package com.android.emailcommon.utility;

import android.content.Context;
import android.security.KeyChain;
import android.security.KeyChainException;
import com.android.emailcommon.provider.HostAuth;
import com.android.mail.utils.LogUtils;
import defpackage.atc;
import defpackage.atd;
import java.net.Socket;
import java.security.KeyManagementException;
import java.security.NoSuchAlgorithmException;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.KeyManager;
import javax.net.ssl.TrustManager;

/* loaded from: classes.dex */
public class SSLUtils {
    private static final boolean LOG_ENABLED = false;
    private static final int SSL_HANDSHAKE_TIMEOUT = 30000;
    private static final String TAG = "Email.Ssl";
    private static ExternalSecurityProviderInstaller sExternalSecurityProviderInstaller;
    private static javax.net.ssl.SSLSocketFactory sSecureFactory;

    /* loaded from: classes.dex */
    public abstract class ExternalSecurityProviderInstaller {
        public abstract void installIfNeeded(Context context);
    }

    /* loaded from: classes.dex */
    public class KeyChainKeyManager extends atd {
        private final X509Certificate[] mCertificateChain;
        private final String mClientAlias;
        private final PrivateKey mPrivateKey;

        private KeyChainKeyManager(String str, X509Certificate[] x509CertificateArr, PrivateKey privateKey) {
            super();
            this.mClientAlias = str;
            this.mCertificateChain = x509CertificateArr;
            this.mPrivateKey = privateKey;
        }

        public static KeyChainKeyManager fromAlias(Context context, String str) {
            try {
                X509Certificate[] certificateChain = KeyChain.getCertificateChain(context, str);
                try {
                    PrivateKey privateKey = KeyChain.getPrivateKey(context, str);
                    if (certificateChain == null || privateKey == null) {
                        throw new CertificateException("Can't access certificate from keystore");
                    }
                    return new KeyChainKeyManager(str, certificateChain, privateKey);
                } catch (KeyChainException e) {
                    logError(str, "private key", e);
                    throw new CertificateException(e);
                } catch (InterruptedException e2) {
                    logError(str, "private key", e2);
                    throw new CertificateException(e2);
                }
            } catch (KeyChainException e3) {
                logError(str, "certificate chain", e3);
                throw new CertificateException(e3);
            } catch (InterruptedException e4) {
                logError(str, "certificate chain", e4);
                throw new CertificateException(e4);
            }
        }

        private static void logError(String str, String str2, Exception exc) {
            LogUtils.e(SSLUtils.TAG, "Unable to retrieve " + str2 + " due to " + exc, new Object[0]);
        }

        @Override // defpackage.atd, javax.net.ssl.X509KeyManager
        public String chooseClientAlias(String[] strArr, Principal[] principalArr, Socket socket) {
            return this.mClientAlias;
        }

        @Override // defpackage.atd, javax.net.ssl.X509KeyManager
        public X509Certificate[] getCertificateChain(String str) {
            return this.mCertificateChain;
        }

        @Override // defpackage.atd, javax.net.ssl.X509KeyManager
        public PrivateKey getPrivateKey(String str) {
            return this.mPrivateKey;
        }
    }

    /* loaded from: classes.dex */
    public class TrackingKeyManager extends atd {
        private volatile long mLastTimeCertRequested;

        public TrackingKeyManager() {
            super();
            this.mLastTimeCertRequested = 0L;
        }

        @Override // defpackage.atd, javax.net.ssl.X509KeyManager
        public String chooseClientAlias(String[] strArr, Principal[] principalArr, Socket socket) {
            this.mLastTimeCertRequested = System.currentTimeMillis();
            return null;
        }

        @Override // defpackage.atd, javax.net.ssl.X509KeyManager
        public X509Certificate[] getCertificateChain(String str) {
            return null;
        }

        public long getLastCertReqTime() {
            return this.mLastTimeCertRequested;
        }

        @Override // defpackage.atd, javax.net.ssl.X509KeyManager
        public PrivateKey getPrivateKey(String str) {
            return null;
        }
    }

    public static String escapeForSchemeName(String str) {
        String lowerCase = str.toLowerCase();
        StringBuilder sb = new StringBuilder();
        for (int i = 0; i < lowerCase.length(); i++) {
            char charAt = lowerCase.charAt(i);
            if (isAsciiLetter(charAt) || isAsciiNumber(charAt) || '-' == charAt || '.' == charAt) {
                sb.append(charAt);
            } else if ('+' == charAt) {
                sb.append("++");
            } else {
                sb.append('+').append((int) charAt);
            }
        }
        return sb.toString();
    }

    public static SSLSocketFactory getHttpSocketFactory(Context context, HostAuth hostAuth, KeyManager keyManager, boolean z) {
        SSLSocketFactory sSLSocketFactory = new SSLSocketFactory(getSSLSocketFactory(context, hostAuth, keyManager, z));
        if (z) {
            sSLSocketFactory.setHostnameVerifier(SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER);
        }
        return sSLSocketFactory;
    }

    public static synchronized javax.net.ssl.SSLSocketFactory getSSLSocketFactory(Context context, HostAuth hostAuth, KeyManager keyManager, boolean z) {
        javax.net.ssl.SSLSocketFactory sSLSocketFactory;
        KeyManager[] keyManagerArr;
        synchronized (SSLUtils.class) {
            if (sExternalSecurityProviderInstaller != null) {
                sExternalSecurityProviderInstaller.installIfNeeded(context);
            }
            if (keyManager == null) {
                keyManagerArr = null;
            } else {
                try {
                    keyManagerArr = new KeyManager[]{keyManager};
                } catch (KeyManagementException e) {
                    LogUtils.wtf(TAG, e, "Unable to acquire SSLSocketFactory", new Object[0]);
                    sSLSocketFactory = null;
                    return sSLSocketFactory;
                } catch (NoSuchAlgorithmException e2) {
                    LogUtils.wtf(TAG, e2, "Unable to acquire SSLSocketFactory", new Object[0]);
                    sSLSocketFactory = null;
                    return sSLSocketFactory;
                }
            }
            if (z) {
                sSLSocketFactory = (SSLSocketFactoryWrapper) SSLSocketFactoryWrapper.getInsecure(keyManagerArr, new TrustManager[]{new atc(context, hostAuth)}, SSL_HANDSHAKE_TIMEOUT);
            } else {
                if (sSecureFactory == null) {
                    sSecureFactory = (SSLSocketFactoryWrapper) SSLSocketFactoryWrapper.getDefault(keyManagerArr, SSL_HANDSHAKE_TIMEOUT);
                }
                sSLSocketFactory = sSecureFactory;
            }
        }
        return sSLSocketFactory;
    }

    private static boolean isAsciiLetter(char c) {
        return ('a' <= c && c <= 'z') || ('A' <= c && c <= 'Z');
    }

    private static boolean isAsciiNumber(char c) {
        return '0' <= c && c <= '9';
    }

    public static void setExternalSecurityProviderInstaller(ExternalSecurityProviderInstaller externalSecurityProviderInstaller) {
        sExternalSecurityProviderInstaller = externalSecurityProviderInstaller;
    }
}
