package com.baramundi.dpc.controller.jobStepExecutionController;

import android.app.admin.DevicePolicyManager;
import android.content.ComponentName;
import android.content.Context;
import android.util.Base64;
import com.baramundi.dpc.DeviceAdminReceiver;
import com.baramundi.dpc.R;
import com.baramundi.dpc.common.FileUtil;
import com.baramundi.dpc.common.model.results.ControllerExecutionResult;
import com.baramundi.dpc.persistence.databases.CertificateWithPWDatabase;
import com.baramundi.dpc.persistence.entities.CertificateWithPW;
import com.baramundi.dpc.rest.DataTransferObjects.Enums.ErrorCode;
import com.baramundi.dpc.rest.DataTransferObjects.ExecutionResult;
import com.baramundi.dpc.rest.DataTransferObjects.GenericCertificateSettings;
import com.baramundi.dpc.rest.DataTransferObjects.JobStepInstanceAndroid;
import com.baramundi.dpc.rest.DataTransferObjects.JobstepCertificateInstallation;
import com.baramundi.dpc.util.X509Utils;
import com.google.common.io.ByteStreams;
import java.io.IOException;
import java.io.InputStream;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import org.tinylog.Logger;

/* loaded from: classes.dex */
public class ControllerCertificate extends AbstractProfileInstallController {
    static final Class SUPPORTED_JOBSTEP_CLASS_INSTALL = JobstepCertificateInstallation.class;

    public ControllerCertificate(Context context) {
        super(context);
    }

    private ControllerExecutionResult InstallRolloverCA(JobstepCertificateInstallation jobstepCertificateInstallation) {
        FileUtil fileUtil = new FileUtil(this.context);
        try {
            InputStream readStreamFromFile = fileUtil.readStreamFromFile("serverCert.cer");
            byte[] byteArray = ByteStreams.toByteArray(readStreamFromFile);
            readStreamFromFile.close();
            if (X509Utils.getCertificate(byteArray).getIssuerDN().getName().toLowerCase(Locale.ROOT).contains("bmd certificate authority")) {
                fileUtil.saveToFile("rolloverServerCert.cer", Base64.decode(jobstepCertificateInstallation.genericCertificateConfiguration.certificateSettings.certificateFile, 0));
                Logger.info("Wrote new CA to serverCert.cer");
            } else {
                Logger.info("Did not save the rollover CA, because it seems that you are using a ThirdParty CA");
            }
            return convertAndSaveResult((ExecutionResult) null, false);
        } catch (IOException e) {
            Logger.error(e, "Error while trying to install the rollover certificate");
            return convertAndSaveResult(ErrorCode.CACertInstallationError, "There was an error while trying to install the rollover certificate.");
        }
    }

    private ControllerExecutionResult SwitchToRolloverCA() {
        FileUtil fileUtil = new FileUtil(this.context);
        try {
            InputStream readStreamFromFile = fileUtil.readStreamFromFile("serverCert.cer");
            byte[] byteArray = ByteStreams.toByteArray(readStreamFromFile);
            readStreamFromFile.close();
            if (X509Utils.getCertificate(byteArray).getIssuerDN().getName().toLowerCase(Locale.ROOT).contains("bmd certificate authority")) {
                InputStream readStreamFromFile2 = fileUtil.readStreamFromFile("rolloverServerCert.cer");
                if (readStreamFromFile2 != null) {
                    byte[] byteArray2 = ByteStreams.toByteArray(readStreamFromFile2);
                    readStreamFromFile2.close();
                    fileUtil.saveToFile("serverCert.cer", byteArray2);
                    Logger.info("Wrote rollover CA to serverCert.cer");
                    fileUtil.deleteFile("rolloverServerCert.cer");
                    Logger.info("Deleted rolloverServerCert.cer - The rollover process is finished now.");
                } else {
                    Logger.info("Didn't switch to rollover certificate, because it didn't exist.");
                }
            } else {
                Logger.info("Did not save the rollover CA, because it seems that you are using a ThirdParty CA");
            }
            return convertAndSaveResult((ExecutionResult) null, false);
        } catch (IOException e) {
            Logger.error(e, "Error while trying to install the rollover certificate");
            return convertAndSaveResult(ErrorCode.CACertInstallationError, "There was an error while trying to install the rollover certificate.");
        }
    }

    @Override // com.baramundi.dpc.controller.jobStepExecutionController.AbstractController
    protected ControllerExecutionResult installJobStep(JobStepInstanceAndroid jobStepInstanceAndroid) {
        JobstepCertificateInstallation jobstepCertificateInstallation = (JobstepCertificateInstallation) jobStepInstanceAndroid;
        String upperCase = jobstepCertificateInstallation.profileEntryId.toUpperCase(Locale.US);
        CertificateWithPWDatabase certificateWithPWDatabase = CertificateWithPWDatabase.getInstance(this.context);
        certificateWithPWDatabase.certificateWithPWDao().deleteAllWith(jobstepCertificateInstallation.profileIdentifier, upperCase);
        Logger.debug("Number of certificates in database after clear all with profileEntryID '{}': {} (must be 0)", upperCase, Integer.valueOf(certificateWithPWDatabase.certificateWithPWDao().getCount(jobstepCertificateInstallation.profileIdentifier, upperCase).intValue()));
        GenericCertificateSettings genericCertificateSettings = jobstepCertificateInstallation.genericCertificateConfiguration.certificateSettings;
        String str = genericCertificateSettings.certificateFile;
        if (genericCertificateSettings.isCertificateRollover) {
            return InstallRolloverCA(jobstepCertificateInstallation);
        }
        CertificateWithPW certificateWithPW = new CertificateWithPW(jobstepCertificateInstallation.profileIdentifier, upperCase, Base64.decode(str, 0), "", false, CertificateWithPW.CERT_TYPE_CA);
        certificateWithPWDatabase.certificateWithPWDao().insert(certificateWithPW);
        Logger.info("Added certificate to database: {}", certificateWithPW);
        return convertAndSaveResult((ExecutionResult) null, false);
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.baramundi.dpc.controller.jobStepExecutionController.AbstractController
    public ControllerExecutionResult uninstallJobStep(JobStepInstanceAndroid jobStepInstanceAndroid) {
        DevicePolicyManager devicePolicyManager = (DevicePolicyManager) this.context.getSystemService("device_policy");
        ComponentName componentName = DeviceAdminReceiver.getComponentName(this.context);
        JobstepCertificateInstallation jobstepCertificateInstallation = (JobstepCertificateInstallation) jobStepInstanceAndroid;
        if (jobstepCertificateInstallation.genericCertificateConfiguration.certificateSettings.isCertificateRollover) {
            return SwitchToRolloverCA();
        }
        CertificateWithPWDatabase certificateWithPWDatabase = CertificateWithPWDatabase.getInstance(this.context);
        String upperCase = jobstepCertificateInstallation.profileEntryId.toUpperCase(Locale.US);
        String str = jobstepCertificateInstallation.profileIdentifier;
        List<CertificateWithPW> byProfileIdentifierAndEntryIDAndUsage = certificateWithPWDatabase.certificateWithPWDao().getByProfileIdentifierAndEntryIDAndUsage(str, upperCase, CertificateWithPW.CERT_USE_STANDALONE);
        Logger.info("{} CA certificate(s) will be removed from the system", Integer.valueOf(byProfileIdentifierAndEntryIDAndUsage.size()));
        Iterator<CertificateWithPW> it = byProfileIdentifierAndEntryIDAndUsage.iterator();
        while (it.hasNext()) {
            try {
                devicePolicyManager.uninstallCaCert(componentName, it.next().getCertificate());
            } catch (SecurityException unused) {
                return ControllerExecutionResult.failed(this.context.getString(R.string.error_no_permission_CA_uninstall), false);
            }
        }
        Logger.debug("{} CA certificate(s) will be removed from the DB", Integer.valueOf(certificateWithPWDatabase.certificateWithPWDao().getCount(str, upperCase).intValue()));
        certificateWithPWDatabase.certificateWithPWDao().deleteAllWith(str, upperCase);
        return convertAndSaveResult((ExecutionResult) null, false);
    }
}
