package org.kman.AquaMail.net;

import android.app.AlertDialog;
import android.app.Dialog;
import android.content.Context;
import android.content.DialogInterface;
import android.content.SharedPreferences;
import android.os.Bundle;
import android.preference.PreferenceManager;
import android.text.SpannableStringBuilder;
import android.text.format.DateUtils;
import android.text.style.StyleSpan;
import android.text.style.TextAppearanceSpan;
import android.util.TypedValue;
import android.view.LayoutInflater;
import android.view.View;
import android.view.ViewGroup;
import android.widget.AdapterView;
import android.widget.BaseAdapter;
import android.widget.Button;
import android.widget.Checkable;
import android.widget.ListAdapter;
import android.widget.ListView;
import android.widget.TextView;
import androidx.annotation.j0;
import java.io.BufferedInputStream;
import java.io.BufferedOutputStream;
import java.io.DataInputStream;
import java.io.DataOutputStream;
import java.io.EOFException;
import java.io.File;
import java.io.FileFilter;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.security.cert.CertPathValidator;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.PKIXParameters;
import java.security.cert.TrustAnchor;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import java.util.Set;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSocket;
import javax.security.auth.x500.X500Principal;
import org.kman.AquaMail.R;
import org.kman.AquaMail.coredefs.MailAccountSslInfo;
import org.kman.AquaMail.coredefs.SSLCertificateChangeException;
import org.kman.AquaMail.data.AsyncDataLoader;
import org.kman.AquaMail.p.t;
import org.kman.AquaMail.util.Prefs;
import org.kman.AquaMail.util.h2;
import org.kman.AquaMail.util.m0;
import org.kman.AquaMail.util.s;

/* loaded from: classes3.dex */
public class m {
    private static final String CERT_DIR = "certs";
    private static final String HASH_MD5 = "MD5";
    private static final String HASH_SHA1 = "SHA1";
    private static final String SUFFIX_ACCEPTED = "accepted";
    private static final String SUFFIX_CERT = null;
    private static final String SUFFIX_CERT_NEW = "new";
    private static final String TAG = "SSLCertificateChecker";

    /* renamed from: g, reason: collision with root package name */
    private static final String[] f8978g = {"yknlrNdkZHdbvnH6z/QeI8eaaWNUX+tM1hkoI2RmjhzHh4BkXwSLJq+Y3wpwvLwZPe57M6l/vfQF1HC7BSZ56prHmLkHGWU0zDzpP8UB+m8Mftt6cFxM/i0A8Mq+LY60qID7AROIy5w/5bt3yjpnNvPO1ScCckOgvW4C8UcFcT4BWekRnhrzhA+ApqJ4NS+2x6J/F3zhi1au7meIUScwYKViUsM31TvqhSoBOIeiz3CtpHrJxOfKxdq8IzLy/hjCe+DfOy/U0BDmlkz7RLchZA25AJQwEiaHWJg5BTgPzIJIDApHZu6/tF/E/3Co4X+LeSu4ZTKjubcx6Qr19h8y3A==", "HLeJluRT7bvs26gyAZ8so81trUISd7O45skDUmAge1cnxhG1P2cNmSxbWsoiCt2eux9LSD+PAj2LIYRFHW31/6xoic1k4tbWXkDCjir37xTTNqRAMPUyFRWSdvt+nlPqwnb8Oa2I/maSJukcxDjNSfpDh/Bd1lZNgdd/8cLdsE3+wypufJ9uXO1iQpnh9zbuFIwsIONGl1p3A8CgxkqI/UAih3JaGOqcpcdaCIzkBaR9uYQ1X4k2Vg5APRLouzVy7a8IVk6wuy6pm+T7HT4LY8ibS5FEZlfAFLSW8NwsVz9SBK2Vqn1N0PIMn5xA6NZVc7o835DLAFshEWfC7TIe3g=="};

    /* renamed from: h, reason: collision with root package name */
    private static m f8979h;
    private static SharedPreferences i;
    private final Context a;
    private final File b;

    /* renamed from: c, reason: collision with root package name */
    private final Object f8980c;

    /* renamed from: d, reason: collision with root package name */
    private final org.kman.Compat.util.android.c<String, X509Certificate> f8981d;

    /* renamed from: e, reason: collision with root package name */
    private final org.kman.Compat.util.android.c<String, b> f8982e;

    /* renamed from: f, reason: collision with root package name */
    private CertificateFactory f8983f;

    /* loaded from: classes3.dex */
    public static class a {
        final MailAccountSslInfo.SslServerName a;
        final String b;

        /* renamed from: c, reason: collision with root package name */
        final String f8984c;

        a(MailAccountSslInfo.SslServerName sslServerName, String str, String str2) {
            this.a = sslServerName;
            this.b = str;
            this.f8984c = str2;
        }

        public boolean equals(Object obj) {
            if (obj instanceof a) {
                return this.a.equals(((a) obj).a);
            }
            return false;
        }

        public int hashCode() {
            return this.a.hashCode();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes3.dex */
    public static class b {
        private static final int SIGNATURE_V1 = 436284168;
        private final Set<String> a = org.kman.Compat.util.e.d();

        b() {
        }

        void a(InputStream inputStream) throws IOException {
            BufferedInputStream bufferedInputStream = new BufferedInputStream(inputStream, 16384);
            try {
                DataInputStream dataInputStream = new DataInputStream(bufferedInputStream);
                try {
                    if (dataInputStream.readInt() != SIGNATURE_V1) {
                        throw new EOFException("Invalid data signature");
                    }
                    int readInt = dataInputStream.readInt();
                    for (int i = 0; i < readInt; i++) {
                        this.a.add(dataInputStream.readUTF());
                    }
                    t.a((InputStream) dataInputStream);
                    t.a((InputStream) bufferedInputStream);
                } catch (Throwable th) {
                    t.a((InputStream) dataInputStream);
                    throw th;
                }
            } catch (Throwable th2) {
                t.a((InputStream) bufferedInputStream);
                throw th2;
            }
        }

        void a(OutputStream outputStream) throws IOException {
            BufferedOutputStream bufferedOutputStream = new BufferedOutputStream(outputStream, 16384);
            try {
                DataOutputStream dataOutputStream = new DataOutputStream(bufferedOutputStream);
                try {
                    dataOutputStream.writeInt(SIGNATURE_V1);
                    dataOutputStream.writeInt(this.a.size());
                    Iterator<String> it = this.a.iterator();
                    while (it.hasNext()) {
                        dataOutputStream.writeUTF(it.next());
                    }
                    t.a((OutputStream) dataOutputStream);
                    t.a((OutputStream) bufferedOutputStream);
                } catch (Throwable th) {
                    t.a((OutputStream) dataOutputStream);
                    throw th;
                }
            } catch (Throwable th2) {
                t.a((OutputStream) bufferedOutputStream);
                throw th2;
            }
        }

        boolean a(String str) {
            return this.a.add(str);
        }

        boolean b(String str) {
            return this.a.contains(str);
        }
    }

    /* loaded from: classes3.dex */
    public interface c {
        void a(MailAccountSslInfo mailAccountSslInfo, Collection<a> collection);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes3.dex */
    public static class d extends BaseAdapter {
        private e a;
        private Context b;

        /* renamed from: c, reason: collision with root package name */
        private LayoutInflater f8985c;

        /* renamed from: d, reason: collision with root package name */
        private List<g> f8986d;

        /* renamed from: e, reason: collision with root package name */
        private SpannableStringBuilder f8987e;

        /* renamed from: f, reason: collision with root package name */
        private int f8988f;

        d(e eVar, List<g> list) {
            this.a = eVar;
            this.b = eVar.f8992f;
            this.f8985c = eVar.f8993g;
            this.f8986d = list;
            this.f8988f = (int) TypedValue.applyDimension(2, 16.0f, this.b.getResources().getDisplayMetrics());
        }

        private void a(SpannableStringBuilder spannableStringBuilder, int i) {
            if (spannableStringBuilder.length() != 0) {
                spannableStringBuilder.append("\n");
            }
            int length = spannableStringBuilder.length();
            spannableStringBuilder.append(this.b.getText(i));
            spannableStringBuilder.setSpan(new TextAppearanceSpan(null, 1, this.f8988f, null, null), length, spannableStringBuilder.length(), 33);
        }

        private void a(SpannableStringBuilder spannableStringBuilder, int i, Date date) {
            a(spannableStringBuilder, i, true, DateUtils.formatDateTime(this.b, date.getTime(), 524309));
        }

        private void a(SpannableStringBuilder spannableStringBuilder, int i, f fVar) {
            a(spannableStringBuilder, i);
            String str = fVar.b;
            if (str != null) {
                a(spannableStringBuilder, R.string.account_setup_view_ssl_subject, false, str);
            }
            String str2 = fVar.f8996d;
            if (str2 != null) {
                a(spannableStringBuilder, R.string.account_setup_view_ssl_issuer, false, str2);
            }
            Date date = fVar.f8997e;
            if (date != null) {
                a(spannableStringBuilder, R.string.account_setup_view_ssl_valid_from, date);
            }
            Date date2 = fVar.f8998f;
            if (date2 != null) {
                a(spannableStringBuilder, R.string.account_setup_view_ssl_valid_until, date2);
            }
            String str3 = fVar.f8999g;
            if (str3 != null) {
                a(spannableStringBuilder, "MD5", false, str3);
            }
            String str4 = fVar.f9000h;
            if (str4 != null) {
                a(spannableStringBuilder, m.HASH_SHA1, false, str4);
            }
        }

        private void a(SpannableStringBuilder spannableStringBuilder, int i, boolean z, String str) {
            a(spannableStringBuilder, this.b.getString(i), z, str);
        }

        private void a(SpannableStringBuilder spannableStringBuilder, String str, boolean z, String str2) {
            if (spannableStringBuilder.length() != 0) {
                spannableStringBuilder.append("\n");
            }
            int length = spannableStringBuilder.length();
            spannableStringBuilder.append((CharSequence) str);
            spannableStringBuilder.setSpan(new StyleSpan(1), length, spannableStringBuilder.length(), 33);
            if (z) {
                spannableStringBuilder.append(": ");
            } else {
                spannableStringBuilder.append(":\n");
            }
            spannableStringBuilder.append((CharSequence) str2);
        }

        @Override // android.widget.Adapter
        public int getCount() {
            return this.f8986d.size();
        }

        @Override // android.widget.Adapter
        public Object getItem(int i) {
            return this.f8986d.get(i);
        }

        @Override // android.widget.Adapter
        public long getItemId(int i) {
            return this.f8986d.get(i).a;
        }

        /* JADX WARN: Multi-variable type inference failed */
        /* JADX WARN: Type inference failed for: r8v1, types: [android.view.View] */
        /* JADX WARN: Type inference failed for: r8v4 */
        /* JADX WARN: Type inference failed for: r8v5 */
        /* JADX WARN: Type inference failed for: r9v11, types: [android.view.View] */
        @Override // android.widget.Adapter
        public View getView(int i, View view, ViewGroup viewGroup) {
            Checkable checkable = view;
            if (view == null) {
                checkable = this.f8985c.inflate(R.layout.view_ssl_dialog_item, viewGroup, false);
            }
            g gVar = this.f8986d.get(i);
            ((TextView) checkable.findViewById(R.id.cert_name)).setText(gVar.b.a());
            if (this.f8987e == null) {
                this.f8987e = new SpannableStringBuilder();
            }
            SpannableStringBuilder spannableStringBuilder = this.f8987e;
            TextView textView = (TextView) checkable.findViewById(R.id.cert_old);
            if (gVar.f9001c != null) {
                spannableStringBuilder.clear();
                a(spannableStringBuilder, R.string.account_setup_view_ssl_old, gVar.f9001c);
                textView.setText(spannableStringBuilder);
                textView.setVisibility(0);
            } else {
                textView.setVisibility(8);
            }
            TextView textView2 = (TextView) checkable.findViewById(R.id.cert_new);
            if (gVar.f9002d != null) {
                spannableStringBuilder.clear();
                a(spannableStringBuilder, R.string.account_setup_view_ssl_new, gVar.f9002d);
                textView2.setText(spannableStringBuilder);
                textView2.setVisibility(0);
            } else {
                textView2.setVisibility(8);
            }
            if (this.a.f8991e) {
                ?? findViewById = checkable.findViewById(R.id.cert_check);
                findViewById.setVisibility(0);
                ((Checkable) findViewById).setChecked(gVar.f9005g);
                checkable.setChecked(gVar.f9005g);
            } else {
                checkable.setBackgroundDrawable(null);
            }
            checkable.setTag(gVar);
            return checkable;
        }
    }

    /* loaded from: classes3.dex */
    static class e extends AlertDialog implements DialogInterface.OnClickListener, AdapterView.OnItemClickListener {
        private m a;
        private MailAccountSslInfo b;

        /* renamed from: c, reason: collision with root package name */
        private Set<MailAccountSslInfo.SslServerName> f8989c;

        /* renamed from: d, reason: collision with root package name */
        private c f8990d;

        /* renamed from: e, reason: collision with root package name */
        private boolean f8991e;

        /* renamed from: f, reason: collision with root package name */
        private Context f8992f;

        /* renamed from: g, reason: collision with root package name */
        private LayoutInflater f8993g;

        /* renamed from: h, reason: collision with root package name */
        private ListView f8994h;
        private List<g> j;
        private Button k;
        private AsyncDataLoader<h> l;

        e(Context context, m mVar, MailAccountSslInfo mailAccountSslInfo, Set<MailAccountSslInfo.SslServerName> set, c cVar) {
            super(context);
            this.l = AsyncDataLoader.newLoader();
            this.a = mVar;
            this.b = mailAccountSslInfo;
            this.f8989c = set;
            this.f8990d = cVar;
            this.f8991e = this.f8990d != null;
            this.f8992f = h2.f(context);
            this.f8993g = LayoutInflater.from(this.f8992f);
        }

        void a(List<g> list) {
            if (this.f8991e && this.f8994h.getAdapter() == null) {
                this.f8994h.addHeaderView(this.f8993g.inflate(R.layout.view_ssl_dialog_header, (ViewGroup) this.f8994h, false));
            }
            this.j = list;
            this.f8994h.setAdapter((ListAdapter) new d(this, list));
        }

        @Override // android.app.Dialog, android.content.DialogInterface
        public void dismiss() {
            super.dismiss();
            AsyncDataLoader<h> asyncDataLoader = this.l;
            if (asyncDataLoader != null) {
                asyncDataLoader.cleanup();
                this.l = null;
            }
        }

        @Override // android.content.DialogInterface.OnClickListener
        public void onClick(DialogInterface dialogInterface, int i) {
            if (i == -1 && this.f8990d != null) {
                Set d2 = org.kman.Compat.util.e.d();
                for (g gVar : this.j) {
                    if (gVar.f9005g) {
                        d2.add(new a(gVar.b, gVar.f9003e, gVar.f9004f));
                    }
                }
                if (d2.size() != 0) {
                    this.f8990d.a(this.b, d2);
                }
                this.f8990d = null;
            }
            dialogInterface.dismiss();
        }

        @Override // android.app.AlertDialog, android.app.Dialog
        protected void onCreate(Bundle bundle) {
            setTitle(R.string.account_setup_view_ssl_certs);
            setInverseBackgroundForced(true);
            View inflate = this.f8993g.inflate(R.layout.view_ssl_dialog_content, (ViewGroup) null);
            ListView listView = (ListView) inflate.findViewById(android.R.id.list);
            setView(inflate);
            this.f8994h = listView;
            this.l = AsyncDataLoader.newLoader();
            this.l.submit(new h(this, this.a, this.b, this.f8989c, this.f8991e), hashCode());
            Context context = getContext();
            if (this.f8991e) {
                setButton(-1, context.getString(R.string.confirm), this);
                setButton(-2, context.getString(R.string.cancel), this);
            } else {
                setButton(-3, context.getString(R.string.close), this);
            }
            super.onCreate(bundle);
            if (this.f8991e) {
                this.f8994h.setOnItemClickListener(this);
                this.k = getButton(-1);
                this.k.setEnabled(false);
            }
        }

        /* JADX WARN: Multi-variable type inference failed */
        @Override // android.widget.AdapterView.OnItemClickListener
        public void onItemClick(AdapterView<?> adapterView, View view, int i, long j) {
            Object tag = view.getTag();
            if (tag instanceof g) {
                g gVar = (g) tag;
                if (gVar.f9005g) {
                    boolean z = false;
                    gVar.f9005g = false;
                    Iterator<g> it = this.j.iterator();
                    while (true) {
                        if (!it.hasNext()) {
                            break;
                        } else if (it.next().f9005g) {
                            z = true;
                            break;
                        }
                    }
                    this.k.setEnabled(z);
                } else {
                    gVar.f9005g = true;
                    this.k.setEnabled(true);
                }
                if (view instanceof Checkable) {
                    ((Checkable) view).setChecked(gVar.f9005g);
                    ((Checkable) view.findViewById(R.id.cert_check)).setChecked(gVar.f9005g);
                }
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes3.dex */
    public static class f {
        Principal a;
        String b;

        /* renamed from: c, reason: collision with root package name */
        Principal f8995c;

        /* renamed from: d, reason: collision with root package name */
        String f8996d;

        /* renamed from: e, reason: collision with root package name */
        Date f8997e;

        /* renamed from: f, reason: collision with root package name */
        Date f8998f;

        /* renamed from: g, reason: collision with root package name */
        String f8999g;

        /* renamed from: h, reason: collision with root package name */
        String f9000h;
        String i;

        f() {
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes3.dex */
    public static class g implements Comparable<g> {
        long a;
        MailAccountSslInfo.SslServerName b;

        /* renamed from: c, reason: collision with root package name */
        f f9001c;

        /* renamed from: d, reason: collision with root package name */
        f f9002d;

        /* renamed from: e, reason: collision with root package name */
        String f9003e;

        /* renamed from: f, reason: collision with root package name */
        String f9004f;

        /* renamed from: g, reason: collision with root package name */
        boolean f9005g;

        g() {
        }

        @Override // java.lang.Comparable
        /* renamed from: a, reason: merged with bridge method [inline-methods] */
        public int compareTo(@j0 g gVar) {
            return this.b.compareTo(gVar.b);
        }
    }

    /* loaded from: classes3.dex */
    static class h implements AsyncDataLoader.LoadItem {
        private final e a;
        private final m b;

        /* renamed from: c, reason: collision with root package name */
        private final MailAccountSslInfo f9006c;

        /* renamed from: d, reason: collision with root package name */
        private final Set<MailAccountSslInfo.SslServerName> f9007d;

        /* renamed from: e, reason: collision with root package name */
        private final boolean f9008e;

        /* renamed from: f, reason: collision with root package name */
        private List<g> f9009f;

        /* renamed from: g, reason: collision with root package name */
        private MessageDigest f9010g;

        /* renamed from: h, reason: collision with root package name */
        private MessageDigest f9011h;

        h(e eVar, m mVar, MailAccountSslInfo mailAccountSslInfo, Set<MailAccountSslInfo.SslServerName> set, boolean z) {
            this.a = eVar;
            this.b = mVar;
            this.f9006c = mailAccountSslInfo;
            this.f9007d = org.kman.Compat.util.e.a((Set) set);
            this.f9008e = z;
        }

        private String a(byte[] bArr, MessageDigest messageDigest) {
            if (messageDigest == null) {
                return null;
            }
            messageDigest.reset();
            messageDigest.update(bArr);
            byte[] digest = messageDigest.digest();
            String a = m0.a(digest, 0, digest.length, ':');
            int length = a.length();
            if (length == 47) {
                return a.substring(0, 23) + " - " + a.substring(24);
            }
            if (length != 59) {
                return a;
            }
            return a.substring(0, 29) + " - " + a.substring(30);
        }

        private f a(m mVar, MailAccountSslInfo mailAccountSslInfo, MailAccountSslInfo.SslServerName sslServerName, String str) {
            X509Certificate b;
            synchronized (mVar.f8980c) {
                b = mVar.b(mailAccountSslInfo, sslServerName, str);
            }
            if (b == null) {
                return null;
            }
            f fVar = new f();
            fVar.a = b.getSubjectX500Principal();
            Principal principal = fVar.a;
            if (principal != null) {
                fVar.b = principal.toString();
            }
            fVar.f8995c = b.getIssuerX500Principal();
            Principal principal2 = fVar.f8995c;
            if (principal2 != null) {
                fVar.f8996d = principal2.toString();
            }
            fVar.f8997e = b.getNotBefore();
            fVar.f8998f = b.getNotAfter();
            try {
                byte[] encoded = b.getEncoded();
                fVar.f8999g = a(encoded, this.f9010g);
                fVar.f9000h = a(encoded, this.f9011h);
                fVar.i = m.b(encoded);
            } catch (CertificateEncodingException e2) {
                org.kman.Compat.util.i.b(m.TAG, e2);
            }
            return fVar;
        }

        @Override // org.kman.AquaMail.data.AsyncDataLoader.LoadItem
        public void close() {
        }

        @Override // org.kman.AquaMail.data.AsyncDataLoader.LoadItem
        public void deliver() {
            e eVar;
            if (this.f9009f == null || (eVar = this.a) == null || !eVar.isShowing()) {
                return;
            }
            this.a.a(this.f9009f);
        }

        @Override // org.kman.AquaMail.data.AsyncDataLoader.LoadItem
        public void load() {
            m mVar = this.b;
            MailAccountSslInfo mailAccountSslInfo = this.f9006c;
            Set<MailAccountSslInfo.SslServerName> set = this.f9007d;
            try {
                this.f9010g = MessageDigest.getInstance("MD5");
            } catch (Exception e2) {
                org.kman.Compat.util.i.b(m.TAG, e2);
            }
            try {
                this.f9011h = MessageDigest.getInstance(m.HASH_SHA1);
            } catch (Exception e3) {
                org.kman.Compat.util.i.b(m.TAG, e3);
            }
            long j = 0;
            for (MailAccountSslInfo.SslServerName sslServerName : set) {
                g gVar = new g();
                j++;
                gVar.a = j;
                gVar.b = sslServerName;
                if (this.f9008e) {
                    gVar.f9001c = a(mVar, mailAccountSslInfo, sslServerName, null);
                    gVar.f9002d = a(mVar, mailAccountSslInfo, sslServerName, "new");
                    f fVar = gVar.f9001c;
                    if (fVar != null) {
                        gVar.f9003e = fVar.i;
                    }
                    f fVar2 = gVar.f9002d;
                    if (fVar2 != null) {
                        gVar.f9004f = fVar2.i;
                    }
                } else {
                    gVar.f9002d = a(mVar, mailAccountSslInfo, sslServerName, null);
                }
                if (this.f9009f == null) {
                    this.f9009f = org.kman.Compat.util.e.a();
                }
                this.f9009f.add(gVar);
            }
            List<g> list = this.f9009f;
            if (list != null) {
                Collections.sort(list);
            }
        }
    }

    private m(Context context) {
        this.a = context.getApplicationContext();
        this.b = new File(this.a.getFilesDir(), CERT_DIR);
        if (!this.b.exists()) {
            this.b.mkdirs();
        }
        this.f8980c = new Object();
        this.f8981d = new org.kman.Compat.util.android.c<>(8);
        this.f8982e = new org.kman.Compat.util.android.c<>(8);
    }

    private File a(MailAccountSslInfo.SslServerName sslServerName, long j, String str) {
        return new File(this.b, sslServerName.a(j, str));
    }

    private static String a(X509Certificate x509Certificate) {
        try {
            return b(x509Certificate.getEncoded());
        } catch (CertificateEncodingException e2) {
            org.kman.Compat.util.i.b(TAG, e2);
            return null;
        }
    }

    private X509Certificate a(X509Certificate x509Certificate, Certificate[] certificateArr) {
        X500Principal issuerX500Principal = x509Certificate.getIssuerX500Principal();
        if (issuerX500Principal != null) {
            for (int i2 = 1; i2 < certificateArr.length; i2++) {
                if (certificateArr[i2] instanceof X509Certificate) {
                    X509Certificate x509Certificate2 = (X509Certificate) certificateArr[i2];
                    if (x509Certificate2.getSubjectX500Principal().equals(issuerX500Principal)) {
                        org.kman.Compat.util.i.a(TAG, "Found certificate for issuer %s", issuerX500Principal);
                        Set singleton = Collections.singleton(new TrustAnchor(x509Certificate2, null));
                        try {
                            CertPathValidator certPathValidator = CertPathValidator.getInstance("PKIX");
                            PKIXParameters pKIXParameters = new PKIXParameters((Set<TrustAnchor>) singleton);
                            pKIXParameters.setRevocationEnabled(false);
                            if (this.f8983f == null) {
                                this.f8983f = CertificateFactory.getInstance("X.509");
                            }
                            certPathValidator.validate(this.f8983f.generateCertPath(Collections.singletonList(x509Certificate)), pKIXParameters);
                            return x509Certificate2;
                        } catch (Exception e2) {
                            org.kman.Compat.util.i.b(TAG, "Error validating issuer certificate", e2);
                            return null;
                        }
                    }
                }
            }
        }
        return null;
    }

    private b a(String str) {
        FileInputStream fileInputStream;
        b b2 = this.f8982e.b((org.kman.Compat.util.android.c<String, b>) str);
        if (b2 != null) {
            org.kman.Compat.util.i.a(TAG, "Got accepted set from cache %s", str);
            return b2;
        }
        File file = new File(this.b, str);
        org.kman.Compat.util.i.a(TAG, "Loading accepted set from %s", str);
        try {
            try {
                fileInputStream = new FileInputStream(file);
                try {
                    b bVar = new b();
                    bVar.a(fileInputStream);
                    this.f8982e.a(str, bVar);
                    t.a((InputStream) fileInputStream);
                    return bVar;
                } catch (IOException e2) {
                    e = e2;
                    org.kman.Compat.util.i.a(TAG, "Error loading accepted set: %s", (Object) e);
                    t.a((InputStream) fileInputStream);
                    return null;
                }
            } catch (Throwable th) {
                th = th;
                t.a((InputStream) null);
                throw th;
            }
        } catch (IOException e3) {
            e = e3;
            fileInputStream = null;
        } catch (Throwable th2) {
            th = th2;
            t.a((InputStream) null);
            throw th;
        }
    }

    public static m a(Context context) {
        m mVar;
        synchronized (m.class) {
            try {
                if (f8979h == null) {
                    f8979h = new m(context);
                }
                mVar = f8979h;
            } catch (Throwable th) {
                throw th;
            }
        }
        return mVar;
    }

    private void a(String str, File file) {
        if (file.exists()) {
            org.kman.Compat.util.i.a(TAG, "Deleting %s %s", str, file.getName());
            file.delete();
        }
    }

    private void a(String str, File file, File file2) {
        file2.delete();
        if (file.exists()) {
            org.kman.Compat.util.i.a(TAG, "Moving %s %s to %s", str, file.getName(), file2.getName());
            org.kman.Compat.util.i.a(TAG, "Moving %s worked: %b", str, Boolean.valueOf(file.renameTo(file2)));
        }
    }

    private void a(MailAccountSslInfo.SslServerName sslServerName, String str, b bVar) {
        FileOutputStream fileOutputStream;
        Throwable th;
        IOException e2;
        File file = new File(this.b, str);
        org.kman.Compat.util.i.a(TAG, "Saving accepted set for %s to %s", sslServerName.a(), str);
        this.f8982e.c(str);
        file.delete();
        try {
            fileOutputStream = new FileOutputStream(file);
            try {
                try {
                    bVar.a(fileOutputStream);
                    fileOutputStream.flush();
                    this.f8982e.a(str, bVar);
                } catch (IOException e3) {
                    e2 = e3;
                    org.kman.Compat.util.i.b(TAG, "Error writing accepted set", e2);
                    t.a((OutputStream) fileOutputStream);
                }
            } catch (Throwable th2) {
                th = th2;
                t.a((OutputStream) fileOutputStream);
                throw th;
            }
        } catch (IOException e4) {
            fileOutputStream = null;
            e2 = e4;
        } catch (Throwable th3) {
            fileOutputStream = null;
            th = th3;
            t.a((OutputStream) fileOutputStream);
            throw th;
        }
        t.a((OutputStream) fileOutputStream);
    }

    private void a(MailAccountSslInfo mailAccountSslInfo, MailAccountSslInfo.SslServerName sslServerName, String str) {
        String a2 = sslServerName.a(mailAccountSslInfo.getSslStorageKey(), str);
        File file = new File(this.b, a2);
        this.f8981d.c(a2);
        if (file.delete()) {
            org.kman.Compat.util.i.a(TAG, "Deleted certificate in %s", a2);
        }
    }

    private void a(MailAccountSslInfo mailAccountSslInfo, MailAccountSslInfo.SslServerName sslServerName, X509Certificate x509Certificate, String str) {
        FileOutputStream fileOutputStream;
        String a2 = sslServerName.a(mailAccountSslInfo.getSslStorageKey(), str);
        File file = new File(this.b, a2);
        org.kman.Compat.util.i.a(TAG, "Saving certificate for %s to %s", sslServerName.a(), a2);
        this.f8981d.c(a2);
        file.delete();
        if (x509Certificate != null) {
            try {
                byte[] encoded = x509Certificate.getEncoded();
                FileOutputStream fileOutputStream2 = null;
                try {
                    try {
                        fileOutputStream = new FileOutputStream(file);
                    } catch (IOException e2) {
                        e = e2;
                    }
                } catch (Throwable th) {
                    th = th;
                }
                try {
                    fileOutputStream.write(encoded);
                    fileOutputStream.flush();
                    t.a((OutputStream) fileOutputStream);
                    this.f8981d.a(a2, x509Certificate);
                    org.kman.Compat.util.i.a(TAG, "Saved certificate for %s to %s", sslServerName.a(), a2);
                } catch (IOException e3) {
                    e = e3;
                    fileOutputStream2 = fileOutputStream;
                    org.kman.Compat.util.i.b(TAG, "Error writing certificate bytes", e);
                    t.a((OutputStream) fileOutputStream2);
                } catch (Throwable th2) {
                    th = th2;
                    fileOutputStream2 = fileOutputStream;
                    t.a((OutputStream) fileOutputStream2);
                    throw th;
                }
            } catch (CertificateEncodingException e4) {
                org.kman.Compat.util.i.b(TAG, "Error getting certificate bytes", e4);
            }
        } else {
            org.kman.Compat.util.i.a(TAG, "Certificate for %s is null, nothing to save", sslServerName.a());
        }
    }

    private static SharedPreferences b(Context context) {
        if (i == null) {
            i = PreferenceManager.getDefaultSharedPreferences(context.getApplicationContext());
        }
        return i;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static String b(byte[] bArr) {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance(HASH_SHA1);
            if (messageDigest != null) {
                messageDigest.reset();
                messageDigest.update(bArr);
                return m0.b(messageDigest.digest());
            }
        } catch (NoSuchAlgorithmException e2) {
            org.kman.Compat.util.i.b(TAG, e2);
        }
        return null;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public X509Certificate b(MailAccountSslInfo mailAccountSslInfo, MailAccountSslInfo.SslServerName sslServerName, String str) {
        FileInputStream fileInputStream;
        String a2 = sslServerName.a(mailAccountSslInfo.getSslStorageKey(), str);
        File file = new File(this.b, a2);
        X509Certificate b2 = this.f8981d.b((org.kman.Compat.util.android.c<String, X509Certificate>) a2);
        if (b2 != null) {
            org.kman.Compat.util.i.a(TAG, "Got certificate from cache %s", a2);
            return b2;
        }
        org.kman.Compat.util.i.a(TAG, "Loading certificate from %s", a2);
        try {
            try {
                fileInputStream = new FileInputStream(file);
                try {
                    if (this.f8983f == null) {
                        this.f8983f = CertificateFactory.getInstance("X.509");
                    }
                    Certificate generateCertificate = this.f8983f.generateCertificate(fileInputStream);
                    if (generateCertificate instanceof X509Certificate) {
                        X509Certificate x509Certificate = (X509Certificate) generateCertificate;
                        this.f8981d.a(a2, x509Certificate);
                        t.a((InputStream) fileInputStream);
                        return x509Certificate;
                    }
                } catch (IOException e2) {
                    e = e2;
                    org.kman.Compat.util.i.a(TAG, "Error loading certificate: %s", (Object) e);
                    t.a((InputStream) fileInputStream);
                    return null;
                } catch (CertificateException e3) {
                    e = e3;
                    org.kman.Compat.util.i.b(TAG, "Error loading certificate", e);
                    this.f8983f = null;
                    t.a((InputStream) fileInputStream);
                    return null;
                }
            } catch (Throwable th) {
                th = th;
                t.a((InputStream) null);
                throw th;
            }
        } catch (IOException e4) {
            e = e4;
            fileInputStream = null;
        } catch (CertificateException e5) {
            e = e5;
            fileInputStream = null;
        } catch (Throwable th2) {
            th = th2;
            t.a((InputStream) null);
            throw th;
        }
        t.a((InputStream) fileInputStream);
        return null;
    }

    private boolean b(X509Certificate x509Certificate) {
        byte[] signature = x509Certificate.getSignature();
        if (signature != null) {
            org.kman.Compat.util.i.a(TAG, "Issuer cert: %s, signature base64: %s", x509Certificate, s.c(signature));
            for (String str : f8978g) {
                byte[] a2 = s.a(str);
                if (a2 != null && Arrays.equals(a2, signature)) {
                    return true;
                }
            }
        }
        return false;
    }

    public static boolean c(Context context) {
        boolean z;
        synchronized (m.class) {
            try {
                z = b(context).getBoolean(Prefs.PREF_NETWORK_SSL_CHECKING_KEY, false);
            } catch (Throwable th) {
                throw th;
            }
        }
        return z;
    }

    public Dialog a(Context context, MailAccountSslInfo mailAccountSslInfo, Set<MailAccountSslInfo.SslServerName> set, DialogInterface.OnDismissListener onDismissListener, c cVar) {
        e eVar = new e(context, this, mailAccountSslInfo, set, cVar);
        eVar.setOnDismissListener(onDismissListener);
        return eVar;
    }

    /* JADX WARN: Finally extract failed */
    public void a(Context context, MailAccountSslInfo mailAccountSslInfo, SSLSocket sSLSocket, Endpoint endpoint) throws SSLException {
        b a2;
        try {
            Certificate[] peerCertificates = sSLSocket.getSession().getPeerCertificates();
            if (peerCertificates == null || peerCertificates.length == 0 || !(peerCertificates[0] instanceof X509Certificate)) {
                return;
            }
            X509Certificate x509Certificate = (X509Certificate) peerCertificates[0];
            if (org.kman.Compat.util.i.q()) {
                org.kman.Compat.util.i.a(TAG, "Certificate for %s: subject: %s, issuer: %s", endpoint, x509Certificate.getSubjectDN(), x509Certificate.getIssuerDN());
            }
            MailAccountSslInfo.SslServerName sslServerName = new MailAccountSslInfo.SslServerName(endpoint.a, endpoint.b);
            if (mailAccountSslInfo.isCheckingAccount()) {
                synchronized (this.f8980c) {
                    try {
                        a(mailAccountSslInfo, sslServerName, x509Certificate, SUFFIX_CERT);
                    } catch (Throwable th) {
                        throw th;
                    }
                }
                mailAccountSslInfo.addCheckingSslInfo(sslServerName);
                return;
            }
            synchronized (this.f8980c) {
                try {
                    X509Certificate b2 = b(mailAccountSslInfo, sslServerName, SUFFIX_CERT);
                    if (b2 == null) {
                        org.kman.Compat.util.i.a(TAG, "There is no certificate for %s yet", endpoint);
                        a(mailAccountSslInfo, sslServerName, x509Certificate, SUFFIX_CERT);
                        return;
                    }
                    if (b2.equals(x509Certificate)) {
                        org.kman.Compat.util.i.a(TAG, "Certificate for %s matches existing", endpoint);
                        mailAccountSslInfo.removeErrorSslInfo(sslServerName);
                        a(mailAccountSslInfo, sslServerName, "new");
                        return;
                    }
                    String a3 = a(x509Certificate);
                    if (a3 != null && (a2 = a(sslServerName.a(mailAccountSslInfo.getSslStorageKey(), SUFFIX_ACCEPTED))) != null && a2.b(a3)) {
                        org.kman.Compat.util.i.a(TAG, "Certificate for %s was accepted before", endpoint);
                        mailAccountSslInfo.removeErrorSslInfo(sslServerName);
                        a(mailAccountSslInfo, sslServerName, "new");
                        a(mailAccountSslInfo, sslServerName, x509Certificate, SUFFIX_CERT);
                        return;
                    }
                    X509Certificate a4 = a(x509Certificate, peerCertificates);
                    if (a4 == null || !b(a4)) {
                        mailAccountSslInfo.addErrorSslInfo(sslServerName);
                        a(mailAccountSslInfo, sslServerName, x509Certificate, "new");
                        throw new SSLCertificateChangeException(String.format(Locale.US, "Certificate change for %s", endpoint));
                    }
                    org.kman.Compat.util.i.b(TAG, "This cert is from a special issuer");
                    mailAccountSslInfo.removeErrorSslInfo(sslServerName);
                    a(mailAccountSslInfo, sslServerName, "new");
                    a(mailAccountSslInfo, sslServerName, x509Certificate, SUFFIX_CERT);
                } catch (Throwable th2) {
                    throw th2;
                }
            }
        } catch (SSLPeerUnverifiedException e2) {
            org.kman.Compat.util.i.b(TAG, "No peer certificate, assuming _anon_ cipher", e2);
        }
    }

    public void a(MailAccountSslInfo mailAccountSslInfo) {
        final String a2 = MailAccountSslInfo.SslServerName.a(mailAccountSslInfo.getSslStorageKey());
        File[] listFiles = this.b.listFiles(new FileFilter() { // from class: org.kman.AquaMail.net.d
            @Override // java.io.FileFilter
            public final boolean accept(File file) {
                boolean startsWith;
                startsWith = file.getName().startsWith(a2);
                return startsWith;
            }
        });
        if (listFiles != null) {
            for (File file : listFiles) {
                org.kman.Compat.util.i.a(TAG, "Deleting %s", file.getName());
                file.delete();
            }
        }
        synchronized (this.f8980c) {
            try {
                this.f8981d.a();
            } catch (Throwable th) {
                throw th;
            }
        }
    }

    public void a(MailAccountSslInfo mailAccountSslInfo, MailAccountSslInfo mailAccountSslInfo2) {
        Set<MailAccountSslInfo.SslServerName> checkingSslInfo = mailAccountSslInfo.getCheckingSslInfo();
        if (checkingSslInfo != null) {
            for (MailAccountSslInfo.SslServerName sslServerName : checkingSslInfo) {
                File a2 = a(sslServerName, mailAccountSslInfo.getSslStorageKey(), SUFFIX_CERT);
                long sslStorageKey = mailAccountSslInfo2.getSslStorageKey();
                File a3 = a(sslServerName, sslStorageKey, SUFFIX_CERT);
                File a4 = a(sslServerName, sslStorageKey, "new");
                File file = new File(this.b, sslServerName.a(sslStorageKey, SUFFIX_ACCEPTED));
                synchronized (this.f8980c) {
                    a("checking->curr", a2, a3);
                    a("new", a4);
                    file.delete();
                    this.f8981d.a();
                    this.f8982e.a();
                }
            }
        }
    }

    public boolean a(MailAccountSslInfo mailAccountSslInfo, Collection<a> collection) {
        boolean z = false;
        for (a aVar : collection) {
            MailAccountSslInfo.SslServerName sslServerName = aVar.a;
            z |= mailAccountSslInfo.removeErrorSslInfo(sslServerName);
            long sslStorageKey = mailAccountSslInfo.getSslStorageKey();
            File a2 = a(sslServerName, sslStorageKey, SUFFIX_CERT);
            File a3 = a(sslServerName, sslStorageKey, "new");
            String a4 = sslServerName.a(sslStorageKey, SUFFIX_ACCEPTED);
            synchronized (this.f8980c) {
                a("new->curr", a3, a2);
                this.f8981d.a();
                if (aVar.b != null || aVar.f8984c != null) {
                    b a5 = a(a4);
                    if (a5 == null) {
                        a5 = new b();
                    }
                    boolean z2 = true;
                    boolean z3 = aVar.b != null && a5.a(aVar.b);
                    if (aVar.f8984c == null || !a5.a(aVar.f8984c)) {
                        z2 = false;
                    }
                    if (z3 || z2) {
                        a(sslServerName, a4, a5);
                    }
                }
            }
        }
        return z;
    }
}
