package com.samsung.android.email.sync.ldap;

import com.novell.ldap.LDAPConnection;
import com.novell.ldap.LDAPEntry;
import com.novell.ldap.LDAPException;
import com.novell.ldap.LDAPJSSESecureSocketFactory;
import com.novell.ldap.LDAPModification;
import com.novell.ldap.util.Base64;
import com.samsung.android.email.sync.ldap.LDAPService;
import com.samsung.android.emailcommon.basic.log.EmailLog;
import java.io.IOException;
import java.io.InputStream;
import java.io.UnsupportedEncodingException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.Provider;
import java.security.Security;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* loaded from: classes2.dex */
public class LDAPConn {
    public static final String ALL_USER_ATTRS = "*";
    static final int CON_CERTIFICATE_EXCEPTION = 1209;
    static final int CON_CERTIFICATE_EXPIRED = 1211;
    static final int CON_CERTIFICATE_NOT_YET_VALID = 1210;
    static final int CON_SSL_EXCEPTION = 1212;
    public static final int DEFAULT_PORT = 389;
    public static final int DEFAULT_SSL_PORT = 636;
    private static final TrustManager[] INSECURE_TRUST_MANAGERS = {new X509TrustManager() { // from class: com.samsung.android.email.sync.ldap.LDAPConn.1
        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return null;
        }
    }};
    public static final String LDAP_PROPERTY_PROTOCOL = "version.protocol";
    public static final String LDAP_PROPERTY_SDK = "version.sdk";
    public static final String LDAP_PROPERTY_SECURITY = "version.security";
    public static final int LDAP_V3 = 3;
    public static final String NO_ATTRS = "1.1";
    public static final int SCOPE_BASE = 0;
    public static final int SCOPE_ONE = 1;
    public static final int SCOPE_SUB = 2;
    public static final int SCOPE_SUBORDINATESUBTREE = 4;
    public static final String SERVER_SHUTDOWN_OID = "1.3.6.1.4.1.1466.20036";
    private static final String TAG = "LDAPConn";
    private static final boolean sIsSSLEnabled = true;
    private static boolean sMDMEnabled = false;
    private LDAPService.LDAPClientInfo mLdapClientInfo;
    private LDAPConnection mLdapConnection;
    private LDAPServiceException mLdapServiceException;
    private LDAPSettings mLdapSettings;
    private SSLContext mSslContext;
    private InputStream mSslInputStream;
    private KeyStore mTrustedKeyStore;
    private int mCertException = 0;
    private X509TrustManager mX509TrustManager = null;

    public LDAPConn(LDAPService.LDAPClientInfo lDAPClientInfo) throws NoSuchAlgorithmException, KeyStoreException {
        this.mLdapClientInfo = lDAPClientInfo;
        this.mLdapSettings = lDAPClientInfo.getLDAPSettings();
    }

    public void addEntry(LDAPEntry lDAPEntry) throws LDAPException {
        this.mLdapConnection.add(lDAPEntry);
    }

    public void connectLdap() throws LDAPException, NoSuchAlgorithmException, KeyManagementException, UnsupportedEncodingException, LDAPServiceException, KeyStoreException {
        this.mSslContext = null;
        EmailLog.dnf(TAG, "getLdapPort()= " + this.mLdapSettings.getLdapPort() + "getLdapHost()= " + this.mLdapSettings.getLdapHost() + " ldap_connect isSSL= " + this.mLdapSettings.isSSL());
        if (this.mLdapSettings.isAnonymous() && !this.mLdapSettings.isSSL()) {
            EmailLog.dnf(TAG, "ldap_connect isAnonymous= " + this.mLdapSettings.isAnonymous());
            LDAPConnection lDAPConnection = new LDAPConnection();
            this.mLdapConnection = lDAPConnection;
            lDAPConnection.connect(this.mLdapSettings.getLdapHost(), this.mLdapSettings.getLdapPort());
            EmailLog.dnf(TAG, "Returning from function now");
            return;
        }
        if (!this.mLdapSettings.isSSL() || sMDMEnabled) {
            LDAPConnection lDAPConnection2 = new LDAPConnection();
            this.mLdapConnection = lDAPConnection2;
            lDAPConnection2.connect(this.mLdapSettings.getLdapHost(), this.mLdapSettings.getLdapPort());
            EmailLog.dnf(TAG, "ldap_connect After connection getLdapHost= " + this.mLdapSettings.getLdapHost() + " getLdapPort= " + this.mLdapSettings.getLdapPort());
            this.mLdapConnection.bind(3, this.mLdapSettings.getLdapUsername(), this.mLdapSettings.getLdapPassword());
            EmailLog.dnf(TAG, "ldap_connect After Bind");
            return;
        }
        this.mTrustedKeyStore = null;
        try {
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            this.mTrustedKeyStore = keyStore;
            keyStore.load(this.mSslInputStream, "secret".toCharArray());
        } catch (IOException | KeyStoreException | CertificateException e) {
            e.printStackTrace();
        }
        this.mSslContext = SSLContext.getInstance("SSL");
        String defaultAlgorithm = KeyManagerFactory.getDefaultAlgorithm();
        EmailLog.dnf(TAG, "The default key-manager algorithm: " + defaultAlgorithm);
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(defaultAlgorithm);
        try {
            keyManagerFactory.init(this.mTrustedKeyStore, "secret".toCharArray());
        } catch (KeyStoreException | UnrecoverableKeyException e2) {
            e2.printStackTrace();
        }
        KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(this.mTrustedKeyStore);
        TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
        if (trustManagers.length == 0) {
            EmailLog.dnf(TAG, "ldap_connect NoSuchAlgorithmException no trust manager found");
            throw new NoSuchAlgorithmException("no trust manager found");
        }
        this.mX509TrustManager = (X509TrustManager) trustManagers[0];
        TrustManager[] trustManagerArr = {new X509TrustManager() { // from class: com.samsung.android.email.sync.ldap.LDAPConn.2
            @Override // javax.net.ssl.X509TrustManager
            public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
                EmailLog.dnf(LDAPConn.TAG, "ldap_connect EasyX509TrustManager.checkServerTrusted()");
                if (x509CertificateArr != null) {
                    try {
                        if (x509CertificateArr.length == 1) {
                            LDAPConn.this.mX509TrustManager.checkServerTrusted(x509CertificateArr, str);
                        }
                    } catch (CertificateException e3) {
                        try {
                            LDAPConn.this.mLdapClientInfo.setServerCertificate(new String(Base64.encode(x509CertificateArr[0].getEncoded())));
                            LDAPConn.this.mLdapServiceException = new LDAPServiceException(e3.getMessage(), e3);
                            LDAPConn.this.mCertException = 1209;
                        } catch (CertificateEncodingException e4) {
                            e4.printStackTrace();
                        }
                    }
                }
            }

            @Override // javax.net.ssl.X509TrustManager
            public X509Certificate[] getAcceptedIssuers() {
                return null;
            }
        }};
        EmailLog.dnf(TAG, "ldap_connect getTrustAll= " + this.mLdapSettings.getTrustAll());
        if (this.mLdapSettings.getTrustAll() == 1) {
            this.mSslContext.init(keyManagers, INSECURE_TRUST_MANAGERS, null);
        } else {
            this.mSslContext.init(keyManagers, trustManagerArr, null);
        }
        Provider[] providers = Security.getProviders("MessageDigest.SHA");
        if (providers != null) {
            for (Provider provider : providers) {
                EmailLog.dnf(TAG, "ldap_connect securityProvider:MessageDigest.SHA providerInfo= " + provider.toString());
            }
        }
        EmailLog.dnf(TAG, "ldap_connect Trust store path= " + System.getProperty("javax.net.ssl.trustStore"));
        LDAPConnection lDAPConnection3 = new LDAPConnection(new LDAPJSSESecureSocketFactory(this.mSslContext.getSocketFactory()));
        this.mLdapConnection = lDAPConnection3;
        lDAPConnection3.connect(this.mLdapSettings.getLdapHost(), this.mLdapSettings.getLdapPort());
        if (this.mCertException != 0) {
            this.mCertException = 0;
            throw this.mLdapServiceException;
        }
        ldapBindToServer();
    }

    public void deleteLdap(String str) throws LDAPException {
        EmailLog.dnf(TAG, "ldap_delete rootDN= " + str);
        this.mLdapConnection.delete(str);
    }

    public void disconnectLdap() throws LDAPException {
        EmailLog.dnf(TAG, "ldap_disconnect");
        this.mLdapConnection.disconnect();
    }

    public ArrayList<LDAPResponseData> getDNList() throws LDAPException {
        LDAPSearchInt lDAPSearchInt = new LDAPSearchInt("");
        EmailLog.dnf(TAG, "ldap_getDNList ");
        LDAPAttributes lDAPAttributes = new LDAPAttributes();
        lDAPAttributes.ldap_setAttribute("namingContexts");
        lDAPSearchInt.setFilter("objectClass=*");
        lDAPSearchInt.setMaxResults(0);
        lDAPSearchInt.setServerTimeLimit(60);
        lDAPSearchInt.setDereference(0);
        lDAPSearchInt.setTypesOnly(false);
        lDAPSearchInt.setBatchSize(20);
        return lDAPSearchInt.ldap_search(this, 0, lDAPAttributes);
    }

    public LDAPConnection getLc() {
        return this.mLdapConnection;
    }

    public void ldapBindToServer() throws UnsupportedEncodingException, LDAPException {
        EmailLog.dnf(TAG, "ldapBindToServer isAnonymous= " + this.mLdapSettings.isAnonymous());
        if (this.mLdapSettings.isAnonymous()) {
            this.mLdapConnection.bind(3, this.mLdapSettings.getLdapUsername(), "");
        } else {
            this.mLdapConnection.bind(3, this.mLdapSettings.getLdapUsername(), this.mLdapSettings.getLdapPassword().getBytes("UTF8"));
        }
    }

    public void modifyValue(LDAPModification[] lDAPModificationArr, String str) throws LDAPException {
        this.mLdapConnection.modify(str, lDAPModificationArr);
    }

    public void setInputStream(InputStream inputStream) {
        this.mSslInputStream = inputStream;
    }
}
