package com.blackberry.email.utils;

import android.content.Context;
import android.security.KeyChain;
import android.security.KeyChainException;
import com.blackberry.email.provider.contract.HostAuth;
import com.google.common.annotations.VisibleForTesting;
import java.lang.reflect.Method;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.net.Socket;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import javax.net.ssl.KeyManager;
import javax.net.ssl.SSLContext;
import javax.net.ssl.SSLException;
import javax.net.ssl.SSLSession;
import javax.net.ssl.SSLSocket;
import javax.net.ssl.SSLSocketFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.X509ExtendedKeyManager;

/* compiled from: SSLUtils.java */
/* loaded from: classes.dex */
public class ad {
    private static final String TAG = "Email.Ssl";
    private static final boolean bZp = false;
    private static final int cbv = 60000;
    private static final String cbw = "SSL_RSA_WITH_3DES_EDE_CBC_SHA";

    /* compiled from: SSLUtils.java */
    /* loaded from: classes.dex */
    public static class a extends SSLSocketFactory {
        private String Yo;
        private TrustManager[] cbx;
        private KeyManager[] cby;
        private SSLSocketFactory cbz = null;

        public a(Context context, HostAuth hostAuth, KeyManager[] keyManagerArr) {
            this.cbx = new TrustManager[]{new s(context, hostAuth)};
            this.cby = keyManagerArr;
            this.Yo = hostAuth.hJ;
        }

        private SSLSocket a(SSLSocket sSLSocket) {
            String[] enabledCipherSuites = sSLSocket.getEnabledCipherSuites();
            for (String str : sSLSocket.getSupportedCipherSuites()) {
                if (str.equals(ad.cbw)) {
                    com.blackberry.common.f.p.b(ad.TAG, "Add cipher %s", str);
                    String[] strArr = (String[]) Arrays.copyOf(enabledCipherSuites, enabledCipherSuites.length + 1);
                    strArr[strArr.length - 1] = str;
                    try {
                        sSLSocket.setEnabledCipherSuites(strArr);
                        break;
                    } catch (IllegalArgumentException e) {
                        com.blackberry.common.f.p.e(ad.TAG, e, "Unable to enable supported cipher suites", new Object[0]);
                    }
                }
            }
            try {
                Method method = sSLSocket.getClass().getMethod("setHandshakeTimeout", Integer.TYPE);
                method.setAccessible(true);
                method.invoke(sSLSocket, 60000);
            } catch (Exception e2) {
                com.blackberry.common.f.p.e(ad.TAG, "Couldn't set timeout on sock of type %s (%s)", sSLSocket.getClass(), e2.getMessage());
            }
            String str2 = this.Yo;
            try {
                Method method2 = sSLSocket.getClass().getMethod("setHostname", String.class);
                method2.setAccessible(true);
                method2.invoke(sSLSocket, str2);
            } catch (Exception e3) {
                com.blackberry.common.f.p.e(ad.TAG, "Couldn't set hostname on sock of type %s (%s)", sSLSocket.getClass(), e3.getMessage());
            }
            sSLSocket.startHandshake();
            if (com.blackberry.common.f.p.isLoggable(ad.TAG, 3)) {
                SSLSession session = sSLSocket.getSession();
                com.blackberry.common.f.p.b(ad.TAG, "Using protocol/cipher: %s/%s", session.getProtocol(), session.getCipherSuite());
            }
            return sSLSocket;
        }

        private static void a(SSLSocket sSLSocket, String str) {
            try {
                Method method = sSLSocket.getClass().getMethod("setHostname", String.class);
                method.setAccessible(true);
                method.invoke(sSLSocket, str);
            } catch (Exception e) {
                com.blackberry.common.f.p.e(ad.TAG, "Couldn't set hostname on sock of type %s (%s)", sSLSocket.getClass(), e.getMessage());
            }
        }

        private static void b(SSLSocket sSLSocket) {
            try {
                Method method = sSLSocket.getClass().getMethod("setHandshakeTimeout", Integer.TYPE);
                method.setAccessible(true);
                method.invoke(sSLSocket, 60000);
            } catch (Exception e) {
                com.blackberry.common.f.p.e(ad.TAG, "Couldn't set timeout on sock of type %s (%s)", sSLSocket.getClass(), e.getMessage());
            }
        }

        private static void c(SSLSocket sSLSocket) {
            String[] enabledCipherSuites = sSLSocket.getEnabledCipherSuites();
            for (String str : sSLSocket.getSupportedCipherSuites()) {
                if (str.equals(ad.cbw)) {
                    com.blackberry.common.f.p.b(ad.TAG, "Add cipher %s", str);
                    String[] strArr = (String[]) Arrays.copyOf(enabledCipherSuites, enabledCipherSuites.length + 1);
                    strArr[strArr.length - 1] = str;
                    try {
                        sSLSocket.setEnabledCipherSuites(strArr);
                        return;
                    } catch (IllegalArgumentException e) {
                        com.blackberry.common.f.p.e(ad.TAG, e, "Unable to enable supported cipher suites", new Object[0]);
                        return;
                    }
                }
            }
        }

        private SSLSocketFactory zW() {
            if (this.cbz != null) {
                return this.cbz;
            }
            try {
                SSLContext sSLContext = SSLContext.getInstance(com.blackberry.common.f.ab.TLS);
                sSLContext.init(this.cby, this.cbx, null);
                this.cbz = sSLContext.getSocketFactory();
                return this.cbz;
            } catch (KeyManagementException | NoSuchAlgorithmException e) {
                com.blackberry.common.f.p.d(ad.TAG, e, "Couldn't set up an SSLContext", new Object[0]);
                throw new SSLException("Couldn't set up an SSLContext", e);
            }
        }

        public Socket a(InetSocketAddress inetSocketAddress, int i) {
            SSLSocket sSLSocket = (SSLSocket) zW().createSocket();
            sSLSocket.connect(inetSocketAddress, 10000);
            return a(sSLSocket);
        }

        @Override // javax.net.SocketFactory
        public Socket createSocket(String str, int i) {
            return a((SSLSocket) zW().createSocket(str, i));
        }

        @Override // javax.net.SocketFactory
        public Socket createSocket(String str, int i, InetAddress inetAddress, int i2) {
            return a((SSLSocket) zW().createSocket(str, i, inetAddress, i2));
        }

        @Override // javax.net.SocketFactory
        public Socket createSocket(InetAddress inetAddress, int i) {
            return a((SSLSocket) zW().createSocket(inetAddress, i));
        }

        @Override // javax.net.SocketFactory
        public Socket createSocket(InetAddress inetAddress, int i, InetAddress inetAddress2, int i2) {
            return a((SSLSocket) zW().createSocket(inetAddress, i, inetAddress2, i2));
        }

        @Override // javax.net.ssl.SSLSocketFactory
        public Socket createSocket(Socket socket, String str, int i, boolean z) {
            return a((SSLSocket) zW().createSocket(socket, str, i, z));
        }

        @Override // javax.net.ssl.SSLSocketFactory
        public String[] getDefaultCipherSuites() {
            try {
                return zW().getDefaultCipherSuites();
            } catch (SSLException e) {
                return new String[0];
            }
        }

        @Override // javax.net.ssl.SSLSocketFactory
        public String[] getSupportedCipherSuites() {
            try {
                return zW().getSupportedCipherSuites();
            } catch (SSLException e) {
                return new String[0];
            }
        }
    }

    /* compiled from: SSLUtils.java */
    /* loaded from: classes.dex */
    public static class b extends c {
        private final String cbA;
        private final X509Certificate[] cbB;
        private final PrivateKey cbC;

        private b(String str, X509Certificate[] x509CertificateArr, PrivateKey privateKey) {
            super();
            this.cbA = str;
            this.cbB = x509CertificateArr;
            this.cbC = privateKey;
        }

        private static void a(String str, String str2, Exception exc) {
            com.blackberry.common.f.p.e(ad.TAG, "Unable to retrieve " + str2 + " due to " + exc, new Object[0]);
        }

        public static b am(Context context, String str) {
            try {
                X509Certificate[] certificateChain = KeyChain.getCertificateChain(context, str);
                try {
                    PrivateKey privateKey = KeyChain.getPrivateKey(context, str);
                    if (certificateChain != null && privateKey != null) {
                        return new b(str, certificateChain, privateKey);
                    }
                    Object[] objArr = new Object[2];
                    objArr[0] = certificateChain == null ? com.blackberry.ddt.b.k.arX : "not null";
                    objArr[1] = privateKey == null ? com.blackberry.ddt.b.k.arX : "not null";
                    com.blackberry.common.f.p.e(ad.TAG, "Certificate chain is %s, private key is %s", objArr);
                    throw new CertificateException("Can't access certificate from keystore");
                } catch (KeyChainException e) {
                    a(str, "private key", e);
                    throw new CertificateException(e);
                } catch (InterruptedException e2) {
                    a(str, "private key", e2);
                    throw new CertificateException(e2);
                }
            } catch (KeyChainException e3) {
                a(str, "certificate chain", e3);
                throw new CertificateException(e3);
            } catch (InterruptedException e4) {
                a(str, "certificate chain", e4);
                throw new CertificateException(e4);
            }
        }

        @Override // com.blackberry.email.utils.ad.c, javax.net.ssl.X509KeyManager
        public String chooseClientAlias(String[] strArr, Principal[] principalArr, Socket socket) {
            return this.cbA;
        }

        @Override // com.blackberry.email.utils.ad.c, javax.net.ssl.X509KeyManager
        public X509Certificate[] getCertificateChain(String str) {
            com.blackberry.common.f.p.c(ad.TAG, "Requesting a client certificate chain", new Object[0]);
            return this.cbB;
        }

        @Override // com.blackberry.email.utils.ad.c, javax.net.ssl.X509KeyManager
        public PrivateKey getPrivateKey(String str) {
            return this.cbC;
        }
    }

    /* compiled from: SSLUtils.java */
    /* loaded from: classes.dex */
    private static abstract class c extends X509ExtendedKeyManager {
        private c() {
        }

        @Override // javax.net.ssl.X509KeyManager
        public abstract String chooseClientAlias(String[] strArr, Principal[] principalArr, Socket socket);

        @Override // javax.net.ssl.X509KeyManager
        public final String chooseServerAlias(String str, Principal[] principalArr, Socket socket) {
            throw new UnsupportedOperationException();
        }

        @Override // javax.net.ssl.X509KeyManager
        public abstract X509Certificate[] getCertificateChain(String str);

        @Override // javax.net.ssl.X509KeyManager
        public final String[] getClientAliases(String str, Principal[] principalArr) {
            throw new UnsupportedOperationException();
        }

        @Override // javax.net.ssl.X509KeyManager
        public abstract PrivateKey getPrivateKey(String str);

        @Override // javax.net.ssl.X509KeyManager
        public final String[] getServerAliases(String str, Principal[] principalArr) {
            throw new UnsupportedOperationException();
        }
    }

    /* compiled from: SSLUtils.java */
    /* loaded from: classes.dex */
    public static class d extends c {
        private volatile long cbD;

        public d() {
            super();
            this.cbD = 0L;
        }

        @Override // com.blackberry.email.utils.ad.c, javax.net.ssl.X509KeyManager
        public String chooseClientAlias(String[] strArr, Principal[] principalArr, Socket socket) {
            this.cbD = System.currentTimeMillis();
            return null;
        }

        @Override // com.blackberry.email.utils.ad.c, javax.net.ssl.X509KeyManager
        public X509Certificate[] getCertificateChain(String str) {
            return null;
        }

        @Override // com.blackberry.email.utils.ad.c, javax.net.ssl.X509KeyManager
        public PrivateKey getPrivateKey(String str) {
            return null;
        }

        public long zX() {
            return this.cbD;
        }
    }

    public static com.blackberry.common.f.ab a(Context context, HostAuth hostAuth, @a.a.h KeyManager keyManager, boolean z) {
        com.blackberry.common.f.ab abVar = new com.blackberry.common.f.ab(a(context, hostAuth, keyManager != null ? new KeyManager[]{keyManager} : null));
        abVar.setHostnameVerifier(com.blackberry.common.f.ab.ALLOW_ALL_HOSTNAME_VERIFIER);
        return abVar;
    }

    public static synchronized a a(Context context, HostAuth hostAuth, KeyManager[] keyManagerArr) {
        a aVar;
        synchronized (ad.class) {
            aVar = new a(context, hostAuth, keyManagerArr);
        }
        return aVar;
    }

    private static boolean e(char c2) {
        return ('a' <= c2 && c2 <= 'z') || ('A' <= c2 && c2 <= 'Z');
    }

    private static boolean f(char c2) {
        return '0' <= c2 && c2 <= '9';
    }

    @VisibleForTesting
    public static String gS(String str) {
        String lowerCase = str.toLowerCase();
        StringBuilder sb = new StringBuilder();
        for (int i = 0; i < lowerCase.length(); i++) {
            char charAt = lowerCase.charAt(i);
            if (!(('a' <= charAt && charAt <= 'z') || ('A' <= charAt && charAt <= 'Z'))) {
                if (!('0' <= charAt && charAt <= '9') && '-' != charAt && '.' != charAt) {
                    if ('+' == charAt) {
                        sb.append("++");
                    } else {
                        sb.append('+').append((int) charAt);
                    }
                }
            }
            sb.append(charAt);
        }
        return sb.toString();
    }

    public static synchronized a h(Context context, HostAuth hostAuth) {
        a a2;
        synchronized (ad.class) {
            a2 = a(context, hostAuth, null);
        }
        return a2;
    }
}
