package com.sophos.mobilecontrol.client.android.module.deviceadmin.profilesectionhandling;

import R1.t;
import android.content.BroadcastReceiver;
import android.content.Context;
import android.content.Intent;
import com.samsung.android.knox.keystore.CEPConstants;
import com.sophos.communication.Response;
import com.sophos.communication.ResponseReceiver;
import com.sophos.jsceplib.ScepException;
import com.sophos.mobilecontrol.android.profile.Parameter;
import com.sophos.mobilecontrol.android.profile.ProfileSection;
import com.sophos.mobilecontrol.android.profile.Result;
import com.sophos.mobilecontrol.android.profile.keys.ScepParameterKeys;
import com.sophos.mobilecontrol.client.android.module.deviceadmin.profilesectionhandling.k;
import com.sophos.smsec.core.smsectrace.SMSecTrace;
import h1.C1097a;
import j1.C1118b;
import java.io.IOException;
import java.security.SecureRandom;
import java.security.SignatureException;
import java.util.concurrent.Semaphore;
import java.util.concurrent.TimeUnit;
import t1.C1518a;

/* loaded from: classes3.dex */
public class l implements m, k.a {

    /* renamed from: a, reason: collision with root package name */
    private final Semaphore f16364a = new Semaphore(0);

    /* renamed from: b, reason: collision with root package name */
    private int f16365b = 8;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes3.dex */
    public class a extends ResponseReceiver {

        /* renamed from: a, reason: collision with root package name */
        private final Context f16366a;

        /* renamed from: b, reason: collision with root package name */
        private final b f16367b;

        public a(Context context, b bVar) {
            this.f16366a = context;
            this.f16367b = bVar;
        }

        @Override // com.sophos.communication.ResponseReceiver
        protected void handleException(Context context, Exception exc) {
            C1097a.l(this.f16366a, this.f16367b);
            l.this.f16364a.release();
            l.this.f16365b = 5;
        }

        @Override // com.sophos.communication.ResponseReceiver
        protected void handleResponse(Context context, Response response) {
            if (response.actionSuccessful()) {
                return;
            }
            l.this.f16364a.release();
            l.this.f16365b = 8;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes3.dex */
    public class b extends BroadcastReceiver {

        /* renamed from: a, reason: collision with root package name */
        private final Context f16369a;

        b(Context context) {
            this.f16369a = context;
        }

        public void a(Intent intent) {
            SMSecTrace.d(CEPConstants.CERT_PROFILE_TYPE_SCEP, "Received profileSection result");
            C1097a.l(this.f16369a, this);
            if (intent == null || intent.getSerializableExtra("section") == null) {
                return;
            }
            ProfileSection profileSection = (ProfileSection) intent.getSerializableExtra("section");
            if (profileSection != null && profileSection.getResult() != null) {
                l.this.f16365b = profileSection.getResult().getCode().intValue();
            }
            SMSecTrace.d(CEPConstants.CERT_PROFILE_TYPE_SCEP, "section extracted");
        }

        @Override // android.content.BroadcastReceiver
        public void onReceive(Context context, Intent intent) {
            SMSecTrace.d(CEPConstants.CERT_PROFILE_TYPE_SCEP, "PluginResultReceiver.onReceive()");
            try {
                a(intent);
            } catch (Exception e3) {
                SMSecTrace.e(CEPConstants.CERT_PROFILE_TYPE_SCEP, "Unexpected Exception while handling Pluginresult ", e3);
            }
            l.this.f16364a.release();
        }
    }

    private String f(int i3) {
        if (i3 == 0) {
            return "";
        }
        SecureRandom secureRandom = new SecureRandom();
        StringBuilder sb = new StringBuilder();
        for (int i4 = 0; i4 < i3; i4++) {
            sb.append("0123456789".charAt(secureRandom.nextInt(9)));
        }
        return sb.toString();
    }

    private void h(Context context, ProfileSection profileSection, String str) throws SignatureException, ScepException {
        profileSection.addParameter("encryptedPin", R1.l.e(context, str));
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r7v10, types: [d1.n, j1.a] */
    @Override // com.sophos.mobilecontrol.client.android.module.deviceadmin.profilesectionhandling.m
    public ProfileSection a(Context context, ProfileSection profileSection) {
        ProfileSection profileSection2;
        ProfileSection profileSection3;
        Exception e3;
        Parameter parameter = profileSection.getParameter("url");
        Parameter parameter2 = profileSection.getParameter("challenge");
        Parameter parameter3 = profileSection.getParameter(ScepParameterKeys.PARAM_CERTIFICATE_ALIAS);
        Parameter parameter4 = profileSection.getParameter(ScepParameterKeys.PARAM_CERTIFICATE_SUBJECT);
        Parameter parameter5 = profileSection.getParameter(ScepParameterKeys.PARAM_CERTIFICATE_KEY_USAGE);
        Parameter parameter6 = profileSection.getParameter(ScepParameterKeys.PARAM_CERTIFICATE_KEY_LENGTH);
        Parameter parameter7 = profileSection.getParameter(ScepParameterKeys.PARAM_CERTIFICATE_NTPRINCIPALNAME);
        Parameter parameter8 = profileSection.getParameter(ScepParameterKeys.PARAM_CERTIFICATE_DNSNAME);
        Parameter parameter9 = profileSection.getParameter(ScepParameterKeys.PARAM_CERTIFICATE_RFC822NAME);
        Parameter parameter10 = profileSection.getParameter(ScepParameterKeys.PARAM_CERTIFICATE_UNIFORMRESOURCEIDENTIFIER);
        Parameter parameter11 = profileSection.getParameter("name");
        Parameter parameter12 = profileSection.getParameter(ScepParameterKeys.PARAM_SCEP_CA_FINGERPRINT);
        if (parameter == null || parameter2 == null || parameter3 == null || parameter4 == null) {
            SMSecTrace.e(CEPConstants.CERT_PROFILE_TYPE_SCEP, "SCEP failed. Required parameter are missing");
            profileSection.setResult(new Result(6));
            return profileSection;
        }
        SMSecTrace.d(CEPConstants.CERT_PROFILE_TYPE_SCEP, "Uri " + parameter.getValue());
        SMSecTrace.d(CEPConstants.CERT_PROFILE_TYPE_SCEP, "Challenge " + parameter2.getValue());
        SMSecTrace.d(CEPConstants.CERT_PROFILE_TYPE_SCEP, "Subject " + parameter4.getValue());
        SMSecTrace.i(CEPConstants.CERT_PROFILE_TYPE_SCEP, "Key size " + parameter6.getValue());
        String f3 = f(6);
        C1118b c1118b = new C1118b(context, parameter.getValue());
        if (parameter5 != null) {
            try {
                c1118b.q(Integer.parseInt(parameter5.getValue()));
            } catch (Exception e4) {
                e3 = e4;
                profileSection3 = profileSection;
                SMSecTrace.e(CEPConstants.CERT_PROFILE_TYPE_SCEP, "SCEP failed. Cannot enroll certificate.", e3);
                profileSection2 = profileSection3;
                profileSection2.setResult(new Result(Integer.valueOf(this.f16365b)));
                return profileSection2;
            }
        }
        c1118b.p(Integer.parseInt(parameter6.getValue()));
        if (parameter7 != null) {
            c1118b.r(parameter7.getValue());
        }
        if (parameter10 != null) {
            c1118b.t(parameter10.getValue());
        }
        if (parameter8 != null) {
            c1118b.o(parameter8.getValue());
        }
        if (parameter9 != null) {
            c1118b.s(parameter9.getValue());
        }
        if (parameter11 != null) {
            c1118b.m(parameter11.getValue());
            SMSecTrace.d(CEPConstants.CERT_PROFILE_TYPE_SCEP, "CA name " + parameter11.getValue());
        }
        ?? nVar = new d1.n(t.m(context));
        C1118b.n(nVar);
        c1118b.d();
        try {
        } catch (Exception e5) {
            e3 = e5;
            profileSection3 = nVar;
            SMSecTrace.e(CEPConstants.CERT_PROFILE_TYPE_SCEP, "SCEP failed. Cannot enroll certificate.", e3);
            profileSection2 = profileSection3;
            profileSection2.setResult(new Result(Integer.valueOf(this.f16365b)));
            return profileSection2;
        }
        if (parameter12 != null && !c1118b.c(parameter12.getValue())) {
            SMSecTrace.e(CEPConstants.CERT_PROFILE_TYPE_SCEP, "SCEP failed. CA certificate hash mismatch to: " + parameter12.getValue());
            profileSection.setResult(new Result(6, "CA certificate hash mismatch"));
            return profileSection;
        }
        ProfileSection profileSection4 = profileSection;
        if (c1118b.g(parameter2.getValue(), parameter4.getValue(), parameter3.getValue(), f3, profileSection.getUuid())) {
            h(context, profileSection4, f3);
            g(context, profileSection4, parameter3.getValue(), f3);
            C1518a u3 = C1518a.u(context);
            u3.l2();
            u3.Q2();
            profileSection2 = profileSection4;
        } else {
            SMSecTrace.e(CEPConstants.CERT_PROFILE_TYPE_SCEP, "SCEP failed. Cannot enroll certificate.");
            profileSection2 = profileSection4;
        }
        profileSection2.setResult(new Result(Integer.valueOf(this.f16365b)));
        return profileSection2;
    }

    @Override // com.sophos.mobilecontrol.client.android.module.deviceadmin.profilesectionhandling.k.a
    public void b() {
        try {
            this.f16364a.tryAcquire(1, 10L, TimeUnit.SECONDS);
        } catch (InterruptedException e3) {
            SMSecTrace.e("Got an interrupt exception", e3);
        }
    }

    @Override // com.sophos.mobilecontrol.client.android.module.deviceadmin.profilesectionhandling.m
    public ProfileSection c(Context context, ProfileSection profileSection) {
        Parameter parameter = profileSection.getParameter(ScepParameterKeys.PARAM_CERTIFICATE_ALIAS);
        if (parameter == null) {
            SMSecTrace.e(CEPConstants.CERT_PROFILE_TYPE_SCEP, "SCEP Section removed failed. Required parameter are missing");
            profileSection.setResult(new Result(6));
            return profileSection;
        }
        Parameter parameter2 = profileSection.getParameter("encryptedPin");
        if (parameter2 == null) {
            SMSecTrace.w(CEPConstants.CERT_PROFILE_TYPE_SCEP, "SCEP Section removed failed. Required parameter password is missing");
            profileSection.setResult(new Result(6));
            return profileSection;
        }
        try {
            String c3 = R1.l.c(context, parameter2.getValue());
            b bVar = new b(context);
            try {
                new k(this, bVar, new a(context, bVar)).f(context, profileSection, parameter.getValue(), c3);
            } catch (IOException e3) {
                SMSecTrace.e(CEPConstants.CERT_PROFILE_TYPE_SCEP, "SCEP Section removed failed.", e3);
            }
            profileSection.setResult(new Result(0));
            return profileSection;
        } catch (ScepException e4) {
            SMSecTrace.e(CEPConstants.CERT_PROFILE_TYPE_SCEP, "SCEP renewal failed.", e4);
            profileSection.setResult(new Result(6));
            return profileSection;
        } catch (SignatureException e5) {
            SMSecTrace.e(CEPConstants.CERT_PROFILE_TYPE_SCEP, "SCEP renewal failed.", e5);
            profileSection.setResult(new Result(6));
            return profileSection;
        }
    }

    public boolean g(Context context, ProfileSection profileSection, String str, String str2) throws IOException {
        b bVar = new b(context);
        return new k(this, bVar, new a(context, bVar)).e(context, profileSection, str, str2);
    }
}
