package com.centrify.directcontrol.knox.containercertificate;

import android.content.ContentValues;
import android.content.Intent;
import android.os.RemoteException;
import android.support.annotation.NonNull;
import android.support.v4.content.LocalBroadcastManager;
import com.centrify.agent.samsung.KnoxVersionUtil;
import com.centrify.agent.samsung.aidl.IKnoxAgentService;
import com.centrify.agent.samsung.knox.certificate.KnoxCert;
import com.centrify.agent.samsung.utils.LogUtil;
import com.centrify.android.centrifypreference.CentrifyPreferenceUtils;
import com.centrify.android.rest.JSONTags;
import com.centrify.directcontrol.CentrifyApplication;
import com.centrify.directcontrol.PolicyCompliantChecker;
import com.centrify.directcontrol.SamsungAgentManager;
import com.centrify.directcontrol.db.DBConstants;
import com.centrify.directcontrol.knox.BaseKnoxPolicyController;
import com.centrify.directcontrol.policy.AbstractPolicyController;
import com.centrify.directcontrol.utilities.PolicyKeyConstants;
import com.dd.plist.NSDictionary;
import com.dd.plist.NSObject;
import com.dd.plist.PListUtils;
import java.util.Iterator;
import java.util.List;
import org.apache.commons.lang3.StringUtils;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: classes.dex */
public class KnoxContainerCertificateManager extends BaseKnoxPolicyController {
    private static final String PREF_CONTAINER_CREDENTIAL_STORAGE_STATUS = "container_credential_storage_status";
    private static final String TAG = "KnoxContainerCertificateManager";
    private static KnoxContainerCertificateManager mInstance;
    private List<KnoxCert> mCertsInCache;
    private LocalBroadcastManager mLocalBroadcastManager = LocalBroadcastManager.getInstance(CentrifyApplication.getAppInstance());
    private int mNonComplianceNumber;

    private KnoxContainerCertificateManager() {
        updateCache();
    }

    private void deleteKnoxContainerCert(String str) {
        String[] strArr = new String[4];
        strArr[0] = str != null ? str : "";
        strArr[1] = String.valueOf(1);
        strArr[2] = String.valueOf(1);
        strArr[3] = String.valueOf(2);
        LogUtil.debug(TAG, "delete a cert + " + str + " row : " + this.mDbAdapter.delete(DBConstants.TABLE_KNOX_CERT, "name=? AND target=? AND status<>? AND status<>?", strArr));
    }

    public static KnoxContainerCertificateManager getInstance() {
        if (mInstance == null) {
            mInstance = new KnoxContainerCertificateManager();
        }
        return mInstance;
    }

    private int getKeyStore() {
        return KnoxVersionUtil.isKnox23OrPlus() ? 1 : 4;
    }

    private List<KnoxCert> getKnoxContainerCert(String str) {
        String[] strArr = new String[2];
        if (str == null) {
            str = "";
        }
        strArr[0] = str;
        strArr[1] = String.valueOf(1);
        return this.mDbAdapter.getKnoxCert("name=? AND target=?", strArr);
    }

    private boolean isSupportKeyStore(int i) {
        boolean z = false;
        switch (i) {
            case 1:
                z = KnoxVersionUtil.isKnox23OrPlus();
                break;
            case 4:
                z = KnoxVersionUtil.isKnox21OrPlus();
                break;
        }
        LogUtil.debug(TAG, "KeyStore: " + i + " isSupportKeyStore: " + z);
        return z;
    }

    private void markKnoxContainerCertToDelete(String str) {
        String[] strArr = new String[3];
        strArr[0] = str != null ? str : "";
        strArr[1] = String.valueOf(1);
        strArr[2] = String.valueOf(2);
        ContentValues contentValues = new ContentValues();
        contentValues.put("status", (Integer) 1);
        LogUtil.debug(TAG, "Make to delete name " + str + " row : " + this.mDbAdapter.update(DBConstants.TABLE_KNOX_CERT, contentValues, "name=? AND target=? AND status=?", strArr));
    }

    private void sendBrocastToUpdateUI() {
        Intent intent = new Intent(CentrifyApplication.ACTION_GROUP_POLICY_UPDATE);
        intent.putExtra(PolicyKeyConstants.CONTENT_TYPE, 125);
        this.mLocalBroadcastManager.sendBroadcast(intent);
    }

    public int getNonComplianceNumber() {
        return this.mNonComplianceNumber;
    }

    public List<KnoxCert> getProfile() {
        return this.mCertsInCache;
    }

    @Override // com.centrify.directcontrol.knox.BaseKnoxPolicyController
    @NonNull
    public JSONObject getSubPayLoadReport(@NonNull String str, @NonNull NSDictionary nSDictionary) throws JSONException {
        AbstractPolicyController.FailureCode failureCode;
        if (StringUtils.equals(str, "com.centrify.mobile.containercertificate.knox.payload")) {
            String string = PListUtils.getString(nSDictionary, "certificateFileName");
            if (StringUtils.isBlank(string)) {
                failureCode = AbstractPolicyController.FailureCode.NotValid;
            } else {
                List<KnoxCert> knoxContainerCert = getKnoxContainerCert(string);
                KnoxCert knoxCert = knoxContainerCert.isEmpty() ? null : knoxContainerCert.get(0);
                failureCode = knoxCert == null ? AbstractPolicyController.FailureCode.NotSupported : knoxCert.getStatus() == 3 ? (isContainerCredentialStorageInitialized() || !isContainerOwned()) ? AbstractPolicyController.FailureCode.Pending : AbstractPolicyController.FailureCode.Failed : null;
            }
        } else {
            failureCode = AbstractPolicyController.FailureCode.NotRecognized;
        }
        JSONObject initializePayloadReport = initializePayloadReport(str);
        JSONObject jSONObject = initializePayloadReport.getJSONObject("Result");
        if (failureCode == null) {
            jSONObject.getJSONObject("Success").put("certificateFileName", new JSONObject());
        } else if (failureCode == AbstractPolicyController.FailureCode.Failed) {
            jSONObject.getJSONObject("Failure").put("certificateFileName", new JSONObject());
        } else if (failureCode == AbstractPolicyController.FailureCode.Pending) {
            jSONObject.getJSONObject("Pending").put("certificateFileName", new JSONObject());
        } else if (failureCode == AbstractPolicyController.FailureCode.NotRecognized) {
            jSONObject.getJSONObject("NotRecognized").put("certificateFileName", new JSONObject());
        } else if (failureCode == AbstractPolicyController.FailureCode.NotSupported) {
            jSONObject.getJSONObject("NotSupported").put("certificateFileName", new JSONObject());
        } else if (failureCode == AbstractPolicyController.FailureCode.NotValid) {
            jSONObject.getJSONObject("NotValid").put("certificateFileName", new JSONObject());
        } else {
            LogUtil.error(TAG, "unknown failurecode: " + failureCode.name());
        }
        return initializePayloadReport;
    }

    public boolean isCompliant() {
        return this.mNonComplianceNumber == 0;
    }

    public boolean isContainerCredentialStorageInitialized() {
        return CentrifyPreferenceUtils.getInt("container_credential_storage_status", 3) == 1;
    }

    public void removeCertificate(String str) {
        LogUtil.debug(TAG, "removeCertificate " + str);
        markKnoxContainerCertToDelete(str);
        deleteKnoxContainerCert(str);
        updateCache();
    }

    public void resetCache() {
        this.mCertsInCache.clear();
        this.mNonComplianceNumber = 0;
    }

    public void resetCredentialStorageStatus() {
        CentrifyPreferenceUtils.remove("container_credential_storage_status");
    }

    public void saveCertificate(NSDictionary nSDictionary, String str) {
        NSObject objectForKey = nSDictionary.objectForKey("certificateFileName");
        NSObject objectForKey2 = nSDictionary.objectForKey("content");
        NSObject objectForKey3 = nSDictionary.objectForKey(JSONTags.CERT_ALIAS);
        NSObject objectForKey4 = nSDictionary.objectForKey("Password");
        String obj = objectForKey != null ? objectForKey.toString() : "";
        int keyStore = getKeyStore();
        ContentValues contentValues = new ContentValues();
        contentValues.put("name", obj);
        contentValues.put("type", str != null ? str.toString() : "");
        contentValues.put("alias", objectForKey3 != null ? objectForKey3.toString() : obj);
        contentValues.put("password", objectForKey4 != null ? objectForKey4.toString() : "");
        contentValues.put("content", objectForKey2 != null ? objectForKey2.toString() : "");
        contentValues.put("keystore", Integer.valueOf(keyStore));
        contentValues.put("target", (Integer) 1);
        contentValues.put("status", (Integer) 3);
        Iterator<KnoxCert> it = this.mCertsInCache.iterator();
        while (it.hasNext()) {
            KnoxCert next = it.next();
            if (StringUtils.equals(obj, next.getName())) {
                if (3 == next.getStatus()) {
                    deleteKnoxContainerCert(next.getName());
                } else {
                    markKnoxContainerCertToDelete(next.getName());
                }
                it.remove();
            }
        }
        if (isSupportKeyStore(keyStore)) {
            LogUtil.debug(TAG, "Update knox container cert: " + this.mDbAdapter.insert(DBConstants.TABLE_KNOX_CERT, contentValues));
        }
        updateCache();
    }

    public void syncKnoxCertPolicy() {
        if (PolicyCompliantChecker.checkKnoxContainerCertPolicyNonCompliance() > 0) {
            CentrifyApplication appInstance = CentrifyApplication.getAppInstance();
            CentrifyPreferenceUtils.putBoolean("KNOX_CONTAINER_CERTIFICATE_CHANGED", true);
            try {
                IKnoxAgentService knoxAgentService = SamsungAgentManager.getInstance().getKnoxAgentService();
                if (knoxAgentService != null) {
                    LogUtil.debug(TAG, "syncKnoxCertPolicy");
                    knoxAgentService.syncKnoxPolicy(125);
                    LocalBroadcastManager.getInstance(appInstance).sendBroadcast(new Intent(CentrifyApplication.ACTION_GROUP_POLICY_UPDATE).putExtra(PolicyKeyConstants.CONTENT_TYPE, 125));
                }
            } catch (RemoteException e) {
                LogUtil.debug(TAG, e);
            }
        }
    }

    public void updateCache() {
        this.mCertsInCache = this.mDbAdapter.getKnoxCert("status<>? AND target=?", new String[]{String.valueOf(1), String.valueOf(1)});
        this.mNonComplianceNumber = 0;
        if (isContainerOwned()) {
            Iterator<KnoxCert> it = this.mCertsInCache.iterator();
            while (it.hasNext()) {
                if (3 == it.next().getStatus()) {
                    this.mNonComplianceNumber++;
                }
            }
        }
        sendBrocastToUpdateUI();
    }
}
