package com.blackberry.security.secureemail.provider.a;

import android.content.ContentUris;
import android.content.Context;
import android.database.Cursor;
import android.net.Uri;
import android.os.Handler;
import android.support.v4.os.EnvironmentCompat;
import c.a.h;
import com.blackberry.common.utils.n;
import com.blackberry.email.service.AttachmentDownloadService;
import com.blackberry.j.j;
import com.blackberry.message.service.MessageAttachmentValue;
import com.blackberry.message.service.MessageValue;
import com.blackberry.security.crypto.provider.a.a.k;
import com.blackberry.security.secureemail.client.d.a;
import com.blackberry.security.secureemail.client.message.service.SecureMessageBodyValue;
import com.blackberry.security.secureemail.client.message.service.d;
import com.blackberry.security.secureemail.constants.Encoding;
import com.blackberry.security.secureemail.constants.EncodingAction;
import com.blackberry.security.secureemail.constants.EncodingType;
import com.blackberry.security.secureemail.constants.SignatureStatus;
import com.blackberry.security.secureemail.processors.SecureEmailProcessor;
import java.io.ByteArrayInputStream;
import java.io.ByteArrayOutputStream;
import java.io.InputStream;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.concurrent.CountDownLatch;
import java.util.concurrent.TimeUnit;
import org.osaf.caldav4j.DAVConstants;

/* compiled from: AbstractSecureMessageDecoder.java */
/* loaded from: classes2.dex */
public abstract class a {
    private static final int eoL = 16384;
    public static final int eoM = 120000;
    public static final int eoN = 5000;
    public final MessageValue eoO;
    public SecureMessageBodyValue eoP;
    public com.blackberry.security.secureemail.client.message.service.b eoQ;
    public final SecureEmailProcessor eoR;
    public Uri eoS;
    public final a.p eoT;
    public final Context mContext;

    /* JADX INFO: Access modifiers changed from: private */
    /* compiled from: AbstractSecureMessageDecoder.java */
    /* renamed from: com.blackberry.security.secureemail.provider.a.a$a, reason: collision with other inner class name */
    /* loaded from: classes2.dex */
    public final class C0146a extends com.blackberry.message.d.b {
        private final CountDownLatch mLatch;

        C0146a(Context context, MessageAttachmentValue messageAttachmentValue, Handler handler) {
            super(context, messageAttachmentValue, null, null);
            this.mLatch = new CountDownLatch(1);
        }

        @Override // com.blackberry.message.d.b
        public void HH() {
            this.mLatch.countDown();
        }

        public boolean ce(long j) {
            n.b(com.blackberry.security.secureemail.service.a.TAG, "waitForResult: " + this.bnN.mId, new Object[0]);
            return this.mLatch.await(120000L, TimeUnit.MILLISECONDS);
        }

        public int getState() {
            return this.bnN.mState;
        }

        @Override // com.blackberry.message.d.b
        public void p(int i, int i2) {
            switch (i2) {
                case 1:
                    n.e(com.blackberry.security.secureemail.service.a.TAG, "Failed to download attachment: " + this.bnN.mId, new Object[0]);
                    this.mLatch.countDown();
                    return;
                case 2:
                default:
                    return;
                case 3:
                    this.mLatch.countDown();
                    return;
            }
        }
    }

    /* JADX WARN: Removed duplicated region for block: B:14:0x0103  */
    /* JADX WARN: Removed duplicated region for block: B:28:? A[RETURN, SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:8:0x0070  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public a(com.blackberry.message.service.MessageValue r10, android.content.Context r11, com.blackberry.security.secureemail.constants.EncodingType r12, com.blackberry.security.secureemail.client.d.a.p r13) {
        /*
            Method dump skipped, instructions count: 276
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.blackberry.security.secureemail.provider.a.a.<init>(com.blackberry.message.service.MessageValue, android.content.Context, com.blackberry.security.secureemail.constants.EncodingType, com.blackberry.security.secureemail.client.d.a$p):void");
    }

    private byte[] O(byte[] bArr) {
        ArrayList<byte[]> arrayList = new ArrayList<>();
        this.eoR.getSignerCmsCertificate(arrayList);
        if (arrayList.size() > 0) {
            n.b(com.blackberry.security.secureemail.service.a.TAG, "Checking " + arrayList.size() + " certificates", new Object[0]);
            Iterator<byte[]> it = arrayList.iterator();
            while (it.hasNext()) {
                byte[] next = it.next();
                if (!h(next, bArr) && P(next)) {
                    return next;
                }
            }
        }
        if (!P(bArr)) {
            return null;
        }
        n.b(com.blackberry.security.secureemail.service.a.TAG, "Signing cert can be used to encrypt", new Object[0]);
        return bArr;
    }

    private static boolean P(byte[] bArr) {
        Object[] objArr = new Object[1];
        objArr[0] = Integer.valueOf(bArr == null ? -1 : bArr.length);
        n.b(com.blackberry.security.secureemail.service.a.TAG, "isEncryptionCertificateData %d tytes", objArr);
        if (bArr == null || bArr.length == 0) {
            return false;
        }
        try {
            X509Certificate x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(bArr));
            boolean[] keyUsage = x509Certificate.getKeyUsage();
            n.b(com.blackberry.security.secureemail.service.a.TAG, "Certificate(%s) Expire: %s\n", x509Certificate.getSerialNumber().toString(16), x509Certificate.getNotAfter().toString());
            if (keyUsage != null && keyUsage.length > 2) {
                if (keyUsage[2]) {
                    return true;
                }
            }
        } catch (CertificateException e) {
            n.e(com.blackberry.security.secureemail.service.a.TAG, e, "Exception in isEncryptionCertificateData", new Object[0]);
        }
        return false;
    }

    /* JADX WARN: Removed duplicated region for block: B:11:0x00d5  */
    /* JADX WARN: Removed duplicated region for block: B:25:? A[RETURN, SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:5:0x0055  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private void PH() {
        /*
            Method dump skipped, instructions count: 230
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.blackberry.security.secureemail.provider.a.a.PH():void");
    }

    private byte[] PJ() {
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        this.eoR.getSignerCertificate(byteArrayOutputStream);
        return byteArrayOutputStream.toByteArray();
    }

    private static String a(a.p pVar) {
        switch (pVar) {
            case SMIME_CLEAR_SIGNED:
                return DAVConstants.NS_QUAL_CS;
            case SMIME_ENCRYPTED:
                return "*E";
            case SMIME_OPAQUE_SIGNED:
                return "OS";
            case SMIME_RECEIPT:
                return k.cWZ;
            case PGP_CLEAR_SIGNED:
                return "PGP";
            default:
                return EnvironmentCompat.MEDIA_UNKNOWN;
        }
    }

    @h
    public static a b(long j, Context context) {
        Cursor query = context.getContentResolver().query(ContentUris.withAppendedId(j.C0108j.CONTENT_URI, j), j.C0108j.DEFAULT_PROJECTION, null, null, null);
        if (query == null || !query.moveToFirst()) {
            if (query != null) {
                query.close();
            }
            n.e(com.blackberry.security.secureemail.service.a.TAG, "Failed to create secure decoder: No secure message data for message id " + j, new Object[0]);
            return null;
        }
        MessageValue messageValue = new MessageValue(query);
        query.close();
        try {
            a.p hr = a.p.hr(com.blackberry.security.secureemail.client.d.a.a.bv(context, j));
            if (!com.blackberry.email.c.a.cG(context)) {
                n.c(com.blackberry.security.secureemail.service.a.TAG, "created NullDecoder - secure email not enabled on device.", new Object[0]);
                return new c(messageValue, context, hr);
            }
            if (!com.blackberry.email.c.a.yG()) {
                n.c(com.blackberry.security.secureemail.service.a.TAG, "created NullDecoder - secure email not supported on processor", new Object[0]);
                return new c(messageValue, context, hr);
            }
            switch (hr) {
                case SMIME_CLEAR_SIGNED:
                    n.c(com.blackberry.security.secureemail.service.a.TAG, "created SmimeClearSignedDecoder.", new Object[0]);
                    return new com.blackberry.security.secureemail.provider.d.b(messageValue, context, hr);
                case SMIME_ENCRYPTED:
                case SMIME_OPAQUE_SIGNED:
                case SMIME_RECEIPT:
                    n.c(com.blackberry.security.secureemail.service.a.TAG, "created SmimeDecoder.", new Object[0]);
                    return new com.blackberry.security.secureemail.provider.d.c(messageValue, context, hr);
                case PGP_CLEAR_SIGNED:
                    n.c(com.blackberry.security.secureemail.service.a.TAG, "created NullDecoder - PGP clear signed not supported.", new Object[0]);
                    return new c(messageValue, context, hr);
                default:
                    n.e(com.blackberry.security.secureemail.service.a.TAG, "Can't create decoder for messageType %d", Integer.valueOf(hr.getValue()));
                    return null;
            }
        } catch (IllegalArgumentException e) {
            n.e(com.blackberry.security.secureemail.service.a.TAG, "Failed to create secure decoder: " + e.getMessage(), new Object[0]);
            return null;
        }
    }

    private static Cursor c(long j, Context context) {
        return context.getContentResolver().query(ContentUris.withAppendedId(j.C0108j.CONTENT_URI, j), j.C0108j.DEFAULT_PROJECTION, null, null, null);
    }

    private static boolean h(byte[] bArr, byte[] bArr2) {
        if (bArr != null && bArr2 != null && bArr.length == bArr2.length) {
            try {
                CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
                if (((X509Certificate) certificateFactory.generateCertificate(new ByteArrayInputStream(bArr))).getSerialNumber().equals(((X509Certificate) certificateFactory.generateCertificate(new ByteArrayInputStream(bArr2))).getSerialNumber())) {
                    return true;
                }
            } catch (CertificateException e) {
                n.e(com.blackberry.security.secureemail.service.a.TAG, e, "Exception in isEncryptionCertificateData", new Object[0]);
            }
        }
        return false;
    }

    public static ByteArrayInputStream p(InputStream inputStream) {
        byte[] bArr = new byte[16384];
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        while (true) {
            int read = inputStream.read(bArr);
            if (read == -1) {
                return new ByteArrayInputStream(byteArrayOutputStream.toByteArray());
            }
            byteArrayOutputStream.write(bArr, 0, read);
        }
    }

    public void PI() {
        this.eoQ.eke = this.eoR.getSignerEmailAddress();
        this.eoQ.ejX = this.eoR.getSignatureStatus().value();
        this.eoQ.ejT = this.eoR.getSignatureAlgorithmType().value();
        this.eoQ.ejU = this.eoR.getHashType().value();
        this.eoQ.ejV = this.eoR.getContentCipher().value();
        this.eoQ.ejW = this.eoR.getKeyExchangeAlgorithm().value();
        EncodingAction encoding = this.eoR.getEncoding();
        int value = encoding.value();
        if (value != EncodingAction.NONE.value()) {
            if ((this.eoQ.ejP == Encoding.SMIME_ENCRYPT.value() && value == EncodingAction.SIGN.value()) || (this.eoQ.ejP == Encoding.SMIME_SIGN.value() && value == EncodingAction.ENCRYPT.value())) {
                encoding = EncodingAction.SIGN_ENCRYPT;
            }
            this.eoQ.ejP = Encoding.valueOf(EncodingType.SMIME, encoding).value();
        }
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        this.eoR.getSignerCertificate(byteArrayOutputStream);
        byte[] byteArray = byteArrayOutputStream.toByteArray();
        this.eoQ.f(byteArray, O(byteArray));
    }

    public Uri PK() {
        String str;
        try {
            Object[] objArr = new Object[2];
            objArr[0] = Long.valueOf(this.eoO.mId);
            switch (this.eoT) {
                case SMIME_CLEAR_SIGNED:
                    str = DAVConstants.NS_QUAL_CS;
                    break;
                case SMIME_ENCRYPTED:
                    str = "*E";
                    break;
                case SMIME_OPAQUE_SIGNED:
                    str = "OS";
                    break;
                case SMIME_RECEIPT:
                    str = k.cWZ;
                    break;
                case PGP_CLEAR_SIGNED:
                    str = "PGP";
                    break;
                default:
                    str = EnvironmentCompat.MEDIA_UNKNOWN;
                    break;
            }
            objArr[1] = str;
            n.c(com.blackberry.security.secureemail.service.a.TAG, "decode smime %d %s", objArr);
            Uri PM = PM();
            if (PM == null) {
                n.e(com.blackberry.security.secureemail.service.a.TAG, "failed to get uri from decode()", new Object[0]);
            }
            return PM;
        } finally {
            this.eoR.close();
        }
    }

    public com.blackberry.security.secureemail.client.message.service.b PL() {
        return this.eoQ;
    }

    public abstract Uri PM();

    public void PN() {
        new b(this.eoO, this.mContext).w(5000, eoM);
    }

    public int a(ByteArrayInputStream byteArrayInputStream, ByteArrayInputStream byteArrayInputStream2) {
        this.eoR.setClearSigned(true, byteArrayInputStream);
        ByteArrayOutputStream byteArrayOutputStream = new ByteArrayOutputStream();
        int decodeMessage = this.eoR.decodeMessage(byteArrayInputStream2, byteArrayOutputStream);
        PI();
        if (byteArrayOutputStream.size() == 0) {
            return decodeMessage;
        }
        int value = d.GENERAL_FAILURE.value();
        this.eoQ.ejX = SignatureStatus.VERIFY_FAILURE.value();
        return value;
    }

    public boolean a(MessageAttachmentValue messageAttachmentValue, long j) {
        boolean z = false;
        C0146a c0146a = new C0146a(this.mContext, messageAttachmentValue, null);
        if (c0146a.HE()) {
            AttachmentDownloadService.b(this.mContext, messageAttachmentValue.mId, 2);
            try {
                if (c0146a.ce(120000L)) {
                    if (c0146a.getState() == 3) {
                        z = true;
                    }
                }
            } catch (InterruptedException e) {
                n.e(com.blackberry.security.secureemail.service.a.TAG, e, "Download attachment failed", new Object[0]);
            } finally {
                c0146a.HF();
            }
        } else {
            n.e(com.blackberry.security.secureemail.service.a.TAG, "Unable to observe attachment", new Object[0]);
        }
        return z;
    }

    public Uri hs(int i) {
        return q(i, null);
    }

    public Uri q(int i, String str) {
        this.eoQ.ejQ = i;
        this.eoQ.ejR = str;
        if (this.eoQ.mId >= 0) {
            Uri withAppendedId = ContentUris.withAppendedId(a.c.CONTENT_URI, this.eoQ.mId);
            if (this.mContext.getContentResolver().update(withAppendedId, this.eoQ.a(true), null, null) >= 1) {
                n.b(com.blackberry.security.secureemail.service.a.TAG, "Updated DecodedInfo for message " + this.eoQ.boK, new Object[0]);
                return withAppendedId;
            }
            n.e(com.blackberry.security.secureemail.service.a.TAG, "Faled up update DecodedInfo for message: " + this.eoQ.boK, new Object[0]);
        }
        n.b(com.blackberry.security.secureemail.service.a.TAG, "Creating DecodedInfo for message " + this.eoQ.boK, new Object[0]);
        Uri insert = this.mContext.getContentResolver().insert(a.c.CONTENT_URI, this.eoQ.a(true));
        if (insert != null) {
            this.eoQ.mId = ContentUris.parseId(insert);
        }
        Object[] objArr = new Object[2];
        objArr[0] = Integer.valueOf(this.eoQ.ejQ);
        objArr[1] = com.blackberry.security.secureemail.provider.a.a(this.eoR.getEncoding(), this.eoT == a.p.SMIME_CLEAR_SIGNED);
        n.c(com.blackberry.security.secureemail.service.a.TAG, "decodedinfo smime %d %s", objArr);
        return insert;
    }
}
