package com.microsoft.intune.mam.client.fileencryption;

import android.content.Context;
import android.database.sqlite.SQLiteException;
import com.microsoft.intune.mam.client.MAMException;
import com.microsoft.intune.mam.client.database.CursorHandle;
import com.microsoft.intune.mam.client.database.FileEncryptionStateTable;
import com.microsoft.intune.mam.client.database.IntuneMAMOpenHelper;
import com.microsoft.intune.mam.client.database.PendingDownloadsTable;
import com.microsoft.intune.mam.client.database.PendingFileEncryptionOperationsTable;
import com.microsoft.intune.mam.client.download.MAMDownloadManager;
import com.microsoft.intune.mam.client.fileencryption.FileEncryptionManager;
import com.microsoft.intune.mam.client.fileencryption.FileEncryptionServiceBehavior;
import com.microsoft.intune.mam.client.fileencryption.NativeFileIO;
import com.microsoft.intune.mam.client.identity.FileProtectionManagerBehavior;
import com.microsoft.intune.mam.client.identity.MAMFileProtectionInfoEx;
import com.microsoft.intune.mam.client.identity.MAMIdentity;
import com.microsoft.intune.mam.client.identity.MAMIdentityManager;
import com.microsoft.intune.mam.client.ipcclient.FileEncryptionPolicy;
import com.microsoft.intune.mam.client.telemetry.OnlineTelemetryLogger;
import com.microsoft.intune.mam.client.telemetry.events.MAMInternalError;
import com.microsoft.intune.mam.client.telemetry.events.TrackedOccurrence;
import com.microsoft.intune.mam.client.util.ContextUtils;
import com.microsoft.intune.mam.client.util.FileUtils;
import com.microsoft.intune.mam.client.util.IOUtils;
import com.microsoft.intune.mam.client.util.PackageUtils;
import com.microsoft.intune.mam.client.util.Pair;
import com.microsoft.intune.mam.log.MAMLogPIIFactory;
import com.microsoft.intune.mam.log.MAMLogger;
import com.microsoft.intune.mam.log.MAMLoggerProvider;
import com.microsoft.intune.mam.policy.PolicyResolver;
import java.io.File;
import java.io.IOException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Set;
import java.util.logging.Level;
import kotlin.handleMessageIntent;
import kotlin.r8lambdabZoaCm49JrDNg3UPCIlAWkp3Nnc;

/* loaded from: classes4.dex */
public class FileEncryptionPendingOperations {
    private static final MAMLogger LOGGER = MAMLoggerProvider.getLogger(FileEncryptionPendingOperations.class);
    private final Context mContext;
    private final FileEncryptionStateTable mFileEncryptionStateTable;
    private handleMessageIntent<IntuneMAMOpenHelper> mHelperProvider;
    private final MAMIdentityManager mMAMIdentityManager;
    private final MAMLogPIIFactory mMAMLogPIIFactory;
    private PendingDownloadsTable mPendingDownloadsTable;
    private final PendingFileEncryptionOperationsTable mPendingEncryptionOperationsTable;
    private final PolicyResolver mPolicyResolver;
    private final FileProtectionManagerBehavior mProtectionBehavior;
    private final FileEncryptionPolicy mProvider;
    private final OnlineTelemetryLogger mTelemetryLogger;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* renamed from: com.microsoft.intune.mam.client.fileencryption.FileEncryptionPendingOperations$1, reason: invalid class name */
    /* loaded from: classes4.dex */
    public static /* synthetic */ class AnonymousClass1 {
        static final /* synthetic */ int[] $SwitchMap$com$microsoft$intune$mam$client$fileencryption$EncryptionRequirement;
        static final /* synthetic */ int[] $SwitchMap$com$microsoft$intune$mam$client$fileencryption$FileEncryptionManager$EncryptionOperationResult;

        static {
            int[] iArr = new int[EncryptionRequirement.values().length];
            $SwitchMap$com$microsoft$intune$mam$client$fileencryption$EncryptionRequirement = iArr;
            try {
                iArr[EncryptionRequirement.FULL.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                $SwitchMap$com$microsoft$intune$mam$client$fileencryption$EncryptionRequirement[EncryptionRequirement.NONE.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
            try {
                $SwitchMap$com$microsoft$intune$mam$client$fileencryption$EncryptionRequirement[EncryptionRequirement.PARTIAL.ordinal()] = 3;
            } catch (NoSuchFieldError unused3) {
            }
            int[] iArr2 = new int[FileEncryptionManager.EncryptionOperationResult.values().length];
            $SwitchMap$com$microsoft$intune$mam$client$fileencryption$FileEncryptionManager$EncryptionOperationResult = iArr2;
            try {
                iArr2[FileEncryptionManager.EncryptionOperationResult.PENDING.ordinal()] = 1;
            } catch (NoSuchFieldError unused4) {
            }
            try {
                $SwitchMap$com$microsoft$intune$mam$client$fileencryption$FileEncryptionManager$EncryptionOperationResult[FileEncryptionManager.EncryptionOperationResult.SUCCESS.ordinal()] = 2;
            } catch (NoSuchFieldError unused5) {
            }
            try {
                $SwitchMap$com$microsoft$intune$mam$client$fileencryption$FileEncryptionManager$EncryptionOperationResult[FileEncryptionManager.EncryptionOperationResult.FAILED.ordinal()] = 3;
            } catch (NoSuchFieldError unused6) {
            }
        }
    }

    @r8lambdabZoaCm49JrDNg3UPCIlAWkp3Nnc
    public FileEncryptionPendingOperations(Context context, FileEncryptionPolicy fileEncryptionPolicy, PendingFileEncryptionOperationsTable pendingFileEncryptionOperationsTable, FileEncryptionStateTable fileEncryptionStateTable, FileProtectionManagerBehavior fileProtectionManagerBehavior, MAMLogPIIFactory mAMLogPIIFactory, MAMIdentityManager mAMIdentityManager, PolicyResolver policyResolver, OnlineTelemetryLogger onlineTelemetryLogger, handleMessageIntent<IntuneMAMOpenHelper> handlemessageintent, PendingDownloadsTable pendingDownloadsTable) {
        this.mContext = context;
        this.mProvider = fileEncryptionPolicy;
        this.mPendingEncryptionOperationsTable = pendingFileEncryptionOperationsTable;
        this.mFileEncryptionStateTable = fileEncryptionStateTable;
        this.mProtectionBehavior = fileProtectionManagerBehavior;
        this.mMAMLogPIIFactory = mAMLogPIIFactory;
        this.mMAMIdentityManager = mAMIdentityManager;
        this.mPolicyResolver = policyResolver;
        this.mTelemetryLogger = onlineTelemetryLogger;
        this.mHelperProvider = handlemessageintent;
        this.mPendingDownloadsTable = pendingDownloadsTable;
    }

    private List<File> getDirsForEncryptionChange() {
        ArrayList arrayList = new ArrayList();
        File file = new File(FileUtils.getNormalizedFilePath(this.mContext.getApplicationInfo().dataDir));
        arrayList.add(file);
        String safeGetCanonicalPath = FileUtils.safeGetCanonicalPath(file);
        if (!FileUtils.safeGetCanonicalPath(this.mContext.getFilesDir()).startsWith(safeGetCanonicalPath)) {
            arrayList.add(this.mContext.getFilesDir());
        }
        if (!FileUtils.safeGetCanonicalPath(this.mContext.getCacheDir()).startsWith(safeGetCanonicalPath)) {
            arrayList.add(this.mContext.getCacheDir());
        }
        if (!FileUtils.safeGetCanonicalPath(this.mContext.getCodeCacheDir()).startsWith(safeGetCanonicalPath)) {
            arrayList.add(this.mContext.getCodeCacheDir());
        }
        File parentFile = this.mContext.getDatabasePath("foo").getParentFile();
        if (!FileUtils.safeGetCanonicalPath(parentFile).startsWith(safeGetCanonicalPath)) {
            arrayList.add(parentFile);
        }
        File externalFilesDir = ContextUtils.getExternalFilesDir(this.mContext, "");
        if (externalFilesDir != null && externalFilesDir.exists()) {
            arrayList.add(externalFilesDir);
        }
        return arrayList;
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* renamed from: pendEncryptionChangeForAppFilesImpl, reason: merged with bridge method [inline-methods] */
    public void lambda$pendEncryptionChangeForAppFiles$0(EncryptionRequirement encryptionRequirement, MAMIdentity mAMIdentity, Set<File> set) {
        FileEncryptionStateTable.EncryptionState encryptionState = this.mFileEncryptionStateTable.getEncryptionState(mAMIdentity);
        if (encryptionState == null || encryptionState.mEncryptionRequired != encryptionRequirement) {
            return;
        }
        List<File> dirsForEncryptionChange = getDirsForEncryptionChange();
        int i = AnonymousClass1.$SwitchMap$com$microsoft$intune$mam$client$fileencryption$EncryptionRequirement[encryptionRequirement.ordinal()];
        if (i == 1) {
            pendEncryptionOperations(dirsForEncryptionChange, mAMIdentity, EncryptionOperation.ENCRYPT, set);
        } else if (i == 2) {
            pendEncryptionOperations(dirsForEncryptionChange, mAMIdentity, EncryptionOperation.DECRYPT, set);
        } else {
            if (i != 3) {
                throw new AssertionError("Unknown encryption requirement");
            }
            ArrayList arrayList = new ArrayList();
            ArrayList arrayList2 = new ArrayList();
            boolean isInstalledToSDCard = PackageUtils.isInstalledToSDCard(this.mContext);
            for (File file : dirsForEncryptionChange) {
                if (isInstalledToSDCard || !FileUtils.isFileUnderAppData(file, this.mContext)) {
                    arrayList.add(file);
                } else {
                    arrayList2.add(file);
                }
            }
            pendEncryptionOperations(arrayList, mAMIdentity, EncryptionOperation.ENCRYPT, set);
            pendEncryptionOperations(arrayList2, mAMIdentity, EncryptionOperation.DECRYPT, set);
        }
        encryptionState.mStatus = FileEncryptionStateTable.Status.OPERATIONS_PENDED;
        this.mFileEncryptionStateTable.upgradeEncryptionStatus(mAMIdentity, encryptionState);
    }

    private void pendEncryptionOperations(List<File> list, MAMIdentity mAMIdentity, EncryptionOperation encryptionOperation, Set<File> set) {
        ArrayList arrayList = new ArrayList();
        Iterator<File> it = list.iterator();
        while (it.hasNext()) {
            for (File file : FileUtils.listFilesRecursively(it.next())) {
                if (set.contains(file)) {
                    LOGGER.info("Excluding pending download file {0}", this.mMAMLogPIIFactory.getPIIFilePath(file.getAbsolutePath()));
                } else if (mAMIdentity == null) {
                    arrayList.add(file.getAbsolutePath());
                } else {
                    try {
                        MAMFileProtectionInfoEx protectionInfo = this.mProtectionBehavior.getProtectionInfo(file);
                        if (protectionInfo != null && mAMIdentity.equals(this.mMAMIdentityManager.fromUpnAndOid(protectionInfo.getIdentity(), protectionInfo.getIdentityOID()))) {
                            arrayList.add(file.getAbsolutePath());
                        }
                    } catch (IOException e) {
                        LOGGER.log(Level.WARNING, "Unable to get protection info from {0}", e, this.mMAMLogPIIFactory.getPIIFilePath(file.getAbsolutePath()));
                    }
                }
            }
        }
        this.mPendingEncryptionOperationsTable.addOperations(arrayList, encryptionOperation);
    }

    private Pair<Integer, Integer> processRows(CursorHandle cursorHandle, FileEncryptionManager fileEncryptionManager) {
        boolean z;
        FileEncryptionManager.EncryptionOperationResult encryptionOperationResult;
        int i = 0;
        int i2 = 0;
        while (cursorHandle.getCursor().moveToNext()) {
            String string = cursorHandle.getCursor().getString(0);
            if (string == null) {
                LOGGER.warning("unexpected null path in encryption operations table", new Object[0]);
                this.mPendingEncryptionOperationsTable.removeOperation(string);
            } else {
                EncryptionOperation fromValue = EncryptionOperation.fromValue(cursorHandle.getCursor().getInt(1));
                File file = new File(FileUtils.getNormalizedFilePath(string));
                if (file.exists()) {
                    EncryptionOperation encryptionOperation = EncryptionOperation.ENCRYPT;
                    if (fromValue != encryptionOperation || this.mPolicyResolver.hasAppPolicy()) {
                        if (file.canRead()) {
                            z = false;
                        } else {
                            file.setReadable(true);
                            z = true;
                        }
                        int openRawFileDescriptor = NativeFileIO.openRawFileDescriptor(string, NativeFileIO.OpenAccess.READONLY);
                        try {
                            boolean isFileEncrypted = FileEncryptionManager.isFileEncrypted(openRawFileDescriptor);
                            if (!(isFileEncrypted && fromValue == encryptionOperation) && (isFileEncrypted || fromValue != EncryptionOperation.DECRYPT)) {
                                try {
                                    encryptionOperationResult = fileEncryptionManager.changeFileEncryption(file, fromValue);
                                } catch (MAMException e) {
                                    LOGGER.log(Level.WARNING, "Unable to change encryption status: {0}", e, this.mMAMLogPIIFactory.getPIIFilePath(string));
                                    encryptionOperationResult = FileEncryptionManager.EncryptionOperationResult.FAILED;
                                }
                                int i3 = AnonymousClass1.$SwitchMap$com$microsoft$intune$mam$client$fileencryption$FileEncryptionManager$EncryptionOperationResult[encryptionOperationResult.ordinal()];
                                if (i3 == 1) {
                                    i++;
                                    i2++;
                                } else if (i3 == 2) {
                                    this.mPendingEncryptionOperationsTable.removeOperation(string);
                                } else if (i3 != 3) {
                                    i2++;
                                    LOGGER.error(MAMInternalError.ENCRYPTION_OPERATION_UNKNOWN_RESULT, "Unknown EncryptionOperationResult!", new Object[0]);
                                } else {
                                    i2++;
                                    LOGGER.error(MAMInternalError.ENCRYPTION_CHANGE_FAILED_FOR_FILE, "Failed to change encryption for {0}. Leaving in pending table so that we will try again later", this.mMAMLogPIIFactory.getPIIFilePath(string));
                                }
                            } else {
                                this.mPendingEncryptionOperationsTable.removeOperation(string);
                            }
                        } finally {
                            NativeFileIO.closeRawFileDescriptor(openRawFileDescriptor);
                            if (z) {
                                file.setReadable(false);
                            }
                        }
                    } else {
                        LOGGER.warning("Pending encrypt operation for {0}, but app no longer has policy. Skipping operation.", this.mMAMLogPIIFactory.getPIIFilePath(string));
                        this.mPendingEncryptionOperationsTable.removeOperation(string);
                    }
                } else {
                    this.mPendingEncryptionOperationsTable.removeOperation(string);
                }
            }
        }
        return new Pair<>(Integer.valueOf(i), Integer.valueOf(i2));
    }

    public void executePendingEncryptionOperations(FileEncryptionServiceBehavior fileEncryptionServiceBehavior, FileEncryptionManager fileEncryptionManager) {
        OnlineTelemetryLogger onlineTelemetryLogger;
        TrackedOccurrence trackedOccurrence;
        synchronized (this) {
            int i = 0;
            int i2 = 0;
            int i3 = 0;
            int i4 = 0;
            while (true) {
                try {
                    try {
                        try {
                            CursorHandle partialPendingOperations = this.mPendingEncryptionOperationsTable.getPartialPendingOperations(i3);
                            int count = partialPendingOperations.getCursor().getCount();
                            i += count;
                            try {
                                Pair<Integer, Integer> processRows = processRows(partialPendingOperations, fileEncryptionManager);
                                i2 += processRows.first.intValue();
                                i4 += processRows.second.intValue();
                                if (count <= 0) {
                                    break;
                                } else {
                                    i3 = i4;
                                }
                            } finally {
                            }
                        } catch (Throwable th) {
                            if (i2 > 0) {
                                this.mTelemetryLogger.logTrackedOccurrence(TrackedOccurrence.KEPT_ROW_IN_PENDING_OPS_TABLE_RESULT_PENDING, Integer.toString(i2));
                            }
                            if (i > 5000) {
                                this.mTelemetryLogger.logTrackedOccurrence(TrackedOccurrence.TOO_MANY_ROWS_IN_PENDING_FILE_ENCRYPTION_OPS_TABLE, Integer.toString(i));
                            }
                            throw th;
                        }
                    } catch (SQLiteException e) {
                        this.mHelperProvider.get().ignoreSQLiteExceptionIfWiped("execute pending encryption ops", e);
                        if (i2 > 0) {
                            this.mTelemetryLogger.logTrackedOccurrence(TrackedOccurrence.KEPT_ROW_IN_PENDING_OPS_TABLE_RESULT_PENDING, Integer.toString(i2));
                        }
                        if (i > 5000) {
                            onlineTelemetryLogger = this.mTelemetryLogger;
                            trackedOccurrence = TrackedOccurrence.TOO_MANY_ROWS_IN_PENDING_FILE_ENCRYPTION_OPS_TABLE;
                        }
                    }
                } catch (Throwable th2) {
                    throw th2;
                }
            }
            if (i2 > 0) {
                this.mTelemetryLogger.logTrackedOccurrence(TrackedOccurrence.KEPT_ROW_IN_PENDING_OPS_TABLE_RESULT_PENDING, Integer.toString(i2));
            }
            if (i > 5000) {
                onlineTelemetryLogger = this.mTelemetryLogger;
                trackedOccurrence = TrackedOccurrence.TOO_MANY_ROWS_IN_PENDING_FILE_ENCRYPTION_OPS_TABLE;
                onlineTelemetryLogger.logTrackedOccurrence(trackedOccurrence, Integer.toString(i));
            }
            if (i2 > 0 && fileEncryptionServiceBehavior != null) {
                fileEncryptionServiceBehavior.schedule(FileEncryptionServiceBehavior.Operation.EXECUTE_PENDING_ENCRYPTION_OPERATIONS, FileEncryptionServiceBehavior.TRY_PENDING_OPERATIONS_INTERVAL_MS);
            }
            if (i2 == 0 && !this.mPolicyResolver.hasAppPolicy()) {
                fileEncryptionManager.clearCachedKeys();
            }
        }
    }

    public boolean hasPendingOperations() {
        CursorHandle cursorHandle = null;
        try {
            cursorHandle = this.mPendingEncryptionOperationsTable.getPartialPendingOperations(0);
            return cursorHandle.getCursor().getCount() > 0;
        } catch (SQLiteException e) {
            this.mHelperProvider.get().ignoreSQLiteExceptionIfWiped("check for pending operations", e);
            return false;
        } finally {
            IOUtils.safeCloseAndLog(cursorHandle);
        }
    }

    public void pendEncryptionChangeForAppFiles(final EncryptionRequirement encryptionRequirement, final MAMIdentity mAMIdentity) {
        MAMDownloadManager.executeWithPendingDownloads(this.mContext, this.mPendingDownloadsTable, new MAMDownloadManager.OperationWithPendingDownloads() { // from class: com.microsoft.intune.mam.client.fileencryption.FileEncryptionPendingOperations$$ExternalSyntheticLambda0
            @Override // com.microsoft.intune.mam.client.download.MAMDownloadManager.OperationWithPendingDownloads
            public final void execute(Set set) {
                FileEncryptionPendingOperations.this.lambda$pendEncryptionChangeForAppFiles$0(encryptionRequirement, mAMIdentity, set);
            }
        });
    }
}
