package com.sevenprinciples.android.mdm.safeclient.thirdparty.samsung;

import android.content.ComponentName;
import android.content.Intent;
import android.net.Uri;
import com.samsung.android.knox.AppIdentity;
import com.samsung.android.knox.EnterpriseDeviceManager;
import com.sevenprinciples.android.mdm.safeclient.base.Constants;
import com.sevenprinciples.android.mdm.safeclient.base.logger.AppLog;
import com.sevenprinciples.android.mdm.safeclient.base.pim.common.RepeatRule;
import com.sevenprinciples.android.mdm.safeclient.filecommands.FileHelper;
import com.sevenprinciples.android.mdm.safeclient.helpers.Android10Helper;
import com.sevenprinciples.android.mdm.safeclient.main.MDMErrorCodes;
import com.sevenprinciples.android.mdm.safeclient.main.MDMWrapper;
import com.sevenprinciples.android.mdm.safeclient.scep.ScepClient;
import com.sevenprinciples.android.mdm.safeclient.security.MDMDeviceAdminReceiver;
import com.sevenprinciples.android.mdm.safeclient.thirdparty.afw.CertificateUtil;
import com.sevenprinciples.android.mdm.safeclient.thirdparty.afw.UserCertificateHelper;
import com.sevenprinciples.android.mdm.safeclient.thirdparty.generic.Call;
import com.sevenprinciples.android.mdm.safeclient.thirdparty.generic.Payload;
import java.io.File;
import java.io.FileOutputStream;
import java.util.ArrayList;
import org.json.JSONObject;

/* loaded from: classes2.dex */
public class CallSecurityPolicy extends Call {
    private static final String TAG = Constants.TAG_PREFFIX + "Security";
    private boolean applyToContainer;

    public CallSecurityPolicy(Payload payload, JSONObject jSONObject, String str, JSONObject jSONObject2) {
        super(payload, jSONObject, str, jSONObject2);
    }

    private void addPackages(SecurityPolicy securityPolicy) {
        String[] split = getS("packageList").split(",");
        if (split.length > 0) {
            ArrayList arrayList = new ArrayList();
            for (String str : split) {
                arrayList.add(new AppIdentity(str, (String) null));
            }
            mustBeTrue(securityPolicy.addPackagesToCertificateWhiteList(arrayList));
        }
    }

    private void deleteFile() {
        AppLog.i(TAG, "Install certificate PHASE 2");
        try {
            FileHelper.delete(new File(Android10Helper.addLocalPath(getS("filePath"), false)));
        } catch (Exception e) {
            e.printStackTrace();
        }
    }

    private SecurityPolicy getSecurityPolicy(SecurityPolicy securityPolicy, SafePayload safePayload) {
        if (!safePayload.getTransparency().isUseKnox(this) || !isKnoxFunctionAvailable(this.function)) {
            return securityPolicy;
        }
        AppLog.i(TAG, "KNOX function available -> using KNOX security policy");
        SecurityPolicy securityPolicy2 = KnoxCompatibilityLayer.getSecurityPolicy(securityPolicy, getContext());
        setApplyToContainer(true);
        return securityPolicy2;
    }

    private void installCertificate(SecurityPolicy securityPolicy, byte[] bArr, String str) {
        AppLog.i(TAG, "Install certificate PHASE 3");
        try {
            boolean installCertificateUsingSAFE = KnoxCompatibilityLayer.installCertificateUsingSAFE(this, securityPolicy, getS("type"), bArr, getS("name"), getS("password"), false, str, isApplyToContainer());
            if (installCertificateUsingSAFE) {
                try {
                    File file = new File(getContext().getFilesDir(), "cert.txt");
                    FileOutputStream fileOutputStream = new FileOutputStream(file);
                    try {
                        fileOutputStream.write(bArr);
                        fileOutputStream.close();
                        CertificateUtil.PKCS12ParseInfo parsePKCS12Certificate = CertificateUtil.parsePKCS12Certificate(getContext().getContentResolver(), Uri.fromFile(file), getS("password"));
                        UserCertificateHelper.set(getS("alias"), UserCertificateHelper.userToJson(getS("name"), parsePKCS12Certificate.certificate, true, false), CertificateHelper.getThumbPrint(parsePKCS12Certificate.certificate));
                        file.delete();
                    } finally {
                    }
                } catch (Throwable th) {
                    AppLog.w(TAG, th.getMessage(), th);
                }
            }
            mustBeTrue(installCertificateUsingSAFE);
        } catch (SecurityException e) {
            setFailure(Call.ErrorTag.SecurityException, e.toString());
            getPayload().setErrorCode(MDMErrorCodes.ERROR_CODE_OPERATION_NOT_SUPPORTED);
        } catch (Throwable th2) {
            AppLog.w(TAG, "maybe no such a method: " + th2.getMessage());
            installCertificateForSAFE3(securityPolicy, bArr, str);
        }
    }

    private void installCertificateForSAFE3(SecurityPolicy securityPolicy, byte[] bArr, String str) {
        try {
            mustBeTrue(KnoxCompatibilityLayer.installCertificateUsingSAFE(this, securityPolicy, getS("type"), bArr, getS("name"), getS("password"), true, str, isApplyToContainer()));
        } catch (SecurityException e) {
            setFailure(Call.ErrorTag.SecurityException, e.toString());
            getPayload().setErrorCode(MDMErrorCodes.ERROR_CODE_OPERATION_NOT_SUPPORTED);
        }
    }

    private boolean isKnoxFunctionAvailable(String str) {
        String[] strArr = {"setRequireDeviceEncryption", "setRequireStorageCardEncryption", "setInternalStorageEncryption", "setExternalStorageEncryption", "actionStartEncryption"};
        for (int i = 0; i < 5; i++) {
            if (strArr[i].equalsIgnoreCase(str)) {
                return false;
            }
        }
        return true;
    }

    /* JADX WARN: Removed duplicated region for block: B:24:0x0040 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private byte[] loadFile() {
        /*
            r5 = this;
            r0 = 0
            java.io.RandomAccessFile r1 = new java.io.RandomAccessFile     // Catch: java.lang.Throwable -> L22 java.lang.Exception -> L27
            java.lang.String r2 = "filePath"
            java.lang.String r2 = r5.getS(r2)     // Catch: java.lang.Throwable -> L22 java.lang.Exception -> L27
            r3 = 0
            java.lang.String r2 = com.sevenprinciples.android.mdm.safeclient.helpers.Android10Helper.addLocalPath(r2, r3)     // Catch: java.lang.Throwable -> L22 java.lang.Exception -> L27
            java.lang.String r3 = "r"
            r1.<init>(r2, r3)     // Catch: java.lang.Throwable -> L22 java.lang.Exception -> L27
            long r2 = r1.length()     // Catch: java.lang.Exception -> L28 java.lang.Throwable -> L3d
            int r2 = (int) r2     // Catch: java.lang.Exception -> L28 java.lang.Throwable -> L3d
            byte[] r2 = new byte[r2]     // Catch: java.lang.Exception -> L28 java.lang.Throwable -> L3d
            r1.read(r2)     // Catch: java.lang.Exception -> L28 java.lang.Throwable -> L3d
            r1.close()     // Catch: java.lang.Exception -> L28 java.lang.Throwable -> L3d
            r0 = r2
            goto L3c
        L22:
            r1 = move-exception
            r4 = r1
            r1 = r0
            r0 = r4
            goto L3e
        L27:
            r1 = r0
        L28:
            com.sevenprinciples.android.mdm.safeclient.thirdparty.generic.Call$ErrorTag r2 = com.sevenprinciples.android.mdm.safeclient.thirdparty.generic.Call.ErrorTag.InvalidFile     // Catch: java.lang.Throwable -> L3d
            r5.setFailure(r2)     // Catch: java.lang.Throwable -> L3d
            com.sevenprinciples.android.mdm.safeclient.thirdparty.generic.Payload r2 = r5.getPayload()     // Catch: java.lang.Throwable -> L3d
            r3 = 411001(0x64579, float:5.75935E-40)
            r2.setErrorCode(r3)     // Catch: java.lang.Throwable -> L3d
            if (r1 == 0) goto L3c
            r1.close()     // Catch: java.io.IOException -> L3c
        L3c:
            return r0
        L3d:
            r0 = move-exception
        L3e:
            if (r1 == 0) goto L43
            r1.close()     // Catch: java.io.IOException -> L43
        L43:
            throw r0
        */
        throw new UnsupportedOperationException("Method not decompiled: com.sevenprinciples.android.mdm.safeclient.thirdparty.samsung.CallSecurityPolicy.loadFile():byte[]");
    }

    private void removePackages(SecurityPolicy securityPolicy) {
        String[] split = getS("packageList").split(",");
        if (split.length > 0) {
            ArrayList arrayList = new ArrayList();
            for (String str : split) {
                arrayList.add(new AppIdentity(str, (String) null));
            }
            mustBeTrue(securityPolicy.removePackagesFromCertificateWhiteList(arrayList));
        }
    }

    private void wipe(SecurityPolicy securityPolicy) {
        if (getB("internalMemory") && getB("externalMemory")) {
            mustBeTrue(securityPolicy.wipeDevice(3));
            return;
        }
        if (getB("internalMemory")) {
            mustBeTrue(securityPolicy.wipeDevice(1));
        } else if (getB("externalMemory")) {
            mustBeTrue(securityPolicy.wipeDevice(2));
        } else {
            getPayload().setErrorCode(MDMErrorCodes.ERROR_CODE_OPERATION_NOT_SUPPORTED);
            setFailure(Call.ErrorTag.InvalidParameters);
        }
    }

    @Override // com.sevenprinciples.android.mdm.safeclient.thirdparty.generic.Call
    public Call execute() {
        try {
            SecurityPolicy singleton = SecurityPolicy.singleton();
            if (is("clearInstalledCertificates")) {
                mustBeTrue(singleton.clearInstalledCertificates());
            } else if (is("unlockKeyStorage")) {
                SecurityHelper.unlockKey(this, singleton);
            } else if (is("setRestriction")) {
                mustBeTrue(EnterpriseDeviceManager.getInstance(getContext()).getProfilePolicy().setRestriction(getS("property"), getB("enabled")));
            } else if (is("installCertificatesFromSdCard")) {
                singleton.installCertificatesFromSdCard();
            } else if (is("powerOffDevice")) {
                MDMWrapper.setFlag(Constants.POWER_OFF_FLAG, getContext());
            } else {
                if (is("startAttestation")) {
                    AttestationHelper.start(this, getS("nonce"), getS("AUK"), getS("AtsId"), 1000 * getL("nonceCreationTime"));
                    return this;
                }
                if (is("actionStartEncryption")) {
                    Intent intent = new Intent("android.app.action.START_ENCRYPTION");
                    intent.addFlags(RepeatRule.DECEMBER);
                    getPayload().getContext().startActivity(intent);
                } else if (is("setExternalStorageEncryption")) {
                    singleton.setExternalStorageEncryption(getB("isEncrypt"));
                } else if (is("installCertificate")) {
                    byte[] loadFile = loadFile();
                    if (loadFile == null) {
                        return this;
                    }
                    deleteFile();
                    installCertificate(singleton, loadFile, Android10Helper.addLocalPath(getS("filePath"), false));
                } else if (is("setRequireDeviceEncryption")) {
                    singleton.setRequireDeviceEncryption(new ComponentName(getContext(), (Class<?>) MDMDeviceAdminReceiver.class), getB("isEncrypt"));
                    setSuccess(null);
                } else if (is("setRequireStorageCardEncryption")) {
                    singleton.setRequireStorageCardEncryption(new ComponentName(getContext(), (Class<?>) MDMDeviceAdminReceiver.class), getB("value"));
                    setSuccess(null);
                } else if (is("setInternalStorageEncryption")) {
                    singleton.setInternalStorageEncryption(getB("isEncrypt"));
                    setSuccess(null);
                } else if (is("unlockCredentialStorage")) {
                    mustBeTrue(singleton.unlockCredentialStorage(getS("password")));
                } else if (is("resetCredentialStorage")) {
                    mustBeTrue(singleton.resetCredentialStorage());
                } else if (is("removeCertificate")) {
                    if (isApplyToContainer()) {
                        mustBeTrue(KnoxCertificateHelper.removeCertificate(this, getS("key"), singleton));
                    } else {
                        if (!getS("type").equalsIgnoreCase("CACERT_") && !getS("type").equalsIgnoreCase(".crt")) {
                            mustBeTrue(singleton.removeCertificate(getS("key"), "USRCERT_"));
                        }
                        mustBeTrue(singleton.removeCertificate(getS("key"), "CACERT_"));
                    }
                } else if (is("removeAccountsByType")) {
                    mustBeTrue(singleton.removeAccountsByType(getS("type")));
                } else if (is("wipeDevice")) {
                    wipe(singleton);
                } else if (is("addPackagesToCertificateWhiteList")) {
                    addPackages(singleton);
                } else if (is("removePackagesFromCertificateWhiteList")) {
                    removePackages(singleton);
                } else if (is("getPackagesFromCertificateWhiteList")) {
                    if (singleton.getPackagesFromCertificateWhiteList() == null) {
                        setSuccess(null);
                    }
                } else if (is("enrollUserCertificate")) {
                    try {
                        installCertificate(singleton, ScepClient.enrollCerificate(getParameters()), "scepCertificate.p12");
                    } catch (Exception e) {
                        getPayload().setErrorCode(MDMErrorCodes.ERROR_CODE_UNSPECIFIED_ERROR);
                        setFailure(Call.ErrorTag.Exception, e.toString());
                    }
                } else {
                    getPayload().setErrorCode(MDMErrorCodes.ERROR_CODE_OPERATION_NOT_SUPPORTED);
                    setFailure(Call.ErrorTag.UnknownFunction);
                }
            }
        } catch (Exception e2) {
            setFailure(Call.ErrorTag.Exception, e2.toString());
        }
        return this;
    }

    public boolean isApplyToContainer() {
        return this.applyToContainer;
    }

    public void setApplyToContainer(boolean z) {
        this.applyToContainer = z;
    }
}
