package com.android.emailcommon.network.utility;

import android.security.KeyChain;
import android.security.KeyChainException;
import androidx.annotation.VisibleForTesting;
import com.android.email.EmailApplication;
import com.android.email.utils.LogUtils;
import com.android.emailcommon.provider.HostAuth;
import java.net.Socket;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.NoSuchProviderException;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Locale;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509ExtendedKeyManager;
import kotlin.Metadata;
import kotlin.jvm.JvmStatic;
import kotlin.jvm.internal.DefaultConstructorMarker;
import kotlin.jvm.internal.Intrinsics;
import kotlin.text.StringsKt__StringsKt;
import org.jetbrains.annotations.NotNull;
import org.jetbrains.annotations.Nullable;

/* compiled from: SSLUtil.kt */
@Metadata
/* loaded from: classes.dex */
public final class SSLUtil {

    /* renamed from: a, reason: collision with root package name */
    @NotNull
    public static final SSLUtil f12704a = new SSLUtil();

    /* renamed from: b, reason: collision with root package name */
    @Nullable
    private static SSLSocketFactory f12705b;

    /* compiled from: SSLUtil.kt */
    @Metadata
    /* loaded from: classes.dex */
    public static final class KeyChainKeyManager extends StubKeyManager {

        /* renamed from: d, reason: collision with root package name */
        @NotNull
        public static final Companion f12706d = new Companion(null);

        /* renamed from: a, reason: collision with root package name */
        @NotNull
        private final String f12707a;

        /* renamed from: b, reason: collision with root package name */
        @NotNull
        private final X509Certificate[] f12708b;

        /* renamed from: c, reason: collision with root package name */
        @NotNull
        private final PrivateKey f12709c;

        /* compiled from: SSLUtil.kt */
        @Metadata
        /* loaded from: classes.dex */
        public static final class Companion {
            private Companion() {
            }

            public /* synthetic */ Companion(DefaultConstructorMarker defaultConstructorMarker) {
                this();
            }

            @NotNull
            public final KeyChainKeyManager a(@NotNull String alias) {
                Intrinsics.f(alias, "alias");
                try {
                    EmailApplication.Companion companion = EmailApplication.p;
                    X509Certificate[] certificateChain = KeyChain.getCertificateChain(companion.b(), alias);
                    try {
                        PrivateKey privateKey = KeyChain.getPrivateKey(companion.b(), alias);
                        if (certificateChain == null || privateKey == null) {
                            throw new CertificateException("Can't access certificate from keystore");
                        }
                        return new KeyChainKeyManager(alias, certificateChain, privateKey, null);
                    } catch (KeyChainException e2) {
                        LogUtils.f("SSLUtil", "KeyChainException while get privateKey : " + e2.getMessage() + '.', new Object[0]);
                        throw new CertificateException(e2);
                    } catch (InterruptedException e3) {
                        LogUtils.f("SSLUtil", "InterruptedException while get privateKey : " + e3.getMessage() + '.', new Object[0]);
                        throw new CertificateException(e3);
                    }
                } catch (KeyChainException e4) {
                    LogUtils.f("SSLUtil", "KeyChainException while get certificateChain : " + e4.getMessage() + '.', new Object[0]);
                    throw new CertificateException(e4);
                } catch (InterruptedException e5) {
                    LogUtils.f("SSLUtil", "InterruptedException while get certificateChain : " + e5.getMessage() + '.', new Object[0]);
                    throw new CertificateException(e5);
                }
            }
        }

        private KeyChainKeyManager(String str, X509Certificate[] x509CertificateArr, PrivateKey privateKey) {
            this.f12707a = str;
            this.f12708b = x509CertificateArr;
            this.f12709c = privateKey;
        }

        public /* synthetic */ KeyChainKeyManager(String str, X509Certificate[] x509CertificateArr, PrivateKey privateKey, DefaultConstructorMarker defaultConstructorMarker) {
            this(str, x509CertificateArr, privateKey);
        }

        @Override // javax.net.ssl.X509KeyManager
        @NotNull
        public String chooseClientAlias(@NotNull String[] keyTypes, @NotNull Principal[] issuers, @NotNull Socket socket) {
            Intrinsics.f(keyTypes, "keyTypes");
            Intrinsics.f(issuers, "issuers");
            Intrinsics.f(socket, "socket");
            StringBuilder sb = new StringBuilder();
            sb.append("Requesting a client cert alias for ");
            String arrays = Arrays.toString(keyTypes);
            Intrinsics.e(arrays, "toString(this)");
            sb.append(arrays);
            sb.append('.');
            LogUtils.d("SSLUtil", sb.toString(), new Object[0]);
            return this.f12707a;
        }

        @Override // javax.net.ssl.X509KeyManager
        @NotNull
        public X509Certificate[] getCertificateChain(@NotNull String alias) {
            Intrinsics.f(alias, "alias");
            LogUtils.j("SSLUtil", "Requesting a client certificate chain for alias [" + alias + ']', new Object[0]);
            return this.f12708b;
        }

        @Override // javax.net.ssl.X509KeyManager
        @NotNull
        public PrivateKey getPrivateKey(@NotNull String alias) {
            Intrinsics.f(alias, "alias");
            LogUtils.d("SSLUtil", "Requesting a client private key for alias [" + alias + ']', new Object[0]);
            return this.f12709c;
        }
    }

    /* compiled from: SSLUtil.kt */
    @Metadata
    /* loaded from: classes.dex */
    public static abstract class StubKeyManager extends X509ExtendedKeyManager {
        @Override // javax.net.ssl.X509KeyManager
        @NotNull
        public String chooseServerAlias(@NotNull String keyType, @NotNull Principal[] issuers, @NotNull Socket socket) {
            Intrinsics.f(keyType, "keyType");
            Intrinsics.f(issuers, "issuers");
            Intrinsics.f(socket, "socket");
            throw new UnsupportedOperationException();
        }

        @Override // javax.net.ssl.X509KeyManager
        @NotNull
        public String[] getClientAliases(@NotNull String keyType, @NotNull Principal[] issuers) {
            Intrinsics.f(keyType, "keyType");
            Intrinsics.f(issuers, "issuers");
            throw new UnsupportedOperationException();
        }

        @Override // javax.net.ssl.X509KeyManager
        @NotNull
        public String[] getServerAliases(@NotNull String keyType, @NotNull Principal[] issuers) {
            Intrinsics.f(keyType, "keyType");
            Intrinsics.f(issuers, "issuers");
            throw new UnsupportedOperationException();
        }
    }

    /* compiled from: SSLUtil.kt */
    @Metadata
    /* loaded from: classes.dex */
    public static final class TrackingKeyManager extends StubKeyManager {

        /* renamed from: a, reason: collision with root package name */
        private volatile long f12710a;

        public final long a() {
            return this.f12710a;
        }

        @Override // javax.net.ssl.X509KeyManager
        @Nullable
        public String chooseClientAlias(@NotNull String[] keyTypes, @NotNull Principal[] issuers, @NotNull Socket socket) {
            Intrinsics.f(keyTypes, "keyTypes");
            Intrinsics.f(issuers, "issuers");
            Intrinsics.f(socket, "socket");
            LogUtils.d("SSLUtil", "TrackingKeyManager: requesting a client cert alias for " + socket.getInetAddress().getCanonicalHostName() + '.', new Object[0]);
            this.f12710a = System.currentTimeMillis();
            return null;
        }

        @Override // javax.net.ssl.X509KeyManager
        @Nullable
        public X509Certificate[] getCertificateChain(@NotNull String alias) {
            Intrinsics.f(alias, "alias");
            LogUtils.d("SSLUtil", "TrackingKeyManager: returning a null cert chain", new Object[0]);
            return null;
        }

        @Override // javax.net.ssl.X509KeyManager
        @Nullable
        public PrivateKey getPrivateKey(@NotNull String alias) {
            Intrinsics.f(alias, "alias");
            LogUtils.d("SSLUtil", "TrackingKeyManager: returning a null private key", new Object[0]);
            return null;
        }
    }

    private SSLUtil() {
    }

    @JvmStatic
    @VisibleForTesting
    @NotNull
    public static final MailSSLSocketFactory a(@Nullable KeyManager[] keyManagerArr, @Nullable TrustManager[] trustManagerArr) {
        return new MailSSLSocketFactory(keyManagerArr, trustManagerArr);
    }

    @JvmStatic
    @VisibleForTesting
    @Nullable
    public static final MailSSLSocketFactory e(@Nullable KeyManager[] keyManagerArr, @Nullable TrustManager[] trustManagerArr) {
        try {
            return a(keyManagerArr, trustManagerArr);
        } catch (KeyManagementException unused) {
            LogUtils.w("SSLUtil", "Get KeyManagementException during create mail ssl socket factory.", new Object[0]);
            return null;
        } catch (NoSuchAlgorithmException unused2) {
            LogUtils.w("SSLUtil", "Get NoSuchAlgorithmException during create mail ssl socket factory.", new Object[0]);
            return null;
        } catch (NoSuchProviderException unused3) {
            LogUtils.w("SSLUtil", "Get NoSuchProviderException during create mail ssl socket factory.", new Object[0]);
            return null;
        }
    }

    @JvmStatic
    @VisibleForTesting
    public static final boolean f(char c2) {
        if ('a' <= c2 && c2 < '{') {
            return true;
        }
        return 'A' <= c2 && c2 < '[';
    }

    @JvmStatic
    @VisibleForTesting
    public static final boolean g(char c2) {
        return '0' <= c2 && c2 < ':';
    }

    @NotNull
    public final String b(@NotNull String string) {
        Intrinsics.f(string, "string");
        Locale ROOT = Locale.ROOT;
        Intrinsics.e(ROOT, "ROOT");
        String lowerCase = string.toLowerCase(ROOT);
        Intrinsics.e(lowerCase, "this as java.lang.String).toLowerCase(locale)");
        StringBuilder sb = new StringBuilder();
        int length = lowerCase.length();
        for (int i2 = 0; i2 < length; i2++) {
            char charAt = lowerCase.charAt(i2);
            if (f(charAt) || g(charAt) || '-' == charAt || '.' == charAt) {
                sb.append(charAt);
            } else if ('+' == charAt) {
                sb.append("++");
            } else {
                sb.append('+');
                sb.append((int) charAt);
            }
        }
        String sb2 = sb.toString();
        Intrinsics.e(sb2, "sb.toString()");
        return sb2;
    }

    @VisibleForTesting
    @NotNull
    public final SSLSocketFactory c(@Nullable HostAuth hostAuth, @Nullable KeyManager keyManager, @NotNull String scheme) {
        SSLSocketFactory socketFactory;
        Intrinsics.f(scheme, "scheme");
        int hashCode = scheme.hashCode();
        if (hashCode != -1206840057) {
            if (hashCode != 3213448) {
                if (hashCode == 99617003 && scheme.equals("https")) {
                    if (f12705b == null) {
                        KeyManager[] keyManagerArr = keyManager != null ? new KeyManager[]{keyManager} : null;
                        SSLContext sSLContext = SSLContext.getInstance("TLSv1.3", "AndroidOpenSSL");
                        sSLContext.init(keyManagerArr, null, null);
                        f12705b = sSLContext.getSocketFactory();
                    }
                    SSLSocketFactory sSLSocketFactory = f12705b;
                    Intrinsics.c(sSLSocketFactory);
                    return sSLSocketFactory;
                }
            } else if (scheme.equals("http")) {
                SSLContext sSLContext2 = SSLContext.getInstance("TLSv1.3", "AndroidOpenSSL");
                sSLContext2.init(null, null, null);
                SSLSocketFactory socketFactory2 = sSLContext2.getSocketFactory();
                Intrinsics.e(socketFactory2, "{\n                val ss…cketFactory\n            }");
                return socketFactory2;
            }
        } else if (scheme.equals("httpts")) {
            TrustManager[] trustManagerArr = hostAuth != null ? new TrustManager[]{new CertificateTrustManager(hostAuth)} : null;
            KeyManager[] keyManagerArr2 = keyManager != null ? new KeyManager[]{keyManager} : null;
            MailSSLSocketFactory e2 = e(keyManagerArr2, trustManagerArr);
            if (e2 != null) {
                socketFactory = e2;
            } else {
                SSLContext sSLContext3 = SSLContext.getInstance("TLSv1.3", "AndroidOpenSSL");
                sSLContext3.init(keyManagerArr2, trustManagerArr, null);
                socketFactory = sSLContext3.getSocketFactory();
            }
            Intrinsics.e(socketFactory, "{\n                val tr…          }\n            }");
            return socketFactory;
        }
        throw new IllegalArgumentException("Unsupported Scheme " + scheme);
    }

    @NotNull
    public final String d(@NotNull String url) {
        int V;
        Intrinsics.f(url, "url");
        V = StringsKt__StringsKt.V(url, ':', 0, false, 6, null);
        String substring = url.substring(0, V);
        Intrinsics.e(substring, "this as java.lang.String…ing(startIndex, endIndex)");
        return substring;
    }
}
