package com.airwatch.library.samsungelm.safe;

import android.content.Context;
import android.os.Build;
import android.util.Base64;
import com.airwatch.library.samsungelm.SamsungSvcApp;
import com.airwatch.library.samsungelm.legacy.ElmKlmwWrapper;
import com.airwatch.library.util.FeatureFlagInfo;
import com.airwatch.library.util.SamsungFeatureFlagProvider;
import com.airwatch.library.util.Utils;
import com.airwatch.util.Logger;
import com.samsung.android.knox.EnterpriseDeviceManager;
import com.samsung.android.knox.accounts.DeviceAccountPolicy;
import com.samsung.android.knox.accounts.ExchangeAccount;
import com.samsung.android.knox.accounts.ExchangeAccountPolicy;
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.util.Arrays;
import java.util.Iterator;
import java.util.List;

/* loaded from: classes4.dex */
public class AddExchangeAccountCommand extends SafeCommand {
    private static final int POLICY_VERSION_FULL = 2;
    private static final int POLICY_VERSION_LEGACY = 0;
    private static final int POLICY_VERSION_SIMPLE = 1;
    private static final int POLICY_VERSION_UNDEFINED = -1;
    public static final String SMIME_CERT_ALL = "smimecert";
    private static final String SMIME_CERT_ENC = "smimecert_enc";
    private static final String SMIME_CERT_SIGN = "smimecert_sign";
    private static final String TAG = "AddExchangeAccountCommand";
    public static final String TYPE = "AddSafeExchangeAccountCommand";
    private static final long serialVersionUID = 1;
    private boolean acceptAllCertificates;
    String aliasSMIME;
    String aliasSMIMEEncryption;
    String aliasSMIMESigning;
    private String certAliasInAndroidKeystore;
    String certSMIME;
    String certSMIMEEncryption;
    String certSMIMESigning;
    private byte[] certificate_data;
    private String certificate_password;
    private String displayName;
    private String easDomain;
    private String easUser;
    private String emailAddress;
    private boolean emailNotificationVibrateAlways;
    private boolean emailNotificationVibrateWhenSilent;
    private boolean firstStageComplete;
    private boolean isDefault;
    private boolean isNotify;
    private int offPeakSyncSchedule;
    String passwdSMIME;
    String passwdSMIMEEncryption;
    String passwdSMIMESigning;
    private int peakDays;
    private int peakEndTime;
    private int peakStartTime;
    private int peakSyncSchedule;
    private int periodCalendar;
    private String protocolVersion;
    private int reserved;
    private int retrivalSize;
    private int roamingSyncSchedule;
    private String senderName;
    private String serverAddress;
    private String serverPassword;
    private String serverPathPrefix;
    boolean setRequireEncryptedSMIMEMessages;
    boolean setRequireSignedSMIMEMessages;
    private String signature;
    private int syncCalendar;
    private int syncContacts;
    private int syncInterval;
    private int syncLookback;
    private boolean useSSL;
    private boolean useTLS;
    private int version;

    public AddExchangeAccountCommand(String str, String str2, String str3, String str4, String str5, int i, int i2, boolean z, String str6, String str7, String str8, boolean z2, boolean z3, String str9, boolean z4, boolean z5, boolean z6, String str10, String str11) {
        super(TYPE);
        this.certificate_data = null;
        this.isNotify = false;
        this.isDefault = false;
        this.emailNotificationVibrateAlways = false;
        this.emailNotificationVibrateWhenSilent = false;
        this.useSSL = false;
        this.useTLS = false;
        this.acceptAllCertificates = false;
        this.syncLookback = 0;
        this.syncInterval = 0;
        this.peakStartTime = 0;
        this.peakEndTime = 0;
        this.peakDays = 0;
        this.peakSyncSchedule = 0;
        this.offPeakSyncSchedule = 0;
        this.roamingSyncSchedule = 0;
        this.reserved = 0;
        this.retrivalSize = 0;
        this.periodCalendar = 0;
        this.syncContacts = 0;
        this.syncCalendar = 0;
        this.displayName = "";
        this.emailAddress = "";
        this.easUser = "";
        this.easDomain = "";
        this.senderName = "";
        this.protocolVersion = "";
        this.signature = "";
        this.serverAddress = "";
        this.serverPassword = "";
        this.serverPathPrefix = "";
        this.certificate_password = "";
        this.certAliasInAndroidKeystore = "";
        this.setRequireSignedSMIMEMessages = false;
        this.setRequireEncryptedSMIMEMessages = false;
        this.passwdSMIME = null;
        this.certSMIME = null;
        this.aliasSMIME = null;
        this.passwdSMIMEEncryption = null;
        this.certSMIMEEncryption = null;
        this.aliasSMIMEEncryption = null;
        this.passwdSMIMESigning = null;
        this.certSMIMESigning = null;
        this.aliasSMIMESigning = null;
        this.version = -1;
        this.firstStageComplete = false;
        this.isDefault = z;
        this.emailNotificationVibrateAlways = z2;
        this.emailNotificationVibrateWhenSilent = z3;
        this.useSSL = z4;
        this.useTLS = z5;
        this.acceptAllCertificates = z6;
        this.syncLookback = i;
        this.syncInterval = i2;
        this.displayName = str2;
        this.emailAddress = str3;
        this.easUser = str4;
        this.easDomain = str5;
        this.senderName = str6;
        this.protocolVersion = str7;
        this.signature = str8;
        this.serverAddress = str9;
        this.serverPassword = str10;
        this.serverPathPrefix = str11;
        this.version = 0;
    }

    public AddExchangeAccountCommand(String str, String str2, String str3, String str4, String str5, int i, int i2, boolean z, String str6, String str7, String str8, boolean z2, boolean z3, String str9, boolean z4, boolean z5, boolean z6, String str10, String str11, int i3, int i4, int i5, int i6, int i7, int i8, int i9, int i10, int i11, boolean z7, int i12, int i13, byte[] bArr, String str12, String str13, boolean z8, boolean z9, String str14, String str15, String str16, String str17, String str18, String str19, String str20, String str21, String str22) {
        super(TYPE);
        this.certificate_data = null;
        this.isNotify = false;
        this.isDefault = false;
        this.emailNotificationVibrateAlways = false;
        this.emailNotificationVibrateWhenSilent = false;
        this.useSSL = false;
        this.useTLS = false;
        this.acceptAllCertificates = false;
        this.syncLookback = 0;
        this.syncInterval = 0;
        this.peakStartTime = 0;
        this.peakEndTime = 0;
        this.peakDays = 0;
        this.peakSyncSchedule = 0;
        this.offPeakSyncSchedule = 0;
        this.roamingSyncSchedule = 0;
        this.reserved = 0;
        this.retrivalSize = 0;
        this.periodCalendar = 0;
        this.syncContacts = 0;
        this.syncCalendar = 0;
        this.displayName = "";
        this.emailAddress = "";
        this.easUser = "";
        this.easDomain = "";
        this.senderName = "";
        this.protocolVersion = "";
        this.signature = "";
        this.serverAddress = "";
        this.serverPassword = "";
        this.serverPathPrefix = "";
        this.certificate_password = "";
        this.certAliasInAndroidKeystore = "";
        this.setRequireSignedSMIMEMessages = false;
        this.setRequireEncryptedSMIMEMessages = false;
        this.passwdSMIME = null;
        this.certSMIME = null;
        this.aliasSMIME = null;
        this.passwdSMIMEEncryption = null;
        this.certSMIMEEncryption = null;
        this.aliasSMIMEEncryption = null;
        this.passwdSMIMESigning = null;
        this.certSMIMESigning = null;
        this.aliasSMIMESigning = null;
        this.version = -1;
        this.firstStageComplete = false;
        this.certificate_data = bArr;
        this.isNotify = z7;
        this.isDefault = z;
        this.emailNotificationVibrateAlways = z2;
        this.emailNotificationVibrateWhenSilent = z3;
        this.useSSL = z4;
        this.useTLS = z5;
        this.acceptAllCertificates = z6;
        this.syncLookback = i;
        this.syncInterval = i2;
        this.peakStartTime = i3;
        this.peakEndTime = i4;
        this.peakDays = i5;
        this.peakSyncSchedule = i6;
        this.offPeakSyncSchedule = i7;
        this.roamingSyncSchedule = i8;
        this.reserved = i9;
        this.retrivalSize = i10;
        this.periodCalendar = i11;
        this.syncContacts = i12;
        this.syncCalendar = i13;
        this.displayName = str2;
        this.emailAddress = str3;
        this.easUser = str4;
        this.easDomain = str5;
        this.senderName = str6;
        this.protocolVersion = str7;
        this.signature = str8;
        this.serverAddress = str9;
        this.serverPassword = str10;
        this.serverPathPrefix = str11;
        this.certificate_password = str12;
        this.certAliasInAndroidKeystore = str13;
        this.setRequireSignedSMIMEMessages = z8;
        this.setRequireEncryptedSMIMEMessages = z9;
        this.certSMIME = str14;
        this.passwdSMIME = str15;
        this.aliasSMIME = str16;
        this.certSMIMEEncryption = str17;
        this.passwdSMIMEEncryption = str18;
        this.aliasSMIMEEncryption = str19;
        this.certSMIMESigning = str20;
        this.passwdSMIMESigning = str21;
        this.aliasSMIMESigning = str22;
        this.version = 2;
    }

    public AddExchangeAccountCommand(String str, String str2, String str3, String str4, String str5, int i, int i2, boolean z, String str6, String str7, String str8, boolean z2, boolean z3, String str9, boolean z4, boolean z5, boolean z6, String str10, String str11, int i3, int i4, int i5, int i6, int i7, int i8, int i9, int i10, int i11, boolean z7, int i12, int i13, byte[] bArr, String str12, boolean z8, boolean z9, String str13, String str14, String str15, String str16, String str17, String str18) {
        this(str, str2, str3, str4, str5, i, i2, z, str6, str7, str8, z2, z3, str9, z4, z5, z6, str10, str11, i3, i4, i5, i6, i7, i8, i9, i10, i11, z7, i12, i13, bArr, str12, "", z8, z9, str13, str14, "", str15, str16, "", str17, str18, "");
    }

    public AddExchangeAccountCommand(String str, String str2, String str3, String str4, String str5, String str6) {
        super(TYPE);
        this.certificate_data = null;
        this.isNotify = false;
        this.isDefault = false;
        this.emailNotificationVibrateAlways = false;
        this.emailNotificationVibrateWhenSilent = false;
        this.useSSL = false;
        this.useTLS = false;
        this.acceptAllCertificates = false;
        this.syncLookback = 0;
        this.syncInterval = 0;
        this.peakStartTime = 0;
        this.peakEndTime = 0;
        this.peakDays = 0;
        this.peakSyncSchedule = 0;
        this.offPeakSyncSchedule = 0;
        this.roamingSyncSchedule = 0;
        this.reserved = 0;
        this.retrivalSize = 0;
        this.periodCalendar = 0;
        this.syncContacts = 0;
        this.syncCalendar = 0;
        this.displayName = "";
        this.emailAddress = "";
        this.easUser = "";
        this.easDomain = "";
        this.senderName = "";
        this.protocolVersion = "";
        this.signature = "";
        this.serverAddress = "";
        this.serverPassword = "";
        this.serverPathPrefix = "";
        this.certificate_password = "";
        this.certAliasInAndroidKeystore = "";
        this.setRequireSignedSMIMEMessages = false;
        this.setRequireEncryptedSMIMEMessages = false;
        this.passwdSMIME = null;
        this.certSMIME = null;
        this.aliasSMIME = null;
        this.passwdSMIMEEncryption = null;
        this.certSMIMEEncryption = null;
        this.aliasSMIMEEncryption = null;
        this.passwdSMIMESigning = null;
        this.certSMIMESigning = null;
        this.aliasSMIMESigning = null;
        this.version = -1;
        this.firstStageComplete = false;
        this.emailAddress = str2;
        this.easUser = str3;
        this.easDomain = str4;
        this.serverAddress = str5;
        this.serverPassword = str6;
        this.version = 1;
    }

    private boolean applyFull(EnterpriseDeviceManager enterpriseDeviceManager, ExchangeAccountPolicy exchangeAccountPolicy) {
        if (this.firstStageComplete) {
            return applySecondStage(exchangeAccountPolicy);
        }
        DeviceAccountPolicy deviceAccountPolicy = enterpriseDeviceManager.getDeviceAccountPolicy();
        List<String> asList = Arrays.asList(this.emailAddress);
        Iterator<String> it = deviceAccountPolicy.getSupportedAccountTypes().iterator();
        while (it.hasNext()) {
            deviceAccountPolicy.addAccountsToAdditionWhiteList(it.next(), asList);
        }
        ExchangeAccount exchangeAccount = new ExchangeAccount(this.emailAddress, this.easUser, this.easDomain, this.serverAddress, this.serverPassword);
        exchangeAccount.displayName = this.displayName;
        exchangeAccount.syncLookback = this.syncLookback;
        exchangeAccount.syncInterval = this.syncInterval;
        exchangeAccount.isDefault = this.isDefault;
        exchangeAccount.senderName = this.senderName;
        exchangeAccount.protocolVersion = this.protocolVersion;
        exchangeAccount.signature = this.signature;
        exchangeAccount.emailNotificationVibrateAlways = this.emailNotificationVibrateAlways;
        exchangeAccount.isNotify = this.isNotify;
        exchangeAccount.useSSL = this.useSSL;
        exchangeAccount.acceptAllCertificates = this.acceptAllCertificates;
        exchangeAccount.serverPathPrefix = this.serverPathPrefix;
        exchangeAccount.peakStartTime = this.peakStartTime;
        exchangeAccount.peakEndTime = this.peakEndTime;
        exchangeAccount.peakDays = this.peakDays;
        exchangeAccount.offPeak = this.offPeakSyncSchedule;
        exchangeAccount.roamingSchedule = this.roamingSyncSchedule;
        exchangeAccount.retrivalSize = this.retrivalSize;
        exchangeAccount.periodCalendar = this.periodCalendar;
        exchangeAccount.syncContacts = this.syncContacts;
        exchangeAccount.syncCalendar = this.syncCalendar;
        exchangeAccount.certificateData = this.certificate_data;
        exchangeAccount.certificatePassword = this.certificate_password;
        exchangeAccount.certificateAlias = this.certAliasInAndroidKeystore;
        exchangeAccount.certificateStorageName = null;
        if (exchangeAccountPolicy.addNewAccount(exchangeAccount) < 0) {
            return false;
        }
        this.firstStageComplete = true;
        return applySecondStage(exchangeAccountPolicy);
    }

    private boolean applyLegacy(ExchangeAccountPolicy exchangeAccountPolicy) {
        ExchangeAccount exchangeAccount = new ExchangeAccount(this.emailAddress, this.easUser, this.easDomain, this.serverAddress, this.serverPassword);
        exchangeAccount.displayName = this.displayName;
        exchangeAccount.syncLookback = this.syncLookback;
        exchangeAccount.syncInterval = this.syncInterval;
        exchangeAccount.isDefault = this.isDefault;
        exchangeAccount.senderName = this.senderName;
        exchangeAccount.protocolVersion = this.protocolVersion;
        exchangeAccount.signature = this.signature;
        exchangeAccount.emailNotificationVibrateAlways = this.emailNotificationVibrateAlways;
        exchangeAccount.isNotify = this.isNotify;
        exchangeAccount.useSSL = this.useSSL;
        exchangeAccount.acceptAllCertificates = this.acceptAllCertificates;
        exchangeAccount.serverPathPrefix = this.serverPathPrefix;
        return exchangeAccountPolicy.addNewAccount(exchangeAccount) > -1;
    }

    private boolean applySecondStage(ExchangeAccountPolicy exchangeAccountPolicy) {
        long accountId = exchangeAccountPolicy.getAccountId(this.easDomain, this.easUser, this.serverAddress);
        if (accountId < 0) {
            return false;
        }
        this.firstStageComplete = false;
        if (Build.VERSION.SDK_INT >= 18) {
            exchangeAccountPolicy.setSyncSchedules(this.peakSyncSchedule, this.offPeakSyncSchedule, this.roamingSyncSchedule, accountId);
        }
        return setSigningCertificate(exchangeAccountPolicy, accountId) & exchangeAccountPolicy.setRequireEncryptedSMIMEMessages(accountId, this.setRequireEncryptedSMIMEMessages) & exchangeAccountPolicy.setRequireSignedSMIMEMessages(accountId, this.setRequireSignedSMIMEMessages) & setCommonCert(exchangeAccountPolicy, accountId) & setEncryptionCertificate(exchangeAccountPolicy, accountId);
    }

    private boolean applySimple(ExchangeAccountPolicy exchangeAccountPolicy) {
        return exchangeAccountPolicy.addNewAccount(new ExchangeAccount(this.emailAddress, this.easUser, this.easDomain, this.serverAddress, this.serverPassword)) > -1;
    }

    private boolean setCommonCert(ExchangeAccountPolicy exchangeAccountPolicy, long j) {
        String str = this.aliasSMIME;
        if (str == null && (this.passwdSMIME == null || this.certSMIME == null)) {
            return true;
        }
        boolean z = false;
        try {
            if (str != null) {
                boolean forceSMIMECertificateAlias = exchangeAccountPolicy.setForceSMIMECertificateAlias(j, str, 1);
                try {
                    return exchangeAccountPolicy.setForceSMIMECertificateAlias(j, this.aliasSMIME, 0) & forceSMIMECertificateAlias;
                } catch (Exception e) {
                    e = e;
                    z = forceSMIMECertificateAlias;
                }
            } else {
                if (new FeatureFlagInfo((SamsungFeatureFlagProvider) SamsungSvcApp.getAppContext()).isFeatureFlagEnabled("samsungDeprecation") && EnterpriseDeviceManager.getAPILevel() >= 30) {
                    Logger.e("AddExchangeAccountCommand", "ExchangeAccountPolicy SMIME no longer supported on this device");
                    return false;
                }
                Context appContext = SamsungSvcApp.getAppContext();
                boolean z2 = ElmKlmwWrapper.ExchangeAccountPolicy().setForceSMIMECertificate(j, writeCert(this.certSMIME, appContext, SMIME_CERT_ALL).getAbsolutePath(), this.passwdSMIME) == -1;
                try {
                    Logger.i("AddExchangeAccountCommand", "S/MIME  setForceSMIMECertificate is " + z2);
                    if (Utils.isSAFEVersionSupported(5.4f)) {
                        return z2;
                    }
                    appContext.deleteFile(SMIME_CERT_ALL);
                    return z2;
                } catch (Exception e2) {
                    e = e2;
                    z = z2;
                }
            }
        } catch (Exception e3) {
            e = e3;
        }
        Logger.e("AddExchangeAccountCommand", "SMIME cert data Exception ", (Throwable) e);
        return z;
    }

    private boolean setEncryptionCertificate(ExchangeAccountPolicy exchangeAccountPolicy, long j) {
        String str = this.aliasSMIMEEncryption;
        if (str == null && (this.passwdSMIMEEncryption == null || this.certSMIMEEncryption == null)) {
            return true;
        }
        boolean z = false;
        try {
            if (str != null) {
                return exchangeAccountPolicy.setForceSMIMECertificateAlias(j, str, 0);
            }
            if (new FeatureFlagInfo((SamsungFeatureFlagProvider) SamsungSvcApp.getAppContext()).isFeatureFlagEnabled("samsungDeprecation") && EnterpriseDeviceManager.getAPILevel() >= 30) {
                Logger.e("AddExchangeAccountCommand", "ExchangeAccountPolicy SMIME no longer supported on this device");
                return false;
            }
            Context appContext = SamsungSvcApp.getAppContext();
            boolean z2 = ElmKlmwWrapper.ExchangeAccountPolicy().setForceSMIMECertificateForEncryption(j, writeCert(this.certSMIMEEncryption, appContext, SMIME_CERT_ENC).getAbsolutePath(), this.passwdSMIMEEncryption) == -1;
            try {
                Logger.i("AddExchangeAccountCommand", "S/MIME  setForceSMIMECertificateForEncryption is " + z2);
                if (Utils.isSAFEVersionSupported(5.4f)) {
                    return z2;
                }
                appContext.deleteFile(SMIME_CERT_ENC);
                return z2;
            } catch (Exception unused) {
                z = z2;
                Logger.e("AddExchangeAccountCommand", "SMIME Encryption cert data Exception ");
                return z;
            }
        } catch (Exception unused2) {
        }
    }

    private boolean setSigningCertificate(ExchangeAccountPolicy exchangeAccountPolicy, long j) {
        String str = this.aliasSMIMESigning;
        if (str == null && (this.passwdSMIMESigning == null || this.certSMIMESigning == null)) {
            return true;
        }
        boolean z = false;
        try {
            if (str != null) {
                return exchangeAccountPolicy.setForceSMIMECertificateAlias(j, str, 1);
            }
            if (new FeatureFlagInfo((SamsungFeatureFlagProvider) SamsungSvcApp.getAppContext()).isFeatureFlagEnabled("samsungDeprecation") && EnterpriseDeviceManager.getAPILevel() >= 30) {
                Logger.e("AddExchangeAccountCommand", "ExchangeAccountPolicy SMIME no longer supported on this device");
                return false;
            }
            Context appContext = SamsungSvcApp.getAppContext();
            boolean z2 = ElmKlmwWrapper.ExchangeAccountPolicy().setForceSMIMECertificateForSigning(j, writeCert(this.certSMIMESigning, appContext, SMIME_CERT_SIGN).getAbsolutePath(), this.passwdSMIMESigning) == -1;
            try {
                Logger.i("AddExchangeAccountCommand", "S/MIME  setForceSMIMECertificateForSigning is " + z2);
                if (Utils.isSAFEVersionSupported(5.4f)) {
                    return z2;
                }
                appContext.deleteFile(SMIME_CERT_SIGN);
                return z2;
            } catch (Exception unused) {
                z = z2;
                Logger.e("AddExchangeAccountCommand", "SMIME setSigningCertificate cert data Exception ");
                return z;
            }
        } catch (Exception unused2) {
        }
    }

    @Override // com.airwatch.library.samsungelm.safe.SafeCommand
    public boolean applyCommand(EnterpriseDeviceManager enterpriseDeviceManager) {
        ExchangeAccountPolicy exchangeAccountPolicy;
        if (enterpriseDeviceManager == null || (exchangeAccountPolicy = enterpriseDeviceManager.getExchangeAccountPolicy()) == null) {
            return false;
        }
        int i = this.version;
        if (i == 0) {
            return applyLegacy(exchangeAccountPolicy);
        }
        if (i == 1) {
            return applySimple(exchangeAccountPolicy);
        }
        if (i != 2) {
            return false;
        }
        return applyFull(enterpriseDeviceManager, exchangeAccountPolicy);
    }

    public File writeCert(String str, Context context, String str2) throws IOException {
        byte[] decode = Base64.decode(str, 0);
        File file = new File(context.getExternalFilesDir(null) + File.separator + str2);
        if (file.exists() && !file.delete()) {
            Logger.w("AddExchangeAccountCommand", "S/MIME Failed to remove existing SMIME Certificate");
        }
        FileOutputStream fileOutputStream = new FileOutputStream(file);
        fileOutputStream.write(decode);
        fileOutputStream.close();
        if (file.exists() && !file.setReadable(true, false)) {
            Logger.w("AddExchangeAccountCommand", "S/MIME Failed to set SMIME Certificate file to readable");
        }
        return file;
    }
}
