package at.dasz.KolabDroid.Imap;

import android.content.Context;
import android.util.Log;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509TrustManager;

/* loaded from: classes.dex */
public class TrustManagerFactory {
    private static final String LOG_TAG = "KolabDroid-TrustManagerFactory";
    private static File fileKeystore;
    private static X509TrustManager mDefaultTrustManager;
    private static KeyStore mKeystore;
    private static X509Certificate[] mLastUsedChain = null;
    private static X509TrustManager mSpecialKeystoreTrustManager;

    /* loaded from: classes.dex */
    private static class SpecialX509TrustManager implements X509TrustManager {
        private SpecialX509TrustManager() {
        }

        public static X509TrustManager getInstance() {
            return new SpecialX509TrustManager();
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            Log.w("KolabDroid-TrustManagerFactory", "checkClientTrusted() not implemented yet");
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            X509Certificate[] unused = TrustManagerFactory.mLastUsedChain = x509CertificateArr;
            try {
                Log.v("KolabDroid-TrustManagerFactory", "checkServerTrusted(): test against default trust manager");
                TrustManagerFactory.mDefaultTrustManager.checkServerTrusted(x509CertificateArr, str);
                Log.v("KolabDroid-TrustManagerFactory", "checkServerTrusted(): certificate chain is trustworthy");
            } catch (CertificateException e) {
                Log.v("KolabDroid-TrustManagerFactory", "checkServerTrusted(): test against special trust manager");
                TrustManagerFactory.mSpecialKeystoreTrustManager.checkServerTrusted(new X509Certificate[]{x509CertificateArr[0]}, str);
                Log.v("KolabDroid-TrustManagerFactory", "checkServerTrusted(): user said that this certificate chain is trustworthy");
            }
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            return new X509Certificate[0];
        }
    }

    public static void addCertificateChainToKeystore(Context context, X509Certificate[] x509CertificateArr) throws CertificateException {
        loadLocalKeystore(context);
        try {
            for (X509Certificate x509Certificate : x509CertificateArr) {
                mKeystore.setCertificateEntry(x509Certificate.getSubjectDN().toString(), x509Certificate);
            }
            javax.net.ssl.TrustManagerFactory.getInstance("X509").init(mKeystore);
            mSpecialKeystoreTrustManager = createTrustManager(mKeystore);
            try {
                FileOutputStream fileOutputStream = new FileOutputStream(fileKeystore);
                mKeystore.store(fileOutputStream, "".toCharArray());
                fileOutputStream.close();
            } catch (FileNotFoundException e) {
                Log.e("KolabDroid-TrustManagerFactory", "FileNotFoundException while writing KeyStore: ", e);
                throw new CertificateException("FileNotFoundException while writing KeyStore: " + e.getMessage());
            } catch (IOException e2) {
                Log.e("KolabDroid-TrustManagerFactory", "IOException while adding new chain to KeyStore: ", e2);
                throw new CertificateException("IOException while adding new chain to KeyStore: " + e2.getMessage());
            } catch (CertificateException e3) {
                Log.e("KolabDroid-TrustManagerFactory", "CertificateException while adding new chain to KeyStore: ", e3);
                throw new CertificateException("CertificateException while adding new chain to KeyStore: " + e3.getMessage());
            }
        } catch (KeyStoreException e4) {
            Log.e("KolabDroid-TrustManagerFactory", "KeyStoreException while adding new chain to keystore: ", e4);
        } catch (NoSuchAlgorithmException e5) {
            Log.e("KolabDroid-TrustManagerFactory", "NoSuchAlgorithmException while adding new chain to keystore: ", e5);
        }
    }

    private static X509TrustManager createTrustManager(KeyStore keyStore) {
        try {
            javax.net.ssl.TrustManagerFactory trustManagerFactory = javax.net.ssl.TrustManagerFactory.getInstance("X509");
            trustManagerFactory.init(keyStore);
            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            if (trustManagers != null) {
                for (TrustManager trustManager : trustManagers) {
                    if (trustManager instanceof X509TrustManager) {
                        return (X509TrustManager) trustManager;
                    }
                }
            }
        } catch (KeyStoreException e) {
            Log.e("KolabDroid-TrustManagerFactory", "KeyStoreException while loading/initialising trustmanagers: ", e);
        } catch (NoSuchAlgorithmException e2) {
            Log.e("KolabDroid-TrustManagerFactory", "NoSuchAlgorithmException while getting X509 instance: ", e2);
        }
        return null;
    }

    public static X509TrustManager get() {
        return SpecialX509TrustManager.getInstance();
    }

    public static KeyStore getKeyStore() {
        return mKeystore;
    }

    public static X509Certificate[] getLastUsedChain() {
        if (mLastUsedChain == null) {
            Log.w("KolabDroid-TrustManagerFactory", "getLastUsedChain(): last used chain is empty");
        }
        return mLastUsedChain;
    }

    public static void loadLocalKeystore(Context context) throws CertificateException {
        FileInputStream fileInputStream;
        if (mKeystore != null) {
            return;
        }
        try {
            fileKeystore = new File(context.getDir("keystore", 0) + File.separator + "kolabdroid.bks");
            mKeystore = KeyStore.getInstance(KeyStore.getDefaultType());
            try {
                fileInputStream = new FileInputStream(fileKeystore);
            } catch (FileNotFoundException e) {
                fileInputStream = null;
            }
            try {
                mKeystore.load(fileInputStream, "".toCharArray());
            } catch (IOException e2) {
                Log.e("KolabDroid-TrustManagerFactory", "IOException in while loading keystore: ", e2);
                mKeystore = null;
            } catch (CertificateException e3) {
                Log.e("KolabDroid-TrustManagerFactory", "CertificateException while loading keystore: ", e3);
                mKeystore = null;
            }
            mSpecialKeystoreTrustManager = createTrustManager(mKeystore);
            mDefaultTrustManager = createTrustManager((KeyStore) null);
        } catch (KeyStoreException e4) {
            Log.e("KolabDroid-TrustManagerFactory", "KeyStoreException while loading local keystore: ", e4);
        } catch (NoSuchAlgorithmException e5) {
            Log.e("KolabDroid-TrustManagerFactory", "NoSuchAlgorithmException while loading local keystore: ", e5);
        }
    }
}
