package com.samsung.android.emailsecurity.cac;

import android.content.Context;
import android.os.Build;
import com.samsung.android.emailcommon.utility.EmailLog;
import com.samsung.android.emailsecurity.smime.CertificateManagerException;
import com.samsung.android.emailsecurity.smime.CertificateMgr;
import com.sec.android.smimeutil.SecCertificateMgr;
import com.sec.android.smimeutil.SemCertificateMgr;
import com.sec.enterprise.knox.smartcard.policy.SmartCardEmailPolicy;
import java.io.IOException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.List;

/* loaded from: classes37.dex */
public class CACManager {
    public static final int CAC_STATUS_ERROR = 2;
    public static final int CAC_STATUS_INITIALIZING = 1;
    public static final int CAC_STATUS_OK = 0;
    public static final int CAC_STATUS_UNINTIALIZED = 3;
    public static final int ERROR_SECURITY_VIOLATION = 3;
    private static final String TAG = "CACManager";
    private static final boolean auth_debug = false;
    private static final String dstKey = "bcdefghijklmnopqrstuvwxyzaBCDEFGHIJKLMNOPQRSTUVWXYZA^=";
    private static final String mKeyStoreName = "PKCS11";
    private static final String srcKey = "abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ@.";
    private static CACManager _instance = null;
    private static SmartCardEmailPolicy mSCEmailPolicy = null;
    protected Context mContext = null;
    private String mProviderName = null;
    private int mErrorCode = 3;
    private final HashSet<OnStatusChangeListener> mListeners = new HashSet<>();

    /* loaded from: classes37.dex */
    public interface OnStatusChangeListener {
        void onStatusChanged(int i);
    }

    public static void addStatusListener(Context context, OnStatusChangeListener onStatusChangeListener) {
        synchronized (getInstance(context).mListeners) {
            getInstance(context).mListeners.add(onStatusChangeListener);
        }
    }

    public static String getAliasForEncryption(String str) {
        EmailLog.d(TAG, "getAliasForEncryption function");
        SmartCardEmailPolicy smartCardEmailPolicy = SmartCardEmailPolicy.getInstance(_instance.mContext);
        if (smartCardEmailPolicy == null || str == null) {
            EmailLog.d(TAG, "internal library was not found. SCEmailPolicy is null.");
            return null;
        }
        String sMIMEEncryptionCertificate = smartCardEmailPolicy.getSMIMEEncryptionCertificate(str);
        if (sMIMEEncryptionCertificate == null) {
            EmailLog.d(TAG, "getSMIMEEncryptionCertificate returned null.");
            return null;
        }
        EmailLog.d(TAG, "getAliasForEncryption function returning alias got from email policy");
        return sMIMEEncryptionCertificate;
    }

    public static String getAliasForEncryptionUsingKeyusage() {
        boolean[] keyUsage;
        EmailLog.d(TAG, "getAliasForEncryptionUsingKeyusage function");
        try {
            KeyStore keyStore = KeyStore.getInstance(mKeyStoreName, "SECPkcs11");
            keyStore.load(null, null);
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                X509Certificate x509Certificate = (X509Certificate) keyStore.getCertificate(nextElement);
                if (x509Certificate != null && (keyUsage = x509Certificate.getKeyUsage()) != null && keyUsage[2]) {
                    EmailLog.d(TAG, "getAliasForEncryptionUsingKeyusage function returning alias found");
                    return nextElement;
                }
            }
        } catch (IOException e) {
            EmailLog.d(TAG, "getAliasForEncryptionUsingKeyusage function IOException");
        } catch (KeyStoreException e2) {
            EmailLog.d(TAG, "getAliasForEncryptionUsingKeyusage function KeyStoreException");
        } catch (NoSuchAlgorithmException e3) {
            EmailLog.d(TAG, "getAliasForEncryptionUsingKeyusage function NoSuchAlgorithmException");
        } catch (NoSuchProviderException e4) {
            EmailLog.d(TAG, "getAliasForEncryptionUsingKeyusage function NoSuchProviderException");
        } catch (CertificateException e5) {
            EmailLog.d(TAG, "getAliasForEncryptionUsingKeyusage function CertificateException");
        }
        return null;
    }

    public static String getAliasForSignature(String str) {
        EmailLog.d(TAG, "getAliasForSignature function");
        SmartCardEmailPolicy smartCardEmailPolicy = SmartCardEmailPolicy.getInstance(_instance.mContext);
        if (smartCardEmailPolicy == null || str == null) {
            EmailLog.d(TAG, "internal library was not found. SCEmailPolicy is null.");
            return null;
        }
        String sMIMESignatureCertificate = smartCardEmailPolicy.getSMIMESignatureCertificate(str);
        if (sMIMESignatureCertificate == null) {
            EmailLog.d(TAG, "getSMIMESignatureCertificate returned null.");
            return null;
        }
        EmailLog.d(TAG, "getAliasForSignature function returning alias got from email policy");
        return sMIMESignatureCertificate;
    }

    public static String getAliasForSignatureUsingKeyusage() {
        boolean[] keyUsage;
        EmailLog.d(TAG, "getAliasForSignatureUsingKeyusage function");
        try {
            KeyStore keyStore = KeyStore.getInstance(mKeyStoreName, "SECPkcs11");
            keyStore.load(null, null);
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                X509Certificate x509Certificate = (X509Certificate) keyStore.getCertificate(nextElement);
                if (x509Certificate != null && (keyUsage = x509Certificate.getKeyUsage()) != null && (keyUsage[0] || keyUsage[1])) {
                    List<String> extendedKeyUsage = x509Certificate.getExtendedKeyUsage();
                    if (extendedKeyUsage != null) {
                        for (String str : extendedKeyUsage) {
                            if (str.equals("1.3.6.1.5.5.7.3.4") || str.equals("2.5.29.37.0")) {
                                EmailLog.d(TAG, "getAliasForSignatureUsingKeyusage function returning alias found");
                                return nextElement;
                            }
                        }
                    } else {
                        continue;
                    }
                }
            }
        } catch (IOException e) {
            EmailLog.d(TAG, "getAliasForSignatureUsingKeyusage function IOException");
        } catch (KeyStoreException e2) {
            EmailLog.d(TAG, "getAliasForSignatureUsingKeyusage function KeyStoreException");
        } catch (NoSuchAlgorithmException e3) {
            EmailLog.d(TAG, "getAliasForSignatureUsingKeyusage function NoSuchAlgorithmException");
        } catch (NoSuchProviderException e4) {
            EmailLog.d(TAG, "getAliasForSignatureUsingKeyusage function NoSuchProviderException");
        } catch (CertificateParsingException e5) {
            EmailLog.d(TAG, "getAliasForSignatureUsingKeyusage function CertificateParsingException");
        } catch (CertificateException e6) {
            EmailLog.d(TAG, "getAliasForSignatureUsingKeyusage function CertificateException");
        }
        return null;
    }

    public static int getCACState() {
        return 0;
    }

    public static CertificateMgr getCertificateMgr(Context context) throws CertificateManagerException {
        try {
            CertificateMgr certificateMgr = new CertificateMgr("", getInstance(context).mContext, getKeyStore(getInstance(context).mContext), getProvider(getInstance(context).mContext), true);
            Enumeration<String> aliases = certificateMgr.getAliases();
            if (aliases != null && !aliases.hasMoreElements()) {
                EmailLog.d(TAG, "Empty Keystore!!!");
            }
            return certificateMgr;
        } catch (CertificateManagerException e) {
            EmailLog.w(TAG, e.toString());
            if (getInstance(context).mProviderName != null) {
                getInstance(context).mProviderName = null;
            }
            throw e;
        }
    }

    private static synchronized CACManager getInstance(Context context) {
        LinkageError linkageError;
        synchronized (CACManager.class) {
            if (_instance == null) {
                _instance = new CACManager();
                Context applicationContext = context.getApplicationContext();
                _instance.mContext = applicationContext;
                try {
                    mSCEmailPolicy = SmartCardEmailPolicy.getInstance(applicationContext);
                } catch (IllegalAccessError e) {
                    linkageError = e;
                    EmailLog.e(TAG, linkageError.toString());
                    mSCEmailPolicy = null;
                    return _instance;
                } catch (NoClassDefFoundError e2) {
                    linkageError = e2;
                    EmailLog.e(TAG, linkageError.toString());
                    mSCEmailPolicy = null;
                    return _instance;
                }
            }
        }
        return _instance;
    }

    private static String getKeyStore(Context context) {
        return mKeyStoreName;
    }

    public static int getLastErrorCode(Context context) {
        return getInstance(context).mErrorCode;
    }

    public static String getProvider(Context context) {
        return getInstance(context).mProviderName;
    }

    public static String getProvider(Context context, String str) {
        String str2 = (!isCredentialAccount(context, str) || getInstance(context).mProviderName == null) ? Build.VERSION.SDK_INT <= 26 ? SecCertificateMgr.BC_PROVIDER_NAME : SemCertificateMgr.BC_PROVIDER_NAME : getInstance(context).mProviderName;
        EmailLog.d("Email", "CACManager, provider name of " + shiftString(str) + " is " + str2);
        return str2;
    }

    public static void initCAC(Context context) {
        EmailLog.d(TAG, "check_provider_name: " + getInstance(context.getApplicationContext()).mProviderName);
    }

    public static boolean isActiveListener(Context context, OnStatusChangeListener onStatusChangeListener) {
        boolean contains;
        synchronized (getInstance(context).mListeners) {
            contains = getInstance(context).mListeners.contains(onStatusChangeListener);
        }
        return contains;
    }

    public static boolean isCredentialAccount(Context context, String str) {
        return getInstance(context).isCredentialAccount(str);
    }

    public static boolean isSCAuthEnabled() {
        if (mSCEmailPolicy == null) {
            EmailLog.e(TAG, "internal library was not found");
            return false;
        }
        boolean isAuthenticationEnabled = mSCEmailPolicy.isAuthenticationEnabled();
        EmailLog.d("Email", "CAC isSCAuthEnabled :" + String.valueOf(isAuthenticationEnabled));
        return isAuthenticationEnabled;
    }

    public static void removeStatusListener(Context context, OnStatusChangeListener onStatusChangeListener) {
        synchronized (getInstance(context).mListeners) {
            getInstance(context).mListeners.remove(onStatusChangeListener);
        }
    }

    public static void setErrorCode(Context context, int i) {
        EmailLog.d(TAG, "setErrorCode " + String.valueOf(i));
        getInstance(context).mErrorCode = i;
    }

    private static char shiftChar(char c) {
        return srcKey.indexOf(c) > 0 ? dstKey.charAt(srcKey.indexOf(c)) : c;
    }

    private static String shiftString(String str) {
        StringBuilder sb = new StringBuilder();
        int length = str.length();
        for (int i = 0; i < length; i++) {
            sb.append(shiftChar(str.charAt(i)));
        }
        return sb.toString();
    }

    public boolean isCredentialAccount(String str) {
        if (str == null) {
            EmailLog.d(TAG, "isCredentialAccount: address is null");
            return false;
        }
        if (mSCEmailPolicy == null) {
            EmailLog.d(TAG, "internal library was not found. mSCEmailPolicy is null.");
            return false;
        }
        if (!mSCEmailPolicy.isAuthenticationEnabled()) {
            EmailLog.d(TAG, "mSCEmailPolicy.isAuthenticationEnabled() is false");
            return false;
        }
        boolean isCredentialRequired = mSCEmailPolicy.isCredentialRequired(str);
        EmailLog.d(TAG, "isCredentialAccount - " + shiftString(str) + " : credentialRequired = " + isCredentialRequired);
        return isCredentialRequired;
    }

    public String toString() {
        return "CACManager [mContext=" + this.mContext + ", mKeyStoreName=" + mKeyStoreName + ", mProviderName=" + this.mProviderName + ", mErrorCode=" + this.mErrorCode + ", mSCEmailPolicy=" + mSCEmailPolicy + ", mListeners=" + this.mListeners + "]";
    }
}
