package com.microsoft.intune.mam.client.ipcclient;

import android.content.Context;
import android.os.Bundle;
import com.microsoft.intune.mam.client.MAMException;
import com.microsoft.intune.mam.client.fileencryption.EncryptionRequirement;
import com.microsoft.intune.mam.client.fileencryption.MAMKeyAccessNotAllowedException;
import com.microsoft.intune.mam.client.fileencryption.MAMKeyRetrievalException;
import com.microsoft.intune.mam.client.identity.MAMIdentity;
import com.microsoft.intune.mam.client.ipc.AppPolicyEndpoint;
import com.microsoft.intune.mam.client.telemetry.events.MAMInternalError;
import com.microsoft.intune.mam.log.MAMLogger;
import com.microsoft.intune.mam.policy.BundleEncryptionKey;
import com.microsoft.intune.mam.policy.FileEncryptionKeyLength;
import com.microsoft.intune.mam.policy.InternalAppPolicy;
import com.microsoft.intune.mam.policy.MAMUserInfoInternal;
import com.nimbusds.jose.jwk.JWKParameterNames;
import java.util.Arrays;
import java.util.HashMap;
import java.util.Map;
import java.util.UUID;
import java.util.logging.Level;
import kotlin.Metadata;
import kotlin.getOperation;
import kotlin.performTopicOperation;
import kotlin.r8lambdabZoaCm49JrDNg3UPCIlAWkp3Nnc;

@Metadata(d1 = {"\u0000h\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0010\u000b\n\u0000\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0002\b\u0002\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0000\n\u0002\u0018\u0002\n\u0002\u0018\u0002\n\u0000\u0018\u00002\u00020\u0001B'\b\u0007\u0012\u0006\u0010\u0002\u001a\u00020\u0003\u0012\u0006\u0010\u0004\u001a\u00020\u0005\u0012\u0006\u0010\u0006\u001a\u00020\u0007\u0012\u0006\u0010\b\u001a\u00020\t¢\u0006\u0002\u0010\nJ\u0012\u0010\u000b\u001a\u00020\f2\b\u0010\r\u001a\u0004\u0018\u00010\u000eH\u0016J\b\u0010\u000f\u001a\u00020\fH\u0016J\u0012\u0010\u0010\u001a\u00020\u00112\b\u0010\r\u001a\u0004\u0018\u00010\u000eH\u0016J\u0010\u0010\u0012\u001a\u00020\u00112\u0006\u0010\u0013\u001a\u00020\u0014H\u0016J\u0012\u0010\u0015\u001a\u00020\u00162\b\u0010\r\u001a\u0004\u0018\u00010\u000eH\u0016J\u0012\u0010\u0017\u001a\u00020\u00182\b\u0010\r\u001a\u0004\u0018\u00010\u000eH\u0016J\u0018\u0010\u0019\u001a\u00020\u001a2\u0006\u0010\u001b\u001a\u00020\u001c2\u0006\u0010\u001d\u001a\u00020\u001eH\u0002J(\u0010\u001f\u001a\"\u0012\u0004\u0012\u00020\u000e\u0012\u0004\u0012\u00020\u0011\u0018\u00010 j\u0010\u0012\u0004\u0012\u00020\u000e\u0012\u0004\u0012\u00020\u0011\u0018\u0001`!H\u0016R\u000e\u0010\u0006\u001a\u00020\u0007X\u0082\u0004¢\u0006\u0002\n\u0000R\u000e\u0010\u0002\u001a\u00020\u0003X\u0082\u0004¢\u0006\u0002\n\u0000R\u000e\u0010\u0004\u001a\u00020\u0005X\u0082\u0004¢\u0006\u0002\n\u0000R\u000e\u0010\b\u001a\u00020\tX\u0082\u0004¢\u0006\u0002\n\u0000¨\u0006\""}, d2 = {"Lcom/microsoft/intune/mam/client/ipcclient/FileEncryptionPolicyImpl;", "Lcom/microsoft/intune/mam/client/ipcclient/FileEncryptionPolicy;", "context", "Landroid/content/Context;", "mamClientPolicyImpl", "Lcom/microsoft/intune/mam/client/ipcclient/MAMClientPolicyImpl;", "appPolicyEndpoint", "Lcom/microsoft/intune/mam/client/ipc/AppPolicyEndpoint;", "userInfo", "Lcom/microsoft/intune/mam/policy/MAMUserInfoInternal;", "(Landroid/content/Context;Lcom/microsoft/intune/mam/client/ipcclient/MAMClientPolicyImpl;Lcom/microsoft/intune/mam/client/ipc/AppPolicyEndpoint;Lcom/microsoft/intune/mam/policy/MAMUserInfoInternal;)V", "areEncryptionKeysAccessible", "", "identity", "Lcom/microsoft/intune/mam/client/identity/MAMIdentity;", "areEncryptionKeysAccessibleForAnyIdentity", "getCurrentFileEncryptionKey", "Lcom/microsoft/intune/mam/policy/BundleEncryptionKey;", "getFileEncryptionKey", "id", "Ljava/util/UUID;", "getFileEncryptionKeyLength", "Lcom/microsoft/intune/mam/policy/FileEncryptionKeyLength;", "getFileEncryptionRequirement", "Lcom/microsoft/intune/mam/client/fileencryption/EncryptionRequirement;", "handleMamEncryptionExceptionRethrow", "Lcom/microsoft/intune/mam/client/MAMException;", JWKParameterNames.RSA_EXPONENT, "Lcom/microsoft/intune/mam/client/fileencryption/MAMKeyRetrievalException;", "logLevel", "Ljava/util/logging/Level;", "prefetchCurrentFileEncryptionKey", "Ljava/util/HashMap;", "Lkotlin/collections/HashMap;", "AppClient.Internal_release"}, k = 1, mv = {1, 9, 0}, xi = 48)
/* loaded from: classes4.dex */
public final class FileEncryptionPolicyImpl implements FileEncryptionPolicy {
    private final AppPolicyEndpoint appPolicyEndpoint;
    private final Context context;
    private final MAMClientPolicyImpl mamClientPolicyImpl;
    private final MAMUserInfoInternal userInfo;

    @r8lambdabZoaCm49JrDNg3UPCIlAWkp3Nnc
    public FileEncryptionPolicyImpl(Context context, MAMClientPolicyImpl mAMClientPolicyImpl, AppPolicyEndpoint appPolicyEndpoint, MAMUserInfoInternal mAMUserInfoInternal) {
        getOperation.disconnect(context, "");
        getOperation.disconnect(mAMClientPolicyImpl, "");
        getOperation.disconnect(appPolicyEndpoint, "");
        getOperation.disconnect(mAMUserInfoInternal, "");
        this.context = context;
        this.mamClientPolicyImpl = mAMClientPolicyImpl;
        this.appPolicyEndpoint = appPolicyEndpoint;
        this.userInfo = mAMUserInfoInternal;
    }

    private final MAMException handleMamEncryptionExceptionRethrow(MAMKeyRetrievalException e, Level logLevel) {
        MAMLogger mAMLogger;
        MAMLogger mAMLogger2;
        String message = e.getMessage();
        if (message == null) {
            message = "Connection to remote policy service failed.";
        }
        Throwable cause = e.getCause();
        if (cause == null) {
            cause = e;
        }
        if (logLevel == Level.SEVERE) {
            mAMLogger2 = FileEncryptionPolicyImplKt.LOGGER;
            mAMLogger2.error(MAMInternalError.ENCRYPTION_KEY_NOT_AVAILABLE, message, cause);
        } else {
            mAMLogger = FileEncryptionPolicyImplKt.LOGGER;
            mAMLogger.log(logLevel, message, cause);
        }
        return e;
    }

    @Override // com.microsoft.intune.mam.client.ipcclient.FileEncryptionPolicy
    public boolean areEncryptionKeysAccessible(MAMIdentity identity) {
        return this.mamClientPolicyImpl.hasAppPolicy(identity);
    }

    @Override // com.microsoft.intune.mam.client.ipcclient.FileEncryptionPolicy
    public boolean areEncryptionKeysAccessibleForAnyIdentity() {
        return this.mamClientPolicyImpl.hasAppPolicy();
    }

    @Override // com.microsoft.intune.mam.client.ipcclient.FileEncryptionPolicy
    public BundleEncryptionKey getCurrentFileEncryptionKey(MAMIdentity identity) {
        MAMLogger mAMLogger;
        try {
            Bundle currentFileEncryptionKey = this.appPolicyEndpoint.getCurrentFileEncryptionKey(identity);
            if (currentFileEncryptionKey != null) {
                return new BundleEncryptionKey(currentFileEncryptionKey);
            }
            mAMLogger = FileEncryptionPolicyImplKt.LOGGER;
            mAMLogger.error(MAMInternalError.ENCRYPTION_KEY_NOT_AVAILABLE, "Unable to get current file encryption key from agent", new Object[0]);
            throw new MAMKeyRetrievalException("Failed to get master file encryption key");
        } catch (MAMKeyRetrievalException e) {
            Level level = Level.SEVERE;
            getOperation.IconCompatParcelizer(level, "");
            throw handleMamEncryptionExceptionRethrow(e, level);
        } catch (SecurityException e2) {
            MAMKeyRetrievalException mAMKeyRetrievalException = new MAMKeyRetrievalException("Failed to get current file encryption key because this app is not trusted.", e2);
            Level level2 = Level.SEVERE;
            getOperation.IconCompatParcelizer(level2, "");
            throw handleMamEncryptionExceptionRethrow(mAMKeyRetrievalException, level2);
        }
    }

    @Override // com.microsoft.intune.mam.client.ipcclient.FileEncryptionPolicy
    public BundleEncryptionKey getFileEncryptionKey(UUID id) {
        MAMLogger mAMLogger;
        MAMLogger mAMLogger2;
        getOperation.disconnect(id, "");
        if (!this.mamClientPolicyImpl.hasAppPolicy()) {
            mAMLogger2 = FileEncryptionPolicyImplKt.LOGGER;
            mAMLogger2.warning("Cannot retrieve file encryption key because app is not managed.", new Object[0]);
            throw new MAMKeyAccessNotAllowedException();
        }
        try {
            Bundle fileEncryptionKey = this.appPolicyEndpoint.getFileEncryptionKey(id);
            if (fileEncryptionKey != null) {
                return new BundleEncryptionKey(fileEncryptionKey);
            }
            String uuid = id.toString();
            getOperation.IconCompatParcelizer(uuid, "");
            mAMLogger = FileEncryptionPolicyImplKt.LOGGER;
            mAMLogger.error(MAMInternalError.ENCRYPTION_KEY_NOT_AVAILABLE, "Unable to get file encryption key {0} from agent", uuid);
            performTopicOperation performtopicoperation = performTopicOperation.INSTANCE;
            String format = String.format("Failed to get master file encryption key with id %s", Arrays.copyOf(new Object[]{uuid}, 1));
            getOperation.IconCompatParcelizer(format, "");
            throw new MAMKeyRetrievalException(format);
        } catch (MAMKeyRetrievalException e) {
            Level level = Level.WARNING;
            getOperation.IconCompatParcelizer(level, "");
            throw handleMamEncryptionExceptionRethrow(e, level);
        } catch (SecurityException e2) {
            MAMKeyRetrievalException mAMKeyRetrievalException = new MAMKeyRetrievalException("Cannot retrieve file encryption key because this app is not trusted.", e2);
            Level level2 = Level.WARNING;
            getOperation.IconCompatParcelizer(level2, "");
            throw handleMamEncryptionExceptionRethrow(mAMKeyRetrievalException, level2);
        }
    }

    @Override // com.microsoft.intune.mam.client.ipcclient.FileEncryptionPolicy
    public FileEncryptionKeyLength getFileEncryptionKeyLength(MAMIdentity identity) {
        MAMLogger mAMLogger;
        InternalAppPolicy appPolicy = this.mamClientPolicyImpl.getAppPolicy(identity);
        getOperation.IconCompatParcelizer(appPolicy, "");
        FileEncryptionKeyLength fileEncryptionKeyLength = appPolicy.getFileEncryptionKeyLength();
        getOperation.IconCompatParcelizer(fileEncryptionKeyLength, "");
        if (fileEncryptionKeyLength.getKeyLength() < FileEncryptionKeyLength.AES_256.getKeyLength()) {
            mAMLogger = FileEncryptionPolicyImplKt.LOGGER;
            mAMLogger.error(MAMInternalError.ENCRYPTION_POLICY_INVALID_KEY_LENGTH, "Policy requires encryption key length of " + fileEncryptionKeyLength + ", but we never expect lower than 256.", new Object[0]);
        }
        return fileEncryptionKeyLength;
    }

    @Override // com.microsoft.intune.mam.client.ipcclient.FileEncryptionPolicy
    public EncryptionRequirement getFileEncryptionRequirement(MAMIdentity identity) {
        InternalAppPolicy appPolicy = this.mamClientPolicyImpl.getAppPolicy(identity);
        getOperation.IconCompatParcelizer(appPolicy, "");
        return !appPolicy.getRequiresFileEncryption() ? EncryptionRequirement.NONE : appPolicy.getPrivateFilesEncryptionDisabled() ? EncryptionRequirement.PARTIAL : EncryptionRequirement.FULL;
    }

    @Override // com.microsoft.intune.mam.client.ipcclient.FileEncryptionPolicy
    public HashMap<MAMIdentity, BundleEncryptionKey> prefetchCurrentFileEncryptionKey() {
        try {
            HashMap<MAMIdentity, Bundle> prefetchCurrentFileEncryptionKey = this.appPolicyEndpoint.prefetchCurrentFileEncryptionKey(this.context.getPackageName());
            if (prefetchCurrentFileEncryptionKey != null && !prefetchCurrentFileEncryptionKey.isEmpty()) {
                HashMap<MAMIdentity, BundleEncryptionKey> hashMap = new HashMap<>();
                for (Map.Entry<MAMIdentity, Bundle> entry : prefetchCurrentFileEncryptionKey.entrySet()) {
                    MAMIdentity key = entry.getKey();
                    Bundle value = entry.getValue();
                    if (value != null) {
                        getOperation.checkNotNull(key);
                        hashMap.put(key, new BundleEncryptionKey(value));
                    }
                }
                return hashMap;
            }
            return null;
        } catch (MAMKeyRetrievalException e) {
            Level level = Level.SEVERE;
            getOperation.IconCompatParcelizer(level, "");
            throw handleMamEncryptionExceptionRethrow(e, level);
        } catch (SecurityException e2) {
            MAMKeyRetrievalException mAMKeyRetrievalException = new MAMKeyRetrievalException("Failed to prefetch file encryption key because this app is not trusted.", e2);
            Level level2 = Level.SEVERE;
            getOperation.IconCompatParcelizer(level2, "");
            throw handleMamEncryptionExceptionRethrow(mAMKeyRetrievalException, level2);
        }
    }
}
