package com.blackberry.security.krb5.svc;

import android.content.Context;
import android.content.RestrictionsManager;
import android.os.Bundle;
import android.util.Base64;
import android.util.Log;
import i8.e;
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.OutputStreamWriter;

/* loaded from: classes.dex */
public class KerberosUtil {

    /* renamed from: a, reason: collision with root package name */
    private static String f7677a = null;

    /* renamed from: b, reason: collision with root package name */
    private static boolean f7678b = false;

    /* renamed from: c, reason: collision with root package name */
    private static i8.c f7679c;

    /* loaded from: classes.dex */
    public static class TicketInfo {
        public int expiry;
        public String username;

        public TicketInfo(String str, int i10) {
            this.username = str;
            this.expiry = i10;
        }
    }

    private static boolean a(e eVar) {
        boolean z10 = false;
        if (f7679c == null) {
            Log.w("LDAPKerberosUtil", "No db, cannot add/update permission record");
        } else {
            try {
                if (g(eVar.b(), eVar.c()) != null) {
                    if (f7679c.e(eVar) != 0) {
                        Log.w("LDAPKerberosUtil", "Failed to update permission record");
                    }
                    z10 = true;
                } else {
                    if (f7679c.a(eVar) != 0) {
                        Log.w("LDAPKerberosUtil", "Failed to add permission record");
                    }
                    z10 = true;
                }
            } catch (Exception unused) {
                Log.w("LDAPKerberosUtil", "Encountered unexpected issue with adding/updating record db");
            }
        }
        return z10;
    }

    public static void b() {
        i8.c cVar = f7679c;
        if (cVar != null) {
            cVar.close();
        }
        f7678b = false;
        Log.d("LDAPKerberosUtil", "Cleanup complete");
    }

    private static void c() {
        f7679c.b();
    }

    private static void d(String str) {
        try {
            f7679c.c(str);
        } catch (Exception unused) {
            Log.w("LDAPKerberosUtil", "Encountered unexpected issue with deleting record db");
        }
    }

    public static void e(Context context) {
        if (context == null) {
            throw new IllegalStateException("Unable to retrieve app restrictions, null context");
        }
        RestrictionsManager restrictionsManager = (RestrictionsManager) context.getSystemService("restrictions");
        if (restrictionsManager == null) {
            throw new IllegalStateException("Unable to retrieve app restrictions, null restrictions manager");
        }
        Bundle applicationRestrictions = restrictionsManager.getApplicationRestrictions();
        if (applicationRestrictions == null) {
            throw new IllegalStateException("Unable to retrieve app restrictions, null bundle");
        }
        if (applicationRestrictions.isEmpty()) {
            throw new IllegalStateException("Unable to retrieve app restrictions, empty bundle.");
        }
        Log.d("LDAPKerberosUtil", "Trying to get Security Kerberos configuration from the app restrictions.");
        String string = applicationRestrictions.getString("com.blackberry.security.krb5Conf", null);
        if (string == null || string.isEmpty()) {
            Log.d("LDAPKerberosUtil", "Couldn't get Security Kerberos configuration from the app restrictions. Will try SSO Kerberos configuration next.");
            string = applicationRestrictions.getString("com.blackberry.sso.spnego.krb5Conf", null);
            if (string == null || string.isEmpty()) {
                Log.d("LDAPKerberosUtil", "Couldn't get SSO Kerberos configuration from the app restrictions, either.");
                throw new IllegalStateException("Unable to configure Kerberos Service due to missing app restrictions.");
            }
        }
        try {
            string = new String(Base64.decode(string, 0));
        } catch (IllegalArgumentException e10) {
            Log.d("LDAPKerberosUtil", "krb5 file either bad syntax or not base64");
            e10.printStackTrace();
        }
        if (string.length() == 0) {
            throw new IllegalStateException("App restriction not set");
        }
        f(context, string);
    }

    public static void f(Context context, String str) {
        Log.i("LDAPKerberosUtil", "=== BEGIN KERBEROS CONFIG ===\n" + str + "\n=== END KERBEROS CONFIG ===");
        File file = new File(context.getDir("config", 0), "krb5.conf");
        try {
            OutputStreamWriter outputStreamWriter = new OutputStreamWriter(new FileOutputStream(file));
            outputStreamWriter.write(str);
            outputStreamWriter.close();
            m("KRB5_CONFIG", file.getAbsolutePath());
            f7677a = context.getDir("ccache", 0).getAbsolutePath();
            m("KRB5CCNAME", "DIR:" + context.getDir("ccache", 0).getAbsolutePath());
            Log.i("LDAPKerberosUtil", "KRB5_CONFIG=" + file.getAbsolutePath());
            Log.i("LDAPKerberosUtil", "KRB5CCNAME=DIR:" + context.getDir("ccache", 0).getAbsolutePath());
            f7679c = new i8.c(context);
            Log.i("LDAPKerberosUtil", "Configure complete");
            f7678b = true;
        } catch (IOException e10) {
            e10.printStackTrace();
            throw new IllegalStateException("Failed to create config file");
        }
    }

    public static e g(int i10, String str) {
        i8.c cVar = f7679c;
        if (cVar == null) {
            Log.w("LDAPKerberosUtil", "No db, cannot retrieve permission record");
        } else {
            try {
                return cVar.d(str, i10);
            } catch (Exception unused) {
                Log.w("LDAPKerberosUtil", "Encountered unexpected issue retrieving permission record db");
            }
        }
        return null;
    }

    public static boolean h() {
        return f7678b;
    }

    public static void i() {
        try {
            c();
            kdestroy();
        } catch (UnsatisfiedLinkError e10) {
            e10.printStackTrace();
        }
    }

    public static void j(String str) {
        try {
            d(str);
            kdestroy(str);
        } catch (UnsatisfiedLinkError e10) {
            Log.w("LDAPKerberosUtil", "Unable to trigger kdestroy - " + e10.getMessage());
        }
    }

    public static TicketInfo k(String str, String str2) {
        try {
            return kfind(str, str2);
        } catch (UnsatisfiedLinkError e10) {
            Log.w("LDAPKerberosUtil", "Unable to trigger kfind - " + e10.getMessage());
            return null;
        }
    }

    private static native void kdestroy();

    private static native void kdestroy(String str);

    private static native TicketInfo kfind(String str, String str2);

    private static native void kinit(String str, String str2);

    private static native String klist();

    public static String l(int i10, String str, String str2) {
        TicketInfo ticketInfo;
        try {
            kinit(str, str2);
            try {
                ticketInfo = k(str, "krbtgt");
            } catch (Exception e10) {
                Log.e("LDAPKerberosUtil", "java_kfind() failed - " + e10.getMessage(), e10);
                ticketInfo = null;
            }
            if (a(new e(ticketInfo.username, i10, ticketInfo.expiry))) {
                return ticketInfo.username;
            }
            return null;
        } catch (UnsatisfiedLinkError e11) {
            Log.w("LDAPKerberosUtil", "Unable to trigger kinit - " + e11.getMessage());
            return null;
        }
    }

    private static void m(String str, String str2) {
        try {
            setenv(str, str2);
        } catch (UnsatisfiedLinkError e10) {
            Log.w("LDAPKerberosUtil", "Unable to trigger setenv - " + e10.getMessage());
        }
    }

    private static native void setenv(String str, String str2);
}
