package com.sec.android.smimeutil;

import android.content.ComponentName;
import android.content.Context;
import android.content.Intent;
import android.content.ServiceConnection;
import android.os.Binder;
import android.os.IBinder;
import android.os.Looper;
import android.os.RemoteException;
import android.os.UserHandle;
import android.security.IKeyChainService;
import android.security.keystore.AndroidKeyStorePrivateKey;
import com.android.org.conscrypt.NativeCrypto;
import com.android.org.conscrypt.NativeRef;
import com.android.org.conscrypt.OpenSSLBIOInputStream;
import com.android.org.conscrypt.OpenSSLKey;
import com.android.org.conscrypt.OpenSSLX509Certificate;
import com.android.org.conscrypt.TrustedCertificateStore;
import java.io.ByteArrayInputStream;
import java.io.Closeable;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.security.InvalidKeyException;
import java.security.PrivateKey;
import java.security.cert.CertificateEncodingException;
import java.security.cert.X509Certificate;
import java.util.List;
import java.util.concurrent.LinkedBlockingQueue;

/* loaded from: classes30.dex */
public class NativeSMIMEHelper {
    public static final int DO_CERTIFICATE_VERIFICATION = 4096;
    public static final int DO_CRL_CHECK = 8192;
    public static final int DO_OCSP_CHECK = 16384;
    public static final String ENCRYPTION_ALGORITHM_3DES = "-des3";
    public static final String ENCRYPTION_ALGORITHM_AES128 = "-aes-128";
    public static final String ENCRYPTION_ALGORITHM_AES192 = "-aes-192";
    public static final String ENCRYPTION_ALGORITHM_AES256 = "-aes-256";
    public static final String ENCRYPTION_ALGORITHM_DES = "-des";
    public static final String ENCRYPTION_ALGORITHM_RC2128 = "-rc2-128";
    public static final String ENCRYPTION_ALGORITHM_RC240 = "-rc2-40";
    public static final String ENCRYPTION_ALGORITHM_RC264 = "-rc2-64";
    public static final int OCSP_ERROR_CODE_BASE = 1000;
    public static final String OpenSSLProviderName = "AndroidOpenSSL";
    public static final String SIGNING_ALGORITHM_ECDSA = "-ecdsa";
    public static final String SIGNING_ALGORITHM_MD5 = "-md5";
    public static final String SIGNING_ALGORITHM_SHA = "-sha1";
    public static final String SIGNING_ALGORITHM_SHA256 = "-sha-256";
    public static final String SIGNING_ALGORITHM_SHA384 = "-sha-384";
    public static final String SIGNING_ALGORITHM_SHA512 = "-sha-512";
    public static final int SPC_OCSPRESULT_CERTIFICATE_REVOKED = 1000;
    public static final int SPC_OCSPRESULT_CERTIFICATE_VALID = 1001;
    public static final int SPC_OCSPRESULT_ERROR_BADOCSPADDRESS = 1009;
    public static final int SPC_OCSPRESULT_ERROR_CONNECTFAILURE = 1011;
    public static final int SPC_OCSPRESULT_ERROR_INTERNALERROR = 1003;
    public static final int SPC_OCSPRESULT_ERROR_INVALIDRESPONSE = 1012;
    public static final int SPC_OCSPRESULT_ERROR_MALFORMEDREQUEST = 1002;
    public static final int SPC_OCSPRESULT_ERROR_OUTOFMEMORY = 1008;
    public static final int SPC_OCSPRESULT_ERROR_SIGNFAILURE = 1010;
    public static final int SPC_OCSPRESULT_ERROR_SIGREQUIRED = 1005;
    public static final int SPC_OCSPRESULT_ERROR_TRYLATER = 1004;
    public static final int SPC_OCSPRESULT_ERROR_UNAUTHORIZED = 1006;
    public static final int SPC_OCSPRESULT_ERROR_UNKNOWN = 1007;
    private static final String TAG = "NativeSMIMEHelper";
    public static final int X509_V_ERR_AKID_ISSUER_SERIAL_MISMATCH = 31;
    public static final int X509_V_ERR_AKID_SKID_MISMATCH = 30;
    public static final int X509_V_ERR_APPLICATION_VERIFICATION = 50;
    public static final int X509_V_ERR_CERT_CHAIN_TOO_LONG = 22;
    public static final int X509_V_ERR_CERT_HAS_EXPIRED = 10;
    public static final int X509_V_ERR_CERT_NOT_YET_VALID = 9;
    public static final int X509_V_ERR_CERT_REJECTED = 28;
    public static final int X509_V_ERR_CERT_REVOKED = 23;
    public static final int X509_V_ERR_CERT_SIGNATURE_FAILURE = 7;
    public static final int X509_V_ERR_CERT_UNTRUSTED = 27;
    public static final int X509_V_ERR_CRL_HAS_EXPIRED = 12;
    public static final int X509_V_ERR_CRL_NOT_YET_VALID = 11;
    public static final int X509_V_ERR_CRL_PATH_VALIDATION_ERROR = 54;
    public static final int X509_V_ERR_CRL_SIGNATURE_FAILURE = 8;
    public static final int X509_V_ERR_DEPTH_ZERO_SELF_SIGNED_CERT = 18;
    public static final int X509_V_ERR_DIFFERENT_CRL_SCOPE = 44;
    public static final int X509_V_ERR_ERROR_IN_CERT_NOT_AFTER_FIELD = 14;
    public static final int X509_V_ERR_ERROR_IN_CERT_NOT_BEFORE_FIELD = 13;
    public static final int X509_V_ERR_ERROR_IN_CRL_LAST_UPDATE_FIELD = 15;
    public static final int X509_V_ERR_ERROR_IN_CRL_NEXT_UPDATE_FIELD = 16;
    public static final int X509_V_ERR_EXCLUDED_VIOLATION = 48;
    public static final int X509_V_ERR_INVALID_CA = 24;
    public static final int X509_V_ERR_INVALID_EXTENSION = 41;
    public static final int X509_V_ERR_INVALID_NON_CA = 37;
    public static final int X509_V_ERR_INVALID_POLICY_EXTENSION = 42;
    public static final int X509_V_ERR_INVALID_PURPOSE = 26;
    public static final int X509_V_ERR_KEYUSAGE_NO_CERTSIGN = 32;
    public static final int X509_V_ERR_KEYUSAGE_NO_CRL_SIGN = 35;
    public static final int X509_V_ERR_KEYUSAGE_NO_DIGITAL_SIGNATURE = 39;
    public static final int X509_V_ERR_NO_EXPLICIT_POLICY = 43;
    public static final int X509_V_ERR_OUT_OF_MEM = 17;
    public static final int X509_V_ERR_PATH_LENGTH_EXCEEDED = 25;
    public static final int X509_V_ERR_PERMITTED_VIOLATION = 47;
    public static final int X509_V_ERR_PROXY_CERTIFICATES_NOT_ALLOWED = 40;
    public static final int X509_V_ERR_PROXY_PATH_LENGTH_EXCEEDED = 38;
    public static final int X509_V_ERR_SELF_SIGNED_CERT_IN_CHAIN = 19;
    public static final int X509_V_ERR_SUBJECT_ISSUER_MISMATCH = 29;
    public static final int X509_V_ERR_SUBTREE_MINMAX = 49;
    public static final int X509_V_ERR_UNABLE_TO_DECODE_ISSUER_PUBLIC_KEY = 6;
    public static final int X509_V_ERR_UNABLE_TO_DECRYPT_CERT_SIGNATURE = 4;
    public static final int X509_V_ERR_UNABLE_TO_DECRYPT_CRL_SIGNATURE = 5;
    public static final int X509_V_ERR_UNABLE_TO_GET_CRL = 3;
    public static final int X509_V_ERR_UNABLE_TO_GET_CRL_ISSUER = 33;
    public static final int X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT = 2;
    public static final int X509_V_ERR_UNABLE_TO_GET_ISSUER_CERT_LOCALLY = 20;
    public static final int X509_V_ERR_UNABLE_TO_VERIFY_LEAF_SIGNATURE = 21;
    public static final int X509_V_ERR_UNHANDLED_CRITICAL_CRL_EXTENSION = 36;
    public static final int X509_V_ERR_UNHANDLED_CRITICAL_EXTENSION = 34;
    public static final int X509_V_ERR_UNNESTED_RESOURCE = 46;
    public static final int X509_V_ERR_UNSUPPORTED_CONSTRAINT_SYNTAX = 52;
    public static final int X509_V_ERR_UNSUPPORTED_CONSTRAINT_TYPE = 51;
    public static final int X509_V_ERR_UNSUPPORTED_EXTENSION_FEATURE = 45;
    public static final int X509_V_ERR_UNSUPPORTED_NAME_SYNTAX = 53;
    public static final int X509_V_OK = 0;

    /* loaded from: classes30.dex */
    public static final class KeyChainConnection implements Closeable {
        private final Context context;
        private final IKeyChainService service;
        private final ServiceConnection serviceConnection;

        private KeyChainConnection(Context context, ServiceConnection serviceConnection, IKeyChainService iKeyChainService) {
            this.context = context;
            this.serviceConnection = serviceConnection;
            this.service = iKeyChainService;
        }

        @Override // java.io.Closeable, java.lang.AutoCloseable
        public void close() {
            this.context.unbindService(this.serviceConnection);
        }

        public IKeyChainService getService() {
            return this.service;
        }
    }

    static {
        System.loadLibrary("opensslsmime");
        SMIMEclinit();
    }

    private static native long CMSdecrypt(String str, NativeRef.EVP_PKEY evp_pkey, long j, String str2, boolean z, boolean z2, String str3);

    private static native long CMSencrypt(long j, long[] jArr, String str, String str2);

    private static native long CMSsign(String str, String str2, long j, NativeRef.EVP_PKEY evp_pkey, long[] jArr, String str3, boolean z, boolean z2, String str4);

    private static native long[] CMSverify(String str, String str2, long[] jArr, boolean z);

    private static native boolean PKCS7decrypt(String str, NativeRef.EVP_PKEY evp_pkey, long j, String str2, boolean z, boolean z2, String str3);

    private static native boolean PKCS7encrypt(long j, long[] jArr, String str, String str2);

    private static native boolean PKCS7sign(String str, String str2, long j, NativeRef.EVP_PKEY evp_pkey, long[] jArr, String str3, boolean z, boolean z2, String str4);

    private static native long[] PKCS7verify(String str, String str2, long[] jArr, boolean z);

    private static native void SMIMEclinit();

    public static KeyChainConnection bind(Context context, int i) throws InterruptedException, AssertionError {
        if (context == null) {
            throw new NullPointerException("context == null");
        }
        ensureNotOnMainThread(context);
        final LinkedBlockingQueue linkedBlockingQueue = new LinkedBlockingQueue(1);
        ServiceConnection serviceConnection = new ServiceConnection() { // from class: com.sec.android.smimeutil.NativeSMIMEHelper.1
            volatile boolean mConnectedAtLeastOnce = false;

            @Override // android.content.ServiceConnection
            public void onServiceConnected(ComponentName componentName, IBinder iBinder) {
                if (this.mConnectedAtLeastOnce) {
                    return;
                }
                this.mConnectedAtLeastOnce = true;
                if (iBinder != null) {
                    try {
                        linkedBlockingQueue.put(IKeyChainService.Stub.asInterface(iBinder));
                    } catch (InterruptedException e) {
                        e.printStackTrace();
                    }
                }
            }

            @Override // android.content.ServiceConnection
            public void onServiceDisconnected(ComponentName componentName) {
            }
        };
        Intent intent = new Intent(IKeyChainService.class.getName());
        intent.setComponent(intent.resolveSystemService(context.getPackageManager(), 0));
        UserHandle userHandle = new UserHandle(UserHandle.getUserId(i));
        long clearCallingIdentity = Binder.clearCallingIdentity();
        boolean bindServiceAsUser = context.bindServiceAsUser(intent, serviceConnection, 1, userHandle);
        Binder.restoreCallingIdentity(clearCallingIdentity);
        if (bindServiceAsUser) {
            return new KeyChainConnection(context, serviceConnection, (IKeyChainService) linkedBlockingQueue.take());
        }
        throw new AssertionError("Could not bind to KeyChainService");
    }

    private static void ensureNotOnMainThread(Context context) {
        Looper myLooper = Looper.myLooper();
        if (myLooper != null && myLooper == context.getMainLooper()) {
            throw new IllegalStateException("calling this from your main thread can lead to deadlock");
        }
    }

    private static native byte[] getCDP(long j);

    public static String getCRLDistributionPoint(byte[] bArr) throws CertificateEncodingException, Exception {
        return "http:" + new String(getCDP(NativeCrypto.d2i_X509(OpenSSLX509Certificate.fromX509PemInputStream(new ByteArrayInputStream(bArr)).getEncoded()))).split("http:")[1];
    }

    public static List<X509Certificate> getCertificateChain(X509Certificate x509Certificate) throws Exception {
        return new TrustedCertificateStore().getCertificateChain(x509Certificate);
    }

    public static String getKeyId(int i, String str, Context context) throws RemoteException {
        KeyChainConnection keyChainConnection = null;
        String str2 = null;
        try {
            try {
                keyChainConnection = bind(context, i);
                str2 = keyChainConnection.getService().requestPrivateKey(str);
                if (keyChainConnection != null) {
                    keyChainConnection.close();
                }
            } catch (RemoteException e) {
                e.printStackTrace();
                if (keyChainConnection != null) {
                    keyChainConnection.close();
                }
            } catch (InterruptedException e2) {
                e2.printStackTrace();
                if (keyChainConnection != null) {
                    keyChainConnection.close();
                }
            }
            return str2;
        } catch (Throwable th) {
            if (keyChainConnection != null) {
                keyChainConnection.close();
            }
            throw th;
        }
    }

    public static long openSSLPKCS7Sign(File file, File file2, PrivateKey privateKey, byte[] bArr, List<byte[]> list, String str, String str2, int i, Context context) throws FileNotFoundException, NullPointerException, InvalidKeyException, Exception {
        return openSSLPKCS7Sign(file, file2, privateKey, bArr, list, str, false, str2, i, context);
    }

    public static long openSSLPKCS7Sign(File file, File file2, PrivateKey privateKey, byte[] bArr, List<byte[]> list, String str, boolean z, String str2, int i, Context context) throws FileNotFoundException, NullPointerException, InvalidKeyException, Exception {
        if (!file.exists()) {
            throw new FileNotFoundException("Input File does not exist.");
        }
        if (!file2.exists()) {
            throw new FileNotFoundException("Output File does not exist.");
        }
        String absolutePath = file.getAbsolutePath();
        String absolutePath2 = file2.getAbsolutePath();
        long d2i_X509 = NativeCrypto.d2i_X509(OpenSSLX509Certificate.fromX509PemInputStream(new ByteArrayInputStream(bArr)).getEncoded());
        NativeRef.EVP_PKEY evp_pkey = null;
        boolean z2 = false;
        String str3 = null;
        if (privateKey instanceof AndroidKeyStorePrivateKey) {
            z2 = true;
            str3 = getKeyId(i, str2, context);
        } else {
            evp_pkey = OpenSSLKey.fromPrivateKey(privateKey).getNativeRef();
        }
        long[] jArr = new long[0];
        if (list != null) {
            int size = list.size();
            jArr = new long[size];
            for (int i2 = 0; i2 < size; i2++) {
                jArr[i2] = NativeCrypto.d2i_X509(OpenSSLX509Certificate.fromX509PemInputStream(new ByteArrayInputStream(list.get(i2))).getEncoded());
            }
        }
        return CMSsign(absolutePath, str, d2i_X509, evp_pkey, jArr, absolutePath2, z, z2, str3);
    }

    public static long openSSLPKCS7decrypt(File file, File file2, PrivateKey privateKey, byte[] bArr, boolean z, String str, int i, Context context) throws FileNotFoundException, CertificateEncodingException, NullPointerException, InvalidKeyException, Exception {
        if (!file.exists()) {
            throw new FileNotFoundException("Input File does not exist.");
        }
        if (!file2.exists()) {
            throw new FileNotFoundException("Output File does not exist.");
        }
        NativeRef.EVP_PKEY evp_pkey = null;
        boolean z2 = false;
        String str2 = null;
        if (privateKey instanceof AndroidKeyStorePrivateKey) {
            z2 = true;
            str2 = getKeyId(i, str, context);
        } else {
            evp_pkey = OpenSSLKey.fromPrivateKey(privateKey).getNativeRef();
        }
        return CMSdecrypt(file.getAbsolutePath(), evp_pkey, NativeCrypto.d2i_X509(OpenSSLX509Certificate.fromX509PemInputStream(new ByteArrayInputStream(bArr)).getEncoded()), file2.getAbsolutePath(), z, z2, str2);
    }

    public static long openSSLPKCS7encrypt(File file, File file2, List<byte[]> list, String str) throws FileNotFoundException, CertificateEncodingException, NullPointerException, Exception {
        if (!file.exists()) {
            throw new FileNotFoundException("Input File does not exist.");
        }
        if (!file2.exists()) {
            throw new FileNotFoundException("Output File does not exist.");
        }
        long create_BIO_InputStream = NativeCrypto.create_BIO_InputStream(new OpenSSLBIOInputStream(new FileInputStream(file), true), true);
        int size = list.size();
        long[] jArr = new long[size];
        for (int i = 0; i < size; i++) {
            jArr[i] = NativeCrypto.d2i_X509(OpenSSLX509Certificate.fromX509PemInputStream(new ByteArrayInputStream(list.get(i))).getEncoded());
        }
        return CMSencrypt(create_BIO_InputStream, jArr, file2.getAbsolutePath(), str);
    }

    public static X509Certificate[] openSSLPKCS7verify(File file, File file2, List<byte[]> list) throws FileNotFoundException, NullPointerException, CertificateEncodingException, Exception {
        return openSSLPKCS7verify(file, file2, list, false);
    }

    public static X509Certificate[] openSSLPKCS7verify(File file, File file2, List<byte[]> list, boolean z) throws FileNotFoundException, NullPointerException, CertificateEncodingException, Exception {
        if (!file.exists()) {
            throw new FileNotFoundException("Input File does not exist.");
        }
        long[] jArr = null;
        if (list != null) {
            int size = list.size();
            jArr = new long[size];
            for (int i = 0; i < size; i++) {
                jArr[i] = NativeCrypto.d2i_X509(OpenSSLX509Certificate.fromX509PemInputStream(new ByteArrayInputStream(list.get(i))).getEncoded());
            }
        }
        String str = null;
        if (file2 != null) {
            if (!file2.exists()) {
                throw new FileNotFoundException("Ouput File does not exist.");
            }
            str = file2.getAbsolutePath();
        }
        long[] CMSverify = CMSverify(file.getAbsolutePath(), str, jArr, z);
        if (CMSverify == null) {
            System.out.println("Certs returned from PKCS7 is null.");
            return null;
        }
        if (CMSverify == null || CMSverify.length != 3 || CMSverify[0] != -1) {
            X509Certificate[] x509CertificateArr = new X509Certificate[CMSverify.length];
            for (int i2 = 0; i2 < CMSverify.length; i2++) {
                x509CertificateArr[i2] = new NativeX509Certificate(CMSverify[i2]);
            }
            return x509CertificateArr;
        }
        CMSErrorCodes cMSErrorCodes = new CMSErrorCodes();
        if (CMSverify[2] == 9999) {
            throw new SMIMEException(22);
        }
        System.out.println("Certs returned from PKCS7 is null.");
        System.out.println("Error code from OpenSSL Layer: " + CMSverify[1]);
        System.out.println("Error from OpenSSL Layer: " + cMSErrorCodes.getErrorMap().get(Long.valueOf(CMSverify[1])));
        return null;
    }

    public static int openSSLvalidateCertificate(byte[] bArr, List<byte[]> list, String str, String[] strArr, int i) throws CertificateEncodingException, Exception {
        long d2i_X509 = NativeCrypto.d2i_X509(OpenSSLX509Certificate.fromX509PemInputStream(new ByteArrayInputStream(bArr)).getEncoded());
        int size = list.size();
        long[] jArr = new long[size];
        for (int i2 = 0; i2 < size; i2++) {
            jArr[i2] = NativeCrypto.d2i_X509(OpenSSLX509Certificate.fromX509PemInputStream(new ByteArrayInputStream(list.get(i2))).getEncoded());
        }
        long[] jArr2 = null;
        if (strArr != null) {
            jArr2 = new long[strArr.length];
            for (int i3 = 0; i3 < strArr.length; i3++) {
                jArr2[i3] = NativeCrypto.d2i_X509_CRL_bio(new OpenSSLBIOInputStream(new FileInputStream(new File(strArr[i3])), true).getBioContext());
            }
        }
        return validateCertificate(d2i_X509, jArr, str, jArr2, i);
    }

    private static native int validateCertificate(long j, long[] jArr, String str, long[] jArr2, int i);
}
