package com.samsung.android.focus.addon.email.sync.exchange.cba;

import android.content.Context;
import android.text.TextUtils;
import com.samsung.android.focus.addon.email.emailcommon.Device;
import com.samsung.android.focus.addon.email.emailcommon.EmailFeature;
import com.samsung.android.focus.addon.email.emailcommon.provider.EmailContent;
import com.samsung.android.focus.addon.email.emailcommon.utility.EmailLog;
import com.samsung.android.focus.addon.email.sync.exchange.CBAEmailKeyManager;
import com.samsung.android.focus.addon.email.sync.exchange.ExchangeService;
import com.samsung.android.focus.addon.email.sync.utility.EmailSyncServiceLogger;
import java.security.KeyManagementException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.KeyManager;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* loaded from: classes.dex */
public class SSLCBAClient {
    public static final String PKCS12 = "PKCS12";
    private static final String TAG = "SSLCBAClient";
    public static final String TLS = "TLS";
    public static KeyStore gTrustStore;
    private static Context sPrefContext;
    private static Context sStaticContext;
    String mAlias;
    Context mContext;
    private String mEmailAddress;
    boolean mInsecure;
    String mKeyStorePassword;
    SSLSocketFactory mSocketFactory;
    String mTempKeyStorePassword;
    private static Object sLockObject = new Object();
    private static final TrustManager[] INSECURE_TRUST_MANAGER = new TrustManager[1];

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes.dex */
    public static class CustomX509TrustManager implements X509TrustManager {
        private String userName;

        public CustomX509TrustManager(String str) {
            EmailLog.d(SSLCBAClient.TAG, "CustomX509TrustManager userName=" + str);
            this.userName = str;
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            EmailLog.d(SSLCBAClient.TAG, "checkClientTrusted");
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            EmailLog.d(SSLCBAClient.TAG, "checkServerTrusted authType=" + str + " userName=" + this.userName);
            if (!EmailFeature.isUntrustedCertificateFeatureEnabled(SSLCBAClient.sPrefContext)) {
                EmailLog.d(SSLCBAClient.TAG, "Feature disabled!!!!");
                return;
            }
            EmailLog.d(SSLCBAClient.TAG, "certs.length" + x509CertificateArr.length);
            X509Certificate x509Certificate = x509CertificateArr[0];
            String str2 = x509Certificate.getIssuerDN().toString() + SSLUtils.FIRST_LEVEL_DELIMITER + x509Certificate.getSerialNumber();
            if (TextUtils.isEmpty(this.userName) || SSLUtils.isAcceptedCertificate(SSLCBAClient.sPrefContext, this.userName, x509Certificate)) {
                return;
            }
            synchronized (SSLCBAClient.sLockObject) {
                if (SSLUtils.isUntrustedCertificateFlagSet(SSLCBAClient.sPrefContext, this.userName)) {
                    EmailLog.d(SSLCBAClient.TAG, "isUntrustedCertificateFlagSet already set for userName=" + this.userName);
                    return;
                }
                SSLUtils.setUntrustedCertificateFlag(SSLCBAClient.sPrefContext, this.userName);
                EmailSyncServiceLogger.logUntrustedCertificateStats("certificate mismatch userName=" + this.userName + " certificateFromServer=" + str2);
                SSLUtils.serializeCertificate(SSLCBAClient.sPrefContext, x509Certificate, this.userName);
                SSLUtils.sendBroadcastWithCertificate(SSLCBAClient.sPrefContext, x509Certificate, this.userName, "");
                throw new CertificateException("Untrusted Certificate " + str2);
            }
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            EmailLog.d(SSLCBAClient.TAG, "getAcceptedIssuers");
            return null;
        }
    }

    private SSLCBAClient(Context context) {
        this.mContext = context;
    }

    public static SSLSocketFactory getSSLSocketFactory(Context context, String str, boolean z, String str2) {
        EmailLog.d(TAG, "getSSLSocketFactory alias=" + str + " insecure=" + z + " emailAddress=" + str2);
        SSLCBAClient sSLCBAClient = new SSLCBAClient(context);
        sSLCBAClient.mEmailAddress = str2;
        sSLCBAClient.init(str, z);
        return sSLCBAClient.mSocketFactory;
    }

    public static Context getStaticContext() {
        return sStaticContext;
    }

    public static void setStaticContext(Context context) {
        sStaticContext = context;
    }

    private KeyStore setupKeyStore() {
        return null;
    }

    private SSLContext setupSSLContext(KeyStore keyStore, String str, KeyStore keyStore2) throws NoSuchAlgorithmException, KeyManagementException, KeyStoreException, UnrecoverableKeyException {
        KeyManager[] keyManagers;
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        trustManagerFactory.init(keyStore2);
        if (keyStore == null) {
            keyManagers = new KeyManager[]{new CBAEmailKeyManager(this)};
        } else {
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            keyManagerFactory.init(keyStore, str.toCharArray());
            keyManagers = keyManagerFactory.getKeyManagers();
        }
        SSLContext sSLContext = SSLContext.getInstance(TLS);
        if (this.mInsecure) {
            INSECURE_TRUST_MANAGER[0] = new CustomX509TrustManager(this.mEmailAddress);
            sSLContext.init(keyManagers, INSECURE_TRUST_MANAGER, null);
        } else {
            sSLContext.init(keyManagers, trustManagerFactory.getTrustManagers(), null);
        }
        return sSLContext;
    }

    private synchronized KeyStore setupTrustStore() {
        return null;
    }

    public String chooseAlias() {
        return ExchangeService.getAliasFromMap(Thread.currentThread().getId());
    }

    public Context getContext() {
        return this.mContext;
    }

    public void init(String str, boolean z) {
        try {
            this.mAlias = str;
            Context context = this.mContext == null ? sStaticContext : this.mContext;
            sPrefContext = context;
            this.mKeyStorePassword = Device.getDeviceId(context);
            this.mInsecure = z;
            this.mTempKeyStorePassword = str;
            this.mSocketFactory = setupSSLContext(setupKeyStore(), this.mTempKeyStorePassword, setupTrustStore()).getSocketFactory();
        } catch (Exception e) {
            e.printStackTrace();
            EmailLog.d(EmailContent.LDAPAccountColumns.SSL, e.getMessage());
            this.mSocketFactory = (SSLSocketFactory) SSLSocketFactory.getDefault();
        }
    }
}
