package x6;

import android.app.admin.DevicePolicyManager;
import android.content.ContentValues;
import android.content.Context;
import com.manageengine.mdm.android.R;
import com.manageengine.mdm.framework.core.MDMApplication;
import com.manageengine.mdm.framework.deviceadmin.DeviceAdminMonitor;
import com.manageengine.mdm.framework.profile.PayloadRequestHandler;
import com.manageengine.mdm.framework.profile.ProfileRequestHandler;
import com.samsung.android.knox.keystore.CertificateProvisioning;
import g4.h;
import g5.d;
import g5.u;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.IOException;
import java.io.UnsupportedEncodingException;
import java.net.MalformedURLException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.cert.CertStoreException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Base64;
import java.util.Enumeration;
import java.util.List;
import k5.r;
import org.bouncycastle.operator.OperatorCreationException;
import org.json.JSONException;
import org.json.JSONObject;
import pd.f;
import t6.l;
import t6.m;
import v7.e;
import z7.d0;
import z7.z;

/* compiled from: ScepPayloadRequestHandler.java */
/* loaded from: classes.dex */
public class c extends PayloadRequestHandler {

    /* renamed from: a, reason: collision with root package name */
    public u f11706a;

    /* renamed from: b, reason: collision with root package name */
    public Context f11707b;

    /* renamed from: c, reason: collision with root package name */
    public r f11708c;

    /* compiled from: ScepPayloadRequestHandler.java */
    /* loaded from: classes.dex */
    public class a implements g5.r {
        public a() {
        }

        @Override // g5.r
        public void c(d dVar, Object obj) {
            try {
                if (new File(e.T().U(), "keystore.pfx").delete()) {
                    d0.w("ScepPayloadRequestHandler: File successfully deleted");
                } else {
                    d0.t("ScepPayloadRequestHandler: File deletion failed");
                }
            } catch (Exception e10) {
                d0.u("ScepPayloadRequestHandler: Error while requesting storage permissions ", e10);
            }
            r rVar = c.this.f11708c;
            String str = b.f11696j;
            rVar.getClass();
            int i10 = 0;
            String[] strArr = {str};
            ContentValues contentValues = new ContentValues();
            contentValues.put(rVar.b(R.string.col_SCEPPayload_Location), "null");
            contentValues.put(rVar.b(R.string.col_SCEPPayload_Password), "null");
            if (str != null) {
                d0.w("Scep-PayloadUUID: " + str);
                i10 = rVar.f6880a.h(rVar.c(), contentValues, "ScepPayloadIdentifierName=?", strArr);
            }
            if (i10 == 0) {
                d0.w("ScepPayloadTableHandler: Unable to delete sensitive data from DB");
            }
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r2v29 */
    @Override // com.manageengine.mdm.framework.profile.PayloadRequestHandler
    public void k(u uVar, h hVar, l lVar, m mVar) {
        int i10;
        f fVar;
        int i11;
        try {
            try {
                try {
                    this.f11706a = uVar;
                    try {
                        this.f11707b = uVar.b().a();
                        Context a10 = uVar.b().a();
                        int i12 = 0;
                        this.f11708c = new r(a10, 0);
                        d0.w(" \n**************************************************\n  Going to Install Profile " + ((JSONObject) uVar.f5906c).optString("PayloadDisplayName", "") + " - SCEP Payload\n**************************************************\n");
                        JSONObject a11 = lVar.a();
                        d0.z("payload data -> " + a11);
                        t4.c cVar = new t4.c(new b(a11), uVar);
                        try {
                            if (!g5.f.Q(a10).z().e()) {
                                s(9, hVar, mVar);
                                return;
                            }
                            int b10 = cVar.b();
                            if (b10 == 100) {
                                String string = a11.getString("PayloadUUID");
                                d0.w("ScepPayloadRequestHandler: SCEP certificate successully obtained. Now installing...");
                                d0.w("ScepPayloadRequestHandler: Retrieving Keystore location and password from DB");
                                JSONObject h10 = this.f11708c.h(string);
                                String string2 = h10.getString("location");
                                String string3 = h10.getString("password");
                                byte[] r10 = r(string2, string3);
                                t4.a w10 = g5.f.Q(MDMApplication.k()).w();
                                if (w10 != null) {
                                    d0.w("ScepPayloadRequestHandler: Installing the client certificate (begins)");
                                    int d10 = w10.d(r10, string, string3);
                                    if (d10 == 0) {
                                        d0.w("Sending the SCEP certificates to the server");
                                        try {
                                            List<X509Certificate> q10 = q(new ByteArrayInputStream(r10), string3);
                                            while (true) {
                                                ArrayList arrayList = (ArrayList) q10;
                                                if (i12 >= arrayList.size()) {
                                                    break;
                                                }
                                                ProfileRequestHandler.h().g(string, new String(Base64.getEncoder().encode(((X509Certificate) arrayList.get(i12)).getEncoded())), string3);
                                                i12++;
                                            }
                                        } catch (Exception e10) {
                                            d0.u("Exception while sending the cert details to server ", e10);
                                        }
                                    }
                                    s(d10, hVar, mVar);
                                }
                                t(a11);
                                return;
                            }
                            if (b10 == 0) {
                                d0.w("Certificate request failed. Unrecognized or unsupported algorithm identifier. SCEP server seems to not support the algorithm used");
                                mVar.b(80806);
                                mVar.c(a10.getResources().getString(R.string.res_0x7f11062a_mdm_agent_payload_scep_request_internalerror));
                                return;
                            }
                            if (b10 == 2) {
                                d0.w("Certificate request failed: BAD REQUEST. The SCEP configuration provided seems to be wrong.");
                                mVar.b(80806);
                                mVar.c(a10.getResources().getString(R.string.res_0x7f110629_mdm_agent_payload_scep_request_bad_request));
                                return;
                            }
                            try {
                                if (b10 != 1 && b10 != 3 && b10 != 4) {
                                    d0.w("Certificate request failed due to internal error");
                                    mVar.b(80802);
                                    String string4 = a10.getResources().getString(R.string.res_0x7f11062a_mdm_agent_payload_scep_request_internalerror);
                                    mVar.c(string4);
                                    b10 = string4;
                                }
                                d0.w("Certificate request failed.");
                                mVar.b(80802);
                                String string5 = a10.getResources().getString(R.string.res_0x7f11062b_mdm_agent_payload_scep_request_scep_server_invalid_response);
                                mVar.c(string5);
                                b10 = string5;
                            } catch (f e11) {
                                e = e11;
                                i10 = b10;
                                fVar = e;
                                i11 = i10;
                                d0.u("ScepPayloadRequestHandler: Exception ", fVar);
                                mVar.b(i11);
                                mVar.c(this.f11707b.getResources().getString(R.string.res_0x7f11062b_mdm_agent_payload_scep_request_scep_server_invalid_response));
                            }
                        } catch (IOException e12) {
                            e = e12;
                            Throwable th = e;
                            d0.t("ScepPayloadRequestHandler: Certificate request failed due to internal error");
                            throw th;
                        } catch (IllegalArgumentException e13) {
                            e = e13;
                            Throwable th2 = e;
                            d0.t("ScepPayloadRequestHandler: Certificate request failed");
                            throw th2;
                        } catch (KeyManagementException e14) {
                            e = e14;
                            Throwable th3 = e;
                            d0.t("ScepPayloadRequestHandler: Certificate request failed due to internal error");
                            throw th3;
                        } catch (KeyStoreException e15) {
                            e = e15;
                            Throwable th32 = e;
                            d0.t("ScepPayloadRequestHandler: Certificate request failed due to internal error");
                            throw th32;
                        } catch (NoSuchAlgorithmException e16) {
                            e = e16;
                            Throwable th322 = e;
                            d0.t("ScepPayloadRequestHandler: Certificate request failed due to internal error");
                            throw th322;
                        } catch (NoSuchProviderException e17) {
                            e = e17;
                            Throwable th3222 = e;
                            d0.t("ScepPayloadRequestHandler: Certificate request failed due to internal error");
                            throw th3222;
                        } catch (CertStoreException e18) {
                            e = e18;
                            Throwable th32222 = e;
                            d0.t("ScepPayloadRequestHandler: Certificate request failed due to internal error");
                            throw th32222;
                        } catch (CertificateException e19) {
                            e = e19;
                            Throwable th322222 = e;
                            d0.t("ScepPayloadRequestHandler: Certificate request failed due to internal error");
                            throw th322222;
                        } catch (md.c e20) {
                            e = e20;
                            Throwable th22 = e;
                            d0.t("ScepPayloadRequestHandler: Certificate request failed");
                            throw th22;
                        } catch (OperatorCreationException e21) {
                            e = e21;
                            Throwable th3222222 = e;
                            d0.t("ScepPayloadRequestHandler: Certificate request failed due to internal error");
                            throw th3222222;
                        } catch (f e22) {
                            e = e22;
                            Throwable th222 = e;
                            d0.t("ScepPayloadRequestHandler: Certificate request failed");
                            throw th222;
                        }
                    } catch (f e23) {
                        fVar = e23;
                        i11 = 80802;
                        d0.u("ScepPayloadRequestHandler: Exception ", fVar);
                        mVar.b(i11);
                        mVar.c(this.f11707b.getResources().getString(R.string.res_0x7f11062b_mdm_agent_payload_scep_request_scep_server_invalid_response));
                    }
                } catch (JSONException e24) {
                    e = e24;
                    d0.u("ScepPayloadRequestHandler: Exception ", e);
                    mVar.b(80802);
                    mVar.c(this.f11707b.getResources().getString(R.string.res_0x7f11062a_mdm_agent_payload_scep_request_internalerror));
                }
            } catch (f e25) {
                e = e25;
                i10 = 80802;
            }
        } catch (UnsupportedEncodingException e26) {
            e = e26;
            d0.u("ScepPayloadRequestHandler: Exception ", e);
            mVar.b(80805);
            mVar.c(this.f11707b.getResources().getString(R.string.res_0x7f11062c_mdm_agent_payload_scep_request_scep_server_unreachable));
        } catch (IOException e27) {
            e = e27;
            d0.u("ScepPayloadRequestHandler: Exception ", e);
            mVar.b(80802);
            mVar.c(this.f11707b.getResources().getString(R.string.res_0x7f11062a_mdm_agent_payload_scep_request_internalerror));
        } catch (IllegalArgumentException e28) {
            e = e28;
            d0.u("ScepPayloadRequestHandler: Exception occurred due to bad formatted subject ", e);
            mVar.b(80807);
            mVar.c(this.f11707b.getResources().getString(R.string.res_0x7f110629_mdm_agent_payload_scep_request_bad_request));
        } catch (MalformedURLException e29) {
            e = e29;
            d0.u("ScepPayloadRequestHandler: Exception occurred due to bad formatted subject ", e);
            mVar.b(80807);
            mVar.c(this.f11707b.getResources().getString(R.string.res_0x7f110629_mdm_agent_payload_scep_request_bad_request));
        } catch (KeyManagementException e30) {
            e = e30;
            d0.u("ScepPayloadRequestHandler: Exception ", e);
            mVar.b(80802);
            mVar.c(this.f11707b.getResources().getString(R.string.res_0x7f11062a_mdm_agent_payload_scep_request_internalerror));
        } catch (KeyStoreException e31) {
            e = e31;
            d0.u("ScepPayloadRequestHandler: Exception ", e);
            mVar.b(80802);
            mVar.c(this.f11707b.getResources().getString(R.string.res_0x7f11062a_mdm_agent_payload_scep_request_internalerror));
        } catch (NoSuchAlgorithmException e32) {
            e = e32;
            d0.u("ScepPayloadRequestHandler: Exception ", e);
            mVar.b(80802);
            mVar.c(this.f11707b.getResources().getString(R.string.res_0x7f11062a_mdm_agent_payload_scep_request_internalerror));
        } catch (NoSuchProviderException e33) {
            e = e33;
            d0.u("ScepPayloadRequestHandler: Exception ", e);
            mVar.b(80802);
            mVar.c(this.f11707b.getResources().getString(R.string.res_0x7f11062a_mdm_agent_payload_scep_request_internalerror));
        } catch (CertStoreException e34) {
            e = e34;
            d0.u("ScepPayloadRequestHandler: Exception ", e);
            mVar.b(80802);
            mVar.c(this.f11707b.getResources().getString(R.string.res_0x7f11062a_mdm_agent_payload_scep_request_internalerror));
        } catch (CertificateException e35) {
            e = e35;
            d0.u("ScepPayloadRequestHandler: Exception ", e);
            mVar.b(80802);
            mVar.c(this.f11707b.getResources().getString(R.string.res_0x7f11062a_mdm_agent_payload_scep_request_internalerror));
        } catch (md.c e36) {
            e = e36;
            d0.u("ScepPayloadRequestHandler: Exception ", e);
            mVar.b(80805);
            mVar.c(this.f11707b.getResources().getString(R.string.res_0x7f11062c_mdm_agent_payload_scep_request_scep_server_unreachable));
        } catch (OperatorCreationException e37) {
            e = e37;
            d0.u("ScepPayloadRequestHandler: Exception ", e);
            mVar.b(80802);
            mVar.c(this.f11707b.getResources().getString(R.string.res_0x7f11062a_mdm_agent_payload_scep_request_internalerror));
        }
    }

    @Override // com.manageengine.mdm.framework.profile.PayloadRequestHandler
    public void l(u uVar, h hVar, l lVar, l lVar2, m mVar) {
        d0.w(" \n**************************************************\n               Modify - SCEP Payload\n**************************************************\n");
        k(uVar, hVar, lVar2, mVar);
    }

    @Override // com.manageengine.mdm.framework.profile.PayloadRequestHandler
    public void m(u uVar, h hVar, l lVar, m mVar) {
        d0.w(" \n**************************************************\n               Remove - SCEP Payload\n**************************************************\n");
        JSONObject jSONObject = lVar.f10171b;
        d0.z("payload data -> " + jSONObject);
        Context context = uVar.f5908e.f5863d;
        this.f11707b = context;
        this.f11708c = new r(context, 0);
        try {
            String string = jSONObject.getString("PayloadUUID");
            DevicePolicyManager devicePolicyManager = (DevicePolicyManager) this.f11707b.getSystemService("device_policy");
            if (e.T().a1(24).booleanValue()) {
                d0.t("ScepPayloadRequestHandler: Removing certificate for alias: " + string);
                d0.t("ScepPayloadRequestHandler: Certificate removal status: " + devicePolicyManager.removeKeyPair(DeviceAdminMonitor.c(this.f11707b), string));
            }
            r rVar = this.f11708c;
            rVar.getClass();
            if (string != null) {
                rVar.f6880a.c(rVar.c(), rVar.b(R.string.col_SCEPPayload_PayloadIdentifierName) + "=?", new String[]{string});
            }
        } catch (JSONException e10) {
            d0.u("ScepPayloadRequestHandler: Exception occured while uninstalling certificate", e10);
        }
    }

    public List<X509Certificate> q(ByteArrayInputStream byteArrayInputStream, String str) {
        ArrayList arrayList = new ArrayList();
        try {
            try {
                KeyStore keyStore = KeyStore.getInstance(CertificateProvisioning.TYPE_PKCS12);
                keyStore.load(byteArrayInputStream, str.toCharArray());
                Enumeration<String> aliases = keyStore.aliases();
                while (aliases.hasMoreElements()) {
                    String nextElement = aliases.nextElement();
                    if (keyStore.isKeyEntry(nextElement)) {
                        arrayList.add((X509Certificate) keyStore.getCertificate(nextElement));
                    }
                }
            } catch (Exception e10) {
                d0.u("Unable to read certificates from keystore", e10);
            }
            try {
                byteArrayInputStream.close();
            } catch (IOException e11) {
                d0.u("Exception while closing inputstream ", e11);
            }
            return arrayList;
        } catch (Throwable th) {
            try {
                byteArrayInputStream.close();
            } catch (IOException e12) {
                d0.u("Exception while closing inputstream ", e12);
            }
            throw th;
        }
    }

    public final byte[] r(String str, String str2) {
        byte[] bArr = null;
        try {
            File file = new File(str);
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
            KeyStore keyStore = KeyStore.getInstance(CertificateProvisioning.TYPE_PKCS12);
            keyStore.load(new FileInputStream(file), str2.toCharArray());
            keyStore.store(byteArrayOutputStream, str2.toCharArray());
            bArr = byteArrayOutputStream.toByteArray();
            android.util.Base64.encodeToString(bArr, 0);
            d0.w("ScepPayloadRequestHandler: Keystore created from the location data");
            return bArr;
        } catch (Exception e10) {
            d0.u("ScepPayladRequestHandler: Error while retrieving keystore ", e10);
            return bArr;
        }
    }

    public void s(int i10, h hVar, m mVar) {
        Context context = MDMApplication.f3847i;
        context.getResources().getString(R.string.res_0x7f11063c_mdm_agent_payload_wifi_certificate_keystoreerror);
        try {
            if (i10 == 1 || i10 == 2 || i10 == 7) {
                mVar.f10174b = context.getResources().getString(R.string.res_0x7f11062d_mdm_agent_payload_vpn_certificate_install_failed_error);
                mVar.b(12153);
                return;
            }
            if (i10 != 9) {
                if (i10 != 11) {
                    return;
                }
                d0.t("ScepPayloadRequestHandler: Failed to remove the certificate");
                mVar.f10174b = context.getResources().getString(R.string.res_0x7f11062f_mdm_agent_payload_vpn_certificate_remove_failed_error);
                mVar.b(12152);
                return;
            }
            d0.t("ScepPayloadRequestHandler: Device does not have a password. So unable to install the cert.");
            if (p6.h.e().d(context, "Password") != 1 || g5.f.Q(context).x0().f0()) {
                hVar.q(context.getResources().getString(R.string.res_0x7f11061a_mdm_agent_payload_certificate_device_insecure));
            } else {
                hVar.q(context.getResources().getString(R.string.res_0x7f11061f_mdm_agent_payload_certificate_remarks_passcodeundercomp));
            }
            d0.t("ScepPayloadRequestHandler: Sending Not now status for scep");
            d0.t("ScepPayloadRequestHandler: Response error code: " + i10);
            hVar.q(context.getResources().getString(R.string.res_0x7f11061a_mdm_agent_payload_certificate_device_insecure));
            mVar.f10175c = "NotNow";
        } catch (Exception e10) {
            d0.u("ScepPayloadRequestHandler: Exception while handling certificate install/uninstall response", e10);
        }
    }

    public final void t(JSONObject jSONObject) {
        try {
            d dVar = this.f11706a.f5908e;
            dVar.f5864e.add(new a());
            dVar.f5865f.add(jSONObject);
            z.x("MDMContainer: OnWakeUpCompleted listener registered");
        } catch (Exception e10) {
            d0.u("ScepPayloadHandler: Error while registering to remove Scep onWakeUpComplete ", e10);
        }
    }
}
