package se.theinstitution.revival.plugin.deployment.certificate;

import android.app.enterprise.EnterpriseDeviceManager;
import android.app.enterprise.SecurityPolicy;
import android.content.Context;
import java.util.Iterator;
import java.util.List;
import se.theinstitution.revival.RevivalException;

/* JADX INFO: Access modifiers changed from: package-private */
/* compiled from: CertificateAccessor.java */
/* loaded from: classes2.dex */
public class CertificateAccessorAES extends CertificateAccessor {
    /* JADX INFO: Access modifiers changed from: protected */
    public CertificateAccessorAES(Context context) {
        super(context);
    }

    @Override // se.theinstitution.revival.plugin.deployment.certificate.CertificateAccessor
    public void deleteCertificate(String str) throws RevivalException {
        if (str == null || str.length() == 0) {
            throw new RevivalException("Certificate alias/name must be provided");
        }
        try {
            SecurityPolicy securityPolicy = ((EnterpriseDeviceManager) this.context.getSystemService(EnterpriseDeviceManager.ENTERPRISE_POLICY_SERVICE)).getSecurityPolicy();
            if (securityPolicy.getCredentialStorageStatus() != 1) {
                throw new RevivalException("Credential storage not available");
            }
            List<String> installedCertificateNames = securityPolicy.getInstalledCertificateNames(SecurityPolicy.USER_CERTIFICATE);
            List<String> installedCertificateNames2 = securityPolicy.getInstalledCertificateNames(SecurityPolicy.CA_CERTIFICATE);
            String str2 = null;
            Iterator<String> it = installedCertificateNames.iterator();
            while (true) {
                if (!it.hasNext()) {
                    break;
                } else if (it.next().equalsIgnoreCase(str)) {
                    str2 = SecurityPolicy.USER_CERTIFICATE;
                    break;
                }
            }
            if (str2 == null) {
                Iterator<String> it2 = installedCertificateNames2.iterator();
                while (true) {
                    if (!it2.hasNext()) {
                        break;
                    } else if (it2.next().equalsIgnoreCase(str)) {
                        str2 = SecurityPolicy.CA_CERTIFICATE;
                        break;
                    }
                }
            }
            if (str2 == null) {
                throw new RevivalException("Certificate '" + str + "' not found on device");
            }
            if (!securityPolicy.removeCertificate(str, str2)) {
                throw new RevivalException("Failed to delete certificate '" + str + "'");
            }
        } catch (SecurityException e) {
            throw new RevivalException("Failed to delete certificate: " + e.getMessage());
        }
    }

    @Override // se.theinstitution.revival.plugin.deployment.certificate.CertificateAccessor
    public void installCertificate(byte[] bArr, String str, String str2, String str3, boolean z, int i) throws RevivalException {
        verifyCertificate(bArr, str);
        try {
            String str4 = (str.equals("pfx") || str.equals("p12")) ? SecurityPolicy.TYPE_PKCS12 : SecurityPolicy.TYPE_CERTIFICATE;
            SecurityPolicy securityPolicy = ((EnterpriseDeviceManager) this.context.getSystemService(EnterpriseDeviceManager.ENTERPRISE_POLICY_SERVICE)).getSecurityPolicy();
            int credentialStorageStatus = securityPolicy.getCredentialStorageStatus();
            if (credentialStorageStatus != 1) {
                throw new RevivalException(credentialStorageStatus == 3 ? "A passcode must be present on the device to install certificates" : "Key Store is locked. Certificate can not be installed");
            }
            if (!securityPolicy.installCertificate(str4, bArr, str2, str3)) {
                throw new RevivalException("Failed to install certificate");
            }
        } catch (Exception e) {
            throw new RevivalException(e);
        }
    }
}
