package com.lotus.android.common.z;

import android.content.SharedPreferences;
import com.lotus.android.common.logging.AppLogger;
import com.lotus.android.common.z.g;
import com.lotus.sync.client.VCalUtilities;
import com.lotus.sync.traveler.android.common.Preferences;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Collections;
import javax.net.ssl.KeyManagerFactory;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;

/* compiled from: CommonX509TrustManager.java */
/* loaded from: classes.dex */
public class l implements X509TrustManager {
    private static l a;

    /* renamed from: b, reason: collision with root package name */
    private final String f3207b = VCalUtilities.ICAL_PARAMNAME_CN;

    /* renamed from: c, reason: collision with root package name */
    ArrayList<X509Certificate> f3208c;

    /* renamed from: d, reason: collision with root package name */
    X509TrustManager f3209d;

    /* renamed from: e, reason: collision with root package name */
    TrustManagerFactory f3210e;

    /* renamed from: f, reason: collision with root package name */
    TrustManager[] f3211f;

    /* renamed from: g, reason: collision with root package name */
    g.a f3212g;

    /* renamed from: h, reason: collision with root package name */
    X509Certificate[] f3213h;

    public l(g.a aVar) {
        this.f3209d = null;
        this.f3210e = null;
        this.f3211f = null;
        a = this;
        this.f3208c = new ArrayList<>();
        this.f3212g = aVar;
        int i2 = 0;
        try {
            this.f3210e = TrustManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
        } catch (NoSuchAlgorithmException unused) {
            AppLogger.entry("Failed to get TrustManagerFactory", new Object[0]);
        }
        try {
            this.f3210e.init((KeyStore) null);
        } catch (KeyStoreException unused2) {
            AppLogger.entry("Failed to init KeyStore", new Object[0]);
        }
        this.f3211f = this.f3210e.getTrustManagers();
        while (true) {
            TrustManager[] trustManagerArr = this.f3211f;
            if (i2 >= trustManagerArr.length) {
                return;
            }
            if (trustManagerArr[i2] instanceof X509TrustManager) {
                this.f3209d = (X509TrustManager) trustManagerArr[i2];
                return;
            }
            i2++;
        }
    }

    private String a(X509Certificate x509Certificate) throws NoSuchAlgorithmException, CertificateEncodingException {
        MessageDigest messageDigest = MessageDigest.getInstance("SHA-1");
        messageDigest.update(x509Certificate.getEncoded());
        return b(messageDigest.digest());
    }

    private String b(byte[] bArr) {
        char[] cArr = {'0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f'};
        StringBuffer stringBuffer = new StringBuffer(bArr.length * 2);
        for (int i2 = 0; i2 < bArr.length; i2++) {
            stringBuffer.append(cArr[(bArr[i2] & 240) >> 4]);
            stringBuffer.append(cArr[bArr[i2] & 15]);
        }
        return stringBuffer.toString();
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
    }

    @Override // javax.net.ssl.X509TrustManager
    public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
        String str2;
        String str3;
        Exception e2;
        com.lotus.android.common.e c2 = com.lotus.android.common.e.c(this.f3212g.getContext());
        try {
            str2 = a(x509CertificateArr[0]);
        } catch (NoSuchAlgorithmException e3) {
            AppLogger.trace(e3);
            str2 = "";
        }
        SharedPreferences sharedPreferences = this.f3212g.getContext().getSharedPreferences(str2.replaceAll("^\\s+", ""), 0);
        String string = sharedPreferences.getString(Preferences.PREFERENCE_SERVER_SSL_CERT_FP, "");
        try {
            str3 = a(x509CertificateArr[0]);
        } catch (Exception e4) {
            str3 = "";
            e2 = e4;
        }
        try {
            try {
                if (!string.equals("") && string.equals(str3) && !c2.f()) {
                    AppLogger.entry("Cert fingerprint exists in prefs. Allow connection", new Object[0]);
                    this.f3212g.c(false);
                    return;
                }
            } catch (Exception e5) {
                e2 = e5;
                AppLogger.trace(e2);
                AppLogger.entry("checkServerTrusted", new Object[0]);
                this.f3209d.checkServerTrusted(x509CertificateArr, str);
                this.f3212g.c(true);
                AppLogger.entry("Server certificate is valid", new Object[0]);
            }
            AppLogger.entry("checkServerTrusted", new Object[0]);
            this.f3209d.checkServerTrusted(x509CertificateArr, str);
            this.f3212g.c(true);
            AppLogger.entry("Server certificate is valid", new Object[0]);
        } catch (GeneralSecurityException e6) {
            if (c2.a()) {
                this.f3212g.c(false);
                return;
            }
            for (Throwable th = e6; th.getCause() != null; th = th.getCause()) {
            }
            if (c2.f()) {
                AppLogger.entry("Rejecting all untrusted certificates", new Object[0]);
                this.f3212g.c(false);
                throw new CertificateException(e6.toString());
            }
            if (!this.f3212g.b(new t(x509CertificateArr[0]))) {
                AppLogger.entry("User rejected server's certificate", new Object[0]);
                throw new CertificateException(e6.toString());
            }
            this.f3212g.c(false);
            AppLogger.entry("User accepted suspect server certificate", new Object[0]);
            sharedPreferences.edit().putString(Preferences.PREFERENCE_SERVER_SSL_CERT_FP, str3).commit();
            this.f3208c.add(0, x509CertificateArr[0]);
        }
    }

    @Override // javax.net.ssl.X509TrustManager
    public X509Certificate[] getAcceptedIssuers() {
        if (this.f3213h == null && this.f3209d != null) {
            synchronized (this) {
                if (this.f3213h == null) {
                    X509Certificate[] acceptedIssuers = this.f3209d.getAcceptedIssuers();
                    this.f3213h = acceptedIssuers;
                    if (acceptedIssuers != null) {
                        Collections.addAll(this.f3208c, acceptedIssuers);
                    }
                }
            }
        }
        ArrayList<X509Certificate> arrayList = this.f3208c;
        return (X509Certificate[]) arrayList.toArray(new X509Certificate[arrayList.size()]);
    }
}
