package com.airwatch.agent.malware;

import android.content.Context;
import android.content.pm.PackageInfo;
import android.content.pm.PackageManager;
import android.content.pm.Signature;
import android.text.TextUtils;
import com.airwatch.agent.AirWatchApp;
import com.airwatch.agent.appmanagement.AppManagerFactory;
import com.airwatch.agent.database.AgentProfileDBAdapter;
import com.airwatch.agent.profile.group.CertificateProfileGroup;
import com.airwatch.bizlib.appmanagement.ApplicationInformation;
import com.airwatch.bizlib.profile.ProfileGroup;
import com.airwatch.util.AppPermissionUtility;
import com.airwatch.util.Logger;
import java.io.ByteArrayInputStream;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.HashMap;
import java.util.Iterator;
import org.apache.commons.codec.binary.Hex;

/* loaded from: classes3.dex */
public class MalwareDetectionSecurity {
    private static final String TAG = "MalwareDetectionSecurity";
    private final AppPermissionUtility appUtil = new AppPermissionUtility();
    private HashMap<String, String> providerThumbprints;

    private byte[] getAppPublicKey(PackageInfo packageInfo) {
        Signature[] signatureArr = packageInfo.signatures;
        if (signatureArr == null || signatureArr.length <= 0) {
            return null;
        }
        return signatureArr[0].toByteArray();
    }

    private String getAppThumbPrint(PackageInfo packageInfo) {
        return getThumbprint(getAppPublicKey(packageInfo));
    }

    private String getCertificateGroupThumbprint(String str) {
        CertificateProfileGroup certByUUID = CertificateProfileGroup.getCertByUUID(str);
        if (certByUUID != null) {
            return CertificateProfileGroup.getCertThumbprint(certByUUID);
        }
        return null;
    }

    private ApplicationInformation getManagedApp(PackageInfo packageInfo) {
        String str = packageInfo.packageName;
        for (ApplicationInformation applicationInformation : AppManagerFactory.getApplicationManager().getInstalledManagedApps()) {
            if (str.equals(applicationInformation.getPackageName())) {
                return applicationInformation;
            }
        }
        return null;
    }

    private String getThumbprint(X509Certificate x509Certificate) throws CertificateEncodingException {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance("SHA-1");
            messageDigest.update(x509Certificate.getEncoded());
            return new String(Hex.encodeHex(messageDigest.digest())).toUpperCase();
        } catch (NoSuchAlgorithmException unused) {
            throw new RuntimeException("There is no SHA-1 algorithm!!!! HUH????");
        }
    }

    private String getThumbprint(byte[] bArr) {
        try {
            return getThumbprint(getX509Cert(bArr));
        } catch (CertificateException e) {
            Logger.e(TAG, "could not get thumbprint", (Throwable) e);
            return null;
        }
    }

    private HashMap<String, String> getThumbprintMapping() {
        String certificateGroupThumbprint;
        if (this.providerThumbprints == null) {
            this.providerThumbprints = new HashMap<>();
            Iterator<ProfileGroup> it = AgentProfileDBAdapter.getInstance().getProfileGroups(MalwareDetectionProfileGroup.TYPE).iterator();
            while (it.hasNext()) {
                MalwareDetectionProfileGroup malwareDetectionProfileGroup = (MalwareDetectionProfileGroup) it.next();
                String providerCertificateUUID = malwareDetectionProfileGroup.getProviderCertificateUUID();
                if (!TextUtils.isEmpty(providerCertificateUUID) && (certificateGroupThumbprint = getCertificateGroupThumbprint(providerCertificateUUID)) != null) {
                    this.providerThumbprints.put(malwareDetectionProfileGroup.getProviderPackage(), certificateGroupThumbprint);
                }
            }
        }
        return this.providerThumbprints;
    }

    private X509Certificate getX509Cert(byte[] bArr) throws CertificateException {
        return (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(bArr));
    }

    private boolean isManagedAppPermitted(ApplicationInformation applicationInformation) {
        return this.appUtil.isAppAccessPermitted(applicationInformation.getPackageName(), applicationInformation.getPublicKey(), AirWatchApp.getAppContext().getPackageManager());
    }

    private synchronized boolean isRegisteredAppPermitted(PackageInfo packageInfo) {
        boolean z;
        String str = packageInfo.packageName;
        String str2 = getThumbprintMapping().get(str);
        z = false;
        if (str2 != null) {
            String appThumbPrint = getAppThumbPrint(packageInfo);
            Logger.d(TAG, "#isAppPermitted: app " + str + " thumbprint=" + appThumbPrint);
            z = str2.equals(appThumbPrint);
        }
        return z;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public synchronized boolean isAppPermitted(Context context, String str) throws PackageManager.NameNotFoundException {
        boolean isAWAppAccessPermitted;
        ApplicationInformation managedApp;
        PackageInfo packageInfo = context.getPackageManager().getPackageInfo(str, 64);
        isAWAppAccessPermitted = this.appUtil.isAWAppAccessPermitted(str, context.getPackageManager());
        Logger.d(TAG, "AW app permitted " + str + "=" + isAWAppAccessPermitted);
        if (!isAWAppAccessPermitted) {
            isAWAppAccessPermitted = isRegisteredAppPermitted(packageInfo);
            Logger.d(TAG, "app with cert permitted " + str + "=" + isAWAppAccessPermitted);
            if (!isAWAppAccessPermitted && (managedApp = getManagedApp(packageInfo)) != null) {
                isAWAppAccessPermitted = isManagedAppPermitted(managedApp);
                Logger.d(TAG, "managed app permitted " + str + "=" + isAWAppAccessPermitted);
            }
        }
        return isAWAppAccessPermitted;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public synchronized void registerProfileGroup(MalwareDetectionProfileGroup malwareDetectionProfileGroup) {
        String certificateGroupThumbprint;
        HashMap<String, String> thumbprintMapping = getThumbprintMapping();
        String providerPackage = malwareDetectionProfileGroup.getProviderPackage();
        String providerCertificateUUID = malwareDetectionProfileGroup.getProviderCertificateUUID();
        if (!TextUtils.isEmpty(providerCertificateUUID) && (certificateGroupThumbprint = getCertificateGroupThumbprint(providerCertificateUUID)) != null) {
            thumbprintMapping.put(providerPackage, certificateGroupThumbprint);
        }
    }
}
