package org.kman.AquaMail.net;

import android.app.AlertDialog;
import android.app.Dialog;
import android.content.Context;
import android.content.DialogInterface;
import android.content.SharedPreferences;
import android.os.Bundle;
import android.preference.PreferenceManager;
import android.text.SpannableStringBuilder;
import android.text.format.DateUtils;
import android.text.style.StyleSpan;
import android.text.style.TextAppearanceSpan;
import android.util.TypedValue;
import android.view.LayoutInflater;
import android.view.View;
import android.view.ViewGroup;
import android.widget.AdapterView;
import android.widget.BaseAdapter;
import android.widget.Button;
import android.widget.Checkable;
import android.widget.ListAdapter;
import android.widget.ListView;
import android.widget.TextView;
import java.io.BufferedInputStream;
import java.io.BufferedOutputStream;
import java.io.DataInputStream;
import java.io.DataOutputStream;
import java.io.EOFException;
import java.io.File;
import java.io.FileFilter;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.security.cert.CertPathValidator;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.PKIXParameters;
import java.security.cert.TrustAnchor;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.Date;
import java.util.Iterator;
import java.util.List;
import java.util.Locale;
import java.util.Set;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLPeerUnverifiedException;
import javax.net.ssl.SSLSocket;
import javax.security.auth.x500.X500Principal;
import org.kman.AquaMail.R;
import org.kman.AquaMail.coredefs.MailAccountSslInfo;
import org.kman.AquaMail.coredefs.SSLCertificateChangeException;
import org.kman.AquaMail.data.AsyncDataLoader;
import org.kman.AquaMail.h.s;
import org.kman.AquaMail.util.Prefs;
import org.kman.AquaMail.util.be;
import org.kman.AquaMail.util.p;

/* loaded from: classes.dex */
public class h {
    private static final String CERT_DIR = "certs";
    private static final String HASH_MD5 = "MD5";
    private static final String HASH_SHA1 = "SHA1";
    private static final String SUFFIX_ACCEPTED = "accepted";
    private static final String SUFFIX_CERT = null;
    private static final String SUFFIX_CERT_NEW = "new";
    private static final String TAG = "SSLCertificateChecker";

    /* renamed from: a, reason: collision with root package name */
    private static final String[] f3218a = {"yknlrNdkZHdbvnH6z/QeI8eaaWNUX+tM1hkoI2RmjhzHh4BkXwSLJq+Y3wpwvLwZPe57M6l/vfQF1HC7BSZ56prHmLkHGWU0zDzpP8UB+m8Mftt6cFxM/i0A8Mq+LY60qID7AROIy5w/5bt3yjpnNvPO1ScCckOgvW4C8UcFcT4BWekRnhrzhA+ApqJ4NS+2x6J/F3zhi1au7meIUScwYKViUsM31TvqhSoBOIeiz3CtpHrJxOfKxdq8IzLy/hjCe+DfOy/U0BDmlkz7RLchZA25AJQwEiaHWJg5BTgPzIJIDApHZu6/tF/E/3Co4X+LeSu4ZTKjubcx6Qr19h8y3A==", "HLeJluRT7bvs26gyAZ8so81trUISd7O45skDUmAge1cnxhG1P2cNmSxbWsoiCt2eux9LSD+PAj2LIYRFHW31/6xoic1k4tbWXkDCjir37xTTNqRAMPUyFRWSdvt+nlPqwnb8Oa2I/maSJukcxDjNSfpDh/Bd1lZNgdd/8cLdsE3+wypufJ9uXO1iQpnh9zbuFIwsIONGl1p3A8CgxkqI/UAih3JaGOqcpcdaCIzkBaR9uYQ1X4k2Vg5APRLouzVy7a8IVk6wuy6pm+T7HT4LY8ibS5FEZlfAFLSW8NwsVz9SBK2Vqn1N0PIMn5xA6NZVc7o835DLAFshEWfC7TIe3g=="};
    private static h h;
    private static SharedPreferences i;
    private final Context b;
    private final File c;
    private final Object d;
    private final org.kman.Compat.util.android.c<String, X509Certificate> e;
    private final org.kman.Compat.util.android.c<String, b> f;
    private CertificateFactory g;

    /* loaded from: classes.dex */
    public static class a {

        /* renamed from: a, reason: collision with root package name */
        final MailAccountSslInfo.SslServerName f3219a;
        final String b;
        final String c;

        a(MailAccountSslInfo.SslServerName sslServerName, String str, String str2) {
            this.f3219a = sslServerName;
            this.b = str;
            this.c = str2;
        }

        public boolean equals(Object obj) {
            if (obj instanceof a) {
                return this.f3219a.equals(((a) obj).f3219a);
            }
            return false;
        }

        public int hashCode() {
            return this.f3219a.hashCode();
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public static class b {
        private static final int SIGNATURE_V1 = 436284168;

        /* renamed from: a, reason: collision with root package name */
        private final Set<String> f3220a = org.kman.Compat.util.e.c();

        b() {
        }

        void a(InputStream inputStream) throws IOException {
            BufferedInputStream bufferedInputStream = new BufferedInputStream(inputStream, 16384);
            try {
                DataInputStream dataInputStream = new DataInputStream(bufferedInputStream);
                try {
                    if (dataInputStream.readInt() != SIGNATURE_V1) {
                        throw new EOFException("Invalid data signature");
                    }
                    int readInt = dataInputStream.readInt();
                    for (int i = 0; i < readInt; i++) {
                        this.f3220a.add(dataInputStream.readUTF());
                    }
                } finally {
                    s.a(dataInputStream);
                }
            } finally {
                s.a(bufferedInputStream);
            }
        }

        void a(OutputStream outputStream) throws IOException {
            BufferedOutputStream bufferedOutputStream = new BufferedOutputStream(outputStream, 16384);
            try {
                DataOutputStream dataOutputStream = new DataOutputStream(bufferedOutputStream);
                try {
                    dataOutputStream.writeInt(SIGNATURE_V1);
                    dataOutputStream.writeInt(this.f3220a.size());
                    Iterator<String> it = this.f3220a.iterator();
                    while (it.hasNext()) {
                        dataOutputStream.writeUTF(it.next());
                    }
                } finally {
                    s.a(dataOutputStream);
                }
            } finally {
                s.a(bufferedOutputStream);
            }
        }

        boolean a(String str) {
            return this.f3220a.add(str);
        }

        boolean b(String str) {
            return this.f3220a.contains(str);
        }
    }

    /* loaded from: classes.dex */
    public interface c {
        void onSslAcceptedCertificates(MailAccountSslInfo mailAccountSslInfo, Collection<a> collection);
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes.dex */
    public static class d extends BaseAdapter {

        /* renamed from: a, reason: collision with root package name */
        private e f3221a;
        private Context b;
        private LayoutInflater c;
        private List<g> d;
        private SpannableStringBuilder e;
        private int f;

        d(e eVar, List<g> list) {
            this.f3221a = eVar;
            this.b = eVar.f;
            this.c = eVar.g;
            this.d = list;
            this.f = (int) TypedValue.applyDimension(2, 16.0f, this.b.getResources().getDisplayMetrics());
        }

        private void a(SpannableStringBuilder spannableStringBuilder, int i) {
            if (spannableStringBuilder.length() != 0) {
                spannableStringBuilder.append("\n");
            }
            int length = spannableStringBuilder.length();
            spannableStringBuilder.append(this.b.getText(i));
            spannableStringBuilder.setSpan(new TextAppearanceSpan(null, 1, this.f, null, null), length, spannableStringBuilder.length(), 33);
        }

        private void a(SpannableStringBuilder spannableStringBuilder, int i, Date date) {
            a(spannableStringBuilder, i, true, DateUtils.formatDateTime(this.b, date.getTime(), 524309));
        }

        private void a(SpannableStringBuilder spannableStringBuilder, int i, f fVar) {
            a(spannableStringBuilder, i);
            if (fVar.b != null) {
                a(spannableStringBuilder, R.string.account_setup_view_ssl_subject, false, fVar.b);
            }
            if (fVar.d != null) {
                a(spannableStringBuilder, R.string.account_setup_view_ssl_issuer, false, fVar.d);
            }
            if (fVar.e != null) {
                a(spannableStringBuilder, R.string.account_setup_view_ssl_valid_from, fVar.e);
            }
            if (fVar.f != null) {
                a(spannableStringBuilder, R.string.account_setup_view_ssl_valid_until, fVar.f);
            }
            if (fVar.g != null) {
                a(spannableStringBuilder, h.HASH_MD5, false, fVar.g);
            }
            if (fVar.h != null) {
                a(spannableStringBuilder, h.HASH_SHA1, false, fVar.h);
            }
        }

        private void a(SpannableStringBuilder spannableStringBuilder, int i, boolean z, String str) {
            a(spannableStringBuilder, this.b.getString(i), z, str);
        }

        private void a(SpannableStringBuilder spannableStringBuilder, String str, boolean z, String str2) {
            if (spannableStringBuilder.length() != 0) {
                spannableStringBuilder.append("\n");
            }
            int length = spannableStringBuilder.length();
            spannableStringBuilder.append((CharSequence) str);
            spannableStringBuilder.setSpan(new StyleSpan(1), length, spannableStringBuilder.length(), 33);
            if (z) {
                spannableStringBuilder.append(": ");
            } else {
                spannableStringBuilder.append(":\n");
            }
            spannableStringBuilder.append((CharSequence) str2);
        }

        @Override // android.widget.Adapter
        public int getCount() {
            return this.d.size();
        }

        @Override // android.widget.Adapter
        public Object getItem(int i) {
            return this.d.get(i);
        }

        @Override // android.widget.Adapter
        public long getItemId(int i) {
            return this.d.get(i).f3224a;
        }

        /* JADX WARN: Multi-variable type inference failed */
        /* JADX WARN: Type inference failed for: r7v1, types: [android.view.View] */
        /* JADX WARN: Type inference failed for: r7v4 */
        /* JADX WARN: Type inference failed for: r7v5 */
        /* JADX WARN: Type inference failed for: r8v11, types: [android.view.View] */
        @Override // android.widget.Adapter
        public View getView(int i, View view, ViewGroup viewGroup) {
            Checkable checkable = view;
            if (view == null) {
                checkable = this.c.inflate(R.layout.view_ssl_dialog_item, viewGroup, false);
            }
            g gVar = this.d.get(i);
            ((TextView) checkable.findViewById(R.id.cert_name)).setText(gVar.b.a());
            if (this.e == null) {
                this.e = new SpannableStringBuilder();
            }
            SpannableStringBuilder spannableStringBuilder = this.e;
            TextView textView = (TextView) checkable.findViewById(R.id.cert_old);
            if (gVar.c != null) {
                spannableStringBuilder.clear();
                a(spannableStringBuilder, R.string.account_setup_view_ssl_old, gVar.c);
                textView.setText(spannableStringBuilder);
                textView.setVisibility(0);
            } else {
                textView.setVisibility(8);
            }
            TextView textView2 = (TextView) checkable.findViewById(R.id.cert_new);
            if (gVar.d != null) {
                spannableStringBuilder.clear();
                a(spannableStringBuilder, R.string.account_setup_view_ssl_new, gVar.d);
                textView2.setText(spannableStringBuilder);
                textView2.setVisibility(0);
            } else {
                textView2.setVisibility(8);
            }
            if (this.f3221a.e) {
                ?? findViewById = checkable.findViewById(R.id.cert_check);
                findViewById.setVisibility(0);
                ((Checkable) findViewById).setChecked(gVar.g);
                checkable.setChecked(gVar.g);
            } else {
                checkable.setBackgroundDrawable(null);
            }
            checkable.setTag(gVar);
            return checkable;
        }
    }

    /* loaded from: classes.dex */
    static class e extends AlertDialog implements DialogInterface.OnClickListener, AdapterView.OnItemClickListener {

        /* renamed from: a, reason: collision with root package name */
        private h f3222a;
        private MailAccountSslInfo b;
        private Set<MailAccountSslInfo.SslServerName> c;
        private c d;
        private boolean e;
        private Context f;
        private LayoutInflater g;
        private ListView h;
        private List<g> i;
        private Button j;
        private AsyncDataLoader<C0146h> k;

        e(Context context, h hVar, MailAccountSslInfo mailAccountSslInfo, Set<MailAccountSslInfo.SslServerName> set, c cVar) {
            super(context);
            this.k = AsyncDataLoader.newLoader();
            this.f3222a = hVar;
            this.b = mailAccountSslInfo;
            this.c = set;
            this.d = cVar;
            this.e = this.d != null;
            this.f = be.a(context);
            this.g = LayoutInflater.from(this.f);
        }

        void a(List<g> list) {
            if (this.e && this.h.getAdapter() == null) {
                this.h.addHeaderView(this.g.inflate(R.layout.view_ssl_dialog_header, (ViewGroup) this.h, false));
            }
            this.i = list;
            this.h.setAdapter((ListAdapter) new d(this, list));
        }

        @Override // android.app.Dialog, android.content.DialogInterface
        public void dismiss() {
            super.dismiss();
            if (this.k != null) {
                this.k.cleanup();
                this.k = null;
            }
        }

        @Override // android.content.DialogInterface.OnClickListener
        public void onClick(DialogInterface dialogInterface, int i) {
            if (i == -1 && this.d != null) {
                Set c = org.kman.Compat.util.e.c();
                for (g gVar : this.i) {
                    if (gVar.g) {
                        c.add(new a(gVar.b, gVar.e, gVar.f));
                    }
                }
                if (c.size() != 0) {
                    this.d.onSslAcceptedCertificates(this.b, c);
                }
                this.d = null;
            }
            dialogInterface.dismiss();
        }

        @Override // android.app.AlertDialog, android.app.Dialog
        protected void onCreate(Bundle bundle) {
            setTitle(R.string.account_setup_view_ssl_certs);
            setInverseBackgroundForced(true);
            View inflate = this.g.inflate(R.layout.view_ssl_dialog_content, (ViewGroup) null);
            ListView listView = (ListView) inflate.findViewById(android.R.id.list);
            setView(inflate);
            this.h = listView;
            this.k = AsyncDataLoader.newLoader();
            this.k.submit(new C0146h(this, this.f3222a, this.b, this.c, this.e), hashCode());
            Context context = getContext();
            if (this.e) {
                setButton(-1, context.getString(R.string.confirm), this);
                setButton(-2, context.getString(R.string.cancel), this);
            } else {
                setButton(-3, context.getString(R.string.close), this);
            }
            super.onCreate(bundle);
            if (this.e) {
                this.h.setOnItemClickListener(this);
                this.j = getButton(-1);
                this.j.setEnabled(false);
            }
        }

        /* JADX WARN: Multi-variable type inference failed */
        @Override // android.widget.AdapterView.OnItemClickListener
        public void onItemClick(AdapterView<?> adapterView, View view, int i, long j) {
            Object tag = view.getTag();
            if (tag instanceof g) {
                g gVar = (g) tag;
                if (gVar.g) {
                    boolean z = false;
                    gVar.g = false;
                    Iterator<g> it = this.i.iterator();
                    while (true) {
                        if (!it.hasNext()) {
                            break;
                        } else if (it.next().g) {
                            z = true;
                            break;
                        }
                    }
                    this.j.setEnabled(z);
                } else {
                    gVar.g = true;
                    this.j.setEnabled(true);
                }
                if (view instanceof Checkable) {
                    ((Checkable) view).setChecked(gVar.g);
                    ((Checkable) view.findViewById(R.id.cert_check)).setChecked(gVar.g);
                }
            }
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes.dex */
    public static class f {

        /* renamed from: a, reason: collision with root package name */
        Principal f3223a;
        String b;
        Principal c;
        String d;
        Date e;
        Date f;
        String g;
        String h;
        String i;

        f() {
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes.dex */
    public static class g implements Comparable<g> {

        /* renamed from: a, reason: collision with root package name */
        long f3224a;
        MailAccountSslInfo.SslServerName b;
        f c;
        f d;
        String e;
        String f;
        boolean g;

        g() {
        }

        @Override // java.lang.Comparable
        /* renamed from: a, reason: merged with bridge method [inline-methods] */
        public int compareTo(g gVar) {
            return this.b.compareTo(gVar.b);
        }
    }

    /* renamed from: org.kman.AquaMail.net.h$h, reason: collision with other inner class name */
    /* loaded from: classes.dex */
    static class C0146h implements AsyncDataLoader.LoadItem {

        /* renamed from: a, reason: collision with root package name */
        private final e f3225a;
        private final h b;
        private final MailAccountSslInfo c;
        private final Set<MailAccountSslInfo.SslServerName> d;
        private final boolean e;
        private List<g> f;
        private MessageDigest g;
        private MessageDigest h;

        C0146h(e eVar, h hVar, MailAccountSslInfo mailAccountSslInfo, Set<MailAccountSslInfo.SslServerName> set, boolean z) {
            this.f3225a = eVar;
            this.b = hVar;
            this.c = mailAccountSslInfo;
            this.d = org.kman.Compat.util.e.a((Set) set);
            this.e = z;
        }

        private String a(byte[] bArr, MessageDigest messageDigest) {
            if (messageDigest == null) {
                return null;
            }
            messageDigest.reset();
            messageDigest.update(bArr);
            byte[] digest = messageDigest.digest();
            String a2 = p.a(digest, 0, digest.length, ':');
            int length = a2.length();
            if (length == 47) {
                return a2.substring(0, 23) + " - " + a2.substring(24);
            }
            if (length != 59) {
                return a2;
            }
            return a2.substring(0, 29) + " - " + a2.substring(30);
        }

        private f a(h hVar, MailAccountSslInfo mailAccountSslInfo, MailAccountSslInfo.SslServerName sslServerName, String str) {
            X509Certificate a2;
            synchronized (hVar.d) {
                a2 = hVar.a(mailAccountSslInfo, sslServerName, str);
            }
            if (a2 == null) {
                return null;
            }
            f fVar = new f();
            fVar.f3223a = a2.getSubjectX500Principal();
            if (fVar.f3223a != null) {
                fVar.b = fVar.f3223a.toString();
            }
            fVar.c = a2.getIssuerX500Principal();
            if (fVar.c != null) {
                fVar.d = fVar.c.toString();
            }
            fVar.e = a2.getNotBefore();
            fVar.f = a2.getNotAfter();
            try {
                byte[] encoded = a2.getEncoded();
                fVar.g = a(encoded, this.g);
                fVar.h = a(encoded, this.h);
                fVar.i = h.b(encoded);
            } catch (CertificateEncodingException e) {
                org.kman.Compat.util.i.a(h.TAG, e);
            }
            return fVar;
        }

        @Override // org.kman.AquaMail.data.AsyncDataLoader.LoadItem
        public void close() {
        }

        @Override // org.kman.AquaMail.data.AsyncDataLoader.LoadItem
        public void deliver() {
            if (this.f == null || this.f3225a == null || !this.f3225a.isShowing()) {
                return;
            }
            this.f3225a.a(this.f);
        }

        @Override // org.kman.AquaMail.data.AsyncDataLoader.LoadItem
        public void load() {
            h hVar = this.b;
            MailAccountSslInfo mailAccountSslInfo = this.c;
            Set<MailAccountSslInfo.SslServerName> set = this.d;
            try {
                this.g = MessageDigest.getInstance(h.HASH_MD5);
            } catch (Exception e) {
                org.kman.Compat.util.i.a(h.TAG, e);
            }
            try {
                this.h = MessageDigest.getInstance(h.HASH_SHA1);
            } catch (Exception e2) {
                org.kman.Compat.util.i.a(h.TAG, e2);
            }
            long j = 0;
            for (MailAccountSslInfo.SslServerName sslServerName : set) {
                g gVar = new g();
                j++;
                gVar.f3224a = j;
                gVar.b = sslServerName;
                if (this.e) {
                    gVar.c = a(hVar, mailAccountSslInfo, sslServerName, null);
                    gVar.d = a(hVar, mailAccountSslInfo, sslServerName, h.SUFFIX_CERT_NEW);
                    if (gVar.c != null) {
                        gVar.e = gVar.c.i;
                    }
                    if (gVar.d != null) {
                        gVar.f = gVar.d.i;
                    }
                } else {
                    gVar.d = a(hVar, mailAccountSslInfo, sslServerName, null);
                }
                if (this.f == null) {
                    this.f = org.kman.Compat.util.e.a();
                }
                this.f.add(gVar);
            }
            if (this.f != null) {
                Collections.sort(this.f);
            }
        }
    }

    private h(Context context) {
        this.b = context.getApplicationContext();
        this.c = new File(this.b.getFilesDir(), CERT_DIR);
        if (!this.c.exists()) {
            this.c.mkdirs();
        }
        this.d = new Object();
        this.e = new org.kman.Compat.util.android.c<>(8);
        this.f = new org.kman.Compat.util.android.c<>(8);
    }

    private File a(MailAccountSslInfo.SslServerName sslServerName, long j, String str) {
        return new File(this.c, sslServerName.a(j, str));
    }

    private X509Certificate a(X509Certificate x509Certificate, Certificate[] certificateArr) {
        X500Principal issuerX500Principal = x509Certificate.getIssuerX500Principal();
        if (issuerX500Principal != null) {
            for (int i2 = 1; i2 < certificateArr.length; i2++) {
                if (certificateArr[i2] instanceof X509Certificate) {
                    X509Certificate x509Certificate2 = (X509Certificate) certificateArr[i2];
                    if (x509Certificate2.getSubjectX500Principal().equals(issuerX500Principal)) {
                        org.kman.Compat.util.i.a(TAG, "Found certificate for issuer %s", issuerX500Principal);
                        Set singleton = Collections.singleton(new TrustAnchor(x509Certificate2, null));
                        try {
                            CertPathValidator certPathValidator = CertPathValidator.getInstance("PKIX");
                            PKIXParameters pKIXParameters = new PKIXParameters((Set<TrustAnchor>) singleton);
                            pKIXParameters.setRevocationEnabled(false);
                            if (this.g == null) {
                                this.g = CertificateFactory.getInstance("X.509");
                            }
                            certPathValidator.validate(this.g.generateCertPath(Collections.singletonList(x509Certificate)), pKIXParameters);
                            return x509Certificate2;
                        } catch (Exception e2) {
                            org.kman.Compat.util.i.a(TAG, "Error validating issuer certificate", (Throwable) e2);
                            return null;
                        }
                    }
                }
            }
        }
        return null;
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r0v1, types: [java.lang.String] */
    /* JADX WARN: Type inference failed for: r0v2 */
    /* JADX WARN: Type inference failed for: r0v5, types: [java.io.InputStream] */
    public X509Certificate a(MailAccountSslInfo mailAccountSslInfo, MailAccountSslInfo.SslServerName sslServerName, String str) {
        FileInputStream fileInputStream;
        String a2 = sslServerName.a(mailAccountSslInfo.getSslStorageKey(), str);
        File file = new File(this.c, a2);
        X509Certificate a3 = this.e.a((org.kman.Compat.util.android.c<String, X509Certificate>) a2);
        if (a3 != null) {
            org.kman.Compat.util.i.a(TAG, "Got certificate from cache %s", a2);
            return a3;
        }
        ?? r0 = "Loading certificate from %s";
        org.kman.Compat.util.i.a(TAG, "Loading certificate from %s", a2);
        try {
            try {
                fileInputStream = new FileInputStream(file);
                try {
                    if (this.g == null) {
                        this.g = CertificateFactory.getInstance("X.509");
                    }
                    Certificate generateCertificate = this.g.generateCertificate(fileInputStream);
                    if (generateCertificate instanceof X509Certificate) {
                        X509Certificate x509Certificate = (X509Certificate) generateCertificate;
                        this.e.a(a2, x509Certificate);
                        s.a(fileInputStream);
                        return x509Certificate;
                    }
                } catch (IOException e2) {
                    e = e2;
                    org.kman.Compat.util.i.a(TAG, "Error loading certificate: %s", (Object) e);
                    s.a(fileInputStream);
                    return null;
                } catch (CertificateException e3) {
                    e = e3;
                    org.kman.Compat.util.i.a(TAG, "Error loading certificate", (Throwable) e);
                    this.g = null;
                    s.a(fileInputStream);
                    return null;
                }
            } catch (Throwable th) {
                th = th;
                s.a((InputStream) r0);
                throw th;
            }
        } catch (IOException e4) {
            e = e4;
            fileInputStream = null;
        } catch (CertificateException e5) {
            e = e5;
            fileInputStream = null;
        } catch (Throwable th2) {
            th = th2;
            r0 = 0;
            s.a((InputStream) r0);
            throw th;
        }
        s.a(fileInputStream);
        return null;
    }

    private b a(String str) {
        FileInputStream fileInputStream;
        b a2 = this.f.a((org.kman.Compat.util.android.c<String, b>) str);
        if (a2 != null) {
            org.kman.Compat.util.i.a(TAG, "Got accepted set from cache %s", str);
            return a2;
        }
        File file = new File(this.c, str);
        org.kman.Compat.util.i.a(TAG, "Loading accepted set from %s", str);
        try {
            fileInputStream = new FileInputStream(file);
            try {
                try {
                    b bVar = new b();
                    bVar.a(fileInputStream);
                    this.f.a(str, bVar);
                    s.a(fileInputStream);
                    return bVar;
                } catch (IOException e2) {
                    e = e2;
                    org.kman.Compat.util.i.a(TAG, "Error loading accepted set: %s", (Object) e);
                    s.a(fileInputStream);
                    return null;
                }
            } catch (Throwable th) {
                th = th;
                s.a(fileInputStream);
                throw th;
            }
        } catch (IOException e3) {
            e = e3;
            fileInputStream = null;
        } catch (Throwable th2) {
            th = th2;
            fileInputStream = null;
            s.a(fileInputStream);
            throw th;
        }
    }

    public static h a(Context context) {
        h hVar;
        synchronized (h.class) {
            if (h == null) {
                h = new h(context);
            }
            hVar = h;
        }
        return hVar;
    }

    private void a(String str, File file) {
        if (file.exists()) {
            org.kman.Compat.util.i.a(TAG, "Deleting %s %s", str, file.getName());
            file.delete();
        }
    }

    private void a(String str, File file, File file2) {
        file2.delete();
        if (file.exists()) {
            org.kman.Compat.util.i.a(TAG, "Moving %s %s to %s", str, file.getName(), file2.getName());
            org.kman.Compat.util.i.a(TAG, "Moving %s worked: %b", str, Boolean.valueOf(file.renameTo(file2)));
        }
    }

    /* JADX WARN: Multi-variable type inference failed */
    /* JADX WARN: Type inference failed for: r1v1, types: [java.lang.String] */
    /* JADX WARN: Type inference failed for: r1v10 */
    /* JADX WARN: Type inference failed for: r1v2 */
    /* JADX WARN: Type inference failed for: r1v4, types: [java.io.OutputStream] */
    /* JADX WARN: Type inference failed for: r1v5 */
    /* JADX WARN: Type inference failed for: r1v7, types: [java.io.OutputStream] */
    /* JADX WARN: Type inference failed for: r1v9 */
    private void a(MailAccountSslInfo.SslServerName sslServerName, String str, b bVar) {
        Throwable th;
        FileOutputStream fileOutputStream;
        IOException e2;
        File file = new File(this.c, str);
        ?? r1 = TAG;
        org.kman.Compat.util.i.a(TAG, "Saving accepted set for %s to %s", sslServerName.a(), str);
        this.f.b(str);
        file.delete();
        try {
            try {
                fileOutputStream = new FileOutputStream(file);
                try {
                    bVar.a(fileOutputStream);
                    fileOutputStream.flush();
                    this.f.a(str, bVar);
                    r1 = fileOutputStream;
                } catch (IOException e3) {
                    e2 = e3;
                    org.kman.Compat.util.i.a(TAG, "Error writing accepted set", (Throwable) e2);
                    r1 = fileOutputStream;
                    s.a((OutputStream) r1);
                }
            } catch (Throwable th2) {
                th = th2;
                s.a((OutputStream) r1);
                throw th;
            }
        } catch (IOException e4) {
            fileOutputStream = null;
            e2 = e4;
        } catch (Throwable th3) {
            r1 = 0;
            th = th3;
            s.a((OutputStream) r1);
            throw th;
        }
        s.a((OutputStream) r1);
    }

    private void a(MailAccountSslInfo mailAccountSslInfo, MailAccountSslInfo.SslServerName sslServerName, X509Certificate x509Certificate, String str) {
        FileOutputStream fileOutputStream;
        String a2 = sslServerName.a(mailAccountSslInfo.getSslStorageKey(), str);
        File file = new File(this.c, a2);
        org.kman.Compat.util.i.a(TAG, "Saving certificate for %s to %s", sslServerName.a(), a2);
        this.e.b(a2);
        file.delete();
        if (x509Certificate == null) {
            org.kman.Compat.util.i.a(TAG, "Certificate for %s is null, nothing to save", sslServerName.a());
            return;
        }
        try {
            byte[] encoded = x509Certificate.getEncoded();
            FileOutputStream fileOutputStream2 = null;
            try {
                try {
                    fileOutputStream = new FileOutputStream(file);
                } catch (IOException e2) {
                    e = e2;
                }
            } catch (Throwable th) {
                th = th;
            }
            try {
                fileOutputStream.write(encoded);
                fileOutputStream.flush();
                s.a(fileOutputStream);
                this.e.a(a2, x509Certificate);
                org.kman.Compat.util.i.a(TAG, "Saved certificate for %s to %s", sslServerName.a(), a2);
            } catch (IOException e3) {
                e = e3;
                fileOutputStream2 = fileOutputStream;
                org.kman.Compat.util.i.a(TAG, "Error writing certificate bytes", (Throwable) e);
                s.a(fileOutputStream2);
            } catch (Throwable th2) {
                th = th2;
                fileOutputStream2 = fileOutputStream;
                s.a(fileOutputStream2);
                throw th;
            }
        } catch (CertificateEncodingException e4) {
            org.kman.Compat.util.i.a(TAG, "Error getting certificate bytes", (Throwable) e4);
        }
    }

    private boolean a(X509Certificate x509Certificate) {
        byte[] signature = x509Certificate.getSignature();
        if (signature != null) {
            org.kman.Compat.util.i.a(TAG, "Issuer cert: %s, signature base64: %s", x509Certificate, org.kman.AquaMail.util.b.b(signature));
            for (String str : f3218a) {
                byte[] b2 = org.kman.AquaMail.util.b.b(str);
                if (b2 != null && Arrays.equals(b2, signature)) {
                    return true;
                }
            }
        }
        return false;
    }

    private static String b(X509Certificate x509Certificate) {
        try {
            return b(x509Certificate.getEncoded());
        } catch (CertificateEncodingException e2) {
            org.kman.Compat.util.i.a(TAG, e2);
            return null;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static String b(byte[] bArr) {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance(HASH_SHA1);
            if (messageDigest == null) {
                return null;
            }
            messageDigest.reset();
            messageDigest.update(bArr);
            return p.b(messageDigest.digest());
        } catch (NoSuchAlgorithmException e2) {
            org.kman.Compat.util.i.a(TAG, e2);
            return null;
        }
    }

    private void b(MailAccountSslInfo mailAccountSslInfo, MailAccountSslInfo.SslServerName sslServerName, String str) {
        String a2 = sslServerName.a(mailAccountSslInfo.getSslStorageKey(), str);
        File file = new File(this.c, a2);
        this.e.b(a2);
        if (file.delete()) {
            org.kman.Compat.util.i.a(TAG, "Deleted certificate in %s", a2);
        }
    }

    public static boolean b(Context context) {
        boolean z;
        synchronized (h.class) {
            z = c(context).getBoolean(Prefs.PREF_NETWORK_SSL_CHECKING_KEY, false);
        }
        return z;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public static /* synthetic */ boolean b(String str, File file) {
        return file.getName().startsWith(str);
    }

    private static SharedPreferences c(Context context) {
        if (i == null) {
            i = PreferenceManager.getDefaultSharedPreferences(context.getApplicationContext());
        }
        return i;
    }

    public Dialog a(Context context, MailAccountSslInfo mailAccountSslInfo, Set<MailAccountSslInfo.SslServerName> set, DialogInterface.OnDismissListener onDismissListener, c cVar) {
        e eVar = new e(context, this, mailAccountSslInfo, set, cVar);
        eVar.setOnDismissListener(onDismissListener);
        return eVar;
    }

    public void a(Context context, MailAccountSslInfo mailAccountSslInfo, SSLSocket sSLSocket, Endpoint endpoint) throws SSLException {
        b a2;
        try {
            Certificate[] peerCertificates = sSLSocket.getSession().getPeerCertificates();
            if (peerCertificates == null || peerCertificates.length == 0 || !(peerCertificates[0] instanceof X509Certificate)) {
                return;
            }
            X509Certificate x509Certificate = (X509Certificate) peerCertificates[0];
            if (org.kman.Compat.util.i.d()) {
                org.kman.Compat.util.i.a(TAG, "Certificate for %s: subject: %s, issuer: %s", endpoint, x509Certificate.getSubjectDN(), x509Certificate.getIssuerDN());
            }
            MailAccountSslInfo.SslServerName sslServerName = new MailAccountSslInfo.SslServerName(endpoint.f3208a, endpoint.b);
            if (mailAccountSslInfo.isCheckingAccount()) {
                synchronized (this.d) {
                    a(mailAccountSslInfo, sslServerName, x509Certificate, SUFFIX_CERT);
                }
                mailAccountSslInfo.addCheckingSslInfo(sslServerName);
                return;
            }
            synchronized (this.d) {
                X509Certificate a3 = a(mailAccountSslInfo, sslServerName, SUFFIX_CERT);
                if (a3 == null) {
                    org.kman.Compat.util.i.a(TAG, "There is no certificate for %s yet", endpoint);
                    a(mailAccountSslInfo, sslServerName, x509Certificate, SUFFIX_CERT);
                    return;
                }
                if (a3.equals(x509Certificate)) {
                    org.kman.Compat.util.i.a(TAG, "Certificate for %s matches existing", endpoint);
                    mailAccountSslInfo.removeErrorSslInfo(sslServerName);
                    b(mailAccountSslInfo, sslServerName, SUFFIX_CERT_NEW);
                    return;
                }
                String b2 = b(x509Certificate);
                if (b2 != null && (a2 = a(sslServerName.a(mailAccountSslInfo.getSslStorageKey(), SUFFIX_ACCEPTED))) != null && a2.b(b2)) {
                    org.kman.Compat.util.i.a(TAG, "Certificate for %s was accepted before", endpoint);
                    mailAccountSslInfo.removeErrorSslInfo(sslServerName);
                    b(mailAccountSslInfo, sslServerName, SUFFIX_CERT_NEW);
                    a(mailAccountSslInfo, sslServerName, x509Certificate, SUFFIX_CERT);
                    return;
                }
                X509Certificate a4 = a(x509Certificate, peerCertificates);
                if (a4 == null || !a(a4)) {
                    mailAccountSslInfo.addErrorSslInfo(sslServerName);
                    a(mailAccountSslInfo, sslServerName, x509Certificate, SUFFIX_CERT_NEW);
                    throw new SSLCertificateChangeException(String.format(Locale.US, "Certificate change for %s", endpoint));
                }
                org.kman.Compat.util.i.a(TAG, "This cert is from a special issuer");
                mailAccountSslInfo.removeErrorSslInfo(sslServerName);
                b(mailAccountSslInfo, sslServerName, SUFFIX_CERT_NEW);
                a(mailAccountSslInfo, sslServerName, x509Certificate, SUFFIX_CERT);
            }
        } catch (SSLPeerUnverifiedException e2) {
            org.kman.Compat.util.i.a(TAG, "No peer certificate, assuming _anon_ cipher", (Throwable) e2);
        }
    }

    public void a(MailAccountSslInfo mailAccountSslInfo) {
        final String a2 = MailAccountSslInfo.SslServerName.a(mailAccountSslInfo.getSslStorageKey());
        File[] listFiles = this.c.listFiles(new FileFilter() { // from class: org.kman.AquaMail.net.-$$Lambda$h$eSYNDqZjfy-YsF4YY1dbZaJn4yw
            @Override // java.io.FileFilter
            public final boolean accept(File file) {
                boolean b2;
                b2 = h.b(a2, file);
                return b2;
            }
        });
        if (listFiles != null) {
            for (File file : listFiles) {
                org.kman.Compat.util.i.a(TAG, "Deleting %s", file.getName());
                file.delete();
            }
        }
        synchronized (this.d) {
            this.e.a();
        }
    }

    public void a(MailAccountSslInfo mailAccountSslInfo, MailAccountSslInfo mailAccountSslInfo2) {
        Set<MailAccountSslInfo.SslServerName> checkingSslInfo = mailAccountSslInfo.getCheckingSslInfo();
        if (checkingSslInfo != null) {
            for (MailAccountSslInfo.SslServerName sslServerName : checkingSslInfo) {
                File a2 = a(sslServerName, mailAccountSslInfo.getSslStorageKey(), SUFFIX_CERT);
                long sslStorageKey = mailAccountSslInfo2.getSslStorageKey();
                File a3 = a(sslServerName, sslStorageKey, SUFFIX_CERT);
                File a4 = a(sslServerName, sslStorageKey, SUFFIX_CERT_NEW);
                File file = new File(this.c, sslServerName.a(sslStorageKey, SUFFIX_ACCEPTED));
                synchronized (this.d) {
                    a("checking->curr", a2, a3);
                    a(SUFFIX_CERT_NEW, a4);
                    file.delete();
                    this.e.a();
                    this.f.a();
                }
            }
        }
    }

    public boolean a(MailAccountSslInfo mailAccountSslInfo, Collection<a> collection) {
        boolean z = false;
        for (a aVar : collection) {
            MailAccountSslInfo.SslServerName sslServerName = aVar.f3219a;
            z |= mailAccountSslInfo.removeErrorSslInfo(sslServerName);
            long sslStorageKey = mailAccountSslInfo.getSslStorageKey();
            File a2 = a(sslServerName, sslStorageKey, SUFFIX_CERT);
            File a3 = a(sslServerName, sslStorageKey, SUFFIX_CERT_NEW);
            String a4 = sslServerName.a(sslStorageKey, SUFFIX_ACCEPTED);
            synchronized (this.d) {
                a("new->curr", a3, a2);
                this.e.a();
                if (aVar.b != null || aVar.c != null) {
                    b a5 = a(a4);
                    if (a5 == null) {
                        a5 = new b();
                    }
                    boolean z2 = true;
                    boolean z3 = aVar.b != null && a5.a(aVar.b);
                    if (aVar.c == null || !a5.a(aVar.c)) {
                        z2 = false;
                    }
                    if (z3 || z2) {
                        a(sslServerName, a4, a5);
                    }
                }
            }
        }
        return z;
    }
}
