package com.centrify.directcontrol.certauth;

import com.centrify.agent.samsung.KnoxVersionUtil;
import com.centrify.agent.samsung.knox.agent.AbstractNewKnoxManager;
import com.centrify.agent.samsung.utils.LogUtil;
import com.centrify.android.centrifypreference.CentrifyPreferenceUtils;
import com.centrify.android.utils.AfwUtils;
import com.centrify.directcontrol.CentrifyApplication;
import com.centrify.directcontrol.SamsungAgentManager;
import com.centrify.directcontrol.certauth.zso.BaseCertTimaInstallationHelper;
import com.centrify.directcontrol.certauth.zso.CertInstallationHelperFactory;
import com.centrify.directcontrol.certauth.zso.ICertInstallationHelper;
import com.centrify.directcontrol.certauth.zso.ZsoCert;
import com.centrify.directcontrol.db.DBAdapter;
import com.centrify.directcontrol.policy.AbstractPolicyController;
import com.centrify.directcontrol.utilities.FileUltility;
import com.dd.plist.NSDictionary;
import com.dd.plist.NSObject;
import com.dd.plist.PListUtils;
import com.samsung.android.knox.container.KnoxContainerManager;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: classes.dex */
public class ZsoCertProfileController extends AbstractPolicyController {
    private static final String TAG = ZsoCertProfileController.class.getSimpleName();
    private boolean isZSoCertPolicyEnabled;
    private boolean isZsoCertsInstalled;

    private void applyCertDialogSuppress(int i, ZsoCert zsoCert) {
        if (zsoCert.isInstalled(i)) {
            ICertInstallationHelper iCertInstallationHelper = CertInstallationHelperFactory.get(i);
            LogUtil.info(TAG, "applyCertDialogSuppress, type: " + i);
            for (String str : getCertSuppressDialogPkgList()) {
                LogUtil.debug(TAG, "applyCertDialogSuppress, type: " + i + ", pkgName: " + str + ", result: " + iCertInstallationHelper.applyCertDialogSuppress(zsoCert.zsoHostName, zsoCert.zsoPort, zsoCert.alias, str));
            }
        }
    }

    private void deleteZsoCertOnDevice(ZsoCert zsoCert) {
        DBAdapter.getDBInstance().deleteZsoCert(zsoCert.isCaCert);
        FileUltility.deleteFile(zsoCert.name);
    }

    private List<String> getCertSuppressDialogPkgList() {
        KnoxContainerManager knoxContainerManager = ((AbstractNewKnoxManager) SamsungAgentManager.getInstance().getKnoxManager()).getKnoxContainerManager();
        if (knoxContainerManager.getApplicationPolicy().getInstalledApplicationsIDList() == null) {
            return new ArrayList();
        }
        List<String> asList = Arrays.asList(knoxContainerManager.getApplicationPolicy().getInstalledApplicationsIDList());
        LogUtil.info(TAG, "getCertSuppressDialogPkgList, pkg list size: " + asList.size());
        return asList;
    }

    private ZsoCert getZsoCert(boolean z) {
        return DBAdapter.getDBInstance().getZsoCert(z);
    }

    private List<ZsoCert> getZsoCerts() {
        return DBAdapter.getDBInstance().getZsoCerts();
    }

    private void handleCertificateInKeyChain(ZsoCert zsoCert) {
        if (!zsoCert.isCaCert && zsoCert.isInstalled(4)) {
            uninstallCertificate(4, zsoCert);
        }
        installCertificate(1, zsoCert);
        if (!isContainerExist()) {
            zsoCert.setPolicyStatus(2, 4);
            return;
        }
        if (!zsoCert.isCaCert && zsoCert.isInstalled(5)) {
            uninstallCertificate(5, zsoCert);
        }
        installCertificate(2, zsoCert);
    }

    private void handleCertificateInTimaKeyStore(ZsoCert zsoCert) {
        int policyStatus = zsoCert.getPolicyStatus(1);
        installCertificate(4, zsoCert);
        if (zsoCert.isInstalled(4) && 1 == policyStatus) {
            uninstallCertificate(1, zsoCert);
        } else if (!zsoCert.isInstalled(4)) {
            zsoCert.setPolicyStatus(1, policyStatus);
        }
        if (!isContainerExist()) {
            zsoCert.setPolicyStatus(5, 4);
            return;
        }
        int policyStatus2 = zsoCert.getPolicyStatus(2);
        installCertificate(5, zsoCert);
        if (zsoCert.isInstalled(5) && 1 == policyStatus2) {
            uninstallCertificate(2, zsoCert);
        } else {
            if (zsoCert.isInstalled(5)) {
                return;
            }
            zsoCert.setPolicyStatus(2, policyStatus2);
        }
    }

    private void installCertificate(int i, ZsoCert zsoCert) {
        ICertInstallationHelper iCertInstallationHelper = CertInstallationHelperFactory.get(i);
        if (!iCertInstallationHelper.isSupport(zsoCert)) {
            zsoCert.setPolicyStatus(i, 4);
            return;
        }
        if (zsoCert.isInstalled(i)) {
            return;
        }
        zsoCert.setPolicyStatus(i, 0);
        LogUtil.info(TAG, "installCertificate, type: " + i + ", name: " + zsoCert.name);
        if (iCertInstallationHelper.isReadyToInstall(zsoCert)) {
            if (iCertInstallationHelper.isCertInstalled(zsoCert)) {
                LogUtil.debug(TAG, "installCertificate, type: " + i + ", cert is installed");
                LogUtil.info(TAG, "installCertificate, type: " + i + ", uninstallCert: " + iCertInstallationHelper.uninstallCert(zsoCert));
            }
            int installCert = iCertInstallationHelper.installCert(zsoCert);
            LogUtil.info(TAG, "installCertificate, type: " + i + ", installCert: " + installCert);
            zsoCert.setPolicyStatus(i, installCert);
        }
    }

    private void installCertificate(ZsoCert zsoCert) {
        installCertificate(3, zsoCert);
        if (zsoCert.isCaCert || !isSupportTimaKeyStore()) {
            handleCertificateInKeyChain(zsoCert);
        } else {
            handleCertificateInTimaKeyStore(zsoCert);
        }
        DBAdapter.getDBInstance().insertOrUpdateZsoCert(zsoCert);
    }

    private boolean isContainerExist() {
        return CentrifyPreferenceUtils.getBoolean("KnoxContainerExisted", false);
    }

    private boolean isSupportTimaKeyStore() {
        return BaseCertTimaInstallationHelper.isTimaKeyStorePolicyEnabled() && BaseCertTimaInstallationHelper.isTimaKeyStoreApplied();
    }

    private boolean isZsoCertsInstalled(List<ZsoCert> list) {
        if (list.isEmpty()) {
            return false;
        }
        Iterator<ZsoCert> it = list.iterator();
        while (it.hasNext()) {
            if (!it.next().isApplied()) {
                return false;
            }
        }
        return true;
    }

    private void removeCertDialogSuppress(int i, ZsoCert zsoCert) {
        if (zsoCert.isInstalled(i)) {
            LogUtil.info(TAG, "clearCertDialogSuppress, type: " + i + ", result: " + CertInstallationHelperFactory.get(i).clearCertDialogSuppress());
        }
    }

    private void saveZsoCert(ZsoCert zsoCert) {
        FileUltility.saveFile(zsoCert.content, zsoCert.getCertFileName());
        DBAdapter.getDBInstance().insertOrUpdateZsoCert(zsoCert);
    }

    private void uninstallCertificate(int i, ZsoCert zsoCert) {
        ICertInstallationHelper iCertInstallationHelper = CertInstallationHelperFactory.get(i);
        if (iCertInstallationHelper.isSupport(zsoCert)) {
            LogUtil.info(TAG, "uninstallCertificates, type: " + i + ", result: " + iCertInstallationHelper.uninstallCert(zsoCert));
        }
    }

    private void uninstallCertificates() {
        for (ZsoCert zsoCert : getZsoCerts()) {
            if (AfwUtils.isInAfwMode(CentrifyApplication.getAppInstance())) {
                uninstallCertificate(3, zsoCert);
            } else if (KnoxVersionUtil.isSafeOrPlus()) {
                uninstallCertificate(1, zsoCert);
                uninstallCertificate(4, zsoCert);
                if (isContainerExist()) {
                    uninstallCertificate(2, zsoCert);
                    uninstallCertificate(5, zsoCert);
                    if (!zsoCert.isCaCert) {
                        removeCertDialogSuppress(2, zsoCert);
                    }
                }
            }
            deleteZsoCertOnDevice(zsoCert);
        }
    }

    public void applyCertDialogSuppress() {
        for (ZsoCert zsoCert : getZsoCerts()) {
            if (!zsoCert.isCaCert) {
                applyCertDialogSuppress(2, zsoCert);
            }
        }
    }

    @Override // com.centrify.directcontrol.policy.AbstractPolicyController
    public void checkPolicyCompliance() {
        this.isZsoCertsInstalled = isZsoCertsInstalled(DBAdapter.getDBInstance().getZsoCerts());
    }

    @Override // com.centrify.directcontrol.policy.AbstractPolicyController
    protected boolean checkPrecondition(NSDictionary nSDictionary) {
        return true;
    }

    @Override // com.centrify.directcontrol.policy.AbstractPolicyController
    public boolean doesPolicyExist() {
        return false;
    }

    @Override // com.centrify.directcontrol.policy.AbstractPolicyController
    public int getNonCompliantPolicyNumber() {
        return (!this.isZSoCertPolicyEnabled || this.isZsoCertsInstalled) ? 0 : 1;
    }

    @Override // com.centrify.directcontrol.policy.AbstractPolicyController
    protected JSONObject getPayloadsReport(NSObject[] nSObjectArr) {
        return null;
    }

    @Override // com.centrify.directcontrol.policy.AbstractPolicyController
    public JSONObject getProfileToReport(NSObject nSObject, String str) throws JSONException {
        return null;
    }

    @Override // com.centrify.directcontrol.policy.AbstractPolicyController
    public void loadPolicy() {
        List<ZsoCert> zsoCerts = getZsoCerts();
        this.isZSoCertPolicyEnabled = true;
        for (ZsoCert zsoCert : zsoCerts) {
            if (zsoCert != null) {
                installCertificate(zsoCert);
            }
        }
        applyCertDialogSuppress();
    }

    @Override // com.centrify.directcontrol.policy.AbstractPolicyController
    public void resetAll() {
        resetPolicy(null);
    }

    @Override // com.centrify.directcontrol.policy.AbstractPolicyController
    public void resetPolicy(String str) {
        uninstallCertificates();
        this.isZsoCertsInstalled = false;
        this.isZSoCertPolicyEnabled = false;
    }

    @Override // com.centrify.directcontrol.policy.AbstractPolicyController
    public boolean savePolicy(NSDictionary nSDictionary) {
        NSObject[] array = PListUtils.getArray(nSDictionary, "content");
        if (array == null) {
            LogUtil.debug(TAG, "savePolicy, no content found");
            this.isZSoCertPolicyEnabled = false;
            return false;
        }
        for (NSObject nSObject : array) {
            ZsoCert zsoCert = new ZsoCert((NSDictionary) nSObject);
            LogUtil.debug(TAG, "newZsoCert: " + zsoCert.toString());
            ZsoCert zsoCert2 = getZsoCert(zsoCert.isCaCert);
            if (zsoCert.equals(zsoCert2)) {
                LogUtil.debug(TAG, "savePolicy, same cert received. Name: " + zsoCert.name + " is skipped.");
            } else {
                if (zsoCert2 != null) {
                    LogUtil.debug(TAG, "oldZsoCert: " + zsoCert2.toString());
                    deleteZsoCertOnDevice(zsoCert2);
                }
                saveZsoCert(zsoCert);
                LogUtil.debug(TAG, "savePolicy, saveZsoCert.");
            }
        }
        this.isZSoCertPolicyEnabled = true;
        return true;
    }
}
