package com.blackberry.security.secureemail.service;

import android.content.ContentValues;
import android.content.Intent;
import android.database.Cursor;
import android.net.Uri;
import android.os.IBinder;
import android.os.RemoteException;
import android.util.Base64;
import android.util.Base64OutputStream;
import android.util.Log;
import com.blackberry.email.provider.contract.EmailContent;
import com.blackberry.email.service.EmailMessagingService;
import com.blackberry.message.service.MessageAttachmentValue;
import com.blackberry.message.service.MessageValue;
import com.blackberry.message.service.ServiceResult;
import com.blackberry.security.secureemail.client.message.service.SecureMessageEmailCertificateValue;
import com.blackberry.security.secureemail.client.message.service.SecureMessageResult;
import com.blackberry.security.secureemail.client.message.service.SecureMessageValue;
import com.blackberry.security.secureemail.constants.Encoding;
import com.blackberry.security.secureemail.constants.EncodingAction;
import com.blackberry.security.secureemail.constants.EncodingType;
import com.blackberry.security.secureemail.constants.EntityIdentifierType;
import com.blackberry.security.secureemail.constants.HashAlgorithm;
import com.blackberry.security.secureemail.processors.KeyStoreProcessor;
import com.blackberry.security.secureemail.processors.SecureEmailProcessor;
import com.blackberry.security.secureemail.provider.certificate.e;
import d4.h;
import e2.l;
import e2.q;
import e2.w;
import e8.a;
import java.io.BufferedOutputStream;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.File;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.OutputStreamWriter;
import java.net.URI;
import java.net.URISyntaxException;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.UUID;
import l8.f;
import me.c;
import org.json.JSONArray;
import org.json.JSONException;
import org.json.JSONObject;

/* loaded from: classes.dex */
public class SecureEmailMessagingService extends EmailMessagingService {
    private String X;
    private EncodingType Y;
    private EncodingAction Z;

    /* renamed from: i, reason: collision with root package name */
    private boolean f7814i;

    /* renamed from: j, reason: collision with root package name */
    private URI f7815j;

    /* renamed from: o, reason: collision with root package name */
    private String f7816o;

    /* renamed from: q0, reason: collision with root package name */
    private HashAlgorithm f7817q0 = HashAlgorithm.UNKNOWN;

    /* renamed from: r0, reason: collision with root package name */
    private int f7818r0;

    /* renamed from: s0, reason: collision with root package name */
    private int f7819s0;

    /* renamed from: t, reason: collision with root package name */
    private String f7820t;

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes.dex */
    public static /* synthetic */ class a {

        /* renamed from: a, reason: collision with root package name */
        static final /* synthetic */ int[] f7821a;

        static {
            int[] iArr = new int[EncodingAction.values().length];
            f7821a = iArr;
            try {
                iArr[EncodingAction.SIGN.ordinal()] = 1;
            } catch (NoSuchFieldError unused) {
            }
            try {
                f7821a[EncodingAction.ENCRYPT.ordinal()] = 2;
            } catch (NoSuchFieldError unused2) {
            }
            try {
                f7821a[EncodingAction.SIGN_ENCRYPT.ordinal()] = 3;
            } catch (NoSuchFieldError unused3) {
            }
        }
    }

    /* loaded from: classes.dex */
    private class b extends p8.a {
        b() {
        }

        @Override // p8.c
        public String C1(long j10, String str, SecureMessageValue secureMessageValue, ServiceResult serviceResult) {
            SecureEmailMessagingService secureEmailMessagingService = SecureEmailMessagingService.this;
            return secureEmailMessagingService.q0(secureEmailMessagingService, j10, secureMessageValue, true);
        }

        @Override // p8.c
        public boolean H1(long j10, int i10, SecureMessageResult secureMessageResult, ServiceResult serviceResult) {
            try {
                return new e(SecureEmailMessagingService.this).k(j10, i10, secureMessageResult);
            } catch (Exception e10) {
                q.C("SecureEmail", e10, "Failed to validate sender certs", new Object[0]);
                throw new RemoteException("Can't validate sender certs");
            }
        }

        @Override // p8.c
        public String Q1(long j10, SecureMessageValue secureMessageValue, ServiceResult serviceResult) {
            SecureEmailMessagingService secureEmailMessagingService = SecureEmailMessagingService.this;
            return secureEmailMessagingService.q0(secureEmailMessagingService, j10, secureMessageValue, true);
        }

        @Override // p8.c
        public String m(long j10, SecureMessageValue secureMessageValue, ServiceResult serviceResult) {
            SecureEmailMessagingService secureEmailMessagingService = SecureEmailMessagingService.this;
            return secureEmailMessagingService.q0(secureEmailMessagingService, j10, secureMessageValue, false);
        }

        @Override // p8.c
        public String p(long j10, String str, SecureMessageValue secureMessageValue, ServiceResult serviceResult) {
            SecureEmailMessagingService secureEmailMessagingService = SecureEmailMessagingService.this;
            return secureEmailMessagingService.q0(secureEmailMessagingService, j10, secureMessageValue, true);
        }
    }

    private void E0(EncodingAction encodingAction, MessageValue messageValue, byte[] bArr) {
        EncodingAction encodingAction2 = EncodingAction.SIGN;
        if (encodingAction != encodingAction2 || !this.f7814i) {
            messageValue.h();
            messageValue.g();
        }
        String L0 = L0(bArr);
        MessageAttachmentValue messageAttachmentValue = new MessageAttachmentValue();
        messageAttachmentValue.f24818i = (encodingAction == encodingAction2 && this.f7814i) ? "smime.p7s" : "smime.p7m";
        messageAttachmentValue.f24819j = (encodingAction == encodingAction2 && this.f7814i) ? "application/pkcs7-signature" : "application/x-pkcs7-mime";
        messageAttachmentValue.A0 = messageValue.f7062t;
        messageAttachmentValue.f24821q0 = L0;
        try {
            this.f7815j = new URI(L0);
        } catch (URISyntaxException e10) {
            q.g("SecureEmail", e10, "addEncodedAttachment(), URISyntaxException", new Object[0]);
        }
        ArrayList arrayList = new ArrayList();
        arrayList.add(messageAttachmentValue);
        messageValue.d(arrayList);
    }

    private void F0(SecureEmailProcessor secureEmailProcessor, ArrayList<SecureMessageEmailCertificateValue> arrayList) {
        Iterator<SecureMessageEmailCertificateValue> it = arrayList.iterator();
        while (it.hasNext()) {
            SecureMessageEmailCertificateValue next = it.next();
            try {
                if (next.f7700o != null) {
                    JSONArray jSONArray = new JSONArray(next.f7700o);
                    for (int i10 = 0; i10 < jSONArray.length(); i10++) {
                        JSONObject jSONObject = jSONArray.getJSONObject(i10);
                        secureEmailProcessor.addRecipientEntry(EntityIdentifierType.valueOf(jSONObject.getInt("idType")), new ByteArrayInputStream(Base64.decode(jSONObject.getString("identifier"), 0)), next.f7697c);
                    }
                } else {
                    q.f("SecureEmail", "Invalid JSON Object", new Object[0]);
                }
            } catch (JSONException e10) {
                q.g("SecureEmail", e10, "encodeData() - Error converting Certificate JSON String", new Object[0]);
            }
        }
    }

    private byte[] G0(SecureMessageValue secureMessageValue, HashAlgorithm hashAlgorithm, boolean z10, ArrayList<SecureMessageEmailCertificateValue> arrayList, int i10) {
        byte[] I0 = I0(secureMessageValue);
        ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(I0);
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        int H0 = H0(byteArrayInputStream, byteArrayOutputStream, arrayList, hashAlgorithm, z10, i10);
        if (H0 != 0) {
            q.f("SecureEmail", "Encode Failure RC = " + H0, new Object[0]);
            return null;
        }
        if (secureMessageValue.D()) {
            E0(this.Z, secureMessageValue, byteArrayOutputStream.toByteArray());
        } else {
            ByteArrayOutputStream byteArrayOutputStream2 = new ByteArrayOutputStream();
            ByteArrayInputStream byteArrayInputStream2 = new ByteArrayInputStream(byteArrayOutputStream.toByteArray());
            Base64OutputStream base64OutputStream = new Base64OutputStream(byteArrayOutputStream2, 20);
            c.c(byteArrayInputStream2, base64OutputStream);
            base64OutputStream.close();
            E0(this.Z, secureMessageValue, byteArrayOutputStream2.toByteArray());
        }
        return I0;
    }

    private int H0(ByteArrayInputStream byteArrayInputStream, ByteArrayOutputStream byteArrayOutputStream, ArrayList<SecureMessageEmailCertificateValue> arrayList, HashAlgorithm hashAlgorithm, boolean z10, int i10) {
        SecureEmailProcessor secureEmailProcessor = new SecureEmailProcessor(this.Y, this);
        try {
            KeyStoreProcessor keyStoreProcessor = new KeyStoreProcessor(this.Y, this);
            try {
                keyStoreProcessor.certificateManagerInit();
                secureEmailProcessor.setEncoding(this.Z);
                EncodingAction encodingAction = this.Z;
                if ((encodingAction == EncodingAction.SIGN || encodingAction == EncodingAction.SIGN_ENCRYPT) && !O0(secureEmailProcessor, hashAlgorithm, z10)) {
                    if (j4.a.b()) {
                        e8.a.b(a.EnumC0201a.FAILURE, a.b.WARNING, "smime", "encode", secureEmailProcessor.errorCodeToString(13));
                    }
                    keyStoreProcessor.close();
                    secureEmailProcessor.close();
                    return 13;
                }
                EncodingAction encodingAction2 = this.Z;
                if (encodingAction2 == EncodingAction.ENCRYPT || encodingAction2 == EncodingAction.SIGN_ENCRYPT) {
                    M0(secureEmailProcessor, i10, arrayList);
                }
                int encodeMessage = secureEmailProcessor.encodeMessage(byteArrayInputStream, byteArrayOutputStream);
                if (encodeMessage != 0 && j4.a.b()) {
                    e8.a.b(a.EnumC0201a.FAILURE, a.b.WARNING, "smime", "encode", secureEmailProcessor.errorCodeToString(encodeMessage));
                }
                keyStoreProcessor.close();
                secureEmailProcessor.close();
                return encodeMessage;
            } finally {
            }
        } catch (Throwable th) {
            try {
                secureEmailProcessor.close();
            } catch (Throwable th2) {
                th.addSuppressed(th2);
            }
            throw th;
        }
    }

    private byte[] I0(SecureMessageValue secureMessageValue) {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        try {
            h.j(this, secureMessageValue, byteArrayOutputStream, false, byteArrayOutputStream, new OutputStreamWriter(new l(byteArrayOutputStream, "SecureEmail")), secureMessageValue.o());
        } catch (Exception unused) {
            q.f("SecureEmail", "Error retrieving BodyAndAttachment from SmimeOutput", new Object[0]);
        }
        return byteArrayOutputStream.toByteArray();
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r1v17 */
    /* JADX WARN: Type inference failed for: r1v18 */
    /* JADX WARN: Type inference failed for: r1v5, types: [int] */
    /* JADX WARN: Type inference failed for: r1v8 */
    /* JADX WARN: Type inference failed for: r1v9 */
    private int J0() {
        List<String> f10 = new com.blackberry.security.secureemail.provider.a(this).f();
        boolean contains = f10.contains(getString(f.f17849p));
        boolean z10 = contains;
        if (f10.contains(getString(f.f17848o))) {
            z10 = (contains ? 1 : 0) | 2;
        }
        boolean z11 = z10;
        if (f10.contains(getString(f.f17847n))) {
            z11 = (z10 ? 1 : 0) | 4;
        }
        ?? r12 = z11;
        if (f10.contains(getString(f.f17851r))) {
            r12 = (z11 ? 1 : 0) | 8;
        }
        return f10.contains(getString(f.f17850q)) ? r12 | 16 : r12;
    }

    private String K0() {
        return "multipart/signed; protocol=\"application/x-pkcs7-signature\"; micalg=" + this.f7817q0.name() + ";";
    }

    private String L0(byte[] bArr) {
        File file = new File(getFilesDir(), "encodedAttachment_" + UUID.randomUUID().toString());
        try {
            BufferedOutputStream bufferedOutputStream = new BufferedOutputStream(new FileOutputStream(file));
            try {
                bufferedOutputStream.write(bArr);
                bufferedOutputStream.flush();
                bufferedOutputStream.close();
            } finally {
            }
        } catch (FileNotFoundException e10) {
            q.g("SecureEmail", e10, "saveEncodedAttachmentFile(), FileNotFoundException", new Object[0]);
        } catch (IOException e11) {
            q.g("SecureEmail", e11, "saveEncodedAttachmentFile(), IOException", new Object[0]);
        }
        return Uri.fromFile(file).toString();
    }

    private void M0(SecureEmailProcessor secureEmailProcessor, int i10, ArrayList<SecureMessageEmailCertificateValue> arrayList) {
        secureEmailProcessor.setCipherPreferences(i10);
        String str = this.X;
        if (str != null && !str.isEmpty() && !SecureMessageResult.a(this.f7819s0, 4)) {
            secureEmailProcessor.addRecipientEntry(EntityIdentifierType.ALIAS, new ByteArrayInputStream(this.X.getBytes()), "");
        }
        if (arrayList.size() > 0) {
            F0(secureEmailProcessor, arrayList);
        }
    }

    private void N0(SecureMessageValue secureMessageValue) {
        if (this.Y == EncodingType.SMIME) {
            int i10 = a.f7821a[this.Z.ordinal()];
            if (i10 == 1) {
                secureMessageValue.o0(4194304L);
            } else if (i10 == 2 || i10 == 3) {
                secureMessageValue.o0(8388608L);
            }
        }
    }

    private boolean O0(SecureEmailProcessor secureEmailProcessor, HashAlgorithm hashAlgorithm, boolean z10) {
        boolean z11;
        secureEmailProcessor.setHashAlgorithm(hashAlgorithm);
        secureEmailProcessor.setIncludeCertificates(z10);
        String str = this.f7820t;
        if (str == null || str.isEmpty()) {
            z11 = false;
        } else {
            secureEmailProcessor.setSenderSigningEntry(EntityIdentifierType.ALIAS, new ByteArrayInputStream(this.f7820t.getBytes()));
            z11 = true;
        }
        String str2 = this.X;
        if (str2 != null && !str2.isEmpty()) {
            secureEmailProcessor.setSenderEncryptionEntry(EntityIdentifierType.ALIAS, new ByteArrayInputStream(this.X.getBytes()));
        }
        if (this.Z == EncodingAction.SIGN && this.f7814i) {
            secureEmailProcessor.setClearSigned(true, new ByteArrayInputStream(new byte[0]));
        }
        return z11;
    }

    private String P0(byte[] bArr) {
        File file = new File(getFilesDir(), "clearMIME_" + UUID.randomUUID().toString());
        try {
            BufferedOutputStream bufferedOutputStream = new BufferedOutputStream(new FileOutputStream(file));
            try {
                bufferedOutputStream.write(bArr);
                bufferedOutputStream.flush();
                q.d("SecureEmail", "writeMIMEtoFile(), %d bytes to %s", Integer.valueOf(bArr.length), file.getAbsolutePath());
                bufferedOutputStream.close();
            } finally {
            }
        } catch (FileNotFoundException e10) {
            q.g("SecureEmail", e10, "writeMIMEtoFile(), FileNotFoundException", new Object[0]);
        } catch (IOException e11) {
            q.g("SecureEmail", e11, "writeMIMEtoFile(), IOException", new Object[0]);
        }
        return Uri.fromFile(file).toString();
    }

    /* JADX INFO: Access modifiers changed from: protected */
    @Override // com.blackberry.email.service.EmailMessagingService
    public void f0(boolean z10, String str) {
        super.f0(z10, str);
        EncodingType encodingType = this.Y;
        if (encodingType != EncodingType.NONE) {
            Object[] objArr = new Object[3];
            objArr[0] = z10 ? "sending" : "saving";
            objArr[1] = encodingType;
            objArr[2] = t8.a.e(this.Z, this.f7814i);
            q.k("SecureEmail", "%s %s %s", objArr);
        }
    }

    @Override // com.blackberry.email.service.EmailMessagingService
    protected void k0(long j10, long j11) {
        if (j11 == -1 || j10 == -1) {
            throw new IllegalArgumentException("Invalid MessageID");
        }
        if (this.Y != EncodingType.NONE) {
            if (this.f7815j != null) {
                new File(this.f7815j).delete();
            }
            ContentValues contentValues = new ContentValues();
            contentValues.put("account_id", Long.valueOf(j10));
            contentValues.put("message_id", Long.valueOf(j11));
            EncodingAction encodingAction = this.Z;
            EncodingAction encodingAction2 = EncodingAction.SIGN;
            if (encodingAction == encodingAction2 && this.f7814i) {
                contentValues.put("message_type", Integer.valueOf(r8.h.SMIME_CLEAR_SIGNED.b()));
                contentValues.put("content_type", K0());
                contentValues.put("mime_uri", this.f7816o);
            } else {
                contentValues.put("message_type", Integer.valueOf(encodingAction == encodingAction2 ? r8.h.SMIME_OPAQUE_SIGNED.b() : r8.h.SMIME_ENCRYPTED.b()));
                contentValues.put("content_type", this.Z == encodingAction2 ? "application/x-pkcs7-mime; smime-type=signed-data; name=\"smime.p7m\";\"" : "application/x-pkcs7-mime; smime-type=enveloped-data; name=\"smime.p7m\";\"");
            }
            getContentResolver().insert(r8.e.f22385g, contentValues);
        }
    }

    @Override // com.blackberry.email.service.EmailMessagingService
    protected void l0(MessageValue messageValue) {
        if (!(messageValue instanceof SecureMessageValue)) {
            throw new IllegalArgumentException("MessageValue is not instance of SecureMessageValue");
        }
        SecureMessageValue secureMessageValue = (SecureMessageValue) messageValue;
        q.d("SecureEmail", "preprocess encoding: " + secureMessageValue.Z0 + ", folderId:" + messageValue.u(), new Object[0]);
        try {
            Cursor h10 = t8.a.h(this, secureMessageValue.Y);
            try {
                q8.b bVar = new q8.b(h10, this);
                this.f7814i = bVar.c().f22133n;
                this.f7820t = bVar.c().f22107e;
                this.X = bVar.c().f22108f;
                Encoding valueOf = Encoding.valueOf(secureMessageValue.Z0);
                this.f7818r0 = secureMessageValue.J0();
                this.f7819s0 = secureMessageValue.I0();
                if ((messageValue.z() & 4) != 4 && (messageValue.z() == 0 || messageValue.D())) {
                    valueOf = Encoding.PLAIN;
                }
                this.Z = valueOf.getEncodingAction();
                this.Y = valueOf.getEncodingType();
                EncodingType encodingType = valueOf.getEncodingType();
                EncodingType encodingType2 = EncodingType.NONE;
                if (encodingType != encodingType2) {
                    HashAlgorithm hashAlgorithm = bVar.f22130o;
                    this.f7817q0 = hashAlgorithm;
                    byte[] G0 = G0(secureMessageValue, hashAlgorithm, true, secureMessageValue.f7706c1, J0());
                    if (G0 == null) {
                        this.Y = encodingType2;
                        secureMessageValue.o0(33L);
                        secureMessageValue.i(68L);
                        w.a aVar = new w.a(secureMessageValue.I0);
                        aVar.b("__ERROR_COUNT__", Long.toString(6L));
                        aVar.b("__NEXT_RETRY_TIME__", null);
                        secureMessageValue.I0 = aVar.toString();
                        secureMessageValue.D0(getApplicationContext(), false);
                        throw new IllegalArgumentException("Invalid Secure E-mail State");
                    }
                    if (this.f7814i) {
                        this.f7816o = P0(G0);
                    }
                    N0(secureMessageValue);
                }
                if (h10 != null) {
                    h10.close();
                }
            } finally {
            }
        } catch (IOException unused) {
            q.f("SecureEmail", "preProcessEmail IOException", new Object[0]);
        }
    }

    @Override // com.blackberry.email.service.EmailMessagingService, android.app.Service
    public IBinder onBind(Intent intent) {
        q.d("SecureEmail", "MessagingService onBind start", new Object[0]);
        if (!com.blackberry.concierge.b.D().w(getApplicationContext()).a()) {
            Log.w("SecureEmail", "missing BBCI essential permissions, returning null");
            return null;
        }
        if (intent.getLongExtra("account_id", -1L) != -1) {
            return new b();
        }
        throw new IllegalArgumentException("Missing account ID");
    }

    @Override // com.blackberry.email.service.EmailMessagingService, android.app.Service
    public void onCreate() {
        q.k("SecureEmail", "Creating SecureEmailMessagingService", new Object[0]);
        super.onCreate();
        EmailContent.e(this);
    }

    @Override // android.app.Service
    public void onDestroy() {
        q.k("SecureEmail", "Destroying SecureEmailMessagingService", new Object[0]);
        super.onDestroy();
    }

    @Override // com.blackberry.email.service.EmailMessagingService, android.app.Service
    public boolean onUnbind(Intent intent) {
        q.k("SecureEmail", "MessagingService onUnbind ", new Object[0]);
        return super.onUnbind(intent);
    }
}
