package br.com.mobiltec.c4m.android.library.mdm.operations.models.certificates;

import android.app.KeyguardManager;
import android.app.admin.DevicePolicyManager;
import android.content.ComponentName;
import android.content.Context;
import android.os.Build;
import android.util.Base64;
import br.com.mobiltec.c4m.android.library.mdm.operations.models.Operation;
import br.com.mobiltec.c4m.android.library.mdm.operations.models.OperationResult;
import com.psmorandi.android.notifications.Notification;
import com.psmorandi.android.notifications.results.ExecutionResult;
import java.io.ByteArrayInputStream;
import java.security.Key;
import java.security.KeyStore;
import java.security.PrivateKey;
import java.security.cert.Certificate;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.Iterator;
import java.util.List;
import kotlin.Metadata;
import kotlin.collections.CollectionsKt;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.jvm.internal.Intrinsics;

/* compiled from: CertificateConfigurationOperation.kt */
@Metadata(d1 = {"\u0000L\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0010 \n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0003\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u000b\n\u0000\n\u0002\u0010\u0002\n\u0000\u0018\u00002\u00020\u0001B%\u0012\u000e\b\u0002\u0010\u0002\u001a\b\u0012\u0004\u0012\u00020\u00040\u0003\u0012\u000e\b\u0002\u0010\u0005\u001a\b\u0012\u0004\u0012\u00020\u00060\u0003¢\u0006\u0002\u0010\u0007J\u001a\u0010\b\u001a\u0004\u0018\u00010\t2\u0006\u0010\n\u001a\u00020\u00042\u0006\u0010\u000b\u001a\u00020\fH\u0003J\"\u0010\r\u001a\u0004\u0018\u00010\t2\u0006\u0010\u000e\u001a\u00020\u00062\u0006\u0010\u000f\u001a\u00020\u00102\u0006\u0010\u000b\u001a\u00020\fH\u0003J\u0015\u0010\u0011\u001a\u00020\u00122\u0006\u0010\u0013\u001a\u00020\u0014H\u0010¢\u0006\u0002\b\u0015J\u0010\u0010\u0016\u001a\u00020\u00172\u0006\u0010\u0013\u001a\u00020\u0014H\u0003J\u0010\u0010\u0018\u001a\u00020\u00192\u0006\u0010\u000b\u001a\u00020\fH\u0003R\u0014\u0010\u0002\u001a\b\u0012\u0004\u0012\u00020\u00040\u0003X\u0082\u000e¢\u0006\u0002\n\u0000R\u0014\u0010\u0005\u001a\b\u0012\u0004\u0012\u00020\u00060\u0003X\u0082\u000e¢\u0006\u0002\n\u0000¨\u0006\u001a"}, d2 = {"Lbr/com/mobiltec/c4m/android/library/mdm/operations/models/certificates/CertificateConfigurationOperation;", "Lbr/com/mobiltec/c4m/android/library/mdm/operations/models/Operation;", "certificateAuthorities", "", "Lbr/com/mobiltec/c4m/android/library/mdm/operations/models/certificates/CertificateAuthority;", "certificateIdentities", "Lbr/com/mobiltec/c4m/android/library/mdm/operations/models/certificates/CertificateIdentity;", "(Ljava/util/List;Ljava/util/List;)V", "installCaCert", "Lcom/psmorandi/android/notifications/Notification;", "it", "policyManager", "Landroid/app/admin/DevicePolicyManager;", "installKeyPair", "certIdentity", "keyStore", "Ljava/security/KeyStore;", "internalProcess", "Lbr/com/mobiltec/c4m/android/library/mdm/operations/models/OperationResult;", "context", "Landroid/content/Context;", "internalProcess$c4m_agent_11_14_1_fcmRelease", "isDeviceSecure", "", "silentRemoveAllCACerts", "", "c4m-agent-11.14.1_fcmRelease"}, k = 1, mv = {1, 9, 0}, xi = 48)
/* loaded from: classes.dex */
public final class CertificateConfigurationOperation extends Operation {
    private List<CertificateAuthority> certificateAuthorities;
    private List<CertificateIdentity> certificateIdentities;

    /* JADX WARN: Multi-variable type inference failed */
    public CertificateConfigurationOperation() {
        this(null, 0 == true ? 1 : 0, 3, 0 == true ? 1 : 0);
    }

    /* JADX WARN: 'super' call moved to the top of the method (can break code semantics) */
    public CertificateConfigurationOperation(List<CertificateAuthority> certificateAuthorities, List<CertificateIdentity> certificateIdentities) {
        super(0, 0, null, 0, 15, null);
        Intrinsics.checkNotNullParameter(certificateAuthorities, "certificateAuthorities");
        Intrinsics.checkNotNullParameter(certificateIdentities, "certificateIdentities");
        this.certificateAuthorities = certificateAuthorities;
        this.certificateIdentities = certificateIdentities;
    }

    public /* synthetic */ CertificateConfigurationOperation(ArrayList arrayList, ArrayList arrayList2, int i, DefaultConstructorMarker defaultConstructorMarker) {
        this((i & 1) != 0 ? new ArrayList() : arrayList, (i & 2) != 0 ? new ArrayList() : arrayList2);
    }

    private final Notification installCaCert(CertificateAuthority it, DevicePolicyManager policyManager) {
        if (policyManager.installCaCert(null, Base64.decode(it.getX509(), 0))) {
            return null;
        }
        return new Notification("CA_CERT_ERROR", "Error when installing the CA certificate.");
    }

    private final Notification installKeyPair(CertificateIdentity certIdentity, KeyStore keyStore, DevicePolicyManager policyManager) {
        boolean installKeyPair;
        byte[] decode = Base64.decode(certIdentity.getPkcs12(), 0);
        Intrinsics.checkNotNull(decode);
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(decode);
        char[] charArray = "".toCharArray();
        Intrinsics.checkNotNullExpressionValue(charArray, "this as java.lang.String).toCharArray()");
        keyStore.load(byteArrayInputStream, charArray);
        Enumeration<String> aliases = keyStore.aliases();
        Intrinsics.checkNotNullExpressionValue(aliases, "aliases(...)");
        Iterator it = CollectionsKt.iterator(aliases);
        Certificate[] certificateArr = new Certificate[0];
        PrivateKey privateKey = null;
        String str = "";
        while (it.hasNext()) {
            String str2 = (String) it.next();
            if (keyStore.isKeyEntry(str2)) {
                Certificate[] certificateChain = keyStore.getCertificateChain(str2);
                Intrinsics.checkNotNullExpressionValue(certificateChain, "getCertificateChain(...)");
                char[] charArray2 = "".toCharArray();
                Intrinsics.checkNotNullExpressionValue(charArray2, "this as java.lang.String).toCharArray()");
                Key key = keyStore.getKey(str2, charArray2);
                Intrinsics.checkNotNull(key, "null cannot be cast to non-null type java.security.PrivateKey");
                privateKey = (PrivateKey) key;
                Intrinsics.checkNotNull(str2);
                certificateArr = certificateChain;
                str = str2;
            }
        }
        if (certificateArr.length == 0) {
            return new Notification("MISSING_IDENTITY_CERT", "Certificate not found.");
        }
        if (privateKey == null) {
            return new Notification("MISSING_IDENTITY_KEY", "Private key not found.");
        }
        installKeyPair = policyManager.installKeyPair((ComponentName) null, privateKey, certificateArr, str, false);
        if (installKeyPair) {
            return null;
        }
        return new Notification("IDENTITY_CERT_ERROR", "Error when installing the identity certificate (" + str + ").");
    }

    private final boolean isDeviceSecure(Context context) {
        boolean isDeviceSecure;
        Object systemService = context.getSystemService("keyguard");
        Intrinsics.checkNotNull(systemService, "null cannot be cast to non-null type android.app.KeyguardManager");
        KeyguardManager keyguardManager = (KeyguardManager) systemService;
        if (Build.VERSION.SDK_INT < 23) {
            return keyguardManager.isKeyguardSecure();
        }
        isDeviceSecure = keyguardManager.isDeviceSecure();
        return isDeviceSecure;
    }

    private final void silentRemoveAllCACerts(DevicePolicyManager policyManager) {
        try {
            policyManager.uninstallAllUserCaCerts(null);
        } catch (Exception unused) {
            getLog().w("Error when trying to remove all CA certificates.", new Object[0]);
        }
    }

    @Override // br.com.mobiltec.c4m.android.library.mdm.operations.models.Operation
    public OperationResult internalProcess$c4m_agent_11_14_1_fcmRelease(Context context) {
        Intrinsics.checkNotNullParameter(context, "context");
        getLog().d("Processing operation #" + getId() + " of installing certificates (CA: " + this.certificateAuthorities.size() + " certs - CI: " + this.certificateIdentities.size() + ") certs.", new Object[0]);
        Object systemService = context.getSystemService("device_policy");
        Intrinsics.checkNotNull(systemService, "null cannot be cast to non-null type android.app.admin.DevicePolicyManager");
        DevicePolicyManager devicePolicyManager = (DevicePolicyManager) systemService;
        silentRemoveAllCACerts(devicePolicyManager);
        ExecutionResult executionResult = new ExecutionResult();
        Iterator<T> it = this.certificateAuthorities.iterator();
        while (it.hasNext()) {
            Notification installCaCert = installCaCert((CertificateAuthority) it.next(), devicePolicyManager);
            if (installCaCert != null) {
                executionResult.addMessage(installCaCert);
            }
        }
        getLog().d("Operation #" + getId() + " - CA list processed.", new Object[0]);
        if (!executionResult.success()) {
            return new OperationResult(false, false, null, executionResult.toString(), 4, null);
        }
        if (this.certificateIdentities.isEmpty()) {
            return new OperationResult(true, false, null, null, 12, null);
        }
        if (!isDeviceSecure(context)) {
            return new OperationResult(false, false, null, "Credentials cannot be installed until device is secured with a password.", 4, null);
        }
        KeyStore keyStore = KeyStore.getInstance("pkcs12");
        for (CertificateIdentity certificateIdentity : this.certificateIdentities) {
            Intrinsics.checkNotNull(keyStore);
            Notification installKeyPair = installKeyPair(certificateIdentity, keyStore, devicePolicyManager);
            if (installKeyPair != null) {
                executionResult.addMessage(installKeyPair);
            }
        }
        getLog().d("Operation #" + getId() + " - CI list processed.", new Object[0]);
        return executionResult.success() ? new OperationResult(true, false, null, null, 12, null) : new OperationResult(false, false, null, executionResult.toString(), 4, null);
    }
}
