package com.airwatch.agent.utility;

import android.util.Base64;
import com.airwatch.agent.ConfigurationManager;
import com.airwatch.core.AirWatchDevice;
import com.airwatch.crypto.openssl.OpenSSLCryptUtil;
import com.airwatch.lang.CryptoException;
import com.airwatch.net.securechannel.SecureChannel;
import com.airwatch.util.CertificateAndPrivateKey;
import com.airwatch.util.Logger;
import java.io.File;
import java.io.IOException;
import java.io.UnsupportedEncodingException;

/* loaded from: classes3.dex */
public class DataSigner {
    private static final String TAG = SecureChannel.class.getSimpleName();
    private CertificateAndPrivateKey devIdentity = ConfigurationManager.getInstance().getIdentity();

    private byte[] signAndEncryptData(byte[] bArr) {
        if (this.devIdentity == null) {
            return new byte[0];
        }
        if (bArr == null || bArr.length <= 0) {
            return new byte[0];
        }
        File file = new File(this.devIdentity.certificatePath);
        File file2 = new File(this.devIdentity.privateKeyPath);
        if (file.exists() && file2.exists()) {
            return OpenSSLCryptUtil.getInstance().createSignedCms(bArr, this.devIdentity.certificatePath, this.devIdentity.privateKeyPath, AirWatchDevice.getSeedValue("VEVNUF9LRVkx"));
        }
        Logger.d(TAG, "Device identifiable private/public certificate pair not available for signing.");
        return null;
    }

    private byte[] verifyAndDecryptData(byte[] bArr) throws CryptoException {
        byte[] bArr2 = null;
        try {
            bArr2 = OpenSSLCryptUtil.getInstance().verifySignatureAndGetMessagePKCS7(bArr, this.devIdentity.certificatePath, OpenSSLCryptUtil.getAirWatchRootCertificate().getAbsolutePath());
            Logger.d(TAG, "aw_Verify_Signature_And_Get_Message: Message decrypted.");
            return bArr2;
        } catch (IOException e) {
            Logger.e(TAG, "Error fetching airwatch root certificate", (Throwable) e);
            return bArr2;
        }
    }

    public boolean canSignAndEncryptData() {
        return this.devIdentity.certificatePath != null && new File(this.devIdentity.certificatePath).exists() && this.devIdentity.privateKeyPath != null && new File(this.devIdentity.privateKeyPath).exists();
    }

    public boolean canVerifyAndDecryptData() {
        return this.devIdentity.certificatePath != null && new File(this.devIdentity.certificatePath).exists();
    }

    public String signAndEncryptData(String str) {
        byte[] bArr = new byte[0];
        try {
            bArr = signAndEncryptData(str.getBytes("UTF-8"));
        } catch (UnsupportedEncodingException e) {
            Logger.w(TAG, "Error encrypting and signing data", (Throwable) e);
        }
        if (bArr != null) {
            return Base64.encodeToString(bArr, 0);
        }
        return null;
    }

    public String verifyAndDecryptData(String str) throws CryptoException {
        byte[] verifyAndDecryptData = verifyAndDecryptData(Base64.decode(str, 0));
        if (verifyAndDecryptData == null) {
            return null;
        }
        try {
            return new String(verifyAndDecryptData, "UTF-8");
        } catch (UnsupportedEncodingException e) {
            Logger.w(TAG, "Error verifying and decrypting data", (Throwable) e);
            return null;
        }
    }
}
