package com.blackberry.security.secureemail.service;

import a7.h;
import a7.i;
import android.content.ContentValues;
import android.content.Intent;
import android.database.Cursor;
import android.net.Uri;
import android.os.IBinder;
import android.os.RemoteException;
import android.util.Base64;
import android.util.Log;
import b5.l;
import b5.q;
import b5.w;
import cb.a;
import com.blackberry.email.provider.contract.EmailContent;
import com.blackberry.email.service.EmailMessagingService;
import com.blackberry.message.service.MessageAttachmentValue;
import com.blackberry.message.service.MessageValue;
import com.blackberry.message.service.ServiceResult;
import com.blackberry.security.secureemail.client.message.service.SecureMessageEmailCertificateValue;
import com.blackberry.security.secureemail.client.message.service.SecureMessageResult;
import com.blackberry.security.secureemail.client.message.service.SecureMessageValue;
import com.blackberry.security.secureemail.constants.Encoding;
import com.blackberry.security.secureemail.constants.EncodingAction;
import com.blackberry.security.secureemail.constants.EncodingType;
import com.blackberry.security.secureemail.constants.EntityIdentifierType;
import com.blackberry.security.secureemail.constants.HashAlgorithm;
import com.blackberry.security.secureemail.processors.KeyStoreProcessor;
import com.blackberry.security.secureemail.processors.SecureEmailProcessor;
import com.blackberry.security.secureemail.provider.certificate.e;
import com.microsoft.identity.common.adal.internal.AuthenticationConstants;
import java.io.BufferedOutputStream;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.OutputStreamWriter;
import java.net.URI;
import java.net.URISyntaxException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.UUID;
import jb.f;
import org.json.JSONArray;
import org.json.JSONException;
import org.json.JSONObject;
import org.xbill.DNS.KEYRecord;

/* loaded from: classes.dex */
public class SecureEmailMessagingService extends EmailMessagingService {

    /* renamed from: d, reason: collision with root package name */
    private boolean f8154d;

    /* renamed from: e, reason: collision with root package name */
    private URI f8155e;

    /* renamed from: i, reason: collision with root package name */
    private String f8156i;

    /* renamed from: j, reason: collision with root package name */
    private String f8157j;

    /* renamed from: k, reason: collision with root package name */
    private String f8158k;

    /* renamed from: n, reason: collision with root package name */
    private EncodingType f8159n;

    /* renamed from: o, reason: collision with root package name */
    private EncodingAction f8160o;

    /* renamed from: p, reason: collision with root package name */
    private HashAlgorithm f8161p = HashAlgorithm.UNKNOWN;

    /* renamed from: q, reason: collision with root package name */
    private int f8162q;

    /* renamed from: r, reason: collision with root package name */
    private int f8163r;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes.dex */
    public static /* synthetic */ class a {

        /* renamed from: a, reason: collision with root package name */
        static final /* synthetic */ int[] f8164a;

        static {
            int[] iArr = new int[EncodingAction.values().length];
            f8164a = iArr;
            try {
                iArr[EncodingAction.SIGN.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                f8164a[EncodingAction.ENCRYPT.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
            try {
                f8164a[EncodingAction.SIGN_ENCRYPT.ordinal()] = 3;
            } catch (NoSuchFieldError unused3) {
            }
        }
    }

    /* loaded from: classes.dex */
    private class b extends nb.a {
        b() {
        }

        @Override // nb.c
        public String F1(long j10, String str, SecureMessageValue secureMessageValue, ServiceResult serviceResult) {
            SecureEmailMessagingService secureEmailMessagingService = SecureEmailMessagingService.this;
            return secureEmailMessagingService.r0(secureEmailMessagingService, j10, secureMessageValue, true);
        }

        @Override // nb.c
        public boolean K1(long j10, int i10, SecureMessageResult secureMessageResult, ServiceResult serviceResult) {
            try {
                return new e(SecureEmailMessagingService.this).k(j10, i10, secureMessageResult);
            } catch (Exception e10) {
                q.C("SecureEmail", e10, "Failed to validate sender certs", new Object[0]);
                throw new RemoteException("Can't validate sender certs");
            }
        }

        @Override // nb.c
        public String U1(long j10, SecureMessageValue secureMessageValue, ServiceResult serviceResult) {
            SecureEmailMessagingService secureEmailMessagingService = SecureEmailMessagingService.this;
            return secureEmailMessagingService.r0(secureEmailMessagingService, j10, secureMessageValue, true);
        }

        @Override // nb.c
        public String o(long j10, SecureMessageValue secureMessageValue, ServiceResult serviceResult) {
            SecureEmailMessagingService secureEmailMessagingService = SecureEmailMessagingService.this;
            return secureEmailMessagingService.r0(secureEmailMessagingService, j10, secureMessageValue, false);
        }

        @Override // nb.c
        public String q(long j10, String str, SecureMessageValue secureMessageValue, ServiceResult serviceResult) {
            SecureEmailMessagingService secureEmailMessagingService = SecureEmailMessagingService.this;
            return secureEmailMessagingService.r0(secureEmailMessagingService, j10, secureMessageValue, true);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes.dex */
    public static class c extends Exception {
        public c(String str) {
            super(str);
        }

        public c(String str, Throwable th2) {
            super(str, th2);
        }
    }

    private void I0(EncodingAction encodingAction, MessageValue messageValue, byte[] bArr) {
        EncodingAction encodingAction2 = EncodingAction.SIGN;
        if (encodingAction != encodingAction2 || !this.f8154d) {
            messageValue.h();
            messageValue.g();
        }
        String R0 = R0(bArr);
        MessageAttachmentValue messageAttachmentValue = new MessageAttachmentValue();
        messageAttachmentValue.f30217d = (encodingAction == encodingAction2 && this.f8154d) ? "smime.p7s" : "smime.p7m";
        messageAttachmentValue.f30218e = (encodingAction == encodingAction2 && this.f8154d) ? "application/pkcs7-signature" : "application/x-pkcs7-mime";
        messageAttachmentValue.D0 = messageValue.f7359j;
        messageAttachmentValue.f30224p = R0;
        try {
            this.f8155e = new URI(R0);
        } catch (URISyntaxException e10) {
            q.g("SecureEmail", e10, "addEncodedAttachment(), URISyntaxException", new Object[0]);
        }
        ArrayList arrayList = new ArrayList();
        arrayList.add(messageAttachmentValue);
        messageValue.d(arrayList);
    }

    private void J0(SecureEmailProcessor secureEmailProcessor, ArrayList<SecureMessageEmailCertificateValue> arrayList) {
        Iterator<SecureMessageEmailCertificateValue> it = arrayList.iterator();
        while (it.hasNext()) {
            SecureMessageEmailCertificateValue next = it.next();
            try {
                if (next.f8032i != null) {
                    JSONArray jSONArray = new JSONArray(next.f8032i);
                    for (int i10 = 0; i10 < jSONArray.length(); i10++) {
                        JSONObject jSONObject = jSONArray.getJSONObject(i10);
                        secureEmailProcessor.addRecipientEntry(EntityIdentifierType.valueOf(jSONObject.getInt("idType")), new ByteArrayInputStream(Base64.decode(jSONObject.getString("identifier"), 0)), next.f8029c);
                    }
                } else {
                    q.f("SecureEmail", "Invalid JSON Object", new Object[0]);
                }
            } catch (JSONException e10) {
                q.g("SecureEmail", e10, "encodeData() - Error converting Certificate JSON String", new Object[0]);
            }
        }
    }

    private String K0(SecureMessageValue secureMessageValue, HashAlgorithm hashAlgorithm, boolean z10, ArrayList<SecureMessageEmailCertificateValue> arrayList, int i10) {
        byte[] N0 = N0(secureMessageValue);
        if (N0.length == 0) {
            q.f("SecureEmail", "Mime could not be generated from the message.", new Object[0]);
            throw new c("Mime could not be generated from the message.");
        }
        EncodingAction encodingAction = this.f8160o;
        q.z("SecureEmail", "encodeAndAddAttachment: %s:%s", this.f8159n.name(), encodingAction.name());
        if (this.f8159n == EncodingType.SMIME && encodingAction == EncodingAction.SIGN_ENCRYPT) {
            byte[] M0 = M0(N0, hashAlgorithm, z10, arrayList, i10, EncodingAction.SIGN, true);
            if (M0 == null || M0.length == 0) {
                q.f("SecureEmail", "Couldn't get detached signature from SMIME library", new Object[0]);
                throw new c("Couldn't get detached signature from SMIME library");
            }
            ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream(N0.length + P0(M0.length, KEYRecord.Flags.EXTEND));
            try {
                i.e(byteArrayOutputStream, new OutputStreamWriter(new l(byteArrayOutputStream, "SecureEmail")), Q0(), N0, M0);
                N0 = byteArrayOutputStream.toByteArray();
                byteArrayOutputStream.close();
                encodingAction = EncodingAction.ENCRYPT;
            } finally {
            }
        }
        byte[] M02 = M0(N0, hashAlgorithm, z10, arrayList, i10, encodingAction, this.f8154d);
        if (M02 == null || M02.length == 0) {
            q.f("SecureEmail", "Couldn't get SMIME object from SMIME library", new Object[0]);
            throw new c("Couldn't get SMIME object from SMIME library");
        }
        String str = null;
        try {
            if (this.f8160o == EncodingAction.SIGN && this.f8154d) {
                str = V0(N0);
            }
            if (secureMessageValue.H()) {
                I0(this.f8160o, secureMessageValue, M02);
            } else {
                I0(this.f8160o, secureMessageValue, Base64.encode(M02, 4));
            }
            return str;
        } catch (Throwable th2) {
            if (0 != 0) {
                rb.a.e(null);
            }
            throw th2;
        }
    }

    private int L0(ByteArrayInputStream byteArrayInputStream, ByteArrayOutputStream byteArrayOutputStream, ArrayList<SecureMessageEmailCertificateValue> arrayList, HashAlgorithm hashAlgorithm, boolean z10, int i10, EncodingAction encodingAction, boolean z11) {
        SecureEmailProcessor secureEmailProcessor = new SecureEmailProcessor(this.f8159n, this);
        try {
            KeyStoreProcessor keyStoreProcessor = new KeyStoreProcessor(this.f8159n, this);
            try {
                keyStoreProcessor.certificateManagerInit();
                secureEmailProcessor.setEncoding(encodingAction);
                if ((encodingAction == EncodingAction.SIGN || encodingAction == EncodingAction.SIGN_ENCRYPT) && !U0(secureEmailProcessor, hashAlgorithm, z10, encodingAction, z11)) {
                    if (g7.a.b()) {
                        cb.a.b(a.EnumC0059a.FAILURE, a.b.WARNING, "smime", "encode", secureEmailProcessor.errorCodeToString(13));
                    }
                    keyStoreProcessor.close();
                    secureEmailProcessor.close();
                    return 13;
                }
                if (encodingAction == EncodingAction.ENCRYPT || encodingAction == EncodingAction.SIGN_ENCRYPT) {
                    S0(secureEmailProcessor, i10, arrayList);
                }
                int encodeMessage = secureEmailProcessor.encodeMessage(byteArrayInputStream, byteArrayOutputStream);
                if (encodeMessage != 0 && g7.a.b()) {
                    cb.a.b(a.EnumC0059a.FAILURE, a.b.WARNING, "smime", "encode", secureEmailProcessor.errorCodeToString(encodeMessage));
                }
                keyStoreProcessor.close();
                secureEmailProcessor.close();
                return encodeMessage;
            } finally {
            }
        } finally {
        }
    }

    private byte[] M0(byte[] bArr, HashAlgorithm hashAlgorithm, boolean z10, ArrayList<SecureMessageEmailCertificateValue> arrayList, int i10, EncodingAction encodingAction, boolean z11) {
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(bArr);
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        int L0 = L0(byteArrayInputStream, byteArrayOutputStream, arrayList, hashAlgorithm, z10, i10, encodingAction, z11);
        if (L0 == 0) {
            return byteArrayOutputStream.toByteArray();
        }
        q.f("SecureEmail", "Encode Failure RC = " + L0, new Object[0]);
        return null;
    }

    private byte[] N0(SecureMessageValue secureMessageValue) {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        try {
            h.j(this, secureMessageValue, byteArrayOutputStream, false, byteArrayOutputStream, new OutputStreamWriter(new l(byteArrayOutputStream, "SecureEmail")), secureMessageValue.o());
            return byteArrayOutputStream.toByteArray();
        } catch (Exception e10) {
            q.f("SecureEmail", "Error retrieving BodyAndAttachment from SmimeOutput", new Object[0]);
            throw new c("Error generating basic MIME for SMIME message", e10);
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r1v17 */
    /* JADX WARN: Type inference failed for: r1v18 */
    /* JADX WARN: Type inference failed for: r1v5, types: [int] */
    /* JADX WARN: Type inference failed for: r1v8 */
    /* JADX WARN: Type inference failed for: r1v9 */
    private int O0() {
        List<String> f10 = new com.blackberry.security.secureemail.provider.a(this).f();
        boolean contains = f10.contains(getString(f.f18938s));
        boolean z10 = contains;
        if (f10.contains(getString(f.f18937r))) {
            z10 = (contains ? 1 : 0) | 2;
        }
        boolean z11 = z10;
        if (f10.contains(getString(f.f18936q))) {
            z11 = (z10 ? 1 : 0) | 4;
        }
        ?? r12 = z11;
        if (f10.contains(getString(f.f18940u))) {
            r12 = (z11 ? 1 : 0) | 8;
        }
        return f10.contains(getString(f.f18939t)) ? r12 | 16 : r12;
    }

    private int P0(int i10, int i11) {
        return ((int) ((i10 * 78) / 57)) + i11;
    }

    private String Q0() {
        return "multipart/signed; protocol=\"application/x-pkcs7-signature\"; micalg=" + this.f8161p.name() + AuthenticationConstants.Broker.CHALLENGE_REQUEST_CERT_AUTH_DELIMETER;
    }

    private String R0(byte[] bArr) {
        File file = new File(getFilesDir(), "encodedAttachment_" + UUID.randomUUID().toString());
        try {
            BufferedOutputStream bufferedOutputStream = new BufferedOutputStream(new FileOutputStream(file));
            try {
                bufferedOutputStream.write(bArr);
                bufferedOutputStream.flush();
                bufferedOutputStream.close();
            } finally {
            }
        } catch (FileNotFoundException e10) {
            q.g("SecureEmail", e10, "saveEncodedAttachmentFile(), FileNotFoundException", new Object[0]);
        } catch (IOException e11) {
            q.g("SecureEmail", e11, "saveEncodedAttachmentFile(), IOException", new Object[0]);
        }
        return Uri.fromFile(file).toString();
    }

    private void S0(SecureEmailProcessor secureEmailProcessor, int i10, ArrayList<SecureMessageEmailCertificateValue> arrayList) {
        secureEmailProcessor.setCipherPreferences(i10);
        String str = this.f8158k;
        if (str != null && !str.isEmpty() && !SecureMessageResult.a(this.f8163r, 4)) {
            secureEmailProcessor.addRecipientEntry(EntityIdentifierType.ALIAS, new ByteArrayInputStream(this.f8158k.getBytes()), "");
        }
        if (arrayList.size() > 0) {
            J0(secureEmailProcessor, arrayList);
        }
    }

    private void T0(SecureMessageValue secureMessageValue) {
        if (this.f8159n == EncodingType.SMIME) {
            int i10 = a.f8164a[this.f8160o.ordinal()];
            if (i10 == 1) {
                secureMessageValue.u0(4194304L);
            } else if (i10 == 2 || i10 == 3) {
                secureMessageValue.u0(8388608L);
            }
        }
    }

    private boolean U0(SecureEmailProcessor secureEmailProcessor, HashAlgorithm hashAlgorithm, boolean z10, EncodingAction encodingAction, boolean z11) {
        boolean z12;
        secureEmailProcessor.setHashAlgorithm(hashAlgorithm);
        secureEmailProcessor.setIncludeCertificates(z10);
        String str = this.f8157j;
        if (str == null || str.isEmpty()) {
            z12 = false;
        } else {
            secureEmailProcessor.setSenderSigningEntry(EntityIdentifierType.ALIAS, new ByteArrayInputStream(this.f8157j.getBytes()));
            z12 = true;
        }
        String str2 = this.f8158k;
        if (str2 != null && !str2.isEmpty()) {
            secureEmailProcessor.setSenderEncryptionEntry(EntityIdentifierType.ALIAS, new ByteArrayInputStream(this.f8158k.getBytes()));
        }
        if (encodingAction == EncodingAction.SIGN && z11) {
            secureEmailProcessor.setClearSigned(true, new ByteArrayInputStream(new byte[0]));
        }
        return z12;
    }

    private String V0(byte[] bArr) {
        File file = new File(getFilesDir(), "clearMIME_" + UUID.randomUUID().toString());
        try {
            BufferedOutputStream bufferedOutputStream = new BufferedOutputStream(new FileOutputStream(file));
            try {
                bufferedOutputStream.write(bArr);
                bufferedOutputStream.flush();
                q.d("SecureEmail", "writeMIMEtoFile(), %d bytes to %s", Integer.valueOf(bArr.length), file.getAbsolutePath());
                bufferedOutputStream.close();
            } finally {
            }
        } catch (FileNotFoundException e10) {
            q.g("SecureEmail", e10, "writeMIMEtoFile(), FileNotFoundException", new Object[0]);
        } catch (IOException e11) {
            q.g("SecureEmail", e11, "writeMIMEtoFile(), IOException", new Object[0]);
        }
        return Uri.fromFile(file).toString();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.blackberry.email.service.EmailMessagingService
    public void g0(boolean z10, String str) {
        super.g0(z10, str);
        EncodingType encodingType = this.f8159n;
        if (encodingType != EncodingType.NONE) {
            Object[] objArr = new Object[3];
            objArr[0] = z10 ? "sending" : "saving";
            objArr[1] = encodingType;
            objArr[2] = rb.a.f(this.f8160o, this.f8154d);
            q.k("SecureEmail", "%s %s %s", objArr);
        }
    }

    @Override // com.blackberry.email.service.EmailMessagingService
    protected void l0(long j10, long j11) {
        if (j11 == -1 || j10 == -1) {
            throw new IllegalArgumentException("Invalid MessageID");
        }
        if (this.f8159n != EncodingType.NONE) {
            if (this.f8155e != null) {
                new File(this.f8155e).delete();
            }
            ContentValues contentValues = new ContentValues();
            contentValues.put("account_id", Long.valueOf(j10));
            contentValues.put("message_id", Long.valueOf(j11));
            EncodingAction encodingAction = this.f8160o;
            EncodingAction encodingAction2 = EncodingAction.SIGN;
            if (encodingAction == encodingAction2 && this.f8154d) {
                contentValues.put("message_type", Integer.valueOf(pb.h.SMIME_CLEAR_SIGNED.c()));
                contentValues.put("content_type", Q0());
                contentValues.put("mime_uri", this.f8156i);
            } else {
                contentValues.put("message_type", Integer.valueOf(encodingAction == encodingAction2 ? pb.h.SMIME_OPAQUE_SIGNED.c() : pb.h.SMIME_ENCRYPTED.c()));
                contentValues.put("content_type", this.f8160o == encodingAction2 ? "application/x-pkcs7-mime; smime-type=signed-data; name=\"smime.p7m\";\"" : "application/x-pkcs7-mime; smime-type=enveloped-data; name=\"smime.p7m\";\"");
            }
            getContentResolver().insert(pb.e.f24527g, contentValues);
        }
    }

    @Override // com.blackberry.email.service.EmailMessagingService
    protected void m0(MessageValue messageValue) {
        if (!(messageValue instanceof SecureMessageValue)) {
            throw new IllegalArgumentException("MessageValue is not instance of SecureMessageValue");
        }
        SecureMessageValue secureMessageValue = (SecureMessageValue) messageValue;
        q.d("SecureEmail", "preprocess encoding: " + secureMessageValue.f8036c1 + ", folderId:" + messageValue.v(), new Object[0]);
        Cursor i10 = rb.a.i(this, secureMessageValue.f7361n);
        try {
            ob.b bVar = new ob.b(i10, this);
            this.f8154d = bVar.c().f22172n;
            this.f8157j = bVar.c().f22146e;
            this.f8158k = bVar.c().f22147f;
            Encoding valueOf = Encoding.valueOf(secureMessageValue.f8036c1);
            this.f8162q = secureMessageValue.Q0();
            this.f8163r = secureMessageValue.P0();
            if ((messageValue.D() & 4) != 4 && (messageValue.D() == 0 || messageValue.H())) {
                valueOf = Encoding.PLAIN;
            }
            this.f8160o = valueOf.getEncodingAction();
            EncodingType encodingType = valueOf.getEncodingType();
            this.f8159n = encodingType;
            if (encodingType != EncodingType.NONE) {
                HashAlgorithm hashAlgorithm = bVar.f22169o;
                this.f8161p = hashAlgorithm;
                try {
                    String K0 = K0(secureMessageValue, hashAlgorithm, true, secureMessageValue.f8039f1, O0());
                    if (K0 != null && !K0.isEmpty()) {
                        this.f8156i = K0;
                    }
                    T0(secureMessageValue);
                } catch (Throwable th2) {
                    q.g("SecureEmail", th2, "preProcess encodeAndAddAttachment exception", new Object[0]);
                    this.f8159n = EncodingType.NONE;
                    secureMessageValue.u0(33L);
                    secureMessageValue.i(68L);
                    w.a aVar = new w.a(secureMessageValue.L0);
                    aVar.b("__ERROR_COUNT__", Long.toString(6L));
                    aVar.b("__NEXT_RETRY_TIME__", null);
                    secureMessageValue.L0 = aVar.toString();
                    secureMessageValue.J0(getApplicationContext(), false);
                    throw new IllegalArgumentException("Invalid Secure E-mail State", th2);
                }
            }
            if (i10 != null) {
                i10.close();
            }
        } catch (Throwable th3) {
            if (i10 != null) {
                try {
                    i10.close();
                } catch (Throwable th4) {
                    th3.addSuppressed(th4);
                }
            }
            throw th3;
        }
    }

    @Override // com.blackberry.email.service.EmailMessagingService, android.app.Service
    public IBinder onBind(Intent intent) {
        q.d("SecureEmail", "MessagingService onBind start", new Object[0]);
        if (!com.blackberry.concierge.b.E().w(getApplicationContext()).a()) {
            Log.w("SecureEmail", "missing BBCI essential permissions, returning null");
            return null;
        }
        if (intent.getLongExtra("account_id", -1L) != -1) {
            return new b();
        }
        throw new IllegalArgumentException("Missing account ID");
    }

    @Override // com.blackberry.email.service.EmailMessagingService, android.app.Service
    public void onCreate() {
        q.k("SecureEmail", "Creating SecureEmailMessagingService", new Object[0]);
        super.onCreate();
        EmailContent.e(this);
    }

    @Override // android.app.Service
    public void onDestroy() {
        q.k("SecureEmail", "Destroying SecureEmailMessagingService", new Object[0]);
        super.onDestroy();
    }

    @Override // com.blackberry.email.service.EmailMessagingService, android.app.Service
    public boolean onUnbind(Intent intent) {
        q.k("SecureEmail", "MessagingService onUnbind ", new Object[0]);
        return super.onUnbind(intent);
    }
}
