package com.samsung.android.email.commonutil;

import android.app.Activity;
import android.content.Context;
import android.content.DialogInterface;
import android.net.http.SslCertificate;
import android.net.http.SslError;
import android.os.Bundle;
import android.support.v7.app.AlertDialog;
import android.text.format.DateFormat;
import android.view.LayoutInflater;
import android.view.View;
import android.view.ViewGroup;
import android.widget.TextView;
import com.samsung.android.email.provider.R;
import com.samsung.android.email.sync.exchange.cba.SSLUtils;
import com.samsung.android.emailcommon.EmailFeature;
import com.samsung.android.emailcommon.log.EmailLog;
import java.net.InetAddress;
import java.net.UnknownHostException;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.cert.X509Certificate;
import java.util.Date;
import javax.net.ssl.HostnameVerifier;
import javax.net.ssl.SSLSession;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* loaded from: classes22.dex */
public class SSLCertVerifier {
    static final TrustManager[] INSECURE_TRUST_MANAGER = {new X509TrustManager() { // from class: com.samsung.android.email.commonutil.SSLCertVerifier.1
        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) {
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return null;
        }
    }};
    public static final int SSL_CERITIFICATE_IO_ERROR = 3;
    public static final int SSL_CERITIFICATE_NO_ERROR = 4;
    public static final int SSL_CERITIFICATE_SUSPICIUS = 2;
    public static final int SSL_CERITIFICATE_VERIFIED = 1;
    public static final int SSL_CERITIFICATE_VERIFIED_NOT_DONE = 0;
    public static final int SSL_CERITIFICATE_VERIFIED_TIMEOUT = 5;
    private static final String TAG = "SSLCertVerifier";
    private Context mContext;
    private String mEmailAddress;
    private HostNameVerifier mHostNameVerifier;
    private String mServerUrl;
    private SSLSession mSSLSession = null;
    private Result mResult = null;
    private final Object resultLock = new Object();
    private final ConditionalBlock mCondition = new ConditionalBlock();

    /* loaded from: classes22.dex */
    public static class CertficateDetailDialog {
        public static AlertDialog createDialog(Activity activity, SslCertificate sslCertificate, X509Certificate x509Certificate, DialogInterface.OnClickListener onClickListener, DialogInterface.OnCancelListener onCancelListener) {
            View inflateView = inflateView(activity, sslCertificate, x509Certificate);
            if (inflateView == null) {
                return null;
            }
            AlertDialog.Builder view = new AlertDialog.Builder(activity).setTitle(R.string.ssl_certificate).setView(inflateView);
            if (onClickListener != null) {
                view.setPositiveButton(R.string.okay_action, onClickListener);
            }
            if (onCancelListener != null) {
                view.setOnCancelListener(onCancelListener);
            }
            AlertDialog create = view.create();
            create.getWindow().setGravity(80);
            return create;
        }

        private static String formatCertificateDate(Date date, Activity activity) {
            String format;
            return (date == null || (format = DateFormat.getDateFormat(activity).format(date)) == null) ? "" : format;
        }

        public static View inflateView(Activity activity, SslCertificate sslCertificate, X509Certificate x509Certificate) {
            View view = null;
            if (sslCertificate == null || activity == null) {
                EmailLog.d(SSLCertVerifier.TAG, "inflateCertificateView(): context or certificate is null");
            } else {
                view = LayoutInflater.from(activity).inflate(R.layout.ssl_certificate, (ViewGroup) null);
                SslCertificate.DName issuedTo = sslCertificate.getIssuedTo();
                if (issuedTo != null) {
                    ((TextView) view.findViewById(R.id.to_common)).setText(issuedTo.getCName());
                    ((TextView) view.findViewById(R.id.to_org)).setText(issuedTo.getOName());
                    ((TextView) view.findViewById(R.id.to_org_unit)).setText(issuedTo.getUName());
                }
                SslCertificate.DName issuedBy = sslCertificate.getIssuedBy();
                if (issuedBy != null) {
                    ((TextView) view.findViewById(R.id.by_common)).setText(issuedBy.getCName());
                    ((TextView) view.findViewById(R.id.by_org)).setText(issuedBy.getOName());
                    ((TextView) view.findViewById(R.id.by_org_unit)).setText(issuedBy.getUName());
                }
                ((TextView) view.findViewById(R.id.issued_on)).setText(formatCertificateDate(sslCertificate.getValidNotBeforeDate(), activity));
                ((TextView) view.findViewById(R.id.expires_on)).setText(formatCertificateDate(sslCertificate.getValidNotAfterDate(), activity));
                if (EmailFeature.isUntrustedCertificateFeatureEnabled(activity)) {
                    ((TextView) view.findViewById(R.id.sha256_fingerprint_on)).setText(SSLUtils.getDigest(x509Certificate, SSLUtils.SHA_256_ALGO));
                    ((TextView) view.findViewById(R.id.sha1_fingerprint_on)).setText(SSLUtils.getDigest(x509Certificate, SSLUtils.SHA_1_ALGO));
                } else {
                    ((TextView) view.findViewById(R.id.sha256_fingerprint_header)).setVisibility(8);
                    ((TextView) view.findViewById(R.id.sha256_fingerprint_on)).setVisibility(8);
                    ((TextView) view.findViewById(R.id.sha1_fingerprint_header)).setVisibility(8);
                    ((TextView) view.findViewById(R.id.sha1_fingerprint_on)).setVisibility(8);
                }
            }
            return view;
        }
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes22.dex */
    public class HostNameVerifier implements HostnameVerifier {
        private HostNameVerifier() {
        }

        @Override // javax.net.ssl.HostnameVerifier
        public boolean verify(String str, SSLSession sSLSession) {
            try {
                boolean equals = InetAddress.getByName(sSLSession.getPeerHost()).equals(InetAddress.getByName(str));
                SSLCertVerifier.this.setSession(sSLSession);
                return equals;
            } catch (UnknownHostException e) {
                return false;
            }
        }
    }

    /* loaded from: classes22.dex */
    public static class Result {
        int mResult = -1;
        int mSslErroType = -1;
        String mUrl = null;
        String mUserName = null;
        X509Certificate mCertificate = null;

        public X509Certificate getCertificate() {
            return this.mCertificate;
        }

        public int getResult() {
            return this.mResult;
        }

        public int getSslErrorType() {
            return this.mSslErroType;
        }

        public Bundle toBundle() {
            Bundle bundle = new Bundle();
            bundle.putInt("certificate", this.mResult);
            bundle.putInt(SSLUtils.SSL_ERROR_TYPE_KEY, this.mSslErroType);
            if (this.mUserName != null) {
                bundle.putString("userName", this.mUserName);
            }
            if (this.mUrl != null) {
                bundle.putString("url", this.mUrl);
            }
            if (this.mCertificate != null) {
                bundle.putSerializable("certificate", this.mCertificate);
            }
            return bundle;
        }
    }

    /* loaded from: classes22.dex */
    public interface WarningListener {
        void onWarning(Result result);
    }

    public SSLCertVerifier(Context context, String str, String str2) {
        this.mHostNameVerifier = null;
        this.mContext = context.getApplicationContext();
        this.mServerUrl = str;
        this.mEmailAddress = str2;
        this.mHostNameVerifier = new HostNameVerifier();
    }

    private SSLSession getSession() {
        EmailLog.d(TAG, "Getting the session object " + this.mSSLSession);
        return this.mSSLSession;
    }

    /* JADX INFO: Access modifiers changed from: private */
    public void setSession(SSLSession sSLSession) {
        EmailLog.d(TAG, "Setting the session");
        this.mSSLSession = sSLSession;
    }

    private SslError verifyServerDomainAndCertificates(X509Certificate[] x509CertificateArr, String str, SSLSession sSLSession, HostnameVerifier hostnameVerifier) {
        if (x509CertificateArr == null) {
            throw new IllegalArgumentException("certificate chain is null");
        }
        if (sSLSession == null) {
            throw new IllegalArgumentException("Session is null");
        }
        X509Certificate x509Certificate = x509CertificateArr[0];
        if (x509Certificate == null) {
            throw new IllegalArgumentException("certificate for this site is null");
        }
        String sigAlgName = x509Certificate.getSigAlgName();
        EmailLog.d(TAG, "Session object inside verifyServerDomainAndCertificates():" + sSLSession);
        boolean z = (str == null || str.isEmpty() || !hostnameVerifier.verify(str, sSLSession)) ? false : true;
        EmailLog.d(TAG, "Is certificate is matched for this host:" + z);
        if (!z) {
            EmailLog.d("certificate not for this host: ", str);
            return new SslError(2, x509Certificate, "");
        }
        TrustManagerFactory trustManagerFactory = null;
        try {
            trustManagerFactory = TrustManagerFactory.getInstance("X509", "HarmonyJSSE");
        } catch (NoSuchAlgorithmException | NoSuchProviderException e) {
            e.printStackTrace();
        }
        if (trustManagerFactory == null) {
            throw new IllegalArgumentException("NoSuchAlgorithmException or NoSuchProviderException has been occurred");
        }
        try {
            trustManagerFactory.init((KeyStore) null);
        } catch (KeyStoreException e2) {
            e2.printStackTrace();
        }
        try {
            ((X509TrustManager) trustManagerFactory.getTrustManagers()[0]).checkServerTrusted(x509CertificateArr, sigAlgName);
            return null;
        } catch (GeneralSecurityException e3) {
            return new SslError(3, x509Certificate, "");
        }
    }

    public String getServerUrl() {
        return this.mServerUrl;
    }

    public void setChecked() {
        Result result = new Result();
        result.mResult = 1;
        setResult(result);
    }

    public void setResult(int i) {
        Result result = new Result();
        result.mResult = i;
        setResult(result);
    }

    public void setResult(Result result) {
        if (this.mResult == null) {
            synchronized (this.resultLock) {
                if (this.mResult == null) {
                    this.mResult = result;
                }
            }
        }
        this.mCondition.open();
    }

    public synchronized Result verify(final WarningListener warningListener, final int i) {
        Result result;
        this.mResult = null;
        this.mCondition.block();
        final Thread thread = new Thread("SSLCertVerifier_verifyThread") { // from class: com.samsung.android.email.commonutil.SSLCertVerifier.2
            @Override // java.lang.Thread, java.lang.Runnable
            public void run() {
                Result verifySSLCertificate = SSLCertVerifier.this.verifySSLCertificate(SSLCertVerifier.this.mServerUrl, SSLCertVerifier.this.mEmailAddress);
                if (isInterrupted()) {
                    return;
                }
                if (verifySSLCertificate == null) {
                    verifySSLCertificate = new Result();
                }
                if (isInterrupted()) {
                    return;
                }
                if (verifySSLCertificate.mResult != 2 || warningListener == null) {
                    SSLCertVerifier.this.setResult(verifySSLCertificate);
                } else {
                    warningListener.onWarning(verifySSLCertificate);
                }
            }
        };
        thread.start();
        Thread thread2 = null;
        if (i > 0) {
            thread2 = new Thread("SSLCertVerifer_timerThread") { // from class: com.samsung.android.email.commonutil.SSLCertVerifier.3
                @Override // java.lang.Thread, java.lang.Runnable
                public void run() {
                    boolean z = false;
                    try {
                        Thread.sleep(i);
                    } catch (InterruptedException e) {
                        z = true;
                        e.printStackTrace();
                    }
                    if (z) {
                        return;
                    }
                    thread.interrupt();
                    Result result2 = new Result();
                    result2.mResult = 5;
                    SSLCertVerifier.this.setResult(result2);
                }
            };
            thread2.start();
        }
        this.mCondition.check();
        if (thread2 != null) {
            thread2.interrupt();
        }
        result = this.mResult;
        if (result == null) {
            result = new Result();
        }
        return result;
    }

    /* JADX WARN: Removed duplicated region for block: B:18:0x01c1  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    com.samsung.android.email.commonutil.SSLCertVerifier.Result verifySSLCertificate(java.lang.String r23, java.lang.String r24) {
        /*
            Method dump skipped, instructions count: 474
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.samsung.android.email.commonutil.SSLCertVerifier.verifySSLCertificate(java.lang.String, java.lang.String):com.samsung.android.email.commonutil.SSLCertVerifier$Result");
    }
}
