package defpackage;

import android.content.ComponentName;
import android.text.TextUtils;
import android.util.Base64;
import com.fiberlink.maas360.android.control.ControlApplication;
import com.fiberlink.maas360.android.control.Dao.model.devicepolicies.bh;
import com.fiberlink.maas360.android.control.receivers.Maas360DeviceAdminReceiver;
import com.fiberlink.maas360.android.control.services.f;
import com.samsung.android.knox.EnterpriseDeviceManager;
import com.samsung.android.knox.container.BasePasswordPolicy;
import com.samsung.android.knox.devicesecurity.PasswordPolicy;
import com.samsung.android.knox.keystore.CertificateInfo;
import com.samsung.android.knox.keystore.CertificateProvisioning;
import defpackage.bld;
import java.io.ByteArrayInputStream;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;

/* loaded from: classes.dex */
public class bfz {

    /* renamed from: a, reason: collision with root package name */
    private static final String f2835a = bfz.class.getSimpleName();

    /* renamed from: b, reason: collision with root package name */
    private EnterpriseDeviceManager f2836b;

    /* renamed from: c, reason: collision with root package name */
    private ControlApplication f2837c = ControlApplication.e();
    private bfg d;

    public bfz(EnterpriseDeviceManager enterpriseDeviceManager) {
        this.f2836b = enterpriseDeviceManager;
        if (brl.a()) {
            this.d = new bfg();
        }
    }

    public int a() {
        try {
            return this.f2836b.getCertificateProvisioning().getCredentialStorageStatus();
        } catch (SecurityException e) {
            ckq.e(f2835a, e, "SecurityException: ");
            return 1;
        }
    }

    public f.a a(ComponentName componentName, String str, int i) {
        BasePasswordPolicy basePasswordPolicy;
        f.a aVar = f.a.FAILED;
        try {
            basePasswordPolicy = this.f2836b.getBasePasswordPolicy();
        } catch (Exception e) {
            ckq.d(f2835a, e, "Exception while executing Knox RPWT");
            String message = e.getMessage();
            if (!TextUtils.isEmpty(message) && message.contains("Escrow")) {
                ckq.a(f2835a, "Knox PRT : Escrow token error");
                return f.a.ESCROW_TOKEN_ERROR;
            }
        }
        if (!basePasswordPolicy.isResetPasswordTokenActive(componentName)) {
            if (bqb.q("knoxRPEscrowError")) {
                aVar = f.a.ESCROW_TOKEN_ERROR;
                ckq.d(f2835a, "Knox PRT reset failed as token setting failed with Escrow error");
            } else {
                aVar = f.a.TOKEN_NOT_ACTIVATED;
                ckq.d(f2835a, "Knox PRT reset failed as token is not activated");
            }
            return aVar;
        }
        ckq.b(f2835a, "Knox PRT token is active. Proceeding for reset");
        boolean resetPasswordWithToken = basePasswordPolicy.resetPasswordWithToken(componentName, str, Base64.decode(bqb.t("knoxPwdResetToken"), 0), i);
        ckq.b(f2835a, "Knox PRT : Password Reset status " + resetPasswordWithToken);
        return resetPasswordWithToken ? f.a.SUCCESSFUL : f.a.FAILED;
    }

    public CertificateInfo a(String str) {
        try {
            for (CertificateInfo certificateInfo : this.f2836b.getCertificateProvisioning().getCertificatesFromKeystore(6)) {
                if (!certificateInfo.getSystemPreloaded() && certificateInfo.getAlias().equals(str)) {
                    return certificateInfo;
                }
            }
            return null;
        } catch (SecurityException e) {
            ckq.e(f2835a, e, "SecurityException: ");
            return null;
        }
    }

    public String a(List<azg> list) {
        StringBuffer stringBuffer = new StringBuffer();
        try {
            if (bqb.a(ControlApplication.e().aN().g(), 5) >= 0) {
                ControlApplication e = ControlApplication.e();
                List<azg> a2 = a(false, list);
                if (a2 != null && a2.size() > 0) {
                    stringBuffer.append(e.getResources().getString(bld.l.pending_colon));
                    stringBuffer.append(bnv.EMPTY_STRING);
                    Iterator<azg> it = a2.iterator();
                    int i = 0;
                    while (it.hasNext()) {
                        stringBuffer.append(it.next().j());
                        if (i != a2.size() - 1) {
                            stringBuffer.append(", ");
                        }
                        i++;
                    }
                }
                List<azg> a3 = a(true, list);
                if (a3 != null && a3.size() > 0) {
                    if (a2 != null && a2.size() > 0) {
                        stringBuffer.append("\n");
                    }
                    stringBuffer.append(e.getResources().getString(bld.l.installed_colon));
                    stringBuffer.append(bnv.EMPTY_STRING);
                    Iterator<azg> it2 = a3.iterator();
                    int i2 = 0;
                    while (it2.hasNext()) {
                        stringBuffer.append(it2.next().j());
                        if (i2 != a3.size() - 1) {
                            stringBuffer.append(", ");
                        }
                        i2++;
                    }
                }
            }
        } catch (Exception e2) {
            ckq.d(f2835a, e2, "Error in getting cert display summary");
        }
        return stringBuffer.toString();
    }

    /* JADX WARN: Code restructure failed: missing block: B:23:0x0066, code lost:
    
        if (a(r4) == false) goto L42;
     */
    /* JADX WARN: Code restructure failed: missing block: B:36:0x0068, code lost:
    
        r3.add(r4);
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public java.util.List<defpackage.azg> a(boolean r8, java.util.List<defpackage.azg> r9) {
        /*
            r7 = this;
            com.fiberlink.maas360.android.control.ControlApplication r0 = com.fiberlink.maas360.android.control.ControlApplication.e()
            com.fiberlink.maas360.android.control.services.ao r0 = r0.H()
            com.fiberlink.maas360.android.control.Dao.model.devicepolicies.u r0 = r0.S()
            if (r9 == 0) goto L79
            int r1 = r9.size()
            if (r1 > 0) goto L15
            goto L79
        L15:
            com.fiberlink.maas360.android.control.Dao.model.devicepolicies.bq r1 = r0.h()
            com.fiberlink.maas360.android.control.Dao.model.devicepolicies.bo r2 = r0.m()
            com.fiberlink.maas360.android.control.Dao.model.devicepolicies.ag r0 = r0.y()
            java.util.ArrayList r3 = new java.util.ArrayList
            r3.<init>()
            java.util.Iterator r9 = r9.iterator()
        L2a:
            boolean r4 = r9.hasNext()
            if (r4 == 0) goto L78
            java.lang.Object r4 = r9.next()
            azg r4 = (defpackage.azg) r4
            if (r0 == 0) goto L44
            java.lang.String r5 = r4.e()
            boolean r5 = r0.a(r5)
            if (r5 == 0) goto L44
            r5 = 1
            goto L45
        L44:
            r5 = 0
        L45:
            if (r1 == 0) goto L60
            java.lang.String r6 = r4.e()
            boolean r6 = r1.g(r6)
            if (r6 != 0) goto L60
            if (r2 == 0) goto L60
            java.lang.String r6 = r4.e()
            boolean r6 = r2.a(r6)
            if (r6 != 0) goto L60
            if (r5 != 0) goto L60
            goto L2a
        L60:
            if (r8 == 0) goto L6c
            boolean r5 = r7.a(r4)
            if (r5 == 0) goto L6c
            r3.add(r4)
            goto L2a
        L6c:
            if (r8 != 0) goto L2a
            boolean r5 = r7.a(r4)
            if (r5 != 0) goto L2a
            r3.add(r4)
            goto L2a
        L78:
            return r3
        L79:
            r8 = 0
            return r8
        */
        throw new UnsupportedOperationException("Method not decompiled: defpackage.bfz.a(boolean, java.util.List):java.util.List");
    }

    public boolean a(int i) {
        boolean z;
        try {
            z = this.f2836b.getPasswordPolicy().setPasswordLockDelay(i);
        } catch (Exception e) {
            e = e;
            z = false;
        }
        try {
            if (z) {
                ckq.b(f2835a, "setPasswordLockDelay changed to " + i);
            } else {
                ckq.d(f2835a, "Unable to setPasswordLockDelay");
            }
        } catch (Exception e2) {
            e = e2;
            ckq.e(f2835a, e, "Exception while executing setPasswordLockDelay: ");
            return z;
        }
        return z;
    }

    public boolean a(ComponentName componentName, int i) {
        try {
            this.f2836b.getBasePasswordPolicy().setKeyguardDisabledFeatures(componentName, i);
            return true;
        } catch (SecurityException e) {
            ckq.c(f2835a, e);
            return false;
        }
    }

    public boolean a(ComponentName componentName, boolean z) {
        try {
            this.f2836b.getDeviceSecurityPolicy().setRequireDeviceEncryption(componentName, z);
            return true;
        } catch (SecurityException e) {
            ckq.e(f2835a, e, "SecurityException: ");
            return false;
        }
    }

    public boolean a(azg azgVar) {
        boolean z;
        X509Certificate x509Certificate;
        CertificateInfo a2;
        KeyStore a3;
        X509Certificate x509Certificate2;
        try {
            bew aN = ControlApplication.e().aN();
            x509Certificate = null;
            if (bqb.a(5, aN.g(), 23)) {
                android.app.enterprise.CertificateInfo a4 = this.d.a(azgVar.j());
                if (a4 != null) {
                    x509Certificate = (X509Certificate) a4.getCertificate();
                }
            } else if (bqb.a(aN.g(), 24) >= 0 && (a2 = a(azgVar.j())) != null) {
                x509Certificate = (X509Certificate) a2.getCertificate();
            }
        } catch (Exception e) {
            ckq.d(f2835a, e, "Error in checking if certificate:", azgVar.e(), " is installed");
        }
        if (x509Certificate != null && (a3 = bpy.a(new ByteArrayInputStream(jy.b(azgVar.i().getBytes())), azgVar.h(), azgVar.e())) != null && (x509Certificate2 = (X509Certificate) a3.getCertificate(azgVar.e())) != null) {
            if (js.a(x509Certificate.getEncoded(), x509Certificate2.getEncoded())) {
                z = true;
                ckq.a(f2835a, "Install status of cert with id:" + azgVar.e() + " name:" + azgVar.j() + " :" + z);
                return z;
            }
        }
        z = false;
        ckq.a(f2835a, "Install status of cert with id:" + azgVar.e() + " name:" + azgVar.j() + " :" + z);
        return z;
    }

    public boolean a(bh.a aVar) {
        boolean z;
        X509Certificate x509Certificate;
        CertificateInfo a2;
        try {
            bew aN = ControlApplication.e().aN();
            x509Certificate = null;
            if (bqb.a(5, aN.g(), 23)) {
                android.app.enterprise.CertificateInfo a3 = this.d.a(aVar.f5180b);
                if (a3 != null) {
                    x509Certificate = (X509Certificate) a3.getCertificate();
                }
            } else if (bqb.a(aN.g(), 24) >= 0 && (a2 = a(aVar.f5180b)) != null) {
                x509Certificate = (X509Certificate) a2.getCertificate();
            }
        } catch (Exception e) {
            ckq.d(f2835a, e, "Error in checking if certificate:", aVar.f5179a, " is installed");
        }
        if (x509Certificate != null) {
            if (js.a(x509Certificate.getEncoded(), jy.b(aVar.f5181c.getBytes()))) {
                z = true;
                ckq.a(f2835a, "Install status of cert with id:" + aVar.f5179a + " name:" + aVar.f5180b + " :" + z);
                return z;
            }
        }
        z = false;
        ckq.a(f2835a, "Install status of cert with id:" + aVar.f5179a + " name:" + aVar.f5180b + " :" + z);
        return z;
    }

    public boolean a(String str, String str2) {
        if (bqb.a(ControlApplication.e().aN().g(), 24) < 0) {
            return this.d.b(str, str2);
        }
        CertificateProvisioning certificateProvisioning = this.f2836b.getCertificateProvisioning();
        try {
            if (1 == certificateProvisioning.getCredentialStorageStatus()) {
                return certificateProvisioning.deleteCertificateFromKeystore(a(str), 7);
            }
            return false;
        } catch (SecurityException e) {
            ckq.e(f2835a, e, "SecurityException: ");
            return false;
        }
    }

    public boolean a(String str, byte[] bArr, String str2, String str3) {
        return a(str, bArr, str2, str3, 4);
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r7v0 */
    /* JADX WARN: Type inference failed for: r7v1 */
    /* JADX WARN: Type inference failed for: r7v2, types: [boolean] */
    /* JADX WARN: Type inference failed for: r7v3 */
    /* JADX WARN: Type inference failed for: r7v4 */
    /* JADX WARN: Type inference failed for: r7v5 */
    public boolean a(String str, byte[] bArr, String str2, String str3, int i) {
        if (bqb.a(this.f2837c.aN().g(), 24) < 0) {
            return this.d.a(str, bArr, str2, str3);
        }
        CertificateProvisioning certificateProvisioning = this.f2836b.getCertificateProvisioning();
        ?? r7 = 0;
        r7 = 0;
        try {
            int credentialStorageStatus = certificateProvisioning.getCredentialStorageStatus();
            if (1 == credentialStorageStatus) {
                r7 = certificateProvisioning.installCertificateToKeystore(str, bArr, str2, str3, i);
            } else {
                ckq.d(f2835a, "Keystore error while installing certs : " + credentialStorageStatus);
            }
        } catch (Exception e) {
            String str4 = f2835a;
            String[] strArr = new String[1];
            strArr[r7] = "SecurityException: ";
            ckq.e(str4, e, strArr);
        }
        return r7;
    }

    public boolean a(boolean z) {
        try {
            this.f2836b.getDeviceSecurityPolicy().setInternalStorageEncryption(z);
            return true;
        } catch (SecurityException e) {
            ckq.e(f2835a, e, "SecurityException: ");
            return false;
        }
    }

    public boolean a(boolean z, boolean z2) {
        boolean z3;
        String str;
        String str2;
        bew aN = this.f2837c.aN();
        if (bqb.a(aN.g(), 12) < 0) {
            ckq.a(f2835a, "Samsung SDK below 2.1. Biometrics not supported");
            return false;
        }
        PasswordPolicy passwordPolicy = this.f2836b.getPasswordPolicy();
        try {
            z3 = passwordPolicy.isBiometricAuthenticationEnabled(1);
            str = "Allowed";
            str2 = "allow";
        } catch (Exception e) {
            e = e;
            z3 = false;
        }
        try {
            if (z3 != z) {
                z3 = passwordPolicy.setBiometricAuthenticationEnabled(1, z);
                if (z3) {
                    String str3 = f2835a;
                    String[] strArr = new String[2];
                    strArr[0] = "Fingerprint authentication : ";
                    strArr[1] = z ? "Allowed" : "Blocked";
                    ckq.b(str3, strArr);
                } else {
                    String str4 = f2835a;
                    String[] strArr2 = new String[3];
                    strArr2[0] = "Unable to ";
                    strArr2[1] = z ? "allow" : "disallow";
                    strArr2[2] = " fingerprint auth";
                    ckq.d(str4, strArr2);
                }
            } else {
                z3 = false;
            }
        } catch (Exception e2) {
            e = e2;
            ckq.e(f2835a, e, "Exception while executing setBiometricAuthenticationEnabled: ");
            return z3;
        }
        if (bqb.a(aN.g(), 23) < 0) {
            ckq.a(f2835a, "Facial Recognition needs Knox version above 23");
            return z3;
        }
        if (passwordPolicy.isBiometricAuthenticationEnabled(4) != z2) {
            z3 = passwordPolicy.setBiometricAuthenticationEnabled(4, z2);
            if (z3) {
                String str5 = f2835a;
                String[] strArr3 = new String[2];
                strArr3[0] = "Face Recognition : ";
                if (!z2) {
                    str = "Blocked";
                }
                strArr3[1] = str;
                ckq.b(str5, strArr3);
            } else {
                String str6 = f2835a;
                String[] strArr4 = new String[3];
                strArr4[0] = "Unable to ";
                if (!z2) {
                    str2 = "disallow";
                }
                strArr4[1] = str2;
                strArr4[2] = " face recognition";
                ckq.d(str6, strArr4);
            }
        }
        return z3;
    }

    public boolean b() {
        try {
            return this.f2836b.getDeviceSecurityPolicy().isInternalStorageEncrypted();
        } catch (SecurityException e) {
            ckq.e(f2835a, e, "SecurityException: ");
            return false;
        }
    }

    public boolean b(ComponentName componentName, boolean z) {
        try {
            this.f2836b.getDeviceSecurityPolicy().setRequireStorageCardEncryption(componentName, z);
            return true;
        } catch (SecurityException e) {
            ckq.e(f2835a, e, "SecurityException: ");
            return false;
        }
    }

    public boolean b(String str, String str2) {
        if (bqb.a(5, this.f2837c.aN().g(), 19)) {
            return this.d.a(str, str2);
        }
        return false;
    }

    public boolean b(String str, byte[] bArr, String str2, String str3) {
        return a(str, bArr, str2, str3, 2);
    }

    public boolean b(boolean z) {
        try {
            this.f2836b.getDeviceSecurityPolicy().setExternalStorageEncryption(z);
            return true;
        } catch (SecurityException e) {
            ckq.e(f2835a, e, "SecurityException: ");
            return false;
        }
    }

    public List<bh.a> c(boolean z) {
        bh r = ControlApplication.e().H().S().r();
        ArrayList arrayList = null;
        if (r == null) {
            return null;
        }
        Map<String, bh.a> a2 = r.a();
        if (a2 != null && a2.size() > 0) {
            arrayList = new ArrayList();
            for (bh.a aVar : a2.values()) {
                if (z && a(aVar)) {
                    arrayList.add(aVar);
                } else if (!z && !a(aVar)) {
                    arrayList.add(aVar);
                }
            }
        }
        return arrayList;
    }

    public boolean c() {
        try {
            return this.f2836b.getDeviceSecurityPolicy().isExternalStorageEncrypted();
        } catch (SecurityException e) {
            ckq.e(f2835a, e, "SecurityException: ");
            return false;
        }
    }

    public void d() {
        if (bqb.a(ControlApplication.e().aN().g(), 2) < 0) {
            return;
        }
        try {
            if (this.f2836b.getAdminRemovable()) {
                ckq.b(f2835a, "User can remove Device Admin");
            } else {
                ckq.b(f2835a, "Remove Admin option is blocked. Trying to enable");
                boolean adminRemovable = this.f2836b.setAdminRemovable(true);
                ckq.b(f2835a, "Enable Remove Admin : " + adminRemovable);
            }
        } catch (SecurityException e) {
            ckq.e(f2835a, e, "SecurityException: ");
        }
    }

    public void e() {
        if (bqb.a(ControlApplication.e().aN().g(), 2) < 0) {
            return;
        }
        try {
            if (this.f2836b.getAdminRemovable()) {
                ckq.b(f2835a, "Remove Admin option is enabled. Trying to block");
                boolean adminRemovable = this.f2836b.setAdminRemovable(false);
                ckq.b(f2835a, "Disabling remove admin : " + adminRemovable);
            } else {
                ckq.a(f2835a, "User can't remove Device Admin");
            }
        } catch (SecurityException e) {
            ckq.e(f2835a, e, "SecurityException: ");
        }
    }

    public String f() {
        StringBuffer stringBuffer = new StringBuffer();
        try {
            if (bqb.a(ControlApplication.e().aN().g(), 5) >= 0) {
                ControlApplication e = ControlApplication.e();
                List<bh.a> c2 = c(false);
                if (c2 != null && c2.size() > 0) {
                    stringBuffer.append(e.getResources().getString(bld.l.pending_colon));
                    stringBuffer.append(bnv.EMPTY_STRING);
                    Iterator<bh.a> it = c2.iterator();
                    int i = 0;
                    while (it.hasNext()) {
                        stringBuffer.append(it.next().f5180b);
                        if (i != c2.size() - 1) {
                            stringBuffer.append(", ");
                        }
                        i++;
                    }
                }
                List<bh.a> c3 = c(true);
                if (c3 != null && c3.size() > 0) {
                    if (c2 != null && c2.size() > 0) {
                        stringBuffer.append("\n");
                    }
                    stringBuffer.append(e.getResources().getString(bld.l.installed_colon));
                    stringBuffer.append(bnv.EMPTY_STRING);
                    Iterator<bh.a> it2 = c3.iterator();
                    int i2 = 0;
                    while (it2.hasNext()) {
                        stringBuffer.append(it2.next().f5180b);
                        if (i2 != c3.size() - 1) {
                            stringBuffer.append(", ");
                        }
                        i2++;
                    }
                }
            }
        } catch (Exception e2) {
            ckq.d(f2835a, e2, "Error in getting cert display summary");
        }
        return stringBuffer.toString();
    }

    public int g() {
        try {
            return this.f2836b.getPasswordPolicy().getPasswordLockDelay();
        } catch (SecurityException e) {
            ckq.e(f2835a, e, "SecurityException while executing getPasswordLockDelay: ");
            return -1;
        }
    }

    public void h() {
        if (bqb.a(this.f2837c.aN().g(), 27) < 0 || bln.k()) {
            return;
        }
        ComponentName componentName = new ComponentName(this.f2837c, (Class<?>) Maas360DeviceAdminReceiver.class);
        try {
            BasePasswordPolicy basePasswordPolicy = this.f2836b.getBasePasswordPolicy();
            if (!basePasswordPolicy.isResetPasswordTokenActive(componentName)) {
                byte[] bArr = new byte[32];
                new SecureRandom().nextBytes(bArr);
                boolean resetPasswordToken = basePasswordPolicy.setResetPasswordToken(componentName, bArr);
                bqb.b("knoxRPEscrowError", false);
                ckq.b(f2835a, "Setting Knox PRT : " + resetPasswordToken);
                ckq.a(f2835a, "Setting Knox PRT : " + resetPasswordToken);
                if (resetPasswordToken) {
                    bqb.d("knoxPwdResetToken", Base64.encodeToString(bArr, 0));
                    if (basePasswordPolicy.isResetPasswordTokenActive(componentName)) {
                        ckq.b(f2835a, "Knox PRT ready and set");
                        ckq.a(f2835a, "Knox PRT ready and set");
                    } else {
                        ckq.b(f2835a, "Knox PRT needs to be activated");
                        ckq.a(f2835a, "Knox PRT needs to be activated");
                    }
                }
            }
        } catch (Exception e) {
            String message = e.getMessage();
            if (!TextUtils.isEmpty(message) && message.contains("Escrow")) {
                ckq.a(f2835a, "Escrow token error while setting Knox PRT. Reset Passcode will fail");
                bqb.b("knoxRPEscrowError", true);
            }
            ckq.d(f2835a, e, "Exception while generating Knox PRT");
        }
    }

    public void i() {
        if (bqb.a(this.f2837c.aN().g(), 27) < 0 || bln.k()) {
            return;
        }
        bqb.b("knoxRPEscrowError", false);
        try {
            boolean clearResetPasswordToken = this.f2836b.getBasePasswordPolicy().clearResetPasswordToken(new ComponentName(ControlApplication.e(), (Class<?>) Maas360DeviceAdminReceiver.class));
            ckq.b(f2835a, "Knox PRT Cleared : " + clearResetPasswordToken);
        } catch (Exception e) {
            ckq.d(f2835a, e, "Couldn't clear Knox PRT ");
        }
    }

    public boolean j() {
        boolean z;
        if (bqb.a(this.f2837c.aN().g(), 27) < 0 || bln.k()) {
            return false;
        }
        try {
            z = this.f2836b.getBasePasswordPolicy().isResetPasswordTokenActive(new ComponentName(this.f2837c, (Class<?>) Maas360DeviceAdminReceiver.class));
        } catch (Exception e) {
            e = e;
            z = false;
        }
        try {
            ckq.a(f2835a, "Knox PRT Token activation check : " + z);
        } catch (Exception e2) {
            e = e2;
            ckq.d(f2835a, e, "Couldn't check Knox PRT activation state");
            return z;
        }
        return z;
    }
}
