package org.kman.AquaMail.net;

import android.app.Dialog;
import android.content.Context;
import android.content.DialogInterface;
import android.content.SharedPreferences;
import android.preference.PreferenceManager;
import java.io.File;
import java.io.FileFilter;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Collection;
import java.util.Locale;
import java.util.Set;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSocket;
import org.kman.AquaMail.coredefs.MailAccountSslInfo;
import org.kman.AquaMail.coredefs.SSLCertificateChangeException;
import org.kman.AquaMail.util.Prefs;
import org.kman.AquaMail.util.ad;

/* loaded from: classes.dex */
public class n {
    private static final String CERT_DIR = "certs";
    private static final String HASH_MD5 = "MD5";
    private static final String HASH_SHA1 = "SHA1";
    private static final String SUFFIX_ACCEPTED = "accepted";
    private static final String SUFFIX_CERT = null;
    private static final String SUFFIX_CERT_NEW = "new";
    private static final String TAG = "SSLCertificateChecker";
    private static n g;
    private static SharedPreferences h;

    /* renamed from: a, reason: collision with root package name */
    private final Context f1940a;
    private final File b;
    private final Object c;
    private final org.kman.Compat.util.android.c<String, X509Certificate> d;
    private final org.kman.Compat.util.android.c<String, p> e;
    private CertificateFactory f;

    private n(Context context) {
        this.f1940a = context.getApplicationContext();
        this.b = new File(this.f1940a.getFilesDir(), CERT_DIR);
        if (!this.b.exists()) {
            this.b.mkdirs();
        }
        this.c = new Object();
        this.d = new org.kman.Compat.util.android.c<>(8);
        this.e = new org.kman.Compat.util.android.c<>(8);
    }

    static String a(X509Certificate x509Certificate) {
        try {
            return a(x509Certificate.getEncoded());
        } catch (CertificateEncodingException e) {
            org.kman.Compat.util.l.a(TAG, e);
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public static String a(byte[] bArr) {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance(HASH_SHA1);
            if (messageDigest != null) {
                messageDigest.reset();
                messageDigest.update(bArr);
                return ad.b(messageDigest.digest());
            }
        } catch (NoSuchAlgorithmException e) {
            org.kman.Compat.util.l.a(TAG, e);
        }
        return null;
    }

    public static n a(Context context) {
        n nVar;
        synchronized (n.class) {
            if (g == null) {
                g = new n(context);
            }
            nVar = g;
        }
        return nVar;
    }

    public static boolean b(Context context) {
        boolean z;
        synchronized (w.class) {
            z = c(context).getBoolean(Prefs.PREF_NETWORK_SSL_CHECKING_KEY, false);
        }
        return z;
    }

    private static SharedPreferences c(Context context) {
        if (h == null) {
            h = PreferenceManager.getDefaultSharedPreferences(context.getApplicationContext());
        }
        return h;
    }

    public Dialog a(Context context, MailAccountSslInfo mailAccountSslInfo, Set<MailAccountSslInfo.SslServerName> set, DialogInterface.OnDismissListener onDismissListener, q qVar) {
        s sVar = new s(context, this, mailAccountSslInfo, set, qVar);
        sVar.setOnDismissListener(onDismissListener);
        return sVar;
    }

    File a(MailAccountSslInfo.SslServerName sslServerName, long j, String str) {
        return new File(this.b, sslServerName.a(j, str));
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r2v1, types: [java.lang.String] */
    /* JADX WARN: Type inference failed for: r2v2 */
    /* JADX WARN: Type inference failed for: r2v5, types: [java.io.InputStream] */
    public X509Certificate a(MailAccountSslInfo mailAccountSslInfo, MailAccountSslInfo.SslServerName sslServerName, String str) {
        FileInputStream fileInputStream;
        Certificate generateCertificate;
        String a2 = sslServerName.a(mailAccountSslInfo.getSslStorageKey(), str);
        File file = new File(this.b, a2);
        X509Certificate a3 = this.d.a((org.kman.Compat.util.android.c<String, X509Certificate>) a2);
        if (a3 != null) {
            org.kman.Compat.util.l.a(TAG, "Got certificate from cache %s", a2);
            return a3;
        }
        ?? r2 = "Loading certificate from %s";
        org.kman.Compat.util.l.a(TAG, "Loading certificate from %s", a2);
        try {
            try {
                fileInputStream = new FileInputStream(file);
                try {
                    if (this.f == null) {
                        this.f = CertificateFactory.getInstance("X.509");
                    }
                    generateCertificate = this.f.generateCertificate(fileInputStream);
                } catch (IOException e) {
                    e = e;
                    org.kman.Compat.util.l.a(TAG, "Error loading certificate: %s", e);
                    org.kman.AquaMail.f.q.a(fileInputStream);
                    return null;
                } catch (CertificateException e2) {
                    e = e2;
                    org.kman.Compat.util.l.a(TAG, "Error loading certificate", e);
                    this.f = null;
                    org.kman.AquaMail.f.q.a(fileInputStream);
                    return null;
                }
            } catch (Throwable th) {
                th = th;
                org.kman.AquaMail.f.q.a((InputStream) r2);
                throw th;
            }
        } catch (IOException e3) {
            e = e3;
            fileInputStream = null;
        } catch (CertificateException e4) {
            e = e4;
            fileInputStream = null;
        } catch (Throwable th2) {
            th = th2;
            r2 = 0;
            org.kman.AquaMail.f.q.a((InputStream) r2);
            throw th;
        }
        if (!(generateCertificate instanceof X509Certificate)) {
            org.kman.AquaMail.f.q.a(fileInputStream);
            return null;
        }
        X509Certificate x509Certificate = (X509Certificate) generateCertificate;
        this.d.a(a2, x509Certificate);
        org.kman.AquaMail.f.q.a(fileInputStream);
        return x509Certificate;
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r2v1, types: [java.lang.String] */
    /* JADX WARN: Type inference failed for: r2v10 */
    /* JADX WARN: Type inference failed for: r2v2 */
    /* JADX WARN: Type inference failed for: r2v4, types: [java.io.InputStream] */
    /* JADX WARN: Type inference failed for: r2v5 */
    /* JADX WARN: Type inference failed for: r2v7 */
    /* JADX WARN: Type inference failed for: r2v9 */
    p a(String str) {
        FileInputStream fileInputStream;
        p a2 = this.e.a((org.kman.Compat.util.android.c<String, p>) str);
        if (a2 != null) {
            org.kman.Compat.util.l.a(TAG, "Got accepted set from cache %s", str);
        } else {
            File file = new File(this.b, str);
            ?? r2 = TAG;
            org.kman.Compat.util.l.a(TAG, "Loading accepted set from %s", str);
            try {
                try {
                    fileInputStream = new FileInputStream(file);
                    try {
                        p pVar = new p();
                        pVar.a(fileInputStream);
                        this.e.a(str, pVar);
                        org.kman.AquaMail.f.q.a(fileInputStream);
                        a2 = pVar;
                        r2 = fileInputStream;
                    } catch (IOException e) {
                        e = e;
                        org.kman.Compat.util.l.a(TAG, "Error loading accepted set: %s", e);
                        org.kman.AquaMail.f.q.a(fileInputStream);
                        a2 = null;
                        r2 = fileInputStream;
                        return a2;
                    }
                } catch (Throwable th) {
                    th = th;
                    org.kman.AquaMail.f.q.a((InputStream) r2);
                    throw th;
                }
            } catch (IOException e2) {
                e = e2;
                fileInputStream = null;
            } catch (Throwable th2) {
                th = th2;
                r2 = 0;
                org.kman.AquaMail.f.q.a((InputStream) r2);
                throw th;
            }
        }
        return a2;
    }

    public void a(Context context, MailAccountSslInfo mailAccountSslInfo, SSLSocket sSLSocket, Endpoint endpoint) {
        p a2;
        try {
            Certificate[] peerCertificates = sSLSocket.getSession().getPeerCertificates();
            if (peerCertificates == null || peerCertificates.length == 0 || !(peerCertificates[0] instanceof X509Certificate)) {
                return;
            }
            X509Certificate x509Certificate = (X509Certificate) peerCertificates[0];
            if (org.kman.Compat.util.l.c()) {
                org.kman.Compat.util.l.a(TAG, "Certificate for %s: subject: %s, issuer: %s", endpoint, x509Certificate.getSubjectDN(), x509Certificate.getIssuerDN());
            }
            MailAccountSslInfo.SslServerName sslServerName = new MailAccountSslInfo.SslServerName(endpoint.f1929a, endpoint.b);
            if (mailAccountSslInfo.isCheckingAccount()) {
                synchronized (this.c) {
                    a(mailAccountSslInfo, sslServerName, x509Certificate, SUFFIX_CERT);
                }
                mailAccountSslInfo.addCheckingSslInfo(sslServerName);
                return;
            }
            synchronized (this.c) {
                X509Certificate a3 = a(mailAccountSslInfo, sslServerName, SUFFIX_CERT);
                if (a3 == null) {
                    org.kman.Compat.util.l.a(TAG, "There is no certificate for %s yet", endpoint);
                    a(mailAccountSslInfo, sslServerName, x509Certificate, SUFFIX_CERT);
                    return;
                }
                if (a3 != null && a3.equals(x509Certificate)) {
                    org.kman.Compat.util.l.a(TAG, "Certificate for %s matches existing", endpoint);
                    mailAccountSslInfo.removeErrorSslInfo(sslServerName);
                    b(mailAccountSslInfo, sslServerName, SUFFIX_CERT_NEW);
                    return;
                }
                String a4 = a(x509Certificate);
                if (a4 == null || (a2 = a(sslServerName.a(mailAccountSslInfo.getSslStorageKey(), SUFFIX_ACCEPTED))) == null || !a2.b(a4)) {
                    mailAccountSslInfo.addErrorSslInfo(sslServerName);
                    a(mailAccountSslInfo, sslServerName, x509Certificate, SUFFIX_CERT_NEW);
                    throw new SSLCertificateChangeException(String.format(Locale.US, "Certificate change for %s", endpoint));
                }
                org.kman.Compat.util.l.a(TAG, "Certificate for %s was accepted before", endpoint);
                mailAccountSslInfo.removeErrorSslInfo(sslServerName);
                b(mailAccountSslInfo, sslServerName, SUFFIX_CERT_NEW);
                a(mailAccountSslInfo, sslServerName, x509Certificate, SUFFIX_CERT);
            }
        } catch (SSLPeerUnverifiedException e) {
            org.kman.Compat.util.l.a(TAG, "No peer certificate, assuming _anon_ cipher", e);
        }
    }

    void a(String str, File file) {
        if (file.exists()) {
            org.kman.Compat.util.l.a(TAG, "Deleting %s %s", str, file.getName());
            file.delete();
        }
    }

    void a(String str, File file, File file2) {
        file2.delete();
        if (file.exists()) {
            org.kman.Compat.util.l.a(TAG, "Moving %s %s to %s", str, file.getName(), file2.getName());
            org.kman.Compat.util.l.a(TAG, "Moving %s worked: %b", str, Boolean.valueOf(file.renameTo(file2)));
        }
    }

    void a(MailAccountSslInfo.SslServerName sslServerName, String str, p pVar) {
        FileOutputStream fileOutputStream;
        File file = new File(this.b, str);
        org.kman.Compat.util.l.a(TAG, "Saving accepted set for %s to %s", sslServerName.a(), str);
        this.e.b(str);
        file.delete();
        try {
            fileOutputStream = new FileOutputStream(file);
            try {
                try {
                    pVar.a(fileOutputStream);
                    fileOutputStream.flush();
                    this.e.a(str, pVar);
                    org.kman.AquaMail.f.q.a(fileOutputStream);
                } catch (IOException e) {
                    e = e;
                    org.kman.Compat.util.l.a(TAG, "Error writing accepted set", e);
                    org.kman.AquaMail.f.q.a(fileOutputStream);
                }
            } catch (Throwable th) {
                th = th;
                org.kman.AquaMail.f.q.a(fileOutputStream);
                throw th;
            }
        } catch (IOException e2) {
            e = e2;
            fileOutputStream = null;
        } catch (Throwable th2) {
            th = th2;
            fileOutputStream = null;
            org.kman.AquaMail.f.q.a(fileOutputStream);
            throw th;
        }
    }

    public void a(MailAccountSslInfo mailAccountSslInfo) {
        final String a2 = MailAccountSslInfo.SslServerName.a(mailAccountSslInfo.getSslStorageKey());
        File[] listFiles = this.b.listFiles(new FileFilter() { // from class: org.kman.AquaMail.net.n.1
            @Override // java.io.FileFilter
            public boolean accept(File file) {
                return file.getName().startsWith(a2);
            }
        });
        if (listFiles != null) {
            for (File file : listFiles) {
                org.kman.Compat.util.l.a(TAG, "Deleting %s", file.getName());
                file.delete();
            }
        }
        synchronized (this.c) {
            this.d.a();
        }
    }

    void a(MailAccountSslInfo mailAccountSslInfo, MailAccountSslInfo.SslServerName sslServerName, X509Certificate x509Certificate, String str) {
        FileOutputStream fileOutputStream;
        String a2 = sslServerName.a(mailAccountSslInfo.getSslStorageKey(), str);
        File file = new File(this.b, a2);
        org.kman.Compat.util.l.a(TAG, "Saving certificate for %s to %s", sslServerName.a(), a2);
        this.d.b(a2);
        file.delete();
        if (x509Certificate == null) {
            org.kman.Compat.util.l.a(TAG, "Certificate for %s is null, nothing to save", sslServerName.a());
            return;
        }
        try {
            byte[] encoded = x509Certificate.getEncoded();
            try {
                fileOutputStream = new FileOutputStream(file);
                try {
                    try {
                        fileOutputStream.write(encoded);
                        fileOutputStream.flush();
                        org.kman.AquaMail.f.q.a(fileOutputStream);
                        this.d.a(a2, x509Certificate);
                        org.kman.Compat.util.l.a(TAG, "Saved certificate for %s to %s", sslServerName.a(), a2);
                    } catch (IOException e) {
                        e = e;
                        org.kman.Compat.util.l.a(TAG, "Error writing certificate bytes", e);
                        org.kman.AquaMail.f.q.a(fileOutputStream);
                    }
                } catch (Throwable th) {
                    th = th;
                    org.kman.AquaMail.f.q.a(fileOutputStream);
                    throw th;
                }
            } catch (IOException e2) {
                e = e2;
                fileOutputStream = null;
            } catch (Throwable th2) {
                th = th2;
                fileOutputStream = null;
                org.kman.AquaMail.f.q.a(fileOutputStream);
                throw th;
            }
        } catch (CertificateEncodingException e3) {
            org.kman.Compat.util.l.a(TAG, "Error getting certificate bytes", e3);
        }
    }

    public void a(MailAccountSslInfo mailAccountSslInfo, MailAccountSslInfo mailAccountSslInfo2) {
        Set<MailAccountSslInfo.SslServerName> checkingSslInfo = mailAccountSslInfo.getCheckingSslInfo();
        if (checkingSslInfo != null) {
            for (MailAccountSslInfo.SslServerName sslServerName : checkingSslInfo) {
                File a2 = a(sslServerName, mailAccountSslInfo.getSslStorageKey(), SUFFIX_CERT);
                long sslStorageKey = mailAccountSslInfo2.getSslStorageKey();
                File a3 = a(sslServerName, sslStorageKey, SUFFIX_CERT);
                File a4 = a(sslServerName, sslStorageKey, SUFFIX_CERT_NEW);
                File file = new File(this.b, sslServerName.a(sslStorageKey, SUFFIX_ACCEPTED));
                synchronized (this.c) {
                    a("checking->curr", a2, a3);
                    a(SUFFIX_CERT_NEW, a4);
                    file.delete();
                    this.d.a();
                    this.e.a();
                }
            }
        }
    }

    public boolean a(MailAccountSslInfo mailAccountSslInfo, Collection<o> collection) {
        boolean z = false;
        for (o oVar : collection) {
            MailAccountSslInfo.SslServerName sslServerName = oVar.f1942a;
            z |= mailAccountSslInfo.removeErrorSslInfo(sslServerName);
            long sslStorageKey = mailAccountSslInfo.getSslStorageKey();
            File a2 = a(sslServerName, sslStorageKey, SUFFIX_CERT);
            File a3 = a(sslServerName, sslStorageKey, SUFFIX_CERT_NEW);
            String a4 = sslServerName.a(sslStorageKey, SUFFIX_ACCEPTED);
            synchronized (this.c) {
                a("new->curr", a3, a2);
                this.d.a();
                if (oVar.b != null || oVar.c != null) {
                    p a5 = a(a4);
                    p pVar = a5 == null ? new p() : a5;
                    boolean z2 = oVar.b != null && pVar.a(oVar.b);
                    boolean z3 = oVar.c != null && pVar.a(oVar.c);
                    if (z2 || z3) {
                        a(sslServerName, a4, pVar);
                    }
                }
            }
        }
        return z;
    }

    void b(MailAccountSslInfo mailAccountSslInfo, MailAccountSslInfo.SslServerName sslServerName, String str) {
        String a2 = sslServerName.a(mailAccountSslInfo.getSslStorageKey(), str);
        File file = new File(this.b, a2);
        this.d.b(a2);
        if (file.delete()) {
            org.kman.Compat.util.l.a(TAG, "Deleted certificate in %s", a2);
        }
    }
}
