package com.airwatch.agent.crypto;

import android.content.Context;
import com.airwatch.agent.AirWatchApp;
import com.airwatch.agent.ConfigurationManager;
import com.airwatch.agent.crittercism.CrittercismWrapper;
import com.airwatch.agent.state.ApplicationStateManager;
import com.airwatch.agent.state.key.IKey;
import com.airwatch.agent.unsecure.prefs.ApplicationStatePreference;
import com.airwatch.agent.utility.ArraysUtil;
import com.airwatch.core.AirWatchDevice;
import com.airwatch.core.Guard;
import com.airwatch.crypto.MasterKeyManager;
import com.airwatch.crypto.openssl.OpenSSLCryptUtil;
import com.airwatch.crypto.openssl.OpenSSLLoadException;
import com.airwatch.sdk.context.SDKContext;
import com.airwatch.sdk.context.SDKContextManager;
import com.airwatch.util.Logger;
import org.apache.commons.lang3.ArrayUtils;

/* loaded from: classes.dex */
public class AgentKeyManager extends MasterKeyManager {
    private static final int AGENT_KEY_MANAGER_CURRENT_VERSION = 3;
    private static String NULL_STRING = "null";
    private static final String PIN_CODE = "androidagent";
    private static final String TAG = "AgentKeyManager";
    private byte[] password;

    @Deprecated
    private AgentKeyManager(Context context, String str) {
        super(context, false, str.getBytes(), "", AirWatchDevice.getAwDeviceUid(AirWatchApp.getAppContext()));
        this.password = null;
    }

    @Deprecated
    protected AgentKeyManager(Context context, String str, String str2) {
        super(str.getBytes(), str2.getBytes(), ConfigurationManager.getInstance().getAuthorizationTokenRaw(), context, AirWatchDevice.getAwDeviceUid(AirWatchApp.getAppContext()));
        this.password = null;
    }

    public AgentKeyManager(byte[] bArr) {
        super((Context) AirWatchApp.getAppContext(), false, bArr, "", (String) null);
        this.password = null;
    }

    @Deprecated
    public AgentKeyManager(byte[] bArr, String str) {
        super((Context) AirWatchApp.getAppContext(), false, bArr, "", str);
        this.password = null;
    }

    public AgentKeyManager(byte[] bArr, byte[] bArr2, Context context) {
        super(bArr, bArr2, (String) null, context, (String) null);
        this.password = null;
    }

    private static AgentKeyManager createInstance(Context context, byte[] bArr, byte[] bArr2) {
        AgentKeyManager agentKeyManager;
        Guard.argumentIsNotNull(bArr);
        ConfigurationManager configurationManager = ConfigurationManager.getInstance();
        int masterKeyVersion = configurationManager.getMasterKeyVersion();
        Logger.i(TAG, "current version = " + masterKeyVersion);
        if (!hasDkHash(context) || masterKeyVersion >= 3) {
            agentKeyManager = null;
        } else {
            Logger.i(TAG, "createInstance() onUpgrade case ");
            agentKeyManager = onUpgrade(context, bArr, masterKeyVersion);
        }
        if (masterKeyVersion != 3) {
            Logger.i(TAG, "createInstance() setting key Manager version to current ");
            configurationManager.setMasterKeyVersion(3);
        }
        boolean z = agentKeyManager != null && agentKeyManager.hasDk();
        Logger.i(TAG, "createInstance() instance Created : " + z);
        if (!z) {
            agentKeyManager = ArrayUtils.isEmpty(bArr2) ? new AgentKeyManager(bArr) : new AgentKeyManager(bArr, bArr2, context);
        }
        return agentKeyManager;
    }

    public static int getCurrentVersion() {
        return 3;
    }

    public static synchronized AgentKeyManager getManager() {
        AgentKeyManager agentKeyManager;
        synchronized (AgentKeyManager.class) {
            agentKeyManager = (AgentKeyManager) getManager(null);
        }
        return agentKeyManager;
    }

    public static synchronized MasterKeyManager getManager(byte[] bArr) {
        synchronized (AgentKeyManager.class) {
            AirWatchApp appContext = AirWatchApp.getAppContext();
            if (!hasDkHash(appContext) || mInstance == null) {
                if (!ApplicationStateManager.getInstance().isUnlocked() && ArrayUtils.isEmpty(bArr)) {
                    Logger.i(TAG, "getManager() app state is locked and password is empty, so returning!  ");
                    return mInstance;
                }
                initializeOpenSSL(appContext);
                byte[] passwordString = getPasswordString(bArr);
                mInstance = createInstance(appContext, passwordString, null);
                if (mInstance.hasDk()) {
                    Logger.i(TAG, "getManager() derive key is not empty , init  sdk context ");
                    ((AgentKeyManager) mInstance).setPassword(passwordString);
                    initSDKContext(appContext);
                } else {
                    new CrittercismWrapper(appContext).reportHandledException("DB Corruption Derived Key is null");
                    Logger.e(TAG, "getManager() Derived Key is not present...");
                }
            }
            return mInstance;
        }
    }

    private synchronized byte[] getPassword() {
        return this.password;
    }

    private static byte[] getPasswordString(byte[] bArr) {
        if (!ArrayUtils.isEmpty(bArr)) {
            return bArr;
        }
        if (mInstance != null && ((AgentKeyManager) mInstance).getPassword() != null) {
            return ((AgentKeyManager) mInstance).getPassword();
        }
        return AirWatchApp.getAppContext().getKeystorePasscode();
    }

    private static void initSDKContext(Context context) {
        Logger.d(TAG, "initSDKContext() ");
        if (SDKContextManager.getSDKContext().getCurrentState() != SDKContext.State.IDLE) {
            SDKContextManager.deInit();
        }
        SDKContext sDKContext = SDKContextManager.getSDKContext();
        sDKContext.setContext(context.getApplicationContext());
        sDKContext.init(context, mInstance);
    }

    public static void initializeOpenSSL(Context context) {
        try {
            OpenSSLCryptUtil.createInstance(context);
        } catch (OpenSSLLoadException unused) {
            Logger.e(TAG, "OpenSSLLoadException");
        }
    }

    private static AgentKeyManager onUpgrade(Context context, byte[] bArr, int i) {
        AgentKeyManager agentKeyManager;
        if (i < 2) {
            Logger.i(TAG, "onUpgrade() key version is < 2 " + i);
            agentKeyManager = new AgentKeyManager(context, AirWatchDevice.getAwUniqueUid(context), AirWatchDevice.getAwUniqueUidV2(context));
            if (!agentKeyManager.hasDk()) {
                Logger.i(TAG, "onUpgrade() derive key is not there . ");
                agentKeyManager = new AgentKeyManager(context, PIN_CODE, AirWatchDevice.getAwUniqueUidV2(context));
            }
        } else {
            agentKeyManager = null;
        }
        if (i < 3) {
            Logger.i(TAG, "onUpgrade() key version < 3 , creating instance");
            agentKeyManager = new AgentKeyManager(bArr, AirWatchDevice.getAwDeviceUid(AirWatchApp.getAppContext()));
        }
        Logger.i(TAG, "Rotation finished with DK availability status - " + (agentKeyManager != null && agentKeyManager.hasDk()));
        return agentKeyManager;
    }

    public static synchronized void resetManager() {
        synchronized (AgentKeyManager.class) {
            clearMasterKey(AirWatchApp.getAppContext());
            mInstance = null;
        }
    }

    public static synchronized MasterKeyManager rotate(byte[] bArr, byte[] bArr2, int i) {
        MasterKeyManager masterKeyManager;
        synchronized (AgentKeyManager.class) {
            AirWatchApp appContext = AirWatchApp.getAppContext();
            Logger.i(TAG, "rotate entered ");
            if (hasDkHash(appContext)) {
                Logger.i(TAG, "rotate hasDkHash present so rotating ");
                initializeOpenSSL(appContext);
                mInstance = createInstance(appContext, bArr, bArr2);
                initSDKContext(appContext);
            } else {
                Logger.i(TAG, "rotate hasDkHash Not present so initiating Keymanager with new password ");
                mInstance = createInstance(appContext, bArr2, null);
            }
            if (mInstance.hasDk()) {
                Logger.i(TAG, "rotation successful, caching password and changing Key type ");
                ((AgentKeyManager) mInstance).setPassword(bArr2);
                new ApplicationStatePreference(appContext).putInt(IKey.KEY_TYPE, i);
                initSDKContext(appContext);
                Logger.i(TAG, "rotate-> caching password and changing Key type completed ");
            }
            Logger.d(TAG, "rotate-> method exit ");
            masterKeyManager = mInstance;
        }
        return masterKeyManager;
    }

    private synchronized void setPassword(byte[] bArr) {
        this.password = bArr;
    }

    @Override // com.airwatch.crypto.MasterKeyManager
    public boolean escrowKey(String str) {
        return true;
    }

    @Override // com.airwatch.crypto.MasterKeyManager
    public String getEscrowedKey() {
        return null;
    }

    @Override // com.airwatch.crypto.MasterKeyManager
    public boolean rotate(byte[] bArr, byte[] bArr2) {
        boolean rotate;
        synchronized (AgentKeyManager.class) {
            rotate = super.rotate(bArr, bArr2);
            if (rotate && mInstance.hasDk()) {
                Logger.d(TAG, "rotation successful, caching password. ");
                ((AgentKeyManager) mInstance).setPassword(bArr2);
                Logger.d(TAG, "rotate-> caching password completed ");
            }
        }
        return rotate;
    }

    public synchronized void zeroizePassword() {
        Logger.d(TAG, "zeroizePassword() setting data 0 and reference as null. ");
        ArraysUtil.zeroizeData(this.password);
        this.password = null;
    }
}
