package com.samsung.android.email.provider.provider.ldap;

import com.novell.ldap.LDAPConnection;
import com.novell.ldap.LDAPEntry;
import com.novell.ldap.LDAPException;
import com.novell.ldap.LDAPJSSESecureSocketFactory;
import com.novell.ldap.LDAPModification;
import com.novell.ldap.util.Base64;
import com.samsung.android.email.provider.provider.ldap.LDAPService;
import com.samsung.android.emailcommon.provider.EmailContent;
import com.samsung.android.emailcommon.provider.LDAPSettings;
import com.samsung.android.emailcommon.utility.EmailLog;
import java.io.IOException;
import java.io.InputStream;
import java.io.UnsupportedEncodingException;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.Provider;
import java.security.Security;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* loaded from: classes37.dex */
public class LDAPConn {
    public static final String ALL_USER_ATTRS = "*";
    static final int CON_CERTIFICATE_EXCEPTION = 1209;
    static final int CON_CERTIFICATE_EXPIRED = 1211;
    static final int CON_CERTIFICATE_NOT_YET_VALID = 1210;
    static final int CON_SSL_EXCEPTION = 1212;
    public static final int DEFAULT_PORT = 389;
    public static final int DEFAULT_SSL_PORT = 636;
    public static final String LDAP_PROPERTY_PROTOCOL = "version.protocol";
    public static final String LDAP_PROPERTY_SDK = "version.sdk";
    public static final String LDAP_PROPERTY_SECURITY = "version.security";
    public static final int LDAP_V3 = 3;
    public static final String NO_ATTRS = "1.1";
    public static final int SCOPE_BASE = 0;
    public static final int SCOPE_ONE = 1;
    public static final int SCOPE_SUB = 2;
    public static final int SCOPE_SUBORDINATESUBTREE = 4;
    public static final String SERVER_SHUTDOWN_OID = "1.3.6.1.4.1.1466.20036";
    private static final String TAG = "LDAPConn";
    private static final boolean isSSLEnabled = true;
    private LDAPConnection lc;
    private LDAPService.LDAPClientInfo ldapClientInfo;
    private LDAPSettings ldapSettings;
    private LDAPServiceException lse;
    private SSLContext sslContext;
    private InputStream sslInputStream;
    private KeyStore trustedKeyStore;
    private static boolean bMDMEnabled = false;
    private static final TrustManager[] INSECURE_TRUST_MANAGERS = {new X509TrustManager() { // from class: com.samsung.android.email.provider.provider.ldap.LDAPConn.1
        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return null;
        }
    }};
    private int certException = 0;
    private X509TrustManager standardTrustManager = null;

    public LDAPConn(LDAPService.LDAPClientInfo lDAPClientInfo) throws NoSuchAlgorithmException, KeyStoreException {
        this.ldapClientInfo = lDAPClientInfo;
        this.ldapSettings = lDAPClientInfo.getLDAPSettings();
    }

    public void addEntry(LDAPEntry lDAPEntry) throws LDAPException {
        this.lc.add(lDAPEntry);
    }

    public LDAPConnection getLc() {
        return this.lc;
    }

    public void ldapBindToServer() throws UnsupportedEncodingException, LDAPException {
        EmailLog.d(TAG, "ldapBindToServer isAnonymous= " + this.ldapSettings.isAnonymous());
        if (this.ldapSettings.isAnonymous()) {
            this.lc.bind(3, this.ldapSettings.getLdapUsername(), "");
        } else {
            this.lc.bind(3, this.ldapSettings.getLdapUsername(), this.ldapSettings.getLdapPassword().getBytes("UTF8"));
        }
    }

    public void ldap_connect() throws LDAPException, NoSuchAlgorithmException, KeyManagementException, UnsupportedEncodingException, LDAPServiceException, KeyStoreException {
        this.sslContext = null;
        EmailLog.d(TAG, "getLdapPort()= " + this.ldapSettings.getLdapPort() + "getLdapHost()= " + this.ldapSettings.getLdapHost() + " ldap_connect isSSL= " + this.ldapSettings.isSSL());
        if (this.ldapSettings.isAnonymous() && !this.ldapSettings.isSSL()) {
            EmailLog.d(TAG, "ldap_connect isAnonymous= " + this.ldapSettings.isAnonymous());
            this.lc = new LDAPConnection();
            this.lc.connect(this.ldapSettings.getLdapHost(), this.ldapSettings.getLdapPort());
            EmailLog.d(TAG, "Returning from function now");
            return;
        }
        if (!this.ldapSettings.isSSL() || bMDMEnabled) {
            this.lc = new LDAPConnection();
            this.lc.connect(this.ldapSettings.getLdapHost(), this.ldapSettings.getLdapPort());
            EmailLog.d(TAG, "ldap_connect After connection getLdapHost= " + this.ldapSettings.getLdapHost() + " getLdapPort= " + this.ldapSettings.getLdapPort());
            this.lc.bind(3, this.ldapSettings.getLdapUsername(), this.ldapSettings.getLdapPassword());
            EmailLog.d(TAG, "ldap_connect After Bind");
            return;
        }
        this.trustedKeyStore = null;
        try {
            this.trustedKeyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            this.trustedKeyStore.load(this.sslInputStream, "secret".toCharArray());
        } catch (IOException e) {
            e.printStackTrace();
        } catch (KeyStoreException e2) {
            e2.printStackTrace();
        } catch (CertificateException e3) {
            e3.printStackTrace();
        }
        this.sslContext = SSLContext.getInstance(EmailContent.LDAPAccountColumns.SSL);
        String defaultAlgorithm = KeyManagerFactory.getDefaultAlgorithm();
        EmailLog.d(TAG, "The default key-manager algorithm: " + defaultAlgorithm);
        KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(defaultAlgorithm);
        try {
            keyManagerFactory.init(this.trustedKeyStore, "secret".toCharArray());
        } catch (KeyStoreException e4) {
            e4.printStackTrace();
        } catch (UnrecoverableKeyException e5) {
            e5.printStackTrace();
        }
        KeyManager[] keyManagers = keyManagerFactory.getKeyManagers();
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(this.trustedKeyStore);
        TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
        if (trustManagers.length == 0) {
            EmailLog.d(TAG, "ldap_connect NoSuchAlgorithmException no trust manager found");
            throw new NoSuchAlgorithmException("no trust manager found");
        }
        this.standardTrustManager = (X509TrustManager) trustManagers[0];
        TrustManager[] trustManagerArr = {new X509TrustManager() { // from class: com.samsung.android.email.provider.provider.ldap.LDAPConn.2
            @Override // javax.net.ssl.X509TrustManager
            public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
            }

            @Override // javax.net.ssl.X509TrustManager
            public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
                EmailLog.d(LDAPConn.TAG, "ldap_connect EasyX509TrustManager.checkServerTrusted()");
                if (x509CertificateArr != null) {
                    try {
                        if (x509CertificateArr.length == 1) {
                            LDAPConn.this.standardTrustManager.checkServerTrusted(x509CertificateArr, str);
                        }
                    } catch (CertificateException e6) {
                        try {
                            LDAPConn.this.ldapClientInfo.setServerCertificate(new String(Base64.encode(x509CertificateArr[0].getEncoded())));
                            LDAPConn.this.lse = new LDAPServiceException(e6.getMessage(), e6);
                            LDAPConn.this.certException = 1209;
                        } catch (CertificateEncodingException e7) {
                            e7.printStackTrace();
                        }
                    }
                }
            }

            @Override // javax.net.ssl.X509TrustManager
            public X509Certificate[] getAcceptedIssuers() {
                return null;
            }
        }};
        EmailLog.d(TAG, "ldap_connect getTrustAll= " + this.ldapSettings.getTrustAll());
        if (this.ldapSettings.getTrustAll() == 1) {
            this.sslContext.init(keyManagers, INSECURE_TRUST_MANAGERS, null);
        } else {
            this.sslContext.init(keyManagers, trustManagerArr, null);
        }
        Provider[] providers = Security.getProviders("MessageDigest.SHA");
        if (providers != null) {
            for (Provider provider : providers) {
                EmailLog.d(TAG, "ldap_connect securityProvider:MessageDigest.SHA providerInfo= " + provider.toString());
            }
        }
        EmailLog.d(TAG, "ldap_connect Trust store path= " + System.getProperty("javax.net.ssl.trustStore"));
        this.lc = new LDAPConnection(new LDAPJSSESecureSocketFactory(this.sslContext.getSocketFactory()));
        this.lc.connect(this.ldapSettings.getLdapHost(), this.ldapSettings.getLdapPort());
        if (this.certException != 0) {
            this.certException = 0;
            throw this.lse;
        }
        ldapBindToServer();
    }

    public void ldap_delete(String str) throws LDAPException {
        EmailLog.d(TAG, "ldap_delete rootDN= " + str);
        this.lc.delete(str);
    }

    public void ldap_disconnect() throws LDAPException {
        EmailLog.d(TAG, "ldap_disconnect");
        this.lc.disconnect();
    }

    public ArrayList<LDAPResponseData> ldap_getDNList() throws LDAPException {
        LDAPSearchInt lDAPSearchInt = new LDAPSearchInt("");
        EmailLog.d(TAG, "ldap_getDNList ");
        LDAPAttributes lDAPAttributes = new LDAPAttributes();
        lDAPAttributes.ldap_setAttribute("namingContexts");
        lDAPSearchInt.setFilter("objectClass=*");
        lDAPSearchInt.setMaxResults(0);
        lDAPSearchInt.setServerTimeLimit(60);
        lDAPSearchInt.setDereference(0);
        lDAPSearchInt.setTypesOnly(false);
        lDAPSearchInt.setBatchSize(20);
        return lDAPSearchInt.ldap_search(this, 0, lDAPAttributes);
    }

    public void modifyValue(LDAPModification[] lDAPModificationArr, String str) throws LDAPException {
        this.lc.modify(str, lDAPModificationArr);
    }

    public void setInputStream(InputStream inputStream) {
        this.sslInputStream = inputStream;
    }
}
