package com.microsoft.omadm.platforms.safe.certmgr;

import android.app.enterprise.CertificateInfo;
import android.app.enterprise.SecurityPolicy;
import com.microsoft.omadm.exception.OMADMException;
import com.microsoft.omadm.platforms.android.certmgr.data.ScepCertificate;
import com.microsoft.omadm.platforms.safe.policy.EnterpriseDeviceManagerFactory;
import com.microsoft.omadm.platforms.safe.policy.SafePolicyManager;
import com.microsoft.omadm.utils.CertUtils;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.text.MessageFormat;
import java.util.ArrayList;
import java.util.List;
import java.util.logging.Logger;

/* loaded from: classes.dex */
public class SafeCertificateOperations5 implements ISafeCertificateOperations {
    private static final int CA_ADDITIONAL_KEYSTORE = 1;
    private static final int KEYSTORE = 4;
    private static final Logger LOGGER = Logger.getLogger(SafeCertificateOperations5.class.getName());

    private CertificateInfo getCertInfoByThumbprint(String str, int i) throws EnterpriseDeviceManagerFactory.IllegalEdmStateException {
        for (CertificateInfo certificateInfo : SafePolicyManager.getSecurityPolicy().getCertificatesFromKeystore(i)) {
            if (certificateInfo != null) {
                Certificate certificate = certificateInfo.getCertificate();
                if (certificate instanceof X509Certificate) {
                    try {
                        if (str.equalsIgnoreCase(CertUtils.getThumbPrint(certificate))) {
                            return certificateInfo;
                        }
                    } catch (OMADMException unused) {
                        LOGGER.fine(MessageFormat.format("Unable to get thumbprint of an installed certificate while looking for certificate with thumbprint ''{0}''. Skipping.", str));
                    }
                } else {
                    continue;
                }
            }
        }
        return null;
    }

    private boolean removeCertInfoFromDevice(CertificateInfo certificateInfo) throws EnterpriseDeviceManagerFactory.IllegalEdmStateException {
        if (certificateInfo == null) {
            return false;
        }
        return SafePolicyManager.getSecurityPolicy().deleteCertificateFromKeystore(certificateInfo, certificateInfo.getKeystore());
    }

    @Override // com.microsoft.omadm.platforms.safe.certmgr.ISafeCertificateOperations
    public List<ScepCertificate> getAllUserCertificates() throws EnterpriseDeviceManagerFactory.IllegalEdmStateException {
        ArrayList arrayList = new ArrayList();
        for (CertificateInfo certificateInfo : SafePolicyManager.getSecurityPolicy().getCertificatesFromKeystore(4)) {
            if (certificateInfo != null) {
                Certificate certificate = certificateInfo.getCertificate();
                if ((certificate instanceof X509Certificate) && certificateInfo.getHasPrivateKey()) {
                    ScepCertificate scepCertificate = new ScepCertificate();
                    scepCertificate.x509Certificate = (X509Certificate) certificate;
                    scepCertificate.alias = certificateInfo.getAlias();
                    arrayList.add(scepCertificate);
                }
            }
        }
        return arrayList;
    }

    @Override // com.microsoft.omadm.platforms.safe.certmgr.ISafeCertificateOperations
    public String getInstalledCertificateAlias(String str, String str2) throws EnterpriseDeviceManagerFactory.IllegalEdmStateException {
        CertificateInfo certInfoByThumbprint = getCertInfoByThumbprint(str2, 4);
        if (certInfoByThumbprint == null) {
            return null;
        }
        return certInfoByThumbprint.getAlias();
    }

    @Override // com.microsoft.omadm.platforms.safe.certmgr.ISafeCertificateOperations
    public CertificateInfo getInstalledCertificateInfo(String str) throws EnterpriseDeviceManagerFactory.IllegalEdmStateException {
        for (CertificateInfo certificateInfo : SafePolicyManager.getSecurityPolicy().getCertificatesFromKeystore(4)) {
            if (certificateInfo != null && str.equalsIgnoreCase(certificateInfo.getAlias())) {
                return certificateInfo;
            }
        }
        return null;
    }

    @Override // com.microsoft.omadm.platforms.safe.certmgr.ISafeCertificateOperations
    public boolean installCertificate(String str, byte[] bArr, String str2, String str3) throws EnterpriseDeviceManagerFactory.IllegalEdmStateException {
        SecurityPolicy securityPolicy = SafePolicyManager.getSecurityPolicy();
        boolean installCertificateToKeystore = securityPolicy.installCertificateToKeystore(str, bArr, str2, str3, 4);
        return "CERT".equals(str) ? installCertificateToKeystore & securityPolicy.installCertificateToKeystore(str, bArr, str2, str3, 1) : installCertificateToKeystore;
    }

    @Override // com.microsoft.omadm.platforms.safe.certmgr.ISafeCertificateOperations
    public boolean removeCACertificate(String str) throws EnterpriseDeviceManagerFactory.IllegalEdmStateException {
        boolean z;
        CertificateInfo installedCertificateInfo = getInstalledCertificateInfo(str);
        if (installedCertificateInfo == null) {
            return false;
        }
        CertificateInfo certificateInfo = null;
        try {
            certificateInfo = getCertInfoByThumbprint(CertUtils.getThumbPrint(installedCertificateInfo.getCertificate()), 1);
        } catch (OMADMException unused) {
            LOGGER.warning(MessageFormat.format("Unable to get certificate thumbprint of cert ''{0}''.", str));
        }
        if (removeCertInfoFromDevice(installedCertificateInfo)) {
            z = true;
        } else {
            LOGGER.fine(MessageFormat.format("Failed to remove CA cert ''{0}'' from vpn and apps keystore.", str));
            z = false;
        }
        if (removeCertInfoFromDevice(certificateInfo)) {
            return z;
        }
        LOGGER.fine(MessageFormat.format("Failed to remove CA cert ''{0}'' from default keystore.", str));
        return false;
    }

    @Override // com.microsoft.omadm.platforms.safe.certmgr.ISafeCertificateOperations
    public boolean removeUserCertificate(String str) throws EnterpriseDeviceManagerFactory.IllegalEdmStateException {
        return removeCertInfoFromDevice(getInstalledCertificateInfo(str));
    }
}
