package defpackage;

import android.R;
import android.app.Activity;
import android.app.Application;
import android.app.NotificationManager;
import android.app.PendingIntent;
import android.app.Service;
import android.content.Context;
import android.content.Intent;
import android.os.Handler;
import android.util.Log;
import android.util.SparseArray;
import defpackage.gqg;
import defpackage.tu;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate;
import java.text.SimpleDateFormat;
import java.util.Collection;
import java.util.List;
import java.util.Locale;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.jivesoftware.smack.util.StringUtils;

/* compiled from: MemorizingTrustManager.java */
/* loaded from: classes.dex */
public class gqe implements X509TrustManager {
    static String a = "KeyStore";
    static String b = "KeyStore.bks";
    private static int g = 0;
    private static SparseArray<gqd> h = new SparseArray<>();
    Context c;
    Activity d;
    NotificationManager e;
    Handler f;
    private File i;
    private KeyStore j;
    private X509TrustManager k;
    private X509TrustManager l;

    /* compiled from: MemorizingTrustManager.java */
    /* loaded from: classes2.dex */
    class a implements HostnameVerifier {
        private HostnameVerifier b;

        public a(HostnameVerifier hostnameVerifier) {
            this.b = hostnameVerifier;
        }

        @Override // javax.net.ssl.HostnameVerifier
        public boolean verify(String str, SSLSession sSLSession) {
            boolean a;
            Log.d("MemorizingTrustManager", "hostname verifier for " + str + ", trying default verifier first");
            if (this.b.verify(str, sSLSession)) {
                Log.d("MemorizingTrustManager", "default verifier accepted " + str);
                return true;
            }
            try {
                X509Certificate x509Certificate = (X509Certificate) sSLSession.getPeerCertificates()[0];
                if (x509Certificate.equals(gqe.this.j.getCertificate(str.toLowerCase(Locale.US)))) {
                    Log.d("MemorizingTrustManager", "certificate for " + str + " is in our keystore. accepting.");
                    a = true;
                } else {
                    Log.d("MemorizingTrustManager", "server " + str + " provided wrong certificate, asking user.");
                    a = gqe.this.a(x509Certificate, str);
                }
                return a;
            } catch (Exception e) {
                e.printStackTrace();
                return false;
            }
        }
    }

    public gqe(Context context) {
        a(context);
        this.l = a(this.j);
        this.k = a((KeyStore) null);
    }

    private int a(gqd gqdVar) {
        int i;
        synchronized (h) {
            i = g;
            h.put(i, gqdVar);
            g++;
        }
        return i;
    }

    private static String a(byte[] bArr) {
        StringBuffer stringBuffer = new StringBuffer();
        for (int i = 0; i < bArr.length; i++) {
            stringBuffer.append(String.format("%02x", Byte.valueOf(bArr[i])));
            if (i < bArr.length - 1) {
                stringBuffer.append(":");
            }
        }
        return stringBuffer.toString();
    }

    private String a(X509Certificate[] x509CertificateArr, CertificateException certificateException) {
        Log.d("MemorizingTrustManager", "certChainMessage for " + certificateException);
        StringBuffer stringBuffer = new StringBuffer();
        if (certificateException.getCause() != null) {
            Throwable cause = certificateException.getCause();
            if ("Trust anchor for certification path not found.".equals(cause.getMessage())) {
                stringBuffer.append(this.c.getString(gqg.a.mtm_trust_anchor));
            } else {
                stringBuffer.append(cause.getLocalizedMessage());
            }
            stringBuffer.append("\n");
        }
        stringBuffer.append("\n");
        stringBuffer.append(this.c.getString(gqg.a.mtm_connect_anyway));
        stringBuffer.append("\n\n");
        stringBuffer.append(this.c.getString(gqg.a.mtm_cert_details));
        for (X509Certificate x509Certificate : x509CertificateArr) {
            a(stringBuffer, x509Certificate);
        }
        return stringBuffer.toString();
    }

    public static void a(int i, int i2) {
        gqd gqdVar;
        synchronized (h) {
            gqdVar = h.get(i);
            h.remove(i);
        }
        if (gqdVar == null) {
            Log.e("MemorizingTrustManager", "interactResult: aborting due to stale decision reference!");
            return;
        }
        synchronized (gqdVar) {
            gqdVar.a = i2;
            gqdVar.notify();
        }
    }

    private void a(StringBuffer stringBuffer, X509Certificate x509Certificate) {
        SimpleDateFormat simpleDateFormat = new SimpleDateFormat("yyyy-MM-dd");
        stringBuffer.append("\n");
        stringBuffer.append(x509Certificate.getSubjectDN().toString());
        stringBuffer.append("\n");
        stringBuffer.append(simpleDateFormat.format(x509Certificate.getNotBefore()));
        stringBuffer.append(" - ");
        stringBuffer.append(simpleDateFormat.format(x509Certificate.getNotAfter()));
        stringBuffer.append("\nSHA-256: ");
        stringBuffer.append(b(x509Certificate, "SHA-256"));
        stringBuffer.append("\nSHA-1: ");
        stringBuffer.append(b(x509Certificate, StringUtils.SHA1));
        stringBuffer.append("\nSigned by: ");
        stringBuffer.append(x509Certificate.getIssuerDN().toString());
        stringBuffer.append("\n");
    }

    private boolean a(Throwable th) {
        while (!(th instanceof CertificateExpiredException)) {
            th = th.getCause();
            if (th == null) {
                return false;
            }
        }
        return true;
    }

    private boolean a(X509Certificate x509Certificate) {
        try {
            return this.j.getCertificateAlias(x509Certificate) != null;
        } catch (KeyStoreException e) {
            return false;
        }
    }

    private static String b(X509Certificate x509Certificate, String str) {
        try {
            MessageDigest messageDigest = MessageDigest.getInstance(str);
            messageDigest.update(x509Certificate.getEncoded());
            return a(messageDigest.digest());
        } catch (NoSuchAlgorithmException e) {
            return e.getMessage();
        } catch (CertificateEncodingException e2) {
            return e2.getMessage();
        }
    }

    private String c(X509Certificate x509Certificate, String str) {
        StringBuffer stringBuffer = new StringBuffer();
        stringBuffer.append(this.c.getString(gqg.a.mtm_hostname_mismatch, str));
        stringBuffer.append("\n\n");
        try {
            Collection<List<?>> subjectAlternativeNames = x509Certificate.getSubjectAlternativeNames();
            if (subjectAlternativeNames == null) {
                stringBuffer.append(x509Certificate.getSubjectDN());
                stringBuffer.append("\n");
            } else {
                for (List<?> list : subjectAlternativeNames) {
                    Object obj = list.get(1);
                    if (obj instanceof String) {
                        stringBuffer.append("[");
                        stringBuffer.append((Integer) list.get(0));
                        stringBuffer.append("] ");
                        stringBuffer.append(obj);
                        stringBuffer.append("\n");
                    }
                }
            }
        } catch (CertificateParsingException e) {
            e.printStackTrace();
            stringBuffer.append("<Parsing error: ");
            stringBuffer.append(e.getLocalizedMessage());
            stringBuffer.append(">\n");
        }
        stringBuffer.append("\n");
        stringBuffer.append(this.c.getString(gqg.a.mtm_connect_anyway));
        stringBuffer.append("\n\n");
        stringBuffer.append(this.c.getString(gqg.a.mtm_cert_details));
        a(stringBuffer, x509Certificate);
        return stringBuffer.toString();
    }

    int a(String str, int i) {
        gqd gqdVar = new gqd();
        int a2 = a(gqdVar);
        this.f.post(new gqf(this, a2, str, i));
        Log.d("MemorizingTrustManager", "openDecisions: " + h);
        Log.d("MemorizingTrustManager", "waiting on " + a2);
        try {
            synchronized (gqdVar) {
                gqdVar.wait();
            }
        } catch (InterruptedException e) {
            e.printStackTrace();
        }
        Log.d("MemorizingTrustManager", "finished wait on " + a2 + ": " + gqdVar.a);
        return gqdVar.a;
    }

    KeyStore a() {
        KeyStore keyStore = null;
        try {
            keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            try {
                keyStore.load(null, null);
                keyStore.load(new FileInputStream(this.i), "MTM".toCharArray());
            } catch (FileNotFoundException e) {
                Log.i("MemorizingTrustManager", "getAppKeyStore(" + this.i + ") - file does not exist");
            } catch (Exception e2) {
                Log.e("MemorizingTrustManager", "getAppKeyStore(" + this.i + ")", e2);
            }
        } catch (KeyStoreException e3) {
            Log.e("MemorizingTrustManager", "getAppKeyStore()", e3);
        }
        return keyStore;
    }

    public HostnameVerifier a(HostnameVerifier hostnameVerifier) {
        if (hostnameVerifier == null) {
            throw new IllegalArgumentException("The default verifier may not be null");
        }
        return new a(hostnameVerifier);
    }

    X509TrustManager a(KeyStore keyStore) {
        try {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("X509");
            trustManagerFactory.init(keyStore);
            for (TrustManager trustManager : trustManagerFactory.getTrustManagers()) {
                if (trustManager instanceof X509TrustManager) {
                    return (X509TrustManager) trustManager;
                }
            }
        } catch (Exception e) {
            Log.e("MemorizingTrustManager", "getTrustManager(" + keyStore + ")", e);
        }
        return null;
    }

    void a(Context context) {
        Application application;
        this.c = context;
        this.f = new Handler(context.getMainLooper());
        this.e = (NotificationManager) this.c.getSystemService("notification");
        if (context instanceof Application) {
            application = (Application) context;
        } else if (context instanceof Service) {
            application = ((Service) context).getApplication();
        } else {
            if (!(context instanceof Activity)) {
                throw new ClassCastException("MemorizingTrustManager context must be either Activity or Service!");
            }
            application = ((Activity) context).getApplication();
        }
        this.i = new File(application.getDir(a, 0) + File.separator + b);
        this.j = a();
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public void a(Intent intent, int i, String str) {
        this.e.notify(100509 + i, new tu.a(this.c.getApplicationContext()).a(true).c(this.c.getString(gqg.a.mtm_notification)).a(this.c.getString(gqg.a.mtm_notification)).b(str).a(R.drawable.ic_lock_lock).a(PendingIntent.getActivity(this.c, 0, intent, 0)).a());
    }

    void a(String str, Certificate certificate) {
        try {
            this.j.setCertificateEntry(str, certificate);
            b();
        } catch (KeyStoreException e) {
            Log.e("MemorizingTrustManager", "storeCert(" + certificate + ")", e);
        }
    }

    void a(X509Certificate[] x509CertificateArr) {
        try {
            for (X509Certificate x509Certificate : x509CertificateArr) {
                this.j.setCertificateEntry(x509Certificate.getSubjectDN().toString(), x509Certificate);
            }
            b();
        } catch (KeyStoreException e) {
            Log.e("MemorizingTrustManager", "storeCert(" + x509CertificateArr + ")", e);
        }
    }

    void a(X509Certificate[] x509CertificateArr, String str, CertificateException certificateException) throws CertificateException {
        switch (a(a(x509CertificateArr, certificateException), gqg.a.mtm_accept_cert)) {
            case 2:
                return;
            case 3:
                a(x509CertificateArr);
                return;
            default:
                throw certificateException;
        }
    }

    public void a(X509Certificate[] x509CertificateArr, String str, boolean z) throws CertificateException {
        Log.d("MemorizingTrustManager", "checkCertTrusted(" + x509CertificateArr + ", " + str + ", " + z + ")");
        try {
            Log.d("MemorizingTrustManager", "checkCertTrusted: trying appTrustManager");
            if (z) {
                this.l.checkServerTrusted(x509CertificateArr, str);
            } else {
                this.l.checkClientTrusted(x509CertificateArr, str);
            }
        } catch (CertificateException e) {
            e.printStackTrace();
            if (a(e)) {
                Log.i("MemorizingTrustManager", "checkCertTrusted: accepting expired certificate from keystore");
                return;
            }
            if (a(x509CertificateArr[0])) {
                Log.i("MemorizingTrustManager", "checkCertTrusted: accepting cert already stored in keystore");
                return;
            }
            try {
                if (this.k == null) {
                    throw e;
                }
                Log.d("MemorizingTrustManager", "checkCertTrusted: trying defaultTrustManager");
                if (z) {
                    this.k.checkServerTrusted(x509CertificateArr, str);
                } else {
                    this.k.checkClientTrusted(x509CertificateArr, str);
                }
            } catch (CertificateException e2) {
                e2.printStackTrace();
                a(x509CertificateArr, str, e2);
            }
        }
    }

    boolean a(X509Certificate x509Certificate, String str) {
        switch (a(c(x509Certificate, str), gqg.a.mtm_accept_servername)) {
            case 3:
                a(str, x509Certificate);
            case 2:
                return true;
            default:
                return false;
        }
    }

    void b() {
        this.l = a(this.j);
        try {
            FileOutputStream fileOutputStream = new FileOutputStream(this.i);
            this.j.store(fileOutputStream, "MTM".toCharArray());
            fileOutputStream.close();
        } catch (Exception e) {
            Log.e("MemorizingTrustManager", "storeCert(" + this.i + ")", e);
        }
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    public Context c() {
        return this.d != null ? this.d : this.c;
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        a(x509CertificateArr, str, false);
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        a(x509CertificateArr, str, true);
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        Log.d("MemorizingTrustManager", "getAcceptedIssuers()");
        return this.k.getAcceptedIssuers();
    }
}
