package org.kman.AquaMail.net;

import android.app.AlertDialog;
import android.app.Dialog;
import android.content.Context;
import android.content.DialogInterface;
import android.content.SharedPreferences;
import android.os.Bundle;
import android.preference.PreferenceManager;
import android.text.SpannableStringBuilder;
import android.text.format.DateUtils;
import android.text.style.StyleSpan;
import android.text.style.TextAppearanceSpan;
import android.util.TypedValue;
import android.view.LayoutInflater;
import android.view.View;
import android.view.ViewGroup;
import android.widget.AdapterView;
import android.widget.BaseAdapter;
import android.widget.Button;
import android.widget.Checkable;
import android.widget.ListAdapter;
import android.widget.ListView;
import android.widget.TextView;
import androidx.annotation.o0;
import java.io.BufferedInputStream;
import java.io.BufferedOutputStream;
import java.io.DataInputStream;
import java.io.DataOutputStream;
import java.io.EOFException;
import java.io.File;
import java.io.FileFilter;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.security.cert.CertPathValidator;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.PKIXParameters;
import java.security.cert.TrustAnchor;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import java.util.Set;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSocket;
import javax.security.auth.x500.X500Principal;
import org.kman.AquaMail.R;
import org.kman.AquaMail.coredefs.MailAccountSslInfo;
import org.kman.AquaMail.coredefs.SSLCertificateChangeException;
import org.kman.AquaMail.data.AsyncDataLoader;
import org.kman.AquaMail.io.t;
import org.kman.AquaMail.util.Prefs;
import org.kman.AquaMail.util.n0;
import org.kman.AquaMail.util.n2;

/* loaded from: classes6.dex */
public class n {
    private static final String CERT_DIR = "certs";
    private static final String HASH_MD5 = "MD5";
    private static final String HASH_SHA1 = "SHA1";
    private static final String SUFFIX_ACCEPTED = "accepted";
    private static final String SUFFIX_CERT = null;
    private static final String SUFFIX_CERT_NEW = "new";
    private static final String TAG = "SSLCertificateChecker";

    /* renamed from: g, reason: collision with root package name */
    private static final String[] f67918g = {"yknlrNdkZHdbvnH6z/QeI8eaaWNUX+tM1hkoI2RmjhzHh4BkXwSLJq+Y3wpwvLwZPe57M6l/vfQF1HC7BSZ56prHmLkHGWU0zDzpP8UB+m8Mftt6cFxM/i0A8Mq+LY60qID7AROIy5w/5bt3yjpnNvPO1ScCckOgvW4C8UcFcT4BWekRnhrzhA+ApqJ4NS+2x6J/F3zhi1au7meIUScwYKViUsM31TvqhSoBOIeiz3CtpHrJxOfKxdq8IzLy/hjCe+DfOy/U0BDmlkz7RLchZA25AJQwEiaHWJg5BTgPzIJIDApHZu6/tF/E/3Co4X+LeSu4ZTKjubcx6Qr19h8y3A==", "HLeJluRT7bvs26gyAZ8so81trUISd7O45skDUmAge1cnxhG1P2cNmSxbWsoiCt2eux9LSD+PAj2LIYRFHW31/6xoic1k4tbWXkDCjir37xTTNqRAMPUyFRWSdvt+nlPqwnb8Oa2I/maSJukcxDjNSfpDh/Bd1lZNgdd/8cLdsE3+wypufJ9uXO1iQpnh9zbuFIwsIONGl1p3A8CgxkqI/UAih3JaGOqcpcdaCIzkBaR9uYQ1X4k2Vg5APRLouzVy7a8IVk6wuy6pm+T7HT4LY8ibS5FEZlfAFLSW8NwsVz9SBK2Vqn1N0PIMn5xA6NZVc7o835DLAFshEWfC7TIe3g=="};

    /* renamed from: h, reason: collision with root package name */
    private static n f67919h;

    /* renamed from: i, reason: collision with root package name */
    private static SharedPreferences f67920i;

    /* renamed from: a, reason: collision with root package name */
    private final Context f67921a;

    /* renamed from: b, reason: collision with root package name */
    private final File f67922b;

    /* renamed from: c, reason: collision with root package name */
    private final Object f67923c;

    /* renamed from: d, reason: collision with root package name */
    private final org.kman.Compat.util.android.c<String, X509Certificate> f67924d;

    /* renamed from: e, reason: collision with root package name */
    private final org.kman.Compat.util.android.c<String, b> f67925e;

    /* renamed from: f, reason: collision with root package name */
    private CertificateFactory f67926f;

    /* loaded from: classes6.dex */
    public static class a {

        /* renamed from: a, reason: collision with root package name */
        final MailAccountSslInfo.SslServerName f67927a;

        /* renamed from: b, reason: collision with root package name */
        final String f67928b;

        /* renamed from: c, reason: collision with root package name */
        final String f67929c;

        a(MailAccountSslInfo.SslServerName sslServerName, String str, String str2) {
            this.f67927a = sslServerName;
            this.f67928b = str;
            this.f67929c = str2;
        }

        public boolean equals(Object obj) {
            if (obj instanceof a) {
                return this.f67927a.equals(((a) obj).f67927a);
            }
            return false;
        }

        public int hashCode() {
            return this.f67927a.hashCode();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes6.dex */
    public static class b {
        private static final int SIGNATURE_V1 = 436284168;

        /* renamed from: a, reason: collision with root package name */
        private final Set<String> f67930a = org.kman.Compat.util.e.s();

        b() {
        }

        boolean a(String str) {
            return this.f67930a.add(str);
        }

        boolean b(String str) {
            return this.f67930a.contains(str);
        }

        void c(InputStream inputStream) throws IOException {
            BufferedInputStream bufferedInputStream = new BufferedInputStream(inputStream, 16384);
            try {
                DataInputStream dataInputStream = new DataInputStream(bufferedInputStream);
                try {
                    if (dataInputStream.readInt() != SIGNATURE_V1) {
                        throw new EOFException("Invalid data signature");
                    }
                    int readInt = dataInputStream.readInt();
                    for (int i8 = 0; i8 < readInt; i8++) {
                        this.f67930a.add(dataInputStream.readUTF());
                    }
                } finally {
                    t.g(dataInputStream);
                }
            } finally {
                t.g(bufferedInputStream);
            }
        }

        void d(OutputStream outputStream) throws IOException {
            BufferedOutputStream bufferedOutputStream = new BufferedOutputStream(outputStream, 16384);
            try {
                DataOutputStream dataOutputStream = new DataOutputStream(bufferedOutputStream);
                try {
                    dataOutputStream.writeInt(SIGNATURE_V1);
                    dataOutputStream.writeInt(this.f67930a.size());
                    Iterator<String> it = this.f67930a.iterator();
                    while (it.hasNext()) {
                        dataOutputStream.writeUTF(it.next());
                    }
                } finally {
                    t.h(dataOutputStream);
                }
            } finally {
                t.h(bufferedOutputStream);
            }
        }
    }

    /* loaded from: classes6.dex */
    public interface c {
        void a(MailAccountSslInfo mailAccountSslInfo, Collection<a> collection);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes6.dex */
    public static class d extends BaseAdapter {

        /* renamed from: b, reason: collision with root package name */
        private e f67931b;

        /* renamed from: c, reason: collision with root package name */
        private Context f67932c;

        /* renamed from: d, reason: collision with root package name */
        private LayoutInflater f67933d;

        /* renamed from: e, reason: collision with root package name */
        private List<g> f67934e;

        /* renamed from: f, reason: collision with root package name */
        private SpannableStringBuilder f67935f;

        /* renamed from: g, reason: collision with root package name */
        private int f67936g;

        d(e eVar, List<g> list) {
            this.f67931b = eVar;
            this.f67932c = eVar.f67942g;
            this.f67933d = eVar.f67943h;
            this.f67934e = list;
            this.f67936g = (int) TypedValue.applyDimension(2, 16.0f, this.f67932c.getResources().getDisplayMetrics());
        }

        private void a(SpannableStringBuilder spannableStringBuilder, int i8, f fVar) {
            c(spannableStringBuilder, i8);
            String str = fVar.f67949b;
            if (str != null) {
                d(spannableStringBuilder, R.string.account_setup_view_ssl_subject, false, str);
            }
            String str2 = fVar.f67951d;
            if (str2 != null) {
                d(spannableStringBuilder, R.string.account_setup_view_ssl_issuer, false, str2);
            }
            Date date = fVar.f67952e;
            if (date != null) {
                b(spannableStringBuilder, R.string.account_setup_view_ssl_valid_from, date);
            }
            Date date2 = fVar.f67953f;
            if (date2 != null) {
                b(spannableStringBuilder, R.string.account_setup_view_ssl_valid_until, date2);
            }
            String str3 = fVar.f67954g;
            if (str3 != null) {
                e(spannableStringBuilder, "MD5", false, str3);
            }
            String str4 = fVar.f67955h;
            if (str4 != null) {
                e(spannableStringBuilder, n.HASH_SHA1, false, str4);
            }
        }

        private void b(SpannableStringBuilder spannableStringBuilder, int i8, Date date) {
            d(spannableStringBuilder, i8, true, DateUtils.formatDateTime(this.f67932c, date.getTime(), 524309));
        }

        private void c(SpannableStringBuilder spannableStringBuilder, int i8) {
            if (spannableStringBuilder.length() != 0) {
                spannableStringBuilder.append("\n");
            }
            int length = spannableStringBuilder.length();
            spannableStringBuilder.append(this.f67932c.getText(i8));
            spannableStringBuilder.setSpan(new TextAppearanceSpan(null, 1, this.f67936g, null, null), length, spannableStringBuilder.length(), 33);
        }

        private void d(SpannableStringBuilder spannableStringBuilder, int i8, boolean z8, String str) {
            e(spannableStringBuilder, this.f67932c.getString(i8), z8, str);
        }

        private void e(SpannableStringBuilder spannableStringBuilder, String str, boolean z8, String str2) {
            if (spannableStringBuilder.length() != 0) {
                spannableStringBuilder.append("\n");
            }
            int length = spannableStringBuilder.length();
            spannableStringBuilder.append((CharSequence) str);
            spannableStringBuilder.setSpan(new StyleSpan(1), length, spannableStringBuilder.length(), 33);
            if (z8) {
                spannableStringBuilder.append(": ");
            } else {
                spannableStringBuilder.append(":\n");
            }
            spannableStringBuilder.append((CharSequence) str2);
        }

        @Override // android.widget.Adapter
        public int getCount() {
            return this.f67934e.size();
        }

        @Override // android.widget.Adapter
        public Object getItem(int i8) {
            return this.f67934e.get(i8);
        }

        @Override // android.widget.Adapter
        public long getItemId(int i8) {
            return this.f67934e.get(i8).f67957b;
        }

        /* JADX WARN: Multi-variable type inference failed */
        /* JADX WARN: Type inference failed for: r7v1, types: [android.view.View] */
        /* JADX WARN: Type inference failed for: r7v4 */
        /* JADX WARN: Type inference failed for: r7v5 */
        /* JADX WARN: Type inference failed for: r8v11, types: [android.view.View] */
        @Override // android.widget.Adapter
        public View getView(int i8, View view, ViewGroup viewGroup) {
            Checkable checkable = view;
            if (view == null) {
                checkable = this.f67933d.inflate(R.layout.view_ssl_dialog_item, viewGroup, false);
            }
            g gVar = this.f67934e.get(i8);
            ((TextView) checkable.findViewById(R.id.cert_name)).setText(gVar.f67958c.b());
            if (this.f67935f == null) {
                this.f67935f = new SpannableStringBuilder();
            }
            SpannableStringBuilder spannableStringBuilder = this.f67935f;
            TextView textView = (TextView) checkable.findViewById(R.id.cert_old);
            if (gVar.f67959d != null) {
                spannableStringBuilder.clear();
                a(spannableStringBuilder, R.string.account_setup_view_ssl_old, gVar.f67959d);
                textView.setText(spannableStringBuilder);
                textView.setVisibility(0);
            } else {
                textView.setVisibility(8);
            }
            TextView textView2 = (TextView) checkable.findViewById(R.id.cert_new);
            if (gVar.f67960e != null) {
                spannableStringBuilder.clear();
                a(spannableStringBuilder, R.string.account_setup_view_ssl_new, gVar.f67960e);
                textView2.setText(spannableStringBuilder);
                textView2.setVisibility(0);
            } else {
                textView2.setVisibility(8);
            }
            if (this.f67931b.f67941f) {
                ?? findViewById = checkable.findViewById(R.id.cert_check);
                findViewById.setVisibility(0);
                ((Checkable) findViewById).setChecked(gVar.f67963h);
                checkable.setChecked(gVar.f67963h);
            } else {
                checkable.setBackgroundDrawable(null);
            }
            checkable.setTag(gVar);
            return checkable;
        }
    }

    /* loaded from: classes6.dex */
    static class e extends AlertDialog implements DialogInterface.OnClickListener, AdapterView.OnItemClickListener {

        /* renamed from: b, reason: collision with root package name */
        private n f67937b;

        /* renamed from: c, reason: collision with root package name */
        private MailAccountSslInfo f67938c;

        /* renamed from: d, reason: collision with root package name */
        private Set<MailAccountSslInfo.SslServerName> f67939d;

        /* renamed from: e, reason: collision with root package name */
        private c f67940e;

        /* renamed from: f, reason: collision with root package name */
        private boolean f67941f;

        /* renamed from: g, reason: collision with root package name */
        private Context f67942g;

        /* renamed from: h, reason: collision with root package name */
        private LayoutInflater f67943h;

        /* renamed from: i, reason: collision with root package name */
        private ListView f67944i;

        /* renamed from: j, reason: collision with root package name */
        private List<g> f67945j;

        /* renamed from: k, reason: collision with root package name */
        private Button f67946k;

        /* renamed from: l, reason: collision with root package name */
        private AsyncDataLoader<h> f67947l;

        e(Context context, n nVar, MailAccountSslInfo mailAccountSslInfo, Set<MailAccountSslInfo.SslServerName> set, c cVar) {
            super(context);
            this.f67947l = AsyncDataLoader.newLoader();
            this.f67937b = nVar;
            this.f67938c = mailAccountSslInfo;
            this.f67939d = set;
            this.f67940e = cVar;
            this.f67941f = cVar != null;
            Context C = n2.C(context);
            this.f67942g = C;
            this.f67943h = LayoutInflater.from(C);
        }

        void d(List<g> list) {
            if (this.f67941f && this.f67944i.getAdapter() == null) {
                this.f67944i.addHeaderView(this.f67943h.inflate(R.layout.view_ssl_dialog_header, (ViewGroup) this.f67944i, false));
            }
            this.f67945j = list;
            this.f67944i.setAdapter((ListAdapter) new d(this, list));
        }

        @Override // android.app.Dialog, android.content.DialogInterface
        public void dismiss() {
            super.dismiss();
            AsyncDataLoader<h> asyncDataLoader = this.f67947l;
            if (asyncDataLoader != null) {
                asyncDataLoader.cleanup();
                this.f67947l = null;
            }
        }

        @Override // android.content.DialogInterface.OnClickListener
        public void onClick(DialogInterface dialogInterface, int i8) {
            if (i8 == -1 && this.f67940e != null) {
                Set s8 = org.kman.Compat.util.e.s();
                for (g gVar : this.f67945j) {
                    if (gVar.f67963h) {
                        s8.add(new a(gVar.f67958c, gVar.f67961f, gVar.f67962g));
                    }
                }
                if (s8.size() != 0) {
                    this.f67940e.a(this.f67938c, s8);
                }
                this.f67940e = null;
            }
            dialogInterface.dismiss();
        }

        @Override // android.app.AlertDialog, android.app.Dialog
        protected void onCreate(Bundle bundle) {
            setTitle(R.string.account_setup_view_ssl_certs);
            setInverseBackgroundForced(true);
            View inflate = this.f67943h.inflate(R.layout.view_ssl_dialog_content, (ViewGroup) null);
            ListView listView = (ListView) inflate.findViewById(android.R.id.list);
            setView(inflate);
            this.f67944i = listView;
            AsyncDataLoader<h> newLoader = AsyncDataLoader.newLoader();
            this.f67947l = newLoader;
            newLoader.submit(new h(this, this.f67937b, this.f67938c, this.f67939d, this.f67941f), hashCode());
            Context context = getContext();
            if (this.f67941f) {
                setButton(-1, context.getString(R.string.confirm), this);
                setButton(-2, context.getString(R.string.cancel), this);
            } else {
                setButton(-3, context.getString(R.string.close), this);
            }
            super.onCreate(bundle);
            if (this.f67941f) {
                this.f67944i.setOnItemClickListener(this);
                Button button = getButton(-1);
                this.f67946k = button;
                button.setEnabled(false);
            }
        }

        /* JADX WARN: Multi-variable type inference failed */
        @Override // android.widget.AdapterView.OnItemClickListener
        public void onItemClick(AdapterView<?> adapterView, View view, int i8, long j8) {
            Object tag = view.getTag();
            if (tag instanceof g) {
                g gVar = (g) tag;
                boolean z8 = true;
                if (gVar.f67963h) {
                    gVar.f67963h = false;
                    Iterator<g> it = this.f67945j.iterator();
                    while (true) {
                        if (!it.hasNext()) {
                            z8 = false;
                            break;
                        } else if (it.next().f67963h) {
                            break;
                        }
                    }
                    this.f67946k.setEnabled(z8);
                } else {
                    gVar.f67963h = true;
                    this.f67946k.setEnabled(true);
                }
                if (view instanceof Checkable) {
                    ((Checkable) view).setChecked(gVar.f67963h);
                    ((Checkable) view.findViewById(R.id.cert_check)).setChecked(gVar.f67963h);
                }
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes6.dex */
    public static class f {

        /* renamed from: a, reason: collision with root package name */
        Principal f67948a;

        /* renamed from: b, reason: collision with root package name */
        String f67949b;

        /* renamed from: c, reason: collision with root package name */
        Principal f67950c;

        /* renamed from: d, reason: collision with root package name */
        String f67951d;

        /* renamed from: e, reason: collision with root package name */
        Date f67952e;

        /* renamed from: f, reason: collision with root package name */
        Date f67953f;

        /* renamed from: g, reason: collision with root package name */
        String f67954g;

        /* renamed from: h, reason: collision with root package name */
        String f67955h;

        /* renamed from: i, reason: collision with root package name */
        String f67956i;

        f() {
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes6.dex */
    public static class g implements Comparable<g> {

        /* renamed from: b, reason: collision with root package name */
        long f67957b;

        /* renamed from: c, reason: collision with root package name */
        MailAccountSslInfo.SslServerName f67958c;

        /* renamed from: d, reason: collision with root package name */
        f f67959d;

        /* renamed from: e, reason: collision with root package name */
        f f67960e;

        /* renamed from: f, reason: collision with root package name */
        String f67961f;

        /* renamed from: g, reason: collision with root package name */
        String f67962g;

        /* renamed from: h, reason: collision with root package name */
        boolean f67963h;

        g() {
        }

        @Override // java.lang.Comparable
        /* renamed from: a, reason: merged with bridge method [inline-methods] */
        public int compareTo(@o0 g gVar) {
            return this.f67958c.compareTo(gVar.f67958c);
        }
    }

    /* loaded from: classes6.dex */
    static class h implements AsyncDataLoader.LoadItem {

        /* renamed from: b, reason: collision with root package name */
        private final e f67964b;

        /* renamed from: c, reason: collision with root package name */
        private final n f67965c;

        /* renamed from: d, reason: collision with root package name */
        private final MailAccountSslInfo f67966d;

        /* renamed from: e, reason: collision with root package name */
        private final Set<MailAccountSslInfo.SslServerName> f67967e;

        /* renamed from: f, reason: collision with root package name */
        private final boolean f67968f;

        /* renamed from: g, reason: collision with root package name */
        private List<g> f67969g;

        /* renamed from: h, reason: collision with root package name */
        private MessageDigest f67970h;

        /* renamed from: i, reason: collision with root package name */
        private MessageDigest f67971i;

        h(e eVar, n nVar, MailAccountSslInfo mailAccountSslInfo, Set<MailAccountSslInfo.SslServerName> set, boolean z8) {
            this.f67964b = eVar;
            this.f67965c = nVar;
            this.f67966d = mailAccountSslInfo;
            this.f67967e = org.kman.Compat.util.e.v(set);
            this.f67968f = z8;
        }

        private String a(byte[] bArr, MessageDigest messageDigest) {
            if (messageDigest == null) {
                return null;
            }
            messageDigest.reset();
            messageDigest.update(bArr);
            byte[] digest = messageDigest.digest();
            String j8 = n0.j(digest, 0, digest.length, ':');
            int length = j8.length();
            if (length == 47) {
                return j8.substring(0, 23) + " - " + j8.substring(24);
            }
            if (length != 59) {
                return j8;
            }
            return j8.substring(0, 29) + " - " + j8.substring(30);
        }

        private f b(n nVar, MailAccountSslInfo mailAccountSslInfo, MailAccountSslInfo.SslServerName sslServerName, String str) {
            X509Certificate t8;
            synchronized (nVar.f67923c) {
                t8 = nVar.t(mailAccountSslInfo, sslServerName, str);
            }
            if (t8 == null) {
                return null;
            }
            f fVar = new f();
            X500Principal subjectX500Principal = t8.getSubjectX500Principal();
            fVar.f67948a = subjectX500Principal;
            if (subjectX500Principal != null) {
                fVar.f67949b = subjectX500Principal.toString();
            }
            X500Principal issuerX500Principal = t8.getIssuerX500Principal();
            fVar.f67950c = issuerX500Principal;
            if (issuerX500Principal != null) {
                fVar.f67951d = issuerX500Principal.toString();
            }
            fVar.f67952e = t8.getNotBefore();
            fVar.f67953f = t8.getNotAfter();
            try {
                byte[] encoded = t8.getEncoded();
                fVar.f67954g = a(encoded, this.f67970h);
                fVar.f67955h = a(encoded, this.f67971i);
                fVar.f67956i = n.h(encoded);
            } catch (CertificateEncodingException e9) {
                org.kman.Compat.util.i.n0(n.TAG, e9);
            }
            return fVar;
        }

        @Override // org.kman.AquaMail.data.AsyncDataLoader.LoadItem
        public void close() {
        }

        @Override // org.kman.AquaMail.data.AsyncDataLoader.LoadItem
        public void deliver() {
            e eVar;
            if (this.f67969g == null || (eVar = this.f67964b) == null || !eVar.isShowing()) {
                return;
            }
            this.f67964b.d(this.f67969g);
        }

        @Override // org.kman.AquaMail.data.AsyncDataLoader.LoadItem
        public void load() {
            n nVar = this.f67965c;
            MailAccountSslInfo mailAccountSslInfo = this.f67966d;
            Set<MailAccountSslInfo.SslServerName> set = this.f67967e;
            try {
                this.f67970h = MessageDigest.getInstance("MD5");
            } catch (Exception e9) {
                org.kman.Compat.util.i.n0(n.TAG, e9);
            }
            try {
                this.f67971i = MessageDigest.getInstance(n.HASH_SHA1);
            } catch (Exception e10) {
                org.kman.Compat.util.i.n0(n.TAG, e10);
            }
            long j8 = 0;
            for (MailAccountSslInfo.SslServerName sslServerName : set) {
                g gVar = new g();
                j8++;
                gVar.f67957b = j8;
                gVar.f67958c = sslServerName;
                if (this.f67968f) {
                    gVar.f67959d = b(nVar, mailAccountSslInfo, sslServerName, null);
                    f b9 = b(nVar, mailAccountSslInfo, sslServerName, "new");
                    gVar.f67960e = b9;
                    f fVar = gVar.f67959d;
                    if (fVar != null) {
                        gVar.f67961f = fVar.f67956i;
                    }
                    if (b9 != null) {
                        gVar.f67962g = b9.f67956i;
                    }
                } else {
                    gVar.f67960e = b(nVar, mailAccountSslInfo, sslServerName, null);
                }
                if (this.f67969g == null) {
                    this.f67969g = org.kman.Compat.util.e.i();
                }
                this.f67969g.add(gVar);
            }
            List<g> list = this.f67969g;
            if (list != null) {
                Collections.sort(list);
            }
        }
    }

    private n(Context context) {
        Context applicationContext = context.getApplicationContext();
        this.f67921a = applicationContext;
        File file = new File(applicationContext.getFilesDir(), CERT_DIR);
        this.f67922b = file;
        if (!file.exists()) {
            file.mkdirs();
        }
        this.f67923c = new Object();
        this.f67924d = new org.kman.Compat.util.android.c<>(8);
        this.f67925e = new org.kman.Compat.util.android.c<>(8);
    }

    private static String g(X509Certificate x509Certificate) {
        try {
            return h(x509Certificate.getEncoded());
        } catch (CertificateEncodingException e9) {
            org.kman.Compat.util.i.n0(TAG, e9);
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static String h(byte[] bArr) {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance(HASH_SHA1);
            if (messageDigest == null) {
                return null;
            }
            messageDigest.reset();
            messageDigest.update(bArr);
            return n0.i(messageDigest.digest());
        } catch (NoSuchAlgorithmException e9) {
            org.kman.Compat.util.i.n0(TAG, e9);
            return null;
        }
    }

    private void i(String str, File file) {
        if (file.exists()) {
            org.kman.Compat.util.i.K(TAG, "Deleting %s %s", str, file.getName());
            file.delete();
        }
    }

    private void j(MailAccountSslInfo mailAccountSslInfo, MailAccountSslInfo.SslServerName sslServerName, String str) {
        String c9 = sslServerName.c(mailAccountSslInfo.getSslStorageKey(), str);
        File file = new File(this.f67922b, c9);
        this.f67924d.m(c9);
        if (file.delete()) {
            org.kman.Compat.util.i.J(TAG, "Deleted certificate in %s", c9);
        }
    }

    private X509Certificate l(X509Certificate x509Certificate, Certificate[] certificateArr) {
        X500Principal issuerX500Principal = x509Certificate.getIssuerX500Principal();
        if (issuerX500Principal != null) {
            for (int i8 = 1; i8 < certificateArr.length; i8++) {
                Certificate certificate = certificateArr[i8];
                if (certificate instanceof X509Certificate) {
                    X509Certificate x509Certificate2 = (X509Certificate) certificate;
                    if (x509Certificate2.getSubjectX500Principal().equals(issuerX500Principal)) {
                        org.kman.Compat.util.i.J(TAG, "Found certificate for issuer %s", issuerX500Principal);
                        Set singleton = Collections.singleton(new TrustAnchor(x509Certificate2, null));
                        try {
                            CertPathValidator certPathValidator = CertPathValidator.getInstance("PKIX");
                            PKIXParameters pKIXParameters = new PKIXParameters((Set<TrustAnchor>) singleton);
                            pKIXParameters.setRevocationEnabled(false);
                            if (this.f67926f == null) {
                                this.f67926f = CertificateFactory.getInstance("X.509");
                            }
                            certPathValidator.validate(this.f67926f.generateCertPath(Collections.singletonList(x509Certificate)), pKIXParameters);
                            return x509Certificate2;
                        } catch (Exception e9) {
                            org.kman.Compat.util.i.m0(TAG, "Error validating issuer certificate", e9);
                            return null;
                        }
                    }
                }
            }
        }
        return null;
    }

    public static n m(Context context) {
        n nVar;
        synchronized (n.class) {
            if (f67919h == null) {
                f67919h = new n(context);
            }
            nVar = f67919h;
        }
        return nVar;
    }

    private File n(MailAccountSslInfo.SslServerName sslServerName, long j8, String str) {
        return new File(this.f67922b, sslServerName.c(j8, str));
    }

    private static SharedPreferences o(Context context) {
        if (f67920i == null) {
            f67920i = PreferenceManager.getDefaultSharedPreferences(context.getApplicationContext());
        }
        return f67920i;
    }

    public static boolean p(Context context) {
        boolean z8;
        synchronized (n.class) {
            z8 = o(context).getBoolean(Prefs.PREF_NETWORK_SSL_CHECKING_KEY, false);
        }
        return z8;
    }

    private boolean q(X509Certificate x509Certificate) {
        byte[] signature = x509Certificate.getSignature();
        if (signature != null) {
            org.kman.Compat.util.i.K(TAG, "Issuer cert: %s, signature base64: %s", x509Certificate, org.kman.AquaMail.util.g.f(signature));
            for (String str : f67918g) {
                byte[] b9 = org.kman.AquaMail.util.g.b(str);
                if (b9 != null && Arrays.equals(b9, signature)) {
                    return true;
                }
            }
        }
        return false;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static /* synthetic */ boolean r(String str, File file) {
        return file.getName().startsWith(str);
    }

    private b s(String str) {
        FileInputStream fileInputStream;
        b g8 = this.f67925e.g(str);
        if (g8 != null) {
            org.kman.Compat.util.i.J(TAG, "Got accepted set from cache %s", str);
            return g8;
        }
        File file = new File(this.f67922b, str);
        org.kman.Compat.util.i.J(TAG, "Loading accepted set from %s", str);
        FileInputStream fileInputStream2 = null;
        try {
            fileInputStream = new FileInputStream(file);
            try {
                try {
                    b bVar = new b();
                    bVar.c(fileInputStream);
                    this.f67925e.k(str, bVar);
                    t.g(fileInputStream);
                    return bVar;
                } catch (IOException e9) {
                    e = e9;
                    org.kman.Compat.util.i.J(TAG, "Error loading accepted set: %s", e);
                    t.g(fileInputStream);
                    return null;
                }
            } catch (Throwable th) {
                th = th;
                fileInputStream2 = fileInputStream;
                t.g(fileInputStream2);
                throw th;
            }
        } catch (IOException e10) {
            e = e10;
            fileInputStream = null;
        } catch (Throwable th2) {
            th = th2;
            t.g(fileInputStream2);
            throw th;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* JADX WARN: Not initialized variable reg: 1, insn: 0x004e: MOVE (r6 I:??[OBJECT, ARRAY]) = (r1 I:??[OBJECT, ARRAY]), block:B:27:0x004e */
    public X509Certificate t(MailAccountSslInfo mailAccountSslInfo, MailAccountSslInfo.SslServerName sslServerName, String str) {
        FileInputStream fileInputStream;
        InputStream inputStream;
        String c9 = sslServerName.c(mailAccountSslInfo.getSslStorageKey(), str);
        File file = new File(this.f67922b, c9);
        X509Certificate g8 = this.f67924d.g(c9);
        if (g8 != null) {
            org.kman.Compat.util.i.J(TAG, "Got certificate from cache %s", c9);
            return g8;
        }
        org.kman.Compat.util.i.J(TAG, "Loading certificate from %s", c9);
        InputStream inputStream2 = null;
        try {
            try {
                fileInputStream = new FileInputStream(file);
                try {
                    if (this.f67926f == null) {
                        this.f67926f = CertificateFactory.getInstance("X.509");
                    }
                    Certificate generateCertificate = this.f67926f.generateCertificate(fileInputStream);
                    if (generateCertificate instanceof X509Certificate) {
                        X509Certificate x509Certificate = (X509Certificate) generateCertificate;
                        this.f67924d.k(c9, x509Certificate);
                        t.g(fileInputStream);
                        return x509Certificate;
                    }
                } catch (IOException e9) {
                    e = e9;
                    org.kman.Compat.util.i.J(TAG, "Error loading certificate: %s", e);
                    t.g(fileInputStream);
                    return null;
                } catch (CertificateException e10) {
                    e = e10;
                    org.kman.Compat.util.i.m0(TAG, "Error loading certificate", e);
                    this.f67926f = null;
                    t.g(fileInputStream);
                    return null;
                }
            } catch (Throwable th) {
                th = th;
                inputStream2 = inputStream;
                t.g(inputStream2);
                throw th;
            }
        } catch (IOException e11) {
            e = e11;
            fileInputStream = null;
        } catch (CertificateException e12) {
            e = e12;
            fileInputStream = null;
        } catch (Throwable th2) {
            th = th2;
            t.g(inputStream2);
            throw th;
        }
        t.g(fileInputStream);
        return null;
    }

    private void u(String str, File file, File file2) {
        file2.delete();
        if (file.exists()) {
            org.kman.Compat.util.i.L(TAG, "Moving %s %s to %s", str, file.getName(), file2.getName());
            org.kman.Compat.util.i.K(TAG, "Moving %s worked: %b", str, Boolean.valueOf(file.renameTo(file2)));
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r1v1, types: [java.lang.String] */
    /* JADX WARN: Type inference failed for: r1v10 */
    /* JADX WARN: Type inference failed for: r1v2 */
    /* JADX WARN: Type inference failed for: r1v4, types: [java.io.OutputStream] */
    /* JADX WARN: Type inference failed for: r1v5 */
    /* JADX WARN: Type inference failed for: r1v7, types: [java.io.OutputStream] */
    /* JADX WARN: Type inference failed for: r1v9 */
    private void v(MailAccountSslInfo.SslServerName sslServerName, String str, b bVar) {
        Throwable th;
        FileOutputStream fileOutputStream;
        IOException e9;
        File file = new File(this.f67922b, str);
        ?? r12 = "Saving accepted set for %s to %s";
        org.kman.Compat.util.i.K(TAG, "Saving accepted set for %s to %s", sslServerName.b(), str);
        this.f67925e.m(str);
        file.delete();
        try {
            try {
                fileOutputStream = new FileOutputStream(file);
                try {
                    bVar.d(fileOutputStream);
                    fileOutputStream.flush();
                    this.f67925e.k(str, bVar);
                    r12 = fileOutputStream;
                } catch (IOException e10) {
                    e9 = e10;
                    org.kman.Compat.util.i.m0(TAG, "Error writing accepted set", e9);
                    r12 = fileOutputStream;
                    t.h(r12);
                }
            } catch (Throwable th2) {
                th = th2;
                t.h(r12);
                throw th;
            }
        } catch (IOException e11) {
            fileOutputStream = null;
            e9 = e11;
        } catch (Throwable th3) {
            r12 = 0;
            th = th3;
            t.h(r12);
            throw th;
        }
        t.h(r12);
    }

    private void w(MailAccountSslInfo mailAccountSslInfo, MailAccountSslInfo.SslServerName sslServerName, X509Certificate x509Certificate, String str) {
        FileOutputStream fileOutputStream;
        String c9 = sslServerName.c(mailAccountSslInfo.getSslStorageKey(), str);
        File file = new File(this.f67922b, c9);
        org.kman.Compat.util.i.K(TAG, "Saving certificate for %s to %s", sslServerName.b(), c9);
        this.f67924d.m(c9);
        file.delete();
        if (x509Certificate == null) {
            org.kman.Compat.util.i.J(TAG, "Certificate for %s is null, nothing to save", sslServerName.b());
            return;
        }
        try {
            byte[] encoded = x509Certificate.getEncoded();
            FileOutputStream fileOutputStream2 = null;
            try {
                try {
                    fileOutputStream = new FileOutputStream(file);
                } catch (Throwable th) {
                    th = th;
                }
            } catch (IOException e9) {
                e = e9;
            }
            try {
                fileOutputStream.write(encoded);
                fileOutputStream.flush();
                t.h(fileOutputStream);
                this.f67924d.k(c9, x509Certificate);
                org.kman.Compat.util.i.K(TAG, "Saved certificate for %s to %s", sslServerName.b(), c9);
            } catch (IOException e10) {
                e = e10;
                fileOutputStream2 = fileOutputStream;
                org.kman.Compat.util.i.m0(TAG, "Error writing certificate bytes", e);
                t.h(fileOutputStream2);
            } catch (Throwable th2) {
                th = th2;
                fileOutputStream2 = fileOutputStream;
                t.h(fileOutputStream2);
                throw th;
            }
        } catch (CertificateEncodingException e11) {
            org.kman.Compat.util.i.m0(TAG, "Error getting certificate bytes", e11);
        }
    }

    public boolean b(MailAccountSslInfo mailAccountSslInfo, Collection<a> collection) {
        boolean z8 = false;
        for (a aVar : collection) {
            MailAccountSslInfo.SslServerName sslServerName = aVar.f67927a;
            z8 |= mailAccountSslInfo.removeErrorSslInfo(sslServerName);
            long sslStorageKey = mailAccountSslInfo.getSslStorageKey();
            File n8 = n(sslServerName, sslStorageKey, SUFFIX_CERT);
            File n9 = n(sslServerName, sslStorageKey, "new");
            String c9 = sslServerName.c(sslStorageKey, SUFFIX_ACCEPTED);
            synchronized (this.f67923c) {
                u("new->curr", n9, n8);
                this.f67924d.a();
                if (aVar.f67928b != null || aVar.f67929c != null) {
                    b s8 = s(c9);
                    if (s8 == null) {
                        s8 = new b();
                    }
                    String str = aVar.f67928b;
                    boolean z9 = true;
                    boolean z10 = str != null && s8.a(str);
                    String str2 = aVar.f67929c;
                    if (str2 == null || !s8.a(str2)) {
                        z9 = false;
                    }
                    if (z10 || z9) {
                        v(sslServerName, c9, s8);
                    }
                }
            }
        }
        return z8;
    }

    public void f(Context context, MailAccountSslInfo mailAccountSslInfo, SSLSocket sSLSocket, Endpoint endpoint) throws SSLException {
        b s8;
        try {
            Certificate[] peerCertificates = sSLSocket.getSession().getPeerCertificates();
            if (peerCertificates == null || peerCertificates.length == 0) {
                return;
            }
            Certificate certificate = peerCertificates[0];
            if (certificate instanceof X509Certificate) {
                X509Certificate x509Certificate = (X509Certificate) certificate;
                if (org.kman.Compat.util.i.Q()) {
                    org.kman.Compat.util.i.L(TAG, "Certificate for %s: subject: %s, issuer: %s", endpoint, x509Certificate.getSubjectDN(), x509Certificate.getIssuerDN());
                }
                MailAccountSslInfo.SslServerName sslServerName = new MailAccountSslInfo.SslServerName(endpoint.f67823a, endpoint.f67824b);
                if (mailAccountSslInfo.isCheckingAccount()) {
                    synchronized (this.f67923c) {
                        w(mailAccountSslInfo, sslServerName, x509Certificate, SUFFIX_CERT);
                    }
                    mailAccountSslInfo.addCheckingSslInfo(sslServerName);
                    return;
                }
                synchronized (this.f67923c) {
                    String str = SUFFIX_CERT;
                    X509Certificate t8 = t(mailAccountSslInfo, sslServerName, str);
                    if (t8 == null) {
                        org.kman.Compat.util.i.J(TAG, "There is no certificate for %s yet", endpoint);
                        w(mailAccountSslInfo, sslServerName, x509Certificate, str);
                        return;
                    }
                    if (t8.equals(x509Certificate)) {
                        org.kman.Compat.util.i.J(TAG, "Certificate for %s matches existing", endpoint);
                        mailAccountSslInfo.removeErrorSslInfo(sslServerName);
                        j(mailAccountSslInfo, sslServerName, "new");
                        return;
                    }
                    String g8 = g(x509Certificate);
                    if (g8 != null && (s8 = s(sslServerName.c(mailAccountSslInfo.getSslStorageKey(), SUFFIX_ACCEPTED))) != null && s8.b(g8)) {
                        org.kman.Compat.util.i.J(TAG, "Certificate for %s was accepted before", endpoint);
                        mailAccountSslInfo.removeErrorSslInfo(sslServerName);
                        j(mailAccountSslInfo, sslServerName, "new");
                        w(mailAccountSslInfo, sslServerName, x509Certificate, str);
                        return;
                    }
                    X509Certificate l8 = l(x509Certificate, peerCertificates);
                    if (l8 == null || !q(l8)) {
                        mailAccountSslInfo.addErrorSslInfo(sslServerName);
                        w(mailAccountSslInfo, sslServerName, x509Certificate, "new");
                        throw new SSLCertificateChangeException(String.format(Locale.US, "Certificate change for %s", endpoint));
                    }
                    org.kman.Compat.util.i.I(TAG, "This cert is from a special issuer");
                    mailAccountSslInfo.removeErrorSslInfo(sslServerName);
                    j(mailAccountSslInfo, sslServerName, "new");
                    w(mailAccountSslInfo, sslServerName, x509Certificate, str);
                }
            }
        } catch (SSLPeerUnverifiedException e9) {
            org.kman.Compat.util.i.m0(TAG, "No peer certificate, assuming _anon_ cipher", e9);
        }
    }

    public void k(MailAccountSslInfo mailAccountSslInfo) {
        final String d9 = MailAccountSslInfo.SslServerName.d(mailAccountSslInfo.getSslStorageKey());
        File[] listFiles = this.f67922b.listFiles(new FileFilter() { // from class: org.kman.AquaMail.net.m
            @Override // java.io.FileFilter
            public final boolean accept(File file) {
                boolean r8;
                r8 = n.r(d9, file);
                return r8;
            }
        });
        if (listFiles != null) {
            for (File file : listFiles) {
                org.kman.Compat.util.i.J(TAG, "Deleting %s", file.getName());
                file.delete();
            }
        }
        synchronized (this.f67923c) {
            this.f67924d.a();
        }
    }

    public void x(MailAccountSslInfo mailAccountSslInfo, MailAccountSslInfo mailAccountSslInfo2) {
        Set<MailAccountSslInfo.SslServerName> checkingSslInfo = mailAccountSslInfo.getCheckingSslInfo();
        if (checkingSslInfo != null) {
            for (MailAccountSslInfo.SslServerName sslServerName : checkingSslInfo) {
                long sslStorageKey = mailAccountSslInfo.getSslStorageKey();
                String str = SUFFIX_CERT;
                File n8 = n(sslServerName, sslStorageKey, str);
                long sslStorageKey2 = mailAccountSslInfo2.getSslStorageKey();
                File n9 = n(sslServerName, sslStorageKey2, str);
                File n10 = n(sslServerName, sslStorageKey2, "new");
                File file = new File(this.f67922b, sslServerName.c(sslStorageKey2, SUFFIX_ACCEPTED));
                synchronized (this.f67923c) {
                    u("checking->curr", n8, n9);
                    i("new", n10);
                    file.delete();
                    this.f67924d.a();
                    this.f67925e.a();
                }
            }
        }
    }

    public Dialog y(Context context, MailAccountSslInfo mailAccountSslInfo, Set<MailAccountSslInfo.SslServerName> set, DialogInterface.OnDismissListener onDismissListener, c cVar) {
        e eVar = new e(context, this, mailAccountSslInfo, set, cVar);
        eVar.setOnDismissListener(onDismissListener);
        return eVar;
    }
}
