload\n**************************************************\n");
        JSONObject payloadData = payloadRequest.getPayloadData();
        MDMProfileLogger.protectedInfo("payload data -> " + payloadData);
        this.context = request.getContainer().getApplicationContext();
        this.scepPayloadTableHandler = new SCEPPayloadTableHandler(this.context);
        try {
            String string = payloadData.getString(ScepConfig.ALIAS);
            DevicePolicyManager devicePolicyManager = (DevicePolicyManager) this.context.getSystemService("device_policy");
            if (AgentUtil.getInstance().isVersionCompatible(this.context, 24).booleanValue()) {
                MDMProfileLogger.error("ScepPayloadRequestHandler: Removing certificate for alias: " + string);
                MDMProfileLogger.error("ScepPayloadRequestHandler: Certificate removal status: " + devicePolicyManager.removeKeyPair(DeviceAdminMonitor.getComponentName(this.context), string));
            }
            this.scepPayloadTableHandler.removeScepPayload(string);
        } catch (JSONException e) {
            MDMProfileLogger.error("ScepPayloadRequestHandler: Exception occured while uninstalling certificate", (Exception) e);
        }
    }
}
