package com.samsung.android.email.security.emailpolicy;

import android.content.Context;
import android.content.Intent;
import android.content.pm.PackageManager;
import android.os.Bundle;
import android.os.RemoteException;
import android.os.UserHandle;
import android.text.TextUtils;
import com.samsung.android.email.common.ui.EmailSignature;
import com.samsung.android.email.common.util.SemCertificateUtil;
import com.samsung.android.email.ui.messagelist.common.MessageListConst;
import com.samsung.android.emailcommon.account.AccountUtility;
import com.samsung.android.emailcommon.account.StoredAccount;
import com.samsung.android.emailcommon.basic.constant.CarrierValues;
import com.samsung.android.emailcommon.basic.constant.SchemeConst;
import com.samsung.android.emailcommon.basic.log.LogUtility;
import com.samsung.android.emailcommon.basic.log.SemPolicyLog;
import com.samsung.android.emailcommon.basic.service.ProxyArgs;
import com.samsung.android.emailcommon.basic.uri.EmailSecureURI;
import com.samsung.android.emailcommon.preferences.AbstractAccountPreference;
import com.samsung.android.emailcommon.preferences.InternalSettingPreference;
import com.samsung.android.emailcommon.preferences.UpgradeAccountPreference;
import com.samsung.android.emailcommon.provider.HostAuth;
import com.samsung.android.emailcommon.security.SemMDMConst;
import com.samsung.android.knox.util.SemKeyStoreManager;
import java.io.FileOutputStream;
import java.io.IOException;
import org.slf4j.Marker;

/* loaded from: classes2.dex */
public class SemRestrictionPreferenceController {
    private final String TAG = SemRestrictionPreferenceController.class.getSimpleName();
    private String mPath = null;
    private int mPort = -1;

    private String getCBACertificateAlias(Context context, SemEasConfigurationItem semEasConfigurationItem, StoredAccount storedAccount) {
        String str = semEasConfigurationItem.mCbaCertificateAlias;
        if (!TextUtils.isEmpty(str)) {
            grantAccessToAlias(context, semEasConfigurationItem.mCbaCertificateAlias);
            semEasConfigurationItem.mCertificateData = null;
            semEasConfigurationItem.mCertificatePassword = null;
        } else if (!semEasConfigurationItem.mIsRestriction) {
            str = installCBACertificate(context, storedAccount.mEmail, semEasConfigurationItem.mCertificateData, semEasConfigurationItem.mCertificatePassword, storedAccount.getUuid());
        }
        SemPolicyLog.d("%s::getCBACertificateAlias() - return certificate[%s] for CBA", this.TAG, str);
        return str;
    }

    private EmailSecureURI getUri(StoredAccount storedAccount, int i, String str, boolean z, boolean z2, String str2, boolean z3, String str3) {
        String str4;
        String str5 = z ? z2 ? SchemeConst.SCHEME_EAS_SSL_TRUST_ALL : SchemeConst.SCHEME_EAS_SSL : "eas";
        if (TextUtils.isEmpty(str2)) {
            str4 = "";
        } else {
            str4 = str2 + "\\";
        }
        EmailSecureURI create = EmailSecureURI.create(str5.trim(), (str4 + storedAccount.mName + MessageListConst.DELIMITER_2 + storedAccount.mPasswd).trim(), TextUtils.isEmpty(storedAccount.mServerName) ? "" : storedAccount.mServerName.trim(), i, str, z3 ? HostAuth.USE_KERBEROS_TOKEN : str3, storedAccount.mEmail);
        SemPolicyLog.d("%s::getUri() - uri[%s]", this.TAG, create);
        return create;
    }

    private void grantAccessToAlias(Context context, String str) {
        if (context == null || TextUtils.isEmpty(str)) {
            SemPolicyLog.sysE("%s::grantAccessToAlias() - invalid parameter!!, context[%s], alias[%s]", context, str);
            return;
        }
        SemKeyStoreManager semKeyStoreManager = SemKeyStoreManager.getInstance();
        if (semKeyStoreManager == null) {
            SemPolicyLog.sysE("%s::grantAccessToAlias() - cannot bind SemKeyStoreManager", this.TAG);
            return;
        }
        SemPolicyLog.d("%s::grantAccessToAlias() - SemKeyStoreManager Bind[%s]", this.TAG, semKeyStoreManager.getClass().getName());
        try {
            semKeyStoreManager.grantAccess(context.getPackageManager().getApplicationInfo("com.samsung.android.email.provider", 128).uid, str);
        } catch (PackageManager.NameNotFoundException | RemoteException e) {
            e.printStackTrace();
        }
        SemPolicyLog.d("%s::grantAccessToAlias() - granted for alias[%s]", this.TAG, str);
    }

    private void grantAccessToSMIMEAlias(Context context, SemEasConfigurationItem semEasConfigurationItem) {
        if (!TextUtils.isEmpty(semEasConfigurationItem.mSmimeENCCertificateAlias)) {
            grantAccessToAlias(context, semEasConfigurationItem.mSmimeENCCertificateAlias);
            SemPolicyLog.d("%s::updateCertifications() - Apply certificate[%s] for S/MIME encryption", this.TAG, semEasConfigurationItem.mSmimeENCCertificateAlias);
        }
        if (TextUtils.isEmpty(semEasConfigurationItem.mSmimeSignCertificateAlias)) {
            return;
        }
        grantAccessToAlias(context, semEasConfigurationItem.mSmimeSignCertificateAlias);
        SemPolicyLog.d("%s::updateCertifications() - Apply certificate[%s] for S/MIME signing", this.TAG, semEasConfigurationItem.mSmimeSignCertificateAlias);
    }

    private String installCBACertificate(Context context, String str, byte[] bArr, String str2, String str3) {
        if (str == null) {
            SemPolicyLog.sysE("%s::installCBACertificate() - Email is null!!", this.TAG);
            return null;
        }
        if (bArr == null) {
            SemPolicyLog.sysE("%s::installCBACertificate() - CertificateData is null!!", this.TAG);
            return null;
        }
        if (str2 == null) {
            SemPolicyLog.sysE("%s::installCBACertificate() - CertificatePassword is null!!", this.TAG);
            return null;
        }
        if (str3 == null) {
            SemPolicyLog.sysE("%s::installCBACertificate() - Uuid is null!!", this.TAG);
            return null;
        }
        String installCertificate = installCertificate(context, bArr, str2, str, str3);
        Object[] objArr = new Object[3];
        objArr[0] = this.TAG;
        if (!SemPolicyLog.POLICY_DEBUG) {
            str = LogUtility.getSecureAddress(str);
        }
        objArr[1] = str;
        objArr[2] = installCertificate;
        SemPolicyLog.d("%s::installCBACertificate() - emailAddress[%s], CBA alias[%s]", objArr);
        return installCertificate;
    }

    private String installCertificate(Context context, byte[] bArr, String str, String str2, String str3) {
        String str4 = str3 + ".p12";
        try {
            FileOutputStream openFileOutput = context.openFileOutput(str4, 0);
            try {
                openFileOutput.write(bArr);
                openFileOutput.flush();
                if (openFileOutput != null) {
                    openFileOutput.close();
                }
            } finally {
            }
        } catch (IOException e) {
            e.printStackTrace();
        }
        Object[] objArr = new Object[6];
        objArr[0] = this.TAG;
        objArr[1] = bArr;
        objArr[2] = SemPolicyLog.POLICY_DEBUG ? str : TextUtils.isEmpty(str) ? "" : "********";
        if (!SemPolicyLog.POLICY_DEBUG) {
            str2 = LogUtility.getSecureAddress(str2);
        }
        objArr[3] = str2;
        objArr[4] = str4;
        objArr[5] = false;
        SemPolicyLog.d("%s::installCertificate() - data[%s], password[%s], eamilAddress[%s], fileName[%s], isRestrictionsAccount[%s]", objArr);
        if (SemCertificateUtil.canInstallCertificate(context)) {
            try {
                Bundle importCertificate = SemCertificateUtil.importCertificate(context, bArr, str, (String) null, (String) null);
                r2 = importCertificate != null ? importCertificate.getString(ProxyArgs.ARG_ALIAS) : null;
                if (r2 != null) {
                    SemPolicyLog.d("%s::installCertificate() - certificate installed alias[%s]", this.TAG, r2);
                    Intent intent = new Intent("com.samsung.android.knox.intent.action.CBA_INSTALL_STATUS_INTERNAL");
                    intent.putExtra("com.samsung.android.knox.intent.extra.STATUS", 0);
                    intent.putExtra("com.samsung.android.knox.intent.extra.USER_ID_INTERNAL", UserHandle.semGetMyUserId());
                    intent.putExtra("com.samsung.android.knox.intent.extra.ACCOUNT_ID_INTERNAL", -1);
                    context.sendBroadcast(intent, SemMDMConst.KNOX_EMAIL_PERMISSION);
                    context.deleteFile(str4);
                }
            } catch (Exception e2) {
                e2.printStackTrace();
            }
        } else {
            UpgradeAccountPreference.getInstance(context).setMDMCBACertPref(str3, str, str4);
        }
        return r2;
    }

    private void prepareNameIfNecessary(StoredAccount storedAccount) {
        if (TextUtils.isEmpty(storedAccount.mName) && !TextUtils.isEmpty(storedAccount.mEmail)) {
            String[] split = storedAccount.mEmail.split("@");
            if (split.length > 0) {
                storedAccount.mName = split[0].trim();
            }
        }
    }

    private void prepareNameOrServerNameIfNecessary(StoredAccount storedAccount) {
        if ((TextUtils.isEmpty(storedAccount.mName) || TextUtils.isEmpty(storedAccount.mServerName)) && !TextUtils.isEmpty(storedAccount.mEmail)) {
            String[] split = storedAccount.mEmail.split("@");
            if (split.length > 1) {
                if (TextUtils.isEmpty(storedAccount.mName)) {
                    storedAccount.mName = split[0].trim();
                }
                if (TextUtils.isEmpty(storedAccount.mServerName)) {
                    storedAccount.mServerName = split[1].trim();
                }
            }
        }
    }

    private void updateDescription(StoredAccount storedAccount) {
        if (TextUtils.isEmpty(storedAccount.mDescription)) {
            storedAccount.mDescription = storedAccount.mEmail;
        }
    }

    private void updateKerberosAccount(SemEasConfigurationItem semEasConfigurationItem) {
        if (semEasConfigurationItem.mIsKerberosAccount) {
            semEasConfigurationItem.mSyncContacts = 1;
            semEasConfigurationItem.mSyncCalendar = 1;
            semEasConfigurationItem.mSyncTask = 1;
        }
    }

    private void updatePort(SemEasConfigurationItem semEasConfigurationItem) {
        int i = this.mPort;
        if (i <= 0 || i > 65535) {
            SemPolicyLog.d("%s::updatePort() - Invalid port was set[%s], Use default value.", this.TAG, Integer.valueOf(this.mPort));
            int i2 = semEasConfigurationItem.mUseSSL ? 443 : 80;
            this.mPort = i2;
            SemPolicyLog.d("%s::updatePort() - Default port used[%s]", this.TAG, Integer.valueOf(i2));
        }
    }

    private void updatePreferenceCarrierAccountId(UpgradeAccountPreference upgradeAccountPreference, String str) {
        if (StoredAccount.getCarrierAccount(upgradeAccountPreference) == null) {
            upgradeAccountPreference.setCarrierAccountId(str);
        }
    }

    private void updateReceiveHostInfo(StoredAccount storedAccount, String str, int i, String str2, String str3, String str4) {
        if (TextUtils.isEmpty(str)) {
            return;
        }
        if (i == -1) {
            i = "pop3".equals(str2) ? (storedAccount.getSecurityFlags() == 1 || storedAccount.getSecurityFlags() == 2) ? 995 : 110 : (storedAccount.getSecurityFlags() == 1 || storedAccount.getSecurityFlags() == 2) ? 993 : 143;
        }
        int i2 = i;
        if (storedAccount.getSecurityFlags() != 0) {
            str2 = str2 + Marker.ANY_NON_NULL_MARKER + AccountUtility.getSecurityTypeString(storedAccount.getSecurityFlags()) + Marker.ANY_NON_NULL_MARKER;
        }
        EmailSecureURI create = EmailSecureURI.create(str2, str3 + MessageListConst.DELIMITER_2 + str4, str.trim(), i2, null, null, null);
        SemPolicyLog.d("%s::updateReceiveHostInfo() - uri[%s]", this.TAG, create);
        if (EmailSecureURI.isEmpty(create)) {
            return;
        }
        storedAccount.setStoreUri(create);
    }

    private void updateSendHostInfo(StoredAccount storedAccount, int i, String str, String str2) {
        if (TextUtils.isEmpty(storedAccount.mSendAddr)) {
            return;
        }
        if (i == -1) {
            i = (storedAccount.getSendSecurityFlags() == 1 || storedAccount.getSendSecurityFlags() == 2) ? 465 : 587;
        }
        int i2 = i;
        storedAccount.setSendPort(i2);
        String str3 = "smtp";
        if (storedAccount.getSendSecurityFlags() != 0) {
            str3 = "smtp" + Marker.ANY_NON_NULL_MARKER + AccountUtility.getSecurityTypeString(storedAccount.getSendSecurityFlags()) + Marker.ANY_NON_NULL_MARKER;
        }
        String str4 = str3;
        if (TextUtils.isEmpty(str)) {
            str = storedAccount.mName;
        }
        if (TextUtils.isEmpty(str2)) {
            str2 = storedAccount.mPasswd;
        }
        if (TextUtils.isEmpty(storedAccount.mSendAddr)) {
            return;
        }
        EmailSecureURI create = EmailSecureURI.create(str4, str + MessageListConst.DELIMITER_2 + str2, storedAccount.mSendAddr.trim(), i2, null, null, null);
        if (EmailSecureURI.isEmpty(create)) {
            return;
        }
        storedAccount.setSenderUri(create);
    }

    private void updateServerName(StoredAccount storedAccount) {
        if (TextUtils.isEmpty(storedAccount.mServerName)) {
            return;
        }
        storedAccount.mServerName = removeHttpAndHttpsTag(storedAccount.mServerName);
        if (storedAccount.mServerName.contains("/")) {
            SemPolicyLog.d("%s::updateServerName() - server_name contains path. Remove it", this.TAG);
            String[] split = storedAccount.mServerName.split("/", 2);
            if (split.length > 0) {
                storedAccount.mServerName = split[0];
                SemPolicyLog.d("%s::updateServerName() - Extracted server_name[%s]", this.TAG, storedAccount.mServerName);
                if (split.length > 1 && !split[1].trim().isEmpty()) {
                    String str = "/" + split[1].trim();
                    this.mPath = str;
                    SemPolicyLog.d("%s::updateServerName() - Extracted path[%s]", this.TAG, str);
                }
            }
        }
        if (storedAccount.mServerName.contains(MessageListConst.DELIMITER_2)) {
            SemPolicyLog.d("%s::updateServerName() - server_name contains port. Extract it", this.TAG);
            String[] split2 = storedAccount.mServerName.split(MessageListConst.DELIMITER_2);
            if (split2.length > 0) {
                storedAccount.mServerName = split2[0];
                SemPolicyLog.d("%s::updateServerName() - Extracted server_name[%s]", this.TAG, storedAccount.mServerName);
                if (split2.length > 1) {
                    try {
                        int parseInt = Integer.parseInt(split2[1]);
                        this.mPort = parseInt;
                        SemPolicyLog.d("%s::updateServerName() - Extracted port number[%s]", this.TAG, Integer.valueOf(parseInt));
                    } catch (NumberFormatException unused) {
                        SemPolicyLog.d("%s::updateServerName() - Invalid port number!", this.TAG);
                    }
                }
            }
        }
    }

    private void updateSignature(Context context, String str, StoredAccount storedAccount) {
        if (TextUtils.isEmpty(storedAccount.mSignature)) {
            storedAccount.mSignature = EmailSignature.getDefaultSignature(context, str);
            storedAccount.setSignatureEdited(false);
            SemPolicyLog.sysI("%s::updateSignature() - Signature was not set, use default one[%s]", this.TAG, storedAccount.mSignature);
        }
        storedAccount.setAddSignature(!TextUtils.isEmpty(storedAccount.mSignature));
    }

    private void updateSyncLookBack(StoredAccount storedAccount, SemLegacyConfigurationItem semLegacyConfigurationItem) {
        if ("imap".equals(semLegacyConfigurationItem.mType)) {
            int i = CarrierValues.IS_CARRIER_VZW ? 5 : 4;
            if (semLegacyConfigurationItem.mIsRestriction) {
                i = semLegacyConfigurationItem.mPeriodEmail;
            }
            storedAccount.setSyncLookbackData(i);
            SemPolicyLog.sysD("%s::updateSyncLookBack() - IMAP sync period set as[%s]", this.TAG, Integer.valueOf(storedAccount.getSyncLookbackData()));
        }
    }

    public boolean createEasAccount(Context context, SemEasConfigurationItem semEasConfigurationItem) {
        StoredAccount convertToStoredAccount = semEasConfigurationItem.convertToStoredAccount(context);
        SemPolicyLog.sysD("%s::createEasAccount() receive item\n%s", this.TAG, semEasConfigurationItem.toString());
        prepareNameOrServerNameIfNecessary(convertToStoredAccount);
        updateDescription(convertToStoredAccount);
        updateSignature(context, semEasConfigurationItem.mEmailAddress, convertToStoredAccount);
        updateServerName(convertToStoredAccount);
        updatePort(semEasConfigurationItem);
        updateKerberosAccount(semEasConfigurationItem);
        grantAccessToSMIMEAlias(context, semEasConfigurationItem);
        EmailSecureURI uri = getUri(convertToStoredAccount, this.mPort, this.mPath, semEasConfigurationItem.mUseSSL, semEasConfigurationItem.mTrustAll, semEasConfigurationItem.mDomain, semEasConfigurationItem.mIsKerberosAccount, getCBACertificateAlias(context, semEasConfigurationItem, convertToStoredAccount));
        if (EmailSecureURI.isEmpty(uri)) {
            return false;
        }
        convertToStoredAccount.setSenderUri(uri);
        convertToStoredAccount.setStoreUri(uri);
        UpgradeAccountPreference upgradeAccountPreference = UpgradeAccountPreference.getInstance(context);
        updatePreferenceCarrierAccountId(upgradeAccountPreference, convertToStoredAccount.getUuid());
        convertToStoredAccount.save(upgradeAccountPreference);
        InternalSettingPreference.getInstance(context).setUiAccountChanged(true);
        SemStoreUtility.getInstance().showMdmNotification(context);
        return true;
    }

    public boolean createLegacyAccount(Context context, SemLegacyConfigurationItem semLegacyConfigurationItem) {
        StoredAccount convertToStoredAccount = semLegacyConfigurationItem.convertToStoredAccount(context);
        SemPolicyLog.sysD("%s::createLegacyAccount() - receive item\n%s", this.TAG, semLegacyConfigurationItem.toString());
        updateDescription(convertToStoredAccount);
        prepareNameIfNecessary(convertToStoredAccount);
        updateSignature(context, semLegacyConfigurationItem.mEmailAddress, convertToStoredAccount);
        updateSyncLookBack(convertToStoredAccount, semLegacyConfigurationItem);
        updateReceiveHostInfo(convertToStoredAccount, semLegacyConfigurationItem.mReceiveHost, semLegacyConfigurationItem.mReceivePort, semLegacyConfigurationItem.mType, semLegacyConfigurationItem.mUserName, semLegacyConfigurationItem.mPassword);
        updateSendHostInfo(convertToStoredAccount, semLegacyConfigurationItem.mSendPort, semLegacyConfigurationItem.mOutgoingUserName, semLegacyConfigurationItem.mOutgoingPassword);
        UpgradeAccountPreference upgradeAccountPreference = UpgradeAccountPreference.getInstance(context);
        updatePreferenceCarrierAccountId(upgradeAccountPreference, convertToStoredAccount.getUuid());
        convertToStoredAccount.save(upgradeAccountPreference);
        InternalSettingPreference.getInstance(context).setUiAccountChanged(true);
        SemStoreUtility.getInstance().showMdmNotification(context);
        return true;
    }

    public void deleteRestrictionAccount(StoredAccount storedAccount, AbstractAccountPreference abstractAccountPreference) {
        if ((storedAccount.getBackupFlags() & 256) != 0) {
            Object[] objArr = new Object[2];
            objArr[0] = this.TAG;
            objArr[1] = SemPolicyLog.POLICY_DEBUG ? storedAccount.getEmail() : LogUtility.getSecureAddress(storedAccount.getEmail());
            SemPolicyLog.sysI("%s::deleteRestrictionAccount() delete account[%s] in upgrade account preference", objArr);
            storedAccount.delete(abstractAccountPreference);
        }
    }

    public String removeHttpAndHttpsTag(String str) {
        String[] strArr = {"https://", "http://"};
        for (int i = 0; i < 2; i++) {
            String str2 = strArr[i];
            if (str.toLowerCase().startsWith(str2)) {
                try {
                    return str.substring(str2.length());
                } catch (IndexOutOfBoundsException unused) {
                    return "";
                }
            }
        }
        return str;
    }
}
