package j8;

import android.accounts.Account;
import android.accounts.AccountManager;
import android.accounts.AccountManagerCallback;
import android.accounts.AccountManagerFuture;
import android.accounts.AuthenticatorException;
import android.accounts.OperationCanceledException;
import android.content.Context;
import android.os.Bundle;
import android.os.Handler;
import android.util.Log;
import h8.i;
import j8.d;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.SecureRandom;
import java.security.Security;
import java.util.ArrayList;
import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManagerFactory;
import uc.c0;
import uc.e0;
import uc.f1;
import uc.h0;
import uc.l;
import uc.n0;
import uc.u;
import uc.v;
import uc.v0;
import uc.w;
import uc.x;
import x5.g;

/* compiled from: LdapFetcher.java */
/* loaded from: classes.dex */
class e {

    /* renamed from: a, reason: collision with root package name */
    private final List<d> f14555a;

    /* renamed from: b, reason: collision with root package name */
    private Context f14556b;

    /* renamed from: c, reason: collision with root package name */
    private i f14557c = null;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* compiled from: LdapFetcher.java */
    /* loaded from: classes.dex */
    public static /* synthetic */ class a {

        /* renamed from: a, reason: collision with root package name */
        static final /* synthetic */ int[] f14558a;

        static {
            int[] iArr = new int[d.b.values().length];
            f14558a = iArr;
            try {
                iArr[d.b.SIMPLE.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                f14558a[d.b.KERBEROS.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
            try {
                f14558a[d.b.NONE.ordinal()] = 3;
            } catch (NoSuchFieldError unused3) {
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public e(Context context, d... dVarArr) {
        this.f14556b = context;
        ArrayList arrayList = new ArrayList();
        this.f14555a = arrayList;
        Collections.addAll(arrayList, dVarArr);
    }

    private void a(Map<String, List<f>> map, List<v> list, Map<v, String> map2, h0 h0Var) {
        f fVar = new f(null, h0Var);
        Iterator<v> it = list.iterator();
        while (it.hasNext()) {
            c(map, map2.get(it.next()), fVar);
        }
    }

    private void c(Map<String, List<f>> map, String str, f fVar) {
        List<f> list = map.get(str);
        if (list == null) {
            list = new ArrayList<>();
        }
        list.add(fVar);
        map.put(str, list);
    }

    private void d(d dVar, c0 c0Var) {
        String h10;
        if (Security.getProvider("BlackBerrySASL") == null) {
            Log.d("LDAPFETCHER", "Adding BlackBerrySASL security provider.");
            Security.addProvider(new r1.a());
        }
        try {
            if (this.f14557c == null) {
                Log.d("LDAPFETCHER", "Creating instance of Krb5Lib.");
                this.f14557c = new i(this.f14556b);
            }
            if (dVar.c() == null && dVar.g() == null) {
                h10 = k(this.f14556b);
            } else {
                Log.d("LDAPFETCHER", "Calling kinit.");
                h10 = this.f14557c.h(dVar.c(), dVar.g());
            }
            if (h10 == null) {
                throw new h0(v0.f24537c1, "kinit returned null token string.");
            }
            Log.d("LDAPFETCHER", "Getting new GSSManager.");
            x5.d d10 = this.f14557c.d();
            Log.d("LDAPFETCHER", "GSSManager: creating nameOid.");
            try {
                g e10 = d10.e("1.2.840.113554.1.2.1.1");
                Log.d("LDAPFETCHER", "GSSManager: creating mechOid.");
                try {
                    g e11 = d10.e("1.2.840.113554.1.2.2");
                    Log.d("LDAPFETCHER", "GSSManager: creating GSSName.");
                    try {
                        x5.e d11 = d10.d(h10, e10, e11);
                        Log.d("LDAPFETCHER", "GSSManager: creating GSSCredential.");
                        try {
                            x5.b b10 = d10.b(d11, 0, e11, 1);
                            Log.d("LDAPFETCHER", "Creating new GSSAPI bind request properties.");
                            x xVar = new x(null, null);
                            xVar.F(d10);
                            xVar.D(b10);
                            Log.d("LDAPFETCHER", "Creating new GSSAPI bind request.");
                            c0Var.g(new w(xVar, new l[0]));
                        } catch (x5.c e12) {
                            throw new h0(v0.f24537c1, "GSSManager: failed to create GSSCredential.", e12);
                        }
                    } catch (x5.c e13) {
                        throw new h0(v0.f24537c1, "GSSManager: failed to create GSSName.", e13);
                    }
                } catch (x5.c e14) {
                    throw new h0(v0.f24537c1, "GSSManager: failed to create mechOid.", e14);
                }
            } catch (x5.c e15) {
                throw new h0(v0.f24537c1, "GSSManager: failed to create nameOid.", e15);
            }
        } catch (Exception e16) {
            throw new h0(v0.f24537c1, "Unexpected exception on kinit.", e16);
        }
    }

    private void e(d dVar, c0 c0Var) {
        c0Var.f(dVar.c(), dVar.g());
    }

    private void f(d dVar, c0 c0Var) {
        d.b a10 = dVar.a();
        Log.d("LDAPFETCHER", "LDAP Configuration: auth method is " + a10);
        int i10 = a.f14558a[a10.ordinal()];
        if (i10 == 1) {
            e(dVar, c0Var);
            Log.d("LDAPFETCHER", "Simple bind request succeeded on " + c0Var);
            return;
        }
        if (i10 != 2) {
            return;
        }
        d(dVar, c0Var);
        Log.d("LDAPFETCHER", "Kerberos bind request succeeded on " + c0Var);
    }

    private c0 g(d dVar) {
        String k10 = dVar.k();
        int h10 = dVar.h();
        long m10 = dVar.m();
        d.f l10 = dVar.l();
        Log.d("LDAPFETCHER", String.format("LDAP Configuration: server %s:%d.", k10, Integer.valueOf(h10)));
        Log.d("LDAPFETCHER", String.format("LDAP Configuration: response timeout = %d ms.", Long.valueOf(m10)));
        Log.d("LDAPFETCHER", String.format("LDAP Configuration: SSL option is %s.", l10));
        e0 e0Var = new e0();
        e0Var.s(m10);
        if (l10 == d.f.LDAPS) {
            c0 c0Var = new c0(l(), e0Var);
            c0Var.j(k10, h10);
            return c0Var;
        }
        if (l10 != d.f.STARTTLS) {
            c0 c0Var2 = new c0(e0Var);
            c0Var2.j(k10, h10);
            return c0Var2;
        }
        c0 c0Var3 = new c0(e0Var);
        c0Var3.j(k10, h10);
        n(c0Var3);
        return c0Var3;
    }

    private f h(c0 c0Var, String str, f1 f1Var, v vVar, List<String> list) {
        f fVar = new f();
        try {
            fVar.f(c0Var.M(str, f1Var, vVar, (String[]) list.toArray(new String[list.size()])));
        } catch (n0 e10) {
            Log.e("LDAPFETCHER", "LDAP search on " + c0Var + " failed: " + e10.a());
            fVar.e(e10);
        }
        return fVar;
    }

    private Map<v, f> i(d dVar, c0 c0Var, List<v> list, List<String> list2) {
        String b10 = dVar.b();
        Log.d("LDAPFETCHER", "LDAP Configuration: baseDN = " + b10);
        f1 j10 = dVar.j();
        Log.d("LDAPFETCHER", "LDAP Configuration: search scope = " + j10);
        HashMap hashMap = new HashMap(list.size());
        for (v vVar : list) {
            Log.d("LDAPFETCHER", "Searching by filter: " + vVar);
            f h10 = h(c0Var, b10, j10, vVar, list2);
            Log.d("LDAPFETCHER", String.format("Got result: %s, exception: %s.", h10.c(), h10.b()));
            hashMap.put(vVar, h10);
        }
        return hashMap;
    }

    private String k(Context context) {
        AccountManager accountManager = AccountManager.get(context);
        if (accountManager == null) {
            throw new h0(v0.f24537c1, "Unable to access account manager");
        }
        try {
            Account[] accountsByType = accountManager.getAccountsByType("com.blackberry.security.krb5.svc");
            if (accountsByType == null || accountsByType.length < 1) {
                throw new h0(v0.f24537c1, "No Kerberos account exists");
            }
            AccountManagerFuture<Bundle> authToken = accountManager.getAuthToken(accountsByType[0], "com.blackberry.security.krb5.svc", (Bundle) null, false, (AccountManagerCallback<Bundle>) null, (Handler) null);
            if (authToken == null) {
                Log.e("LDAPFETCHER", "getAuthToken() returned null bundle");
                throw new h0(v0.f24537c1, "getAuthToken() returned null bundle");
            }
            try {
                return authToken.getResult().getString("authtoken");
            } catch (AuthenticatorException | OperationCanceledException | IOException e10) {
                Log.e("LDAPFETCHER", "getAuthToken failed unexpectedly", e10);
                throw new h0(v0.f24537c1, "getAuthToken() failed unexpectedly");
            }
        } catch (SecurityException e11) {
            Log.e("LDAPFETCHER", "No permission to look up Kerberos account", e11);
            throw new h0(v0.f24537c1, "Failed to look up Kerberos account");
        }
    }

    private SSLSocketFactory l() {
        KeyStore keyStore = KeyStore.getInstance("AndroidCAStore");
        keyStore.load(null);
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(keyStore);
        SSLContext sSLContext = SSLContext.getInstance("TLSv1.2");
        sSLContext.init(null, trustManagerFactory.getTrustManagers(), new SecureRandom());
        return sSLContext.getSocketFactory();
    }

    private Map<v, String> m(Map<String, List<f>> map, List<String> list) {
        HashSet<String> hashSet = new HashSet(list);
        HashMap hashMap = new HashMap(hashSet.size());
        for (String str : hashSet) {
            try {
                hashMap.put(v.a(str), str);
            } catch (h0 e10) {
                Log.e("LDAPFETCHER", String.format("Failed to create LDAP Filter from string %s: %s.", str, e10.a()));
                c(map, str, new f(null, e10));
            }
        }
        return hashMap;
    }

    private void n(c0 c0Var) {
        KeyStore keyStore = KeyStore.getInstance("AndroidCAStore");
        keyStore.load(null);
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(keyStore);
        try {
            u I = c0Var.I(new xc.c(new ad.b(trustManagerFactory.getTrustManagers()).b()));
            if (I.e() == v0.f24549o) {
            } else {
                throw new h0(I);
            }
        } catch (h0 e10) {
            throw new h0(e10.e(), "StartTLS request failed: " + e10);
        }
    }

    public void b(Context context) {
        Collection<? extends d> arrayList = new ArrayList<>();
        try {
            arrayList = d.f(context);
        } catch (h0 e10) {
            Log.e("LDAPFETCHER", "Failed to get LDAP managed configuration(s)", e10);
        }
        this.f14555a.addAll(arrayList);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Map<String, List<f>> j(List<String> list, List<String> list2) {
        HashMap hashMap = new HashMap();
        Map<v, String> m10 = m(hashMap, list);
        ArrayList arrayList = new ArrayList(m10.keySet());
        if (arrayList.isEmpty()) {
            return hashMap;
        }
        if (this.f14555a.isEmpty()) {
            Log.e("LDAPFETCHER", "No LDAP Configurations have been added to the Certificate Fetcher.");
            a(hashMap, arrayList, m10, new h0(v0.f24537c1, "No LDAP Configurations found."));
            return hashMap;
        }
        Iterator<d> it = this.f14555a.iterator();
        while (true) {
            c0 c0Var = null;
            if (!it.hasNext()) {
                break;
            }
            d next = it.next();
            try {
                c0Var = g(next);
                Log.d("LDAPFETCHER", String.format("Connection established to %s:%d.", next.k(), Integer.valueOf(next.h())));
                try {
                    f(next, c0Var);
                    Log.d("LDAPFETCHER", "Now searching on " + c0Var);
                    Map<v, f> i10 = i(next, c0Var, arrayList, list2);
                    c0Var.close();
                    if (i10 != null) {
                        for (Map.Entry<v, f> entry : i10.entrySet()) {
                            c(hashMap, m10.get(entry.getKey()), entry.getValue());
                        }
                    }
                } catch (h0 e10) {
                    Log.e("LDAPFETCHER", "Bind request on " + c0Var + " failed. Skipping this LDAP Configuration.", e10);
                    c0Var.close();
                    a(hashMap, arrayList, m10, e10);
                }
            } catch (IOException | GeneralSecurityException | h0 e11) {
                if (c0Var != null) {
                    c0Var.close();
                }
                Log.e("LDAPFETCHER", e11.getMessage() + ". Skipping this LDAP Configuration.");
                a(hashMap, arrayList, m10, new h0(v0.f24546l1, e11.getMessage()));
            }
        }
        if (this.f14557c != null) {
            Log.d("LDAPFETCHER", "Unbinding instance of Krb5Lib.");
            this.f14557c.j();
            this.f14557c = null;
        }
        return hashMap;
    }
}
