package com.apptec360.android.mdm.model;

import android.annotation.TargetApi;
import android.app.admin.DevicePolicyManager;
import android.content.ComponentName;
import android.content.Context;
import android.os.Build;
import android.util.Base64;
import com.apptec360.android.mdm.Log;
import com.apptec360.android.mdm.helpers.HashHelper;
import com.apptec360.android.mdm.helpers.JSONSaver;
import com.apptec360.android.mdm.receivers.ApptecDeviceAdmin;
import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.InputStreamReader;
import java.security.GeneralSecurityException;
import java.security.KeyFactory;
import java.security.PrivateKey;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.security.spec.PKCS8EncodedKeySpec;
import java.util.ArrayList;
import java.util.Iterator;
import org.json.JSONObject;

/* loaded from: classes.dex */
public class CertificateModel {
    private static CertificateModel instance = new CertificateModel();
    private static Context context = null;

    private CertificateModel() {
    }

    public static void closeSilent(InputStream inputStream) {
        if (inputStream == null) {
            return;
        }
        try {
            inputStream.close();
        } catch (Exception unused) {
        }
    }

    public static CertificateModel getInstance(Context context2) {
        if (context == null) {
            context = context2;
        }
        return instance;
    }

    public static PrivateKey loadPrivateKey(String str) throws IOException, GeneralSecurityException {
        ByteArrayInputStream byteArrayInputStream = null;
        try {
            ByteArrayInputStream byteArrayInputStream2 = new ByteArrayInputStream(str.getBytes());
            try {
                BufferedReader bufferedReader = new BufferedReader(new InputStreamReader(byteArrayInputStream2));
                StringBuilder sb = new StringBuilder();
                boolean z = false;
                for (String readLine = bufferedReader.readLine(); readLine != null; readLine = bufferedReader.readLine()) {
                    if (z) {
                        if (readLine.startsWith("-----END ") && readLine.endsWith(" PRIVATE KEY-----")) {
                            break;
                        }
                        sb.append(readLine);
                    } else if (readLine.startsWith("-----BEGIN ") && readLine.endsWith(" PRIVATE KEY-----")) {
                        z = true;
                    }
                }
                PrivateKey generatePrivate = KeyFactory.getInstance("RSA").generatePrivate(new PKCS8EncodedKeySpec(Base64.decode(sb.toString(), 0)));
                closeSilent(byteArrayInputStream2);
                return generatePrivate;
            } catch (Throwable th) {
                th = th;
                byteArrayInputStream = byteArrayInputStream2;
                closeSilent(byteArrayInputStream);
                throw th;
            }
        } catch (Throwable th2) {
            th = th2;
        }
    }

    public static X509Certificate loadPublicX509(String str) throws GeneralSecurityException {
        ByteArrayInputStream byteArrayInputStream = null;
        try {
            ByteArrayInputStream byteArrayInputStream2 = new ByteArrayInputStream(str.getBytes());
            try {
                X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(byteArrayInputStream2);
                closeSilent(byteArrayInputStream2);
                return x509Certificate;
            } catch (Throwable th) {
                th = th;
                byteArrayInputStream = byteArrayInputStream2;
                closeSilent(byteArrayInputStream);
                throw th;
            }
        } catch (Throwable th2) {
            th = th2;
        }
    }

    @TargetApi(21)
    public void installAfwGmailCertificates() {
        String str;
        JSONObject jSONObject;
        String str2 = "key";
        if (Build.VERSION.SDK_INT < 21) {
            Log.e("api level 21 or higher required");
            return;
        }
        try {
            String loadProfileSetting = ApptecPreferences.loadProfileSetting("afwgmail-certificates", "", true);
            if (loadProfileSetting != null && !loadProfileSetting.equals("") && !loadProfileSetting.equals("[]")) {
                JSONObject collection = JSONSaver.getCollection("AFW_CERTIFICATES");
                JSONObject jSONObject2 = new JSONObject(loadProfileSetting);
                DevicePolicyManager devicePolicyManager = (DevicePolicyManager) context.getSystemService("device_policy");
                ComponentName deviceAdminComponentName = ApptecDeviceAdmin.getDeviceAdminComponentName();
                ArrayList arrayList = new ArrayList();
                Iterator<String> keys = jSONObject2.keys();
                while (keys.hasNext()) {
                    String next = keys.next();
                    Log.d("processing cert for form " + next);
                    try {
                        jSONObject = new JSONObject(new String(Base64.decode(jSONObject2.getString(next), 0)));
                    } catch (Exception e) {
                        e = e;
                        str = str2;
                    }
                    if (jSONObject.has("crt") && jSONObject.has(str2)) {
                        String string = jSONObject.getString("crt");
                        String string2 = jSONObject.getString(str2);
                        if (collection.has(next)) {
                            JSONObject jSONObject3 = collection.getJSONObject(next);
                            String string3 = jSONObject3.getString("hash");
                            String md5 = HashHelper.md5(string);
                            if (string3.equals(md5)) {
                                str = str2;
                                Log.d("certificate " + next.toLowerCase() + " is already installed");
                            } else {
                                str = str2;
                                try {
                                    if (devicePolicyManager.installKeyPair(deviceAdminComponentName, loadPrivateKey(string2), loadPublicX509(string), next.toLowerCase())) {
                                        jSONObject3.put("hash", md5);
                                        jSONObject3.put("cert", string);
                                        collection.put(next, jSONObject3);
                                        Log.d("updated certificate " + next.toLowerCase());
                                    } else {
                                        Log.e("failed to update certificate " + next.toLowerCase());
                                    }
                                } catch (Exception e2) {
                                    e = e2;
                                    Log.e("failed to process form " + next + ": " + e.getMessage());
                                    e.printStackTrace();
                                    str2 = str;
                                }
                            }
                        } else {
                            str = str2;
                            X509Certificate loadPublicX509 = loadPublicX509(string);
                            PrivateKey loadPrivateKey = loadPrivateKey(string2);
                            JSONObject jSONObject4 = new JSONObject();
                            jSONObject4.put("hash", HashHelper.md5(string));
                            if (devicePolicyManager.installKeyPair(deviceAdminComponentName, loadPrivateKey, loadPublicX509, next.toLowerCase())) {
                                collection.put(next, jSONObject4);
                                Log.d("installed certificate " + next.toLowerCase());
                            } else {
                                Log.e("failed to install certificate " + next.toLowerCase());
                            }
                        }
                        arrayList.add(next);
                        str2 = str;
                    }
                    str = str2;
                    Log.e("cert for form " + next + " is invalid");
                    str2 = str;
                }
                if (Build.VERSION.SDK_INT >= 24) {
                    Iterator<String> keys2 = collection.keys();
                    while (keys2.hasNext()) {
                        String next2 = keys2.next();
                        if (!arrayList.contains(next2)) {
                            if (devicePolicyManager.removeKeyPair(deviceAdminComponentName, next2.toLowerCase())) {
                                collection.remove(next2);
                            } else {
                                Log.e("failed to delete key " + next2);
                            }
                        }
                    }
                }
                JSONSaver.saveCollection("AFW_CERTIFICATES", collection);
            }
        } catch (Exception e3) {
            Log.e(e3.getMessage());
        }
    }

    @TargetApi(24)
    public void removeAfwGmailCertificates() {
        if (Build.VERSION.SDK_INT < 24) {
            Log.e("api level 24 or higher required");
            return;
        }
        try {
            JSONObject collection = JSONSaver.getCollection("AFW_CERTIFICATES");
            DevicePolicyManager devicePolicyManager = (DevicePolicyManager) context.getSystemService("device_policy");
            ComponentName deviceAdminComponentName = ApptecDeviceAdmin.getDeviceAdminComponentName();
            ArrayList arrayList = new ArrayList();
            Iterator<String> keys = collection.keys();
            while (keys.hasNext()) {
                String next = keys.next();
                if (devicePolicyManager.removeKeyPair(deviceAdminComponentName, next.toLowerCase())) {
                    arrayList.add(next);
                } else {
                    Log.e("failed to delete key " + next);
                }
            }
            Iterator it = arrayList.iterator();
            while (it.hasNext()) {
                collection.remove((String) it.next());
            }
            JSONSaver.saveCollection("AFW_CERTIFICATES", collection);
        } catch (Exception e) {
            Log.e(e.getMessage());
        }
    }
}
