package at.co.hlw.remoteclient.cert;

import android.content.Context;
import android.os.Parcel;
import android.os.Parcelable;
import android.util.Base64;
import android.util.Log;
import at.co.hlw.remoteclient.cert.CertManager;
import com.a.a.b.ax;
import com.a.a.b.ay;
import java.io.BufferedReader;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileWriter;
import java.io.IOException;
import java.io.InputStreamReader;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.Certificate;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateExpiredException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Iterator;
import java.util.List;
import java.util.Map;
import java.util.SortedMap;
import javax.net.ssl.SSLException;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import org.apache.http.conn.ssl.BrowserCompatHostnameVerifier;
import org.apache.http.conn.ssl.X509HostnameVerifier;

/* loaded from: classes.dex */
public class PrivateStoreCertManager implements CertManager {

    /* renamed from: a, reason: collision with root package name */
    private static final String f502a = PrivateStoreCertManager.class.getSimpleName();

    /* renamed from: b, reason: collision with root package name */
    private CertificateFactory f503b;
    private TrustManagerFactory c;
    private final X509HostnameVerifier d;
    private final File e;
    private final SortedMap f;
    private int g;
    private final Context h;
    private final com.b.a.b i;

    /* loaded from: classes.dex */
    interface PrivateUndo extends CertManager.Undo {
    }

    /* JADX INFO: Access modifiers changed from: package-private */
    /* loaded from: classes.dex */
    public class UndoRemove implements PrivateUndo {
        public static final Parcelable.Creator CREATOR = new l();

        /* renamed from: a, reason: collision with root package name */
        private final List f504a;

        public UndoRemove(Parcel parcel) {
            int readInt = parcel.readInt();
            this.f504a = ax.b(readInt);
            try {
                CertificateFactory certificateFactory = CertificateFactory.getInstance("X.509");
                for (int i = 0; i < readInt; i++) {
                    try {
                        this.f504a.add(new i(Integer.valueOf(parcel.readInt()), (X509Certificate) certificateFactory.generateCertificate(new ByteArrayInputStream(Base64.decode(parcel.readString(), 3)))));
                    } catch (CertificateException e) {
                    }
                }
            } catch (CertificateException e2) {
            }
        }

        UndoRemove(List list) {
            this.f504a = list;
        }

        @Override // android.os.Parcelable
        public int describeContents() {
            return 0;
        }

        @Override // android.os.Parcelable
        public void writeToParcel(Parcel parcel, int i) {
            parcel.writeInt(this.f504a.size());
            for (i iVar : this.f504a) {
                parcel.writeInt(((Integer) iVar.first).intValue());
                try {
                    parcel.writeString(Base64.encodeToString(((X509Certificate) iVar.second).getEncoded(), 3));
                } catch (CertificateEncodingException e) {
                    parcel.writeString("");
                }
            }
        }
    }

    public PrivateStoreCertManager(Context context, com.b.a.b bVar, File file) {
        this.h = context;
        this.i = bVar;
        this.e = file;
        try {
            this.f503b = CertificateFactory.getInstance("X.509");
        } catch (CertificateException e) {
            Log.w(f502a, "No X.509 cert factory available");
        }
        try {
            this.c = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
        } catch (NoSuchAlgorithmException e2) {
            Log.w(f502a, "No TrustManager factory for default algorithm");
        }
        try {
            if (this.c != null) {
                this.c.init((KeyStore) null);
            }
        } catch (KeyStoreException e3) {
            Log.w(f502a, "Null KeyStore invalid");
        }
        this.d = new BrowserCompatHostnameVerifier();
        this.f = ay.c();
        c();
        bVar.a(this);
    }

    private void c() {
        BufferedReader bufferedReader;
        if (this.f503b == null) {
            return;
        }
        this.f.clear();
        if (this.e.isFile()) {
            BufferedReader bufferedReader2 = null;
            try {
                bufferedReader = new BufferedReader(new InputStreamReader(new FileInputStream(this.e)));
            } catch (IOException e) {
            }
            while (true) {
                try {
                    String readLine = bufferedReader.readLine();
                    if (readLine == null) {
                        break;
                    }
                    try {
                        X509Certificate x509Certificate = (X509Certificate) this.f503b.generateCertificate(new ByteArrayInputStream(Base64.decode(readLine, 3)));
                        SortedMap sortedMap = this.f;
                        int i = this.g + 1;
                        this.g = i;
                        sortedMap.put(Integer.valueOf(i), x509Certificate);
                    } catch (CertificateException e2) {
                        Log.w(f502a, "Reading previously trusted cert failed", e2);
                    }
                } catch (IOException e3) {
                    bufferedReader2 = bufferedReader;
                }
                bufferedReader2 = bufferedReader;
                if (bufferedReader2 != null) {
                    try {
                        bufferedReader2.close();
                    } catch (IOException e4) {
                    }
                }
                this.i.c(produceTrustedCertsListChanged());
            }
            bufferedReader.close();
            this.i.c(produceTrustedCertsListChanged());
        }
    }

    private void d() {
        FileWriter fileWriter = null;
        try {
            FileWriter fileWriter2 = new FileWriter(this.e, false);
            try {
                Iterator it = this.f.values().iterator();
                while (it.hasNext()) {
                    try {
                        fileWriter2.write(Base64.encodeToString(((X509Certificate) it.next()).getEncoded(), 3));
                        fileWriter2.write(10);
                    } catch (CertificateEncodingException e) {
                    }
                }
                fileWriter2.close();
            } catch (IOException e2) {
                fileWriter = fileWriter2;
                if (fileWriter != null) {
                    try {
                        fileWriter.close();
                    } catch (IOException e3) {
                    }
                }
                this.i.c(produceTrustedCertsListChanged());
            }
        } catch (IOException e4) {
        }
        this.i.c(produceTrustedCertsListChanged());
    }

    @Override // at.co.hlw.remoteclient.cert.CertManager
    public int a(X509Certificate x509Certificate) {
        SortedMap sortedMap = this.f;
        int i = this.g + 1;
        this.g = i;
        sortedMap.put(Integer.valueOf(i), x509Certificate);
        d();
        return this.g;
    }

    @Override // at.co.hlw.remoteclient.cert.CertManager
    public CertManager.Undo a(List list) {
        ArrayList a2 = ax.a();
        Iterator it = list.iterator();
        while (it.hasNext()) {
            Integer num = (Integer) it.next();
            a2.add(new i(num, (X509Certificate) this.f.remove(num)));
        }
        d();
        return new UndoRemove(a2);
    }

    @Override // at.co.hlw.remoteclient.cert.CertManager
    public k a(X509Certificate x509Certificate, String str) {
        k kVar = new k(str);
        kVar.a(this.h.getString(at.co.hlw.remoteclient.a.m.connecting_to_host, str));
        if (x509Certificate == null) {
            kVar.a(this.h.getString(at.co.hlw.remoteclient.a.m.cert_could_not_read));
            return kVar;
        }
        if (this.c != null) {
            X509Certificate[] x509CertificateArr = {x509Certificate};
            for (TrustManager trustManager : this.c.getTrustManagers()) {
                if (trustManager instanceof X509TrustManager) {
                    try {
                        ((X509TrustManager) trustManager).checkServerTrusted(x509CertificateArr, "https");
                        kVar.a(this.h.getString(at.co.hlw.remoteclient.a.m.cert_is_valid));
                        this.d.verify(str, x509Certificate);
                        return kVar.a(true);
                    } catch (CertificateExpiredException e) {
                        kVar.a(this.h.getString(at.co.hlw.remoteclient.a.m.cert_is_expired));
                        this.d.verify(str, x509Certificate);
                        return kVar.a(false);
                    } catch (CertificateException e2) {
                        try {
                            kVar.a(this.h.getString(at.co.hlw.remoteclient.a.m.cert_not_validated));
                        } catch (SSLException e3) {
                            kVar.a(this.h.getString(at.co.hlw.remoteclient.a.m.cert_hostname_does_not_match));
                        }
                    }
                }
            }
        }
        Iterator it = this.f.values().iterator();
        while (it.hasNext()) {
            if (((X509Certificate) it.next()).equals(x509Certificate)) {
                return kVar.a(true);
            }
        }
        return kVar;
    }

    @Override // at.co.hlw.remoteclient.cert.CertManager
    public X509Certificate a(byte[] bArr) {
        if (this.f503b == null) {
            throw new CertificateException("No Cert factory available");
        }
        Certificate generateCertificate = this.f503b.generateCertificate(new ByteArrayInputStream(bArr));
        if (generateCertificate instanceof X509Certificate) {
            return (X509Certificate) generateCertificate;
        }
        throw new CertificateException("No X.509 certificate generated");
    }

    @Override // at.co.hlw.remoteclient.cert.CertManager
    public List a() {
        ArrayList b2 = ax.b(this.f.size());
        for (Map.Entry entry : this.f.entrySet()) {
            b2.add(new i((Integer) entry.getKey(), (X509Certificate) entry.getValue()));
        }
        return b2;
    }

    @Override // at.co.hlw.remoteclient.cert.CertManager
    public void a(int i) {
        this.f.remove(Integer.valueOf(i));
        d();
    }

    @Override // at.co.hlw.remoteclient.cert.CertManager
    public List b() {
        ArrayList b2 = ax.b(this.f.size());
        Iterator it = this.f.entrySet().iterator();
        while (it.hasNext()) {
            try {
                b2.add(Base64.encodeToString(((X509Certificate) ((Map.Entry) it.next()).getValue()).getEncoded(), 3));
            } catch (CertificateEncodingException e) {
            }
        }
        return b2;
    }

    @com.b.a.k
    public m produceTrustedCertsListChanged() {
        return new m(a());
    }
}
