package org.wordpress.android.networking;

import android.app.AlertDialog;
import android.content.Context;
import android.content.DialogInterface;
import android.content.Intent;
import android.net.http.SslCertificate;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.GeneralSecurityException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import javax.security.auth.x500.X500Principal;
import org.wordpress.android.R;
import org.wordpress.android.WordPress;
import org.wordpress.android.util.AppLog;

/* loaded from: classes.dex */
public class SelfSignedSSLCertsManager {
    private static SelfSignedSSLCertsManager sInstance;
    private X509Certificate[] mLastFailureChain;
    private KeyStore mLocalKeyStore;
    private File mLocalTrustStoreFile;

    private SelfSignedSSLCertsManager(Context context) throws IOException, GeneralSecurityException {
        this.mLocalTrustStoreFile = new File(context.getFilesDir(), "self_signed_certs_truststore.bks");
        createLocalKeyStoreFile();
        this.mLocalKeyStore = loadTrustStore(context);
    }

    public static void askForSslTrust(final Context context) {
        AlertDialog.Builder builder = new AlertDialog.Builder(context);
        builder.setTitle(context.getString(R.string.ssl_certificate_error));
        builder.setMessage(context.getString(R.string.ssl_certificate_ask_trust));
        builder.setPositiveButton(R.string.ssl_certificate_trust, new DialogInterface.OnClickListener() { // from class: org.wordpress.android.networking.SelfSignedSSLCertsManager.1
            @Override // android.content.DialogInterface.OnClickListener
            public void onClick(DialogInterface dialogInterface, int i) {
                try {
                    SelfSignedSSLCertsManager selfSignedSSLCertsManager = SelfSignedSSLCertsManager.getInstance(context);
                    selfSignedSSLCertsManager.addCertificates(selfSignedSSLCertsManager.getLastFailureChain());
                } catch (IOException e) {
                    AppLog.e(AppLog.T.API, e);
                } catch (GeneralSecurityException e2) {
                    AppLog.e(AppLog.T.API, e2);
                }
            }
        });
        builder.setNeutralButton(R.string.ssl_certificate_details, new DialogInterface.OnClickListener() { // from class: org.wordpress.android.networking.SelfSignedSSLCertsManager.2
            @Override // android.content.DialogInterface.OnClickListener
            public void onClick(DialogInterface dialogInterface, int i) {
                Intent intent = new Intent(context, (Class<?>) SSLCertsViewActivity.class);
                try {
                    intent.putExtra(SSLCertsViewActivity.CERT_DETAILS_KEYS, SelfSignedSSLCertsManager.getInstance(context).getLastFailureChainDescription().replaceAll("\n", "<br/>"));
                    context.startActivity(intent);
                } catch (IOException e) {
                    AppLog.e(AppLog.T.API, e);
                } catch (GeneralSecurityException e2) {
                    AppLog.e(AppLog.T.API, e2);
                }
            }
        });
        builder.setNegativeButton(R.string.ssl_certificate_do_not_trust, new DialogInterface.OnClickListener() { // from class: org.wordpress.android.networking.SelfSignedSSLCertsManager.3
            @Override // android.content.DialogInterface.OnClickListener
            public void onClick(DialogInterface dialogInterface, int i) {
            }
        });
        builder.show();
    }

    private void createLocalKeyStoreFile() throws GeneralSecurityException, IOException {
        if (this.mLocalTrustStoreFile.exists()) {
            return;
        }
        FileOutputStream fileOutputStream = null;
        try {
            FileOutputStream fileOutputStream2 = new FileOutputStream(this.mLocalTrustStoreFile);
            try {
                KeyStore keyStore = KeyStore.getInstance("BKS");
                keyStore.load(null, "wordpress".toCharArray());
                keyStore.store(fileOutputStream2, "wordpress".toCharArray());
                if (fileOutputStream2 != null) {
                    try {
                        fileOutputStream2.close();
                    } catch (IOException e) {
                        AppLog.e(AppLog.T.UTILS, e);
                    }
                }
            } catch (Throwable th) {
                th = th;
                fileOutputStream = fileOutputStream2;
                if (fileOutputStream != null) {
                    try {
                        fileOutputStream.close();
                    } catch (IOException e2) {
                        AppLog.e(AppLog.T.UTILS, e2);
                    }
                }
                throw th;
            }
        } catch (Throwable th2) {
            th = th2;
        }
    }

    public static synchronized SelfSignedSSLCertsManager getInstance(Context context) throws IOException, GeneralSecurityException {
        SelfSignedSSLCertsManager selfSignedSSLCertsManager;
        synchronized (SelfSignedSSLCertsManager.class) {
            if (sInstance == null) {
                sInstance = new SelfSignedSSLCertsManager(context);
            }
            selfSignedSSLCertsManager = sInstance;
        }
        return selfSignedSSLCertsManager;
    }

    private static String hashName(X500Principal x500Principal) {
        try {
            String num = Integer.toString(leInt(MessageDigest.getInstance("MD5").digest(x500Principal.getEncoded())), 16);
            if (num.length() <= 8) {
                return num;
            }
            StringBuilder sb = new StringBuilder();
            int length = 8 - num.length();
            for (int i = 0; i < length; i++) {
                sb.append("0");
            }
            sb.append(num);
            return sb.toString();
        } catch (NoSuchAlgorithmException e) {
            throw new AssertionError(e);
        }
    }

    private static int leInt(byte[] bArr) {
        int i = 0 + 1;
        int i2 = i + 1;
        return ((bArr[0] & 255) << 0) | ((bArr[i] & 255) << 8) | ((bArr[i2] & 255) << 16) | ((bArr[i2 + 1] & 255) << 24);
    }

    private KeyStore loadTrustStore(Context context) throws IOException, GeneralSecurityException {
        KeyStore keyStore = KeyStore.getInstance("BKS");
        FileInputStream fileInputStream = new FileInputStream(this.mLocalTrustStoreFile);
        try {
            keyStore.load(fileInputStream, "wordpress".toCharArray());
            return keyStore;
        } finally {
            fileInputStream.close();
        }
    }

    private void saveTrustStore() throws IOException, GeneralSecurityException {
        FileOutputStream fileOutputStream;
        FileOutputStream fileOutputStream2 = null;
        try {
            fileOutputStream = new FileOutputStream(this.mLocalTrustStoreFile);
        } catch (Throwable th) {
            th = th;
        }
        try {
            this.mLocalKeyStore.store(fileOutputStream, "wordpress".toCharArray());
            if (fileOutputStream != null) {
                try {
                    fileOutputStream.close();
                } catch (IOException e) {
                    AppLog.e(AppLog.T.UTILS, e);
                }
            }
        } catch (Throwable th2) {
            th = th2;
            fileOutputStream2 = fileOutputStream;
            if (fileOutputStream2 != null) {
                try {
                    fileOutputStream2.close();
                } catch (IOException e2) {
                    AppLog.e(AppLog.T.UTILS, e2);
                }
            }
            throw th;
        }
    }

    public void addCertificate(X509Certificate x509Certificate) throws IOException, GeneralSecurityException {
        if (x509Certificate == null) {
            return;
        }
        this.mLocalKeyStore.setCertificateEntry(hashName(x509Certificate.getSubjectX500Principal()), x509Certificate);
        saveTrustStore();
    }

    public void addCertificates(X509Certificate[] x509CertificateArr) throws IOException, GeneralSecurityException {
        if (x509CertificateArr == null || x509CertificateArr.length == 0) {
            return;
        }
        for (X509Certificate x509Certificate : x509CertificateArr) {
            this.mLocalKeyStore.setCertificateEntry(hashName(x509Certificate.getSubjectX500Principal()), x509Certificate);
        }
        saveTrustStore();
        WordPress.setupVolleyQueue();
    }

    public void emptyLocalKeyStoreFile() {
        if (this.mLocalTrustStoreFile.exists()) {
            this.mLocalTrustStoreFile.delete();
        }
        try {
            createLocalKeyStoreFile();
        } catch (IOException e) {
            AppLog.e(AppLog.T.API, "Cannot create/initialize local Keystore", e);
        } catch (GeneralSecurityException e2) {
            AppLog.e(AppLog.T.API, "Cannot create/initialize local Keystore", e2);
        }
    }

    public X509Certificate[] getLastFailureChain() {
        return this.mLastFailureChain;
    }

    public String getLastFailureChainDescription() {
        return (this.mLastFailureChain == null || this.mLastFailureChain.length == 0) ? "" : this.mLastFailureChain[0].toString();
    }

    public KeyStore getLocalKeyStore() {
        return this.mLocalKeyStore;
    }

    public boolean isCertificateTrusted(SslCertificate sslCertificate) {
        X509Certificate x509Certificate;
        if (sslCertificate == null) {
            return false;
        }
        byte[] byteArray = SslCertificate.saveState(sslCertificate).getByteArray("x509-certificate");
        if (byteArray == null) {
            AppLog.e(AppLog.T.API, "Cannot load the SSLCertificate bytes from the bundle!");
            x509Certificate = null;
        } else {
            try {
                x509Certificate = (X509Certificate) CertificateFactory.getInstance("X.509").generateCertificate(new ByteArrayInputStream(byteArray));
            } catch (CertificateException e) {
                AppLog.e(AppLog.T.API, "Cannot generate the X509Certificate with the bytes provided", e);
                x509Certificate = null;
            }
        }
        if (x509Certificate == null) {
            return false;
        }
        try {
            if (getLocalKeyStore().getCertificateAlias(x509Certificate) != null) {
                AppLog.w(AppLog.T.API, "Current certificate " + x509Certificate.getSubjectDN().getName() + " is in KeyStore.");
                return true;
            }
        } catch (KeyStoreException e2) {
            AppLog.e(AppLog.T.API, "Cannot check if the certificate is in KeyStore. Seems that Keystore is not initialized.", e2);
        }
        AppLog.w(AppLog.T.API, "Current certificate " + x509Certificate.getSubjectDN().getName() + " is NOT in KeyStore.");
        return false;
    }

    public void setLastFailureChain(X509Certificate[] x509CertificateArr) {
        this.mLastFailureChain = x509CertificateArr;
    }
}
