package com.nitrodesk.nitroid.helpers;

import com.nitrodesk.data.appobjects.SMIMECerts;
import com.nitrodesk.droid20.nitroid.R;
import com.nitrodesk.libraries.data.DBHelpers;
import com.nitrodesk.libraries.data.DBProfile;
import com.nitrodesk.nitroid.Constants;
import com.nitrodesk.nitroid.MainApp;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.InputStream;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Collection;
import java.util.Enumeration;
import java.util.Iterator;
import javax.net.ssl.X509KeyManager;
import javax.net.ssl.X509TrustManager;

/* loaded from: classes.dex */
public class MyTrustManagerFactory {
    public static X509KeyManager overriddenKeyManager;
    public static X509TrustManager systemTrustManager;
    protected static KeyStore mKeyStore = null;
    private static X509Certificate[] lastCertChain = null;

    static {
        initializeTrustManager(true);
    }

    private MyTrustManagerFactory() {
    }

    /* JADX WARN: Multi-variable type inference failed */
    public static void clearCerts() {
        try {
            File clientCertFile = getClientCertFile(false);
            if (clientCertFile != null && clientCertFile.exists()) {
                clientCertFile.delete();
            }
            File clientCertFile2 = getClientCertFile(true);
            if (clientCertFile2 != null && clientCertFile2.exists()) {
                clientCertFile2.delete();
            }
            clearPFXKey();
        } catch (Exception e) {
        } finally {
            systemTrustManager = null;
            mKeyStore = null;
        }
    }

    public static boolean clearPFXKey() {
        try {
            File file = new File(String.valueOf(MainApp.Instance.getFilesDir().getAbsolutePath()) + File.separator + DBProfile.getCurrentProfileID() + File.separator + Constants.CLIENT_CERT_FILE_PFX_KEY);
            if (file.exists()) {
                file.delete();
            }
            return true;
        } catch (Exception e) {
            return false;
        }
    }

    private static File getClientCertFile(boolean z) {
        return new File(getClientCertPath(z));
    }

    public static String getClientCertPath(boolean z) {
        return String.valueOf(MainApp.Instance.getFilesDir().getAbsolutePath()) + File.separator + DBProfile.getCurrentProfileID() + File.separator + (z ? Constants.CLIENT_CERT_FILE_PFX : Constants.CLIENT_CERT_FILE);
    }

    public static X509TrustManager getFactory(String str) {
        return MyX509TrustManager.getInstance(str);
    }

    public static X509KeyManager getKeyManagerFactory(String str) {
        return overriddenKeyManager;
    }

    public static KeyStore getKeyStore() {
        if (mKeyStore == null) {
            initializeTrustManager(false);
        }
        return mKeyStore;
    }

    public static X509Certificate[] getLastCertChain() {
        return lastCertChain;
    }

    public static String getPFXBase64() {
        String clientCertPath = getClientCertPath(true);
        File file = new File(clientCertPath);
        if (!file.exists()) {
            clientCertPath = getClientCertPath(false);
            file = new File(clientCertPath);
        }
        if (!file.exists()) {
            return null;
        }
        try {
            FileInputStream fileInputStream = new FileInputStream(clientCertPath);
            try {
                byte[] bArr = new byte[(int) file.length()];
                fileInputStream.read(bArr);
                fileInputStream.close();
                return Base64.encode(bArr);
            } catch (Exception e) {
                return null;
            }
        } catch (Exception e2) {
            return null;
        }
    }

    public static String getPFXKey() {
        try {
            String str = String.valueOf(MainApp.Instance.getFilesDir().getAbsolutePath()) + File.separator + DBProfile.getCurrentProfileID() + File.separator + Constants.CLIENT_CERT_FILE_PFX_KEY;
            File file = new File(str);
            if (!file.exists()) {
                return null;
            }
            byte[] bArr = new byte[(int) file.length()];
            FileInputStream fileInputStream = new FileInputStream(str);
            fileInputStream.read(bArr);
            fileInputStream.close();
            return StoopidHelpers.decrypt(bArr);
        } catch (Exception e) {
            return null;
        }
    }

    public static String getPurpose(X509Certificate x509Certificate) {
        StringBuilder sb = new StringBuilder();
        boolean[] keyUsage = x509Certificate.getKeyUsage();
        if (keyUsage != null) {
            if (keyUsage[0]) {
                sb.append("Authentication,");
            }
            if (keyUsage[0] || keyUsage[1]) {
                sb.append("Email Signing,");
            }
            if (keyUsage[3] || keyUsage[2]) {
                sb.append("Email Encryption,");
            }
        }
        return sb.toString();
    }

    public static boolean hasClientCerts() {
        return getClientCertFile(false).exists() || getClientCertFile(true).exists();
    }

    public static boolean hasClientCerts(boolean z) {
        return getClientCertFile(z).exists();
    }

    public static boolean hasEncryptionCerts() {
        return SMIMECerts.getActiveEncryptionCert() != null;
    }

    public static boolean hasSigningCerts() {
        return SMIMECerts.getActiveSigningCert() != null;
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* JADX WARN: Removed duplicated region for block: B:33:0x0095 A[Catch: Exception -> 0x00b6, TryCatch #2 {Exception -> 0x00b6, blocks: (B:2:0x0000, B:4:0x0008, B:8:0x000d, B:10:0x0033, B:13:0x00bf, B:17:0x00c7, B:19:0x003b, B:22:0x005f, B:31:0x008f, B:33:0x0095, B:36:0x009d, B:40:0x00a5, B:50:0x00dd, B:53:0x0050, B:55:0x0057), top: B:1:0x0000 }] */
    /* JADX WARN: Removed duplicated region for block: B:45:? A[RETURN, SYNTHETIC] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static void initializeTrustManager(boolean r18) {
        /*
            Method dump skipped, instructions count: 259
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: com.nitrodesk.nitroid.helpers.MyTrustManagerFactory.initializeTrustManager(boolean):void");
    }

    public static boolean isCertPasswordValid(InputStream inputStream, String str, StringBuilder sb) {
        try {
            CallLogger.Log("Getting keystore instance");
            KeyStore keyStore = KeyStore.getInstance("PKCS12");
            keyStore.load(inputStream, str == null ? "".toCharArray() : str.toCharArray());
            CallLogger.Log("Keystore size is " + keyStore.size());
            if (keyStore.size() > 0) {
                Enumeration<String> aliases = keyStore.aliases();
                while (aliases.hasMoreElements()) {
                    boolean[] keyUsage = ((X509Certificate) keyStore.getCertificate(aliases.nextElement())).getKeyUsage();
                    if (keyUsage != null) {
                        if (keyUsage[0]) {
                            sb.append("Authentication,");
                        }
                        if (keyUsage[0] || keyUsage[1]) {
                            sb.append("Email Signing,");
                        }
                        if (keyUsage[3] || keyUsage[2]) {
                            sb.append("Email Encryption,");
                        }
                    }
                }
                CallLogger.Log("Password is valid");
                return true;
            }
        } catch (Exception e) {
            CallLogger.Log("exception opening keystore file", e);
        }
        CallLogger.Log("Password is NOT valid");
        return false;
    }

    public static boolean isCertPasswordValid(String str, String str2, StringBuilder sb) {
        try {
            CallLogger.Log("Getting keystore instance");
            KeyStore.getInstance("PKCS12");
            CallLogger.Log("opening keystore file from " + str);
            return isCertPasswordValid(new FileInputStream(str), str2, sb);
        } catch (Exception e) {
            CallLogger.Log("exception opening keystore file", e);
            CallLogger.Log("Password is NOT valid");
            return false;
        }
    }

    public static String loadClientCert(String str, String str2) {
        String string = MainApp.Instance.getString(R.string.client_certificate_loaded_);
        try {
            CallLogger.Log("cleaning up client certs.");
            clearCerts();
        } catch (Exception e) {
            string = "Exception processing " + str + " : " + e.getMessage();
        } finally {
            resetTrusts();
        }
        if (str.toLowerCase().endsWith(".pfx") && str2 != null) {
            CallLogger.Log("Copying PFX certificate file");
            File clientCertFile = getClientCertFile(true);
            makeDirectories(clientCertFile.getAbsolutePath());
            DBHelpers.moveFile(new File(str), clientCertFile);
            setPFXKey(str2);
            return string;
        }
        CallLogger.Log("Loading client certs.");
        FileInputStream fileInputStream = new FileInputStream(str);
        if (fileInputStream.available() <= 0) {
            return String.format(MainApp.Instance.getString(R.string.file_s_cannot_be_read_), str);
        }
        CallLogger.Log("Generating certificates.");
        Collection<? extends Certificate> generateCertificates = CertificateFactory.getInstance("X.509").generateCertificates(fileInputStream);
        fileInputStream.close();
        if (generateCertificates == null || generateCertificates.size() == 0) {
            return String.format(MainApp.Instance.getString(R.string.file_s_did_not_seem_to_contain_any_certificate_), str);
        }
        X509Certificate[] x509CertificateArr = new X509Certificate[generateCertificates.size()];
        Iterator<? extends Certificate> it = generateCertificates.iterator();
        if (it == null) {
            return String.format(MainApp.Instance.getString(R.string.file_s_did_not_seem_to_contain_any_certificate_), str);
        }
        CallLogger.Log("Adding certificates");
        while (it.hasNext()) {
            Certificate next = it.next();
            x509CertificateArr[0] = (X509Certificate) next;
            CallLogger.Log(" - Adding :" + ((X509Certificate) next).getSubjectDN().getName());
        }
        saveCertificateChain("CLIENT_CERTS", x509CertificateArr);
        CallLogger.Log("Saved certificate chain");
        return string;
    }

    private static void makeDirectories(String str) {
        try {
            new File(str).getParentFile().mkdirs();
        } catch (Exception e) {
        }
    }

    public static void resetTrusts() {
        systemTrustManager = null;
        mKeyStore = null;
    }

    /* JADX WARN: Multi-variable type inference failed */
    public static void saveCertificateChain(String str, X509Certificate[] x509CertificateArr) throws CertificateException {
        try {
            CallLogger.Log("Saving certificate chain ");
            KeyStore keyStore = KeyStore.getInstance(KeyStore.getDefaultType());
            keyStore.load(null);
            for (int i = 0; i < x509CertificateArr.length; i++) {
                keyStore.setCertificateEntry(x509CertificateArr[i].getSubjectDN().toString(), x509CertificateArr[i]);
                CallLogger.Log(" - Add Cert : " + x509CertificateArr[i].getSubjectDN().toString());
            }
            try {
                String clientCertPath = getClientCertPath(false);
                CallLogger.Log("Saving keys to " + clientCertPath);
                FileOutputStream fileOutputStream = new FileOutputStream(clientCertPath);
                keyStore.store(fileOutputStream, "".toCharArray());
                fileOutputStream.close();
                CallLogger.Log("Storing keys - Done");
            } catch (Exception e) {
            }
        } catch (Exception e2) {
            CallLogger.Log("Exception adding certificate chain :", e2);
        } finally {
            systemTrustManager = null;
            mKeyStore = null;
        }
    }

    public static boolean saveClientCert(String str, String str2, StringBuilder sb) {
        try {
            File clientCertFile = getClientCertFile(true);
            makeDirectories(clientCertFile.getAbsolutePath());
            byte[] decode = Base64.decode(str);
            FileOutputStream fileOutputStream = new FileOutputStream(clientCertFile);
            fileOutputStream.write(decode);
            fileOutputStream.close();
            CallLogger.Log("Saving certificate file to " + clientCertFile.getAbsolutePath());
            setPFXKey(str2);
            resetTrusts();
            return true;
        } catch (Exception e) {
            sb.append("Error writing certificate :" + e.getMessage());
            return false;
        }
    }

    public static void setLastCertChain(X509Certificate[] x509CertificateArr) {
        lastCertChain = x509CertificateArr;
    }

    public static boolean setPFXKey(String str) {
        byte[] encrypt;
        boolean z = false;
        try {
            encrypt = StoopidHelpers.encrypt(str);
        } catch (Exception e) {
        }
        if (encrypt == null || encrypt.length == 0) {
            return false;
        }
        String str2 = String.valueOf(MainApp.Instance.getFilesDir().getAbsolutePath()) + File.separator + DBProfile.getCurrentProfileID() + File.separator + Constants.CLIENT_CERT_FILE_PFX_KEY;
        makeDirectories(str2);
        FileOutputStream fileOutputStream = new FileOutputStream(str2);
        fileOutputStream.write(encrypt);
        fileOutputStream.close();
        z = true;
        return z;
    }
}
