package com.baramundi.android.mdm.controller;

import android.annotation.SuppressLint;
import android.app.enterprise.CertificateInfo;
import android.app.enterprise.EnterpriseDeviceManager;
import android.app.enterprise.SecurityPolicy;
import android.content.Context;
import android.util.Base64;
import com.baramundi.android.mdm.rest.parsedobjs.ErrorCode;
import com.baramundi.android.mdm.results.AndroidJobstepResult;
import com.baramundi.android.sharedlib.DataTransferObjects.certificate.CertificateWithPW;
import com.baramundi.android.sharedlib.SharedCertificateHelper;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import java.util.Map;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

@SuppressLint({"WrongConstant"})
/* loaded from: classes.dex */
public class SamsungCertificateController {
    private static final String TAG = "com.baramundi.android.mdm.controller.SamsungCertificateController";
    private boolean atLeastOneFailed = false;
    private Logger logger = LoggerFactory.getLogger(SamsungCertificateController.class);

    public static ArrayList<String> getInstalledCertificates(Context context) {
        SecurityPolicy securityPolicy = ((EnterpriseDeviceManager) context.getSystemService(EnterpriseDeviceManager.ENTERPRISE_POLICY_SERVICE)).getSecurityPolicy();
        ArrayList<String> arrayList = new ArrayList<>();
        Iterator<CertificateInfo> it = (ELMLicenseHelper.enterpriseSDKAtLeastV5_3(context) ? securityPolicy.getCertificatesFromKeystore(6) : securityPolicy.getInstalledCertificates()).iterator();
        while (it.hasNext()) {
            try {
                String encodeToString = Base64.encodeToString(it.next().getCertificate().getEncoded(), 0);
                if (!arrayList.contains(encodeToString)) {
                    arrayList.add(encodeToString);
                }
            } catch (CertificateEncodingException e) {
                e.printStackTrace();
            }
        }
        return arrayList;
    }

    public boolean deleteCertificates(Context context, String str) {
        HashMap<String, String> thumbprintsOfCertificate = PreferenceEdit.getInstance(context).getThumbprintsOfCertificate(str);
        if (thumbprintsOfCertificate == null || thumbprintsOfCertificate.isEmpty()) {
            this.logger.info(TAG, String.format("No certificates are installed with profile identifier: %s", str));
            return true;
        }
        SecurityPolicy securityPolicy = ((EnterpriseDeviceManager) context.getSystemService(EnterpriseDeviceManager.ENTERPRISE_POLICY_SERVICE)).getSecurityPolicy();
        int credentialStorageStatus = securityPolicy.getCredentialStorageStatus();
        this.logger.info(TAG, String.format(Locale.US, "Keystore status: %d", Integer.valueOf(credentialStorageStatus)));
        if (1 != credentialStorageStatus) {
            this.logger.error("Keystore is locked.");
            return false;
        }
        if (ELMLicenseHelper.enterpriseSDKAtLeastV5_3(context)) {
            this.logger.info(TAG, "Deinstall certificate with sdk 5.3 and upper method");
            List<CertificateInfo> certificatesFromKeystore = securityPolicy.getCertificatesFromKeystore(7);
            if (certificatesFromKeystore == null || certificatesFromKeystore.isEmpty()) {
                this.logger.info(TAG, "There are no installed certificates on this device");
                return true;
            }
            for (String str2 : thumbprintsOfCertificate.keySet()) {
                this.logger.info(TAG, String.format("Thumbprint to deinstall: %s", str2));
                for (CertificateInfo certificateInfo : certificatesFromKeystore) {
                    if (thumbprintsOfCertificate.get(str2).equals(CertificateWithPW.CertificateType.CA_CERT.toString())) {
                        if (str2.equals(SharedCertificateHelper.getThumbPrint((X509Certificate) certificateInfo.getCertificate())) && !securityPolicy.deleteCertificateFromKeystore(certificateInfo, 7)) {
                            this.atLeastOneFailed = true;
                        }
                    } else if (str2.equals(certificateInfo.getAlias()) && !securityPolicy.deleteCertificateFromKeystore(certificateInfo, 6)) {
                        this.atLeastOneFailed = true;
                    }
                }
            }
        } else {
            for (Map.Entry<String, String> entry : thumbprintsOfCertificate.entrySet()) {
                if (securityPolicy.getInstalledCertificate(entry.getKey()) == null) {
                    this.logger.info(TAG, String.format("No certificate found for thumbprint %s.", entry.getKey()));
                } else if (entry.getValue().equals(CertificateWithPW.CertificateType.CA_CERT.toString())) {
                    if (!securityPolicy.removeCertificate(entry.getKey(), SecurityPolicy.CA_CERTIFICATE)) {
                        this.atLeastOneFailed = true;
                    }
                } else if (!securityPolicy.removeCertificate(entry.getKey(), SecurityPolicy.USER_CERTIFICATE)) {
                    this.atLeastOneFailed = true;
                }
            }
        }
        if (!this.atLeastOneFailed) {
            this.logger.info(TAG, "All certificates were uninstalled successfully.");
            return true;
        }
        this.logger.info(TAG, "Uninstall of at least one certificate failed." + String.format("Removing certificate with profile identifier %s failed.", str));
        return false;
    }

    public AndroidJobstepResult installCertificates(Context context, ArrayList<CertificateWithPW> arrayList) {
        boolean installCertificate;
        SecurityPolicy securityPolicy = ((EnterpriseDeviceManager) context.getSystemService(EnterpriseDeviceManager.ENTERPRISE_POLICY_SERVICE)).getSecurityPolicy();
        int credentialStorageStatus = securityPolicy.getCredentialStorageStatus();
        this.logger.info(String.format(Locale.US, "Keystore status: %d", Integer.valueOf(credentialStorageStatus)));
        if (1 != credentialStorageStatus) {
            this.logger.error("The installation of the certificate failed: Keystore is locked.");
            return new AndroidJobstepResult(ErrorCode.SCEPCertificateInstallationError, "The installation of the certificate failed: Keystore is locked.");
        }
        boolean enterpriseSDKAtLeastV5_3 = ELMLicenseHelper.enterpriseSDKAtLeastV5_3(context);
        Iterator<CertificateWithPW> it = arrayList.iterator();
        while (it.hasNext()) {
            CertificateWithPW next = it.next();
            boolean equals = next.getCertificateType().equals(CertificateWithPW.CertificateType.SCEP_CERT);
            Logger logger = this.logger;
            Object[] objArr = new Object[2];
            objArr[0] = next.getThumbprint();
            objArr[1] = equals ? "SCEP-Certificate" : "RootCA";
            logger.info(String.format("Trying to install certificate with thumbprint '%s' and type '%s'", objArr));
            String str = equals ? SecurityPolicy.TYPE_PKCS12 : SecurityPolicy.TYPE_CERTIFICATE;
            if (enterpriseSDKAtLeastV5_3) {
                installCertificate = securityPolicy.installCertificateToKeystore(str, next.getCertificate(), next.getThumbprint(), next.getCertPassword(), !equals ? 7 : 6);
                PreferenceEdit.getInstance(context).addCertificate(next);
            } else {
                installCertificate = securityPolicy.installCertificate(str, next.getCertificate(), next.getThumbprint(), next.getCertPassword());
                PreferenceEdit.getInstance(context).addCertificate(next);
            }
            if (!installCertificate) {
                String format = String.format(Locale.US, "The Installation of the certificate with subject name [%s] and profile identifier [%s] failed.", next.getCertificateSubectName(), next.getProfileIdentifier());
                this.logger.error(format);
                return new AndroidJobstepResult(ErrorCode.SCEPCertificateInstallationError, format);
            }
        }
        return null;
    }

    public void removeAllCertificates(Context context) {
        HashMap<String, String> certificates = PreferenceEdit.getInstance(context).getCertificates();
        if (certificates == null || certificates.isEmpty()) {
            return;
        }
        SecurityPolicy securityPolicy = ((EnterpriseDeviceManager) context.getSystemService(EnterpriseDeviceManager.ENTERPRISE_POLICY_SERVICE)).getSecurityPolicy();
        if (!ELMLicenseHelper.enterpriseSDKAtLeastV5_3(context)) {
            for (String str : certificates.keySet()) {
                try {
                    if (securityPolicy.getInstalledCertificate(str) != null) {
                        if (certificates.get(str).equals(CertificateWithPW.CertificateType.SCEP_CERT.toString())) {
                            securityPolicy.removeCertificate(str, SecurityPolicy.USER_CERTIFICATE);
                        } else {
                            securityPolicy.removeCertificate(str, SecurityPolicy.CA_CERTIFICATE);
                        }
                    }
                } catch (Exception unused) {
                }
            }
            return;
        }
        List<CertificateInfo> certificatesFromKeystore = securityPolicy.getCertificatesFromKeystore(7);
        if (certificatesFromKeystore == null || certificatesFromKeystore.isEmpty()) {
            return;
        }
        for (CertificateInfo certificateInfo : certificatesFromKeystore) {
            try {
                String thumbPrint = SharedCertificateHelper.getThumbPrint((X509Certificate) certificateInfo.getCertificate());
                if (certificates.keySet().contains(thumbPrint)) {
                    if (certificates.get(thumbPrint).equals(CertificateWithPW.CertificateType.SCEP_CERT.toString())) {
                        securityPolicy.deleteCertificateFromKeystore(certificateInfo, 6);
                    } else {
                        securityPolicy.deleteCertificateFromKeystore(certificateInfo, 7);
                    }
                }
            } catch (Exception unused2) {
            }
        }
    }
}
