package com.cisco.android.nchs.support;

import android.app.enterprise.CertificateInfo;
import android.app.enterprise.EnterpriseDeviceManager;
import android.app.enterprise.SecurityPolicy;
import android.content.Context;
import com.cisco.android.nchs.NetworkComponentHostService;
import com.cisco.android.nchs.aidl.CertOpCode;
import com.cisco.android.nchs.support.CertificateManager;
import com.cisco.anyconnect.vpn.android.util.AppLog;
import java.util.Iterator;

/* loaded from: classes.dex */
public class SafeSystemCertificateManager extends SystemCertificateManager {
    private static final String ENTITY_NAME = "SafeSystemCertificateManager";
    private EnterpriseDeviceManager mEdm;

    public SafeSystemCertificateManager(Context context, NetworkComponentHostService networkComponentHostService) {
        super(context, networkComponentHostService);
        this.mEdm = (EnterpriseDeviceManager) this.mContext.getSystemService(EnterpriseDeviceManager.ENTERPRISE_POLICY_SERVICE);
        if (this.mEdm == null) {
            throw new IllegalStateException("Enterprise device manager is null");
        }
    }

    private static String certTypeToSamsungType(CertificateManager.CertificateBlobType certificateBlobType) {
        switch (certificateBlobType) {
            case TYPE_CERTIFICATE:
                return "CERT";
            case TYPE_PKCS12:
                return "PKCS12";
            default:
                AppLog.logDebugMessage(AppLog.Severity.DBG_ERROR, ENTITY_NAME, "Unknown certificate type: " + certificateBlobType);
                return null;
        }
    }

    public static CertOpCode getKeyStoreStatus(SecurityPolicy securityPolicy) {
        int credentialStorageStatus = securityPolicy.getCredentialStorageStatus();
        String str = "Unknown";
        CertOpCode certOpCode = CertOpCode.RESULT_CERTIFICATE_IMPORT_ERROR_KEYSTORE_ERROR;
        switch (credentialStorageStatus) {
            case 1:
                str = "Success";
                certOpCode = CertOpCode.RESULT_CERTIFICATE_OPERATION_SUCCESS;
                break;
            case 2:
                str = "KEYSTORE_LOCKED";
                break;
            case 3:
                str = "KEYSTORE_UNINITIALIZED : password not yet set";
                certOpCode = CertOpCode.RESULT_CERTIFICATE_IMPORT_ERROR_KEYSTORE_UNINITIALIZED;
                break;
            case 4:
                str = "KEYSTORE_SYSTEM_ERROR";
                break;
            case 6:
                str = "KEYSTORE_PERMISSION_DENIED";
                break;
            case 7:
                str = "KEYSTORE_KEY_NOT_FOUND";
                break;
            case 8:
                str = "KEYSTORE_VALUE_CORRUPTED";
                break;
            case 9:
                str = "KEYSTORE_UNDEFINED_ACTION";
                break;
            case 10:
                str = "KEYSTORE_WRONG_PASSWORD";
                break;
        }
        if (1 != credentialStorageStatus) {
            AppLog.logDebugMessage(AppLog.Severity.DBG_ERROR, ENTITY_NAME, "KeyStore error " + credentialStorageStatus + " " + str);
        }
        return certOpCode;
    }

    @Override // com.cisco.android.nchs.support.SystemCertificateManager
    public CertOpCode deleteCertificate(String str) {
        try {
            SecurityPolicy securityPolicy = this.mEdm.getSecurityPolicy();
            CertOpCode keyStoreStatus = getKeyStoreStatus(securityPolicy);
            if (CertOpCode.RESULT_CERTIFICATE_OPERATION_SUCCESS != keyStoreStatus) {
                AppLog.logDebugMessage(AppLog.Severity.DBG_ERROR, ENTITY_NAME, "KeyStore error deleting certificate " + str + " " + keyStoreStatus);
                return keyStoreStatus;
            }
            if (securityPolicy.removeCertificate(str, "CACERT_")) {
                AppLog.logDebugMessage(AppLog.Severity.DBG_INFO, ENTITY_NAME, "Certificate removed (ca): " + str);
            }
            if (securityPolicy.removeCertificate(str, "USRCERT_")) {
                AppLog.logDebugMessage(AppLog.Severity.DBG_INFO, ENTITY_NAME, "Certificate removed (user): " + str);
            }
            return CertOpCode.RESULT_CERTIFICATE_OPERATION_SUCCESS;
        } catch (SecurityException e) {
            AppLog.logDebugMessage(AppLog.Severity.DBG_ERROR, ENTITY_NAME, "SecurityException: ", e);
            return CertOpCode.RESULT_CERTIFICATE_OPERATION_FAILED;
        }
    }

    /* JADX WARN: Removed duplicated region for block: B:36:0x00a1 A[Catch: SecurityException -> 0x0106, TryCatch #2 {SecurityException -> 0x0106, blocks: (B:34:0x0099, B:36:0x00a1, B:41:0x00c3, B:43:0x00c9, B:44:0x00e5), top: B:33:0x0099 }] */
    /* JADX WARN: Removed duplicated region for block: B:41:0x00c3 A[Catch: SecurityException -> 0x0106, TryCatch #2 {SecurityException -> 0x0106, blocks: (B:34:0x0099, B:36:0x00a1, B:41:0x00c3, B:43:0x00c9, B:44:0x00e5), top: B:33:0x0099 }] */
    @Override // com.cisco.android.nchs.support.SystemCertificateManager
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    protected com.cisco.android.nchs.aidl.CertOpCode importCertificate(com.cisco.android.nchs.support.CertificateManager.CertificateBlobType r5, byte[] r6, java.lang.String r7, java.lang.String r8, java.lang.String r9, android.content.Intent r10) {
        /*
            Method dump skipped, instructions count: 273
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.cisco.android.nchs.support.SafeSystemCertificateManager.importCertificate(com.cisco.android.nchs.support.CertificateManager$CertificateBlobType, byte[], java.lang.String, java.lang.String, java.lang.String, android.content.Intent):com.cisco.android.nchs.aidl.CertOpCode");
    }

    @Override // com.cisco.android.nchs.support.SystemCertificateManager
    protected boolean isCertificateInstalled(String str) {
        AppLog.logDebugBuildDebugMessage(AppLog.Severity.DBG_INFO, ENTITY_NAME, "Verifying certificate via SAFE: " + str);
        SecurityPolicy securityPolicy = this.mEdm.getSecurityPolicy();
        CertificateInfo installedCertificate = securityPolicy.getInstalledCertificate(str);
        if (installedCertificate != null) {
            if (installedCertificate.getCertificate() == null) {
                AppLog.logDebugMessage(AppLog.Severity.DBG_INFO, ENTITY_NAME, "Certificate is not installed (null): " + str);
                return false;
            }
            AppLog.logDebugBuildDebugMessage(AppLog.Severity.DBG_INFO, ENTITY_NAME, "Certificate is installed: " + installedCertificate.getCertificate().toString());
            return true;
        }
        Iterator<String> it = securityPolicy.getInstalledCertificateNames("CACERT_").iterator();
        while (it.hasNext()) {
            if (it.next().equals(str)) {
                return true;
            }
        }
        Iterator<String> it2 = securityPolicy.getInstalledCertificateNames("USRCERT_").iterator();
        while (it2.hasNext()) {
            if (it2.next().equals(str)) {
                return true;
            }
        }
        AppLog.logDebugMessage(AppLog.Severity.DBG_INFO, ENTITY_NAME, "Certificate is not installed: " + str);
        return false;
    }
}
