package com.boxer.email.smime;

import android.content.Context;
import android.support.annotation.NonNull;
import android.support.annotation.Nullable;
import com.airwatch.crypto.openssl.OpenSSLWrapper;
import com.boxer.apache.commons.io.IOUtils;
import com.boxer.common.logging.LogUtils;
import com.boxer.common.logging.Logging;
import com.boxer.email.smime.X509CertificateVerifier;
import com.boxer.email.smime.storage.CertificateManager;
import com.boxer.email.smime.storage.CertificateUtility;
import com.boxer.email.smime.storage.SMIMECertificate;
import com.boxer.emailcommon.TempDirectory;
import com.boxer.emailcommon.internet.MimeHeader;
import com.boxer.emailcommon.internet.MimeMessage;
import com.boxer.emailcommon.mail.MessagingException;
import com.boxer.emailcommon.provider.Account;
import com.boxer.injection.ObjectGraphController;
import com.google.common.annotations.VisibleForTesting;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.OutputStream;
import java.nio.ByteBuffer;
import java.security.PrivateKey;
import java.security.cert.CertificateEncodingException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Iterator;
import java.util.List;

/* loaded from: classes2.dex */
public class SMIMEDecryptAndVerify {
    private static final String a = Logging.a(SMIMECryptoUtil.a.concat("DecVerify"));
    private static final String b = "signer_certificate";
    private static final String c = "cert_chain";
    private static final String d = "pkcs7-envelopedData";
    private static final String e = "pkcs7-signedData";
    private final SMIMECryptoUtil f;
    private final OpenSSLWrapper g;
    private final PEMFormat h = new PEMFormat();
    private final Context i;
    private final Account j;

    /* loaded from: classes2.dex */
    public static class SMIMEMessage {
        public final byte[] a;
        public int b;
        private X509CertificateVerifier.CertVerificationResult c;
        private SMIMEException d;

        public SMIMEMessage(byte[] bArr, int i) {
            this.a = bArr;
            this.b = i;
        }

        /* JADX INFO: Access modifiers changed from: private */
        public void a(@NonNull X509CertificateVerifier.CertVerificationResult certVerificationResult) {
            this.c = certVerificationResult;
        }

        @Nullable
        public X509CertificateVerifier.CertVerificationResult a() {
            return this.c;
        }

        public void a(@NonNull SMIMEException sMIMEException) {
            this.d = sMIMEException;
        }

        @Nullable
        public SMIMEException b() {
            return this.d;
        }
    }

    public SMIMEDecryptAndVerify(@NonNull Context context, @NonNull Account account) {
        this.i = context;
        this.g = new OpenSSLWrapper(context);
        this.f = new SMIMECryptoUtil(context);
        this.j = account;
    }

    private SMIMEMessage a(@NonNull SMIMEMessage sMIMEMessage, @Nullable byte[] bArr, @Nullable byte[] bArr2, @Nullable String str, @Nullable String str2) throws SMIMEException {
        if (sMIMEMessage.a == null) {
            return sMIMEMessage;
        }
        try {
            MimeMessage mimeMessage = new MimeMessage(new ByteArrayInputStream(sMIMEMessage.a), true);
            if (!a(mimeMessage)) {
                if (!c(mimeMessage)) {
                    if (!this.f.c(mimeMessage)) {
                        return sMIMEMessage;
                    }
                    MimeMessage mimeMessage2 = new MimeMessage(new ByteArrayInputStream(sMIMEMessage.a), false);
                    this.f.d(mimeMessage2);
                    return a(new SMIMEMessage(this.f.a(mimeMessage2), 0), bArr, bArr2, str, null);
                }
                LogUtils.b(a, "Clear signed data", new Object[0]);
                int i = sMIMEMessage.b == 1 ? 2 : 3;
                File a2 = a();
                File b2 = b();
                byte[] awVerifySignatureAndGetMessageSMIME = this.g.awVerifySignatureAndGetMessageSMIME(sMIMEMessage.a, this.f.a(str), null, a2.getAbsolutePath(), b2.getAbsolutePath());
                SMIMEMessage sMIMEMessage2 = new SMIMEMessage(awVerifySignatureAndGetMessageSMIME, i);
                List<X509Certificate> a3 = a(a2);
                a2.delete();
                if (a3.size() > 0) {
                    a(a3.get(0), sMIMEMessage2, str);
                }
                List<X509Certificate> a4 = a(b2);
                b2.delete();
                Iterator<X509Certificate> it = a4.iterator();
                while (it.hasNext()) {
                    b(it.next(), str);
                }
                if (awVerifySignatureAndGetMessageSMIME != null) {
                    return sMIMEMessage2;
                }
                sMIMEMessage2.a(new SMIMEException(a4.size() == 0 ? 57 : 51));
                return sMIMEMessage2;
            }
            String i2 = mimeMessage.i();
            LogUtils.b(a, "S/MIME type : " + i2, new Object[0]);
            if (SMIMECryptoUtil.h.equals(i2) || e.equalsIgnoreCase(str2)) {
                LogUtils.b(a, "Opaque signed data", new Object[0]);
                return a(sMIMEMessage.a, sMIMEMessage.b != 1 ? 3 : 2, str);
            }
            if (!SMIMECryptoUtil.g.equals(i2) && !d.equalsIgnoreCase(str2)) {
                ByteBuffer allocateDirect = ByteBuffer.allocateDirect(sMIMEMessage.a.length);
                allocateDirect.put(sMIMEMessage.a);
                String awGetSMIMEType = this.g.awGetSMIMEType(allocateDirect);
                LogUtils.b(a, "s/mimeContentType : " + awGetSMIMEType, new Object[0]);
                if (d.equalsIgnoreCase(awGetSMIMEType) || e.equalsIgnoreCase(awGetSMIMEType)) {
                    return a(sMIMEMessage, bArr, bArr2, str, awGetSMIMEType);
                }
                LogUtils.b(a, "Email is not signed or encrypted", new Object[0]);
                return sMIMEMessage;
            }
            LogUtils.b(a, "Encrypted data", new Object[0]);
            if (bArr == null) {
                sMIMEMessage.b = 1;
                sMIMEMessage.a(new SMIMEException(55));
                return sMIMEMessage;
            }
            File a5 = a(sMIMEMessage.a);
            byte[] awDecryptAndVerifySMIME = this.g.awDecryptAndVerifySMIME(a5.getAbsolutePath(), bArr, bArr2);
            a5.delete();
            if (awDecryptAndVerifySMIME == null) {
                throw c();
            }
            return a(new SMIMEMessage(awDecryptAndVerifySMIME, 1), bArr, bArr2, str, null);
        } catch (MessagingException e2) {
            LogUtils.e(a, e2, "Error in decrypt/verify", new Object[0]);
            throw new SMIMEException(e2, 52);
        } catch (IOException e3) {
            LogUtils.e(a, e3, "Error in decrypt/verify", new Object[0]);
            throw new SMIMEException(e3, 48);
        }
    }

    @NonNull
    private SMIMEMessage a(@NonNull byte[] bArr, int i, @Nullable String str) throws IOException {
        int i2;
        SMIMEMessage sMIMEMessage;
        File a2 = a();
        File b2 = b();
        byte[] awVerifySignatureAndGetMessageSMIME = this.g.awVerifySignatureAndGetMessageSMIME(bArr, this.f.a(str), null, a2.getAbsolutePath(), b2.getAbsolutePath());
        List<X509Certificate> a3 = a(a2);
        a2.delete();
        if (awVerifySignatureAndGetMessageSMIME == null) {
            i2 = a3.size() == 0 ? 64 : 65;
        } else {
            i2 = 0;
        }
        if (i2 == 0) {
            sMIMEMessage = new SMIMEMessage(awVerifySignatureAndGetMessageSMIME, i);
        } else {
            SMIMEMessage sMIMEMessage2 = new SMIMEMessage(null, i);
            sMIMEMessage2.a(new SMIMEException(i2));
            sMIMEMessage = sMIMEMessage2;
        }
        if (a3.size() > 0) {
            a(a3.get(0), sMIMEMessage, str);
        }
        List<X509Certificate> a4 = a(b2);
        b2.delete();
        Iterator<X509Certificate> it = a4.iterator();
        while (it.hasNext()) {
            b(it.next(), str);
        }
        return sMIMEMessage;
    }

    @NonNull
    private File a() throws IOException {
        return File.createTempFile(b + System.currentTimeMillis(), "", TempDirectory.a());
    }

    @NonNull
    private File a(@NonNull byte[] bArr) throws IOException {
        FileOutputStream fileOutputStream;
        File createTempFile = File.createTempFile("smime.part_", ".tmp", this.i.getCacheDir());
        createTempFile.createNewFile();
        try {
            fileOutputStream = new FileOutputStream(createTempFile, false);
        } catch (Throwable th) {
            th = th;
            fileOutputStream = null;
        }
        try {
            fileOutputStream.write(bArr);
            fileOutputStream.flush();
            IOUtils.a((OutputStream) fileOutputStream);
            return createTempFile;
        } catch (Throwable th2) {
            th = th2;
            IOUtils.a((OutputStream) fileOutputStream);
            throw th;
        }
    }

    /* JADX WARN: Removed duplicated region for block: B:29:0x0055 A[EXC_TOP_SPLITTER, SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:38:0x005f A[EXC_TOP_SPLITTER, SYNTHETIC] */
    @android.support.annotation.NonNull
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private java.util.List<java.security.cert.X509Certificate> a(java.io.File r8) {
        /*
            r7 = this;
            r0 = 0
            java.util.ArrayList r3 = new java.util.ArrayList
            r3.<init>()
            r2 = 0
            java.io.FileInputStream r1 = new java.io.FileInputStream     // Catch: java.security.cert.CertificateException -> L46 java.lang.Throwable -> L5b java.io.IOException -> L6b
            r1.<init>(r8)     // Catch: java.security.cert.CertificateException -> L46 java.lang.Throwable -> L5b java.io.IOException -> L6b
            java.nio.charset.Charset r2 = java.nio.charset.Charset.defaultCharset()     // Catch: java.lang.Throwable -> L67 java.security.cert.CertificateException -> L69 java.io.IOException -> L6e
            java.lang.String r2 = com.boxer.apache.commons.io.IOUtils.a(r1, r2)     // Catch: java.lang.Throwable -> L67 java.security.cert.CertificateException -> L69 java.io.IOException -> L6e
            boolean r4 = android.text.TextUtils.isEmpty(r2)     // Catch: java.lang.Throwable -> L67 java.security.cert.CertificateException -> L69 java.io.IOException -> L6e
            if (r4 != 0) goto L40
            java.lang.String r4 = "(?<=\n-----END CERTIFICATE-----\n)"
            java.lang.String[] r2 = r2.split(r4)     // Catch: java.lang.Throwable -> L67 java.security.cert.CertificateException -> L69 java.io.IOException -> L6e
            int r4 = r2.length     // Catch: java.lang.Throwable -> L67 java.security.cert.CertificateException -> L69 java.io.IOException -> L6e
        L22:
            if (r0 >= r4) goto L40
            r5 = r2[r0]     // Catch: java.lang.Throwable -> L67 java.security.cert.CertificateException -> L69 java.io.IOException -> L6e
            byte[] r5 = r5.getBytes()     // Catch: java.lang.Throwable -> L67 java.security.cert.CertificateException -> L69 java.io.IOException -> L6e
            java.security.cert.X509Certificate r5 = com.boxer.email.smime.storage.CertificateUtility.c(r5)     // Catch: java.lang.Throwable -> L67 java.security.cert.CertificateException -> L69 java.io.IOException -> L6e
            boolean r6 = com.boxer.email.smime.storage.CertificateUtility.b(r5)     // Catch: java.lang.Throwable -> L67 java.security.cert.CertificateException -> L69 java.io.IOException -> L6e
            if (r6 != 0) goto L3a
            boolean r6 = com.boxer.email.smime.storage.CertificateUtility.a(r5)     // Catch: java.lang.Throwable -> L67 java.security.cert.CertificateException -> L69 java.io.IOException -> L6e
            if (r6 == 0) goto L3d
        L3a:
            r3.add(r5)     // Catch: java.lang.Throwable -> L67 java.security.cert.CertificateException -> L69 java.io.IOException -> L6e
        L3d:
            int r0 = r0 + 1
            goto L22
        L40:
            if (r1 == 0) goto L45
            r1.close()     // Catch: java.io.IOException -> L63
        L45:
            return r3
        L46:
            r0 = move-exception
            r1 = r2
        L48:
            java.lang.String r2 = com.boxer.email.smime.SMIMEDecryptAndVerify.a     // Catch: java.lang.Throwable -> L67
            java.lang.String r4 = "Error reading certificate"
            r5 = 0
            java.lang.Object[] r5 = new java.lang.Object[r5]     // Catch: java.lang.Throwable -> L67
            com.boxer.common.logging.LogUtils.e(r2, r0, r4, r5)     // Catch: java.lang.Throwable -> L67
            if (r1 == 0) goto L45
            r1.close()     // Catch: java.io.IOException -> L59
            goto L45
        L59:
            r0 = move-exception
            goto L45
        L5b:
            r0 = move-exception
            r1 = r2
        L5d:
            if (r1 == 0) goto L62
            r1.close()     // Catch: java.io.IOException -> L65
        L62:
            throw r0
        L63:
            r0 = move-exception
            goto L45
        L65:
            r1 = move-exception
            goto L62
        L67:
            r0 = move-exception
            goto L5d
        L69:
            r0 = move-exception
            goto L48
        L6b:
            r0 = move-exception
            r1 = r2
            goto L48
        L6e:
            r0 = move-exception
            goto L48
        */
        throw new UnsupportedOperationException("Method not decompiled: com.boxer.email.smime.SMIMEDecryptAndVerify.a(java.io.File):java.util.List");
    }

    private void a(@NonNull X509Certificate x509Certificate, @NonNull SMIMEMessage sMIMEMessage, @Nullable String str) {
        sMIMEMessage.a(b(x509Certificate, str));
    }

    public static boolean a(@NonNull MimeMessage mimeMessage) {
        try {
            String e2 = mimeMessage.e();
            if (e2 != null) {
                return SMIMECryptoUtil.b.contains(e2) || SMIMECryptoUtil.c.contains(e2);
            }
            return false;
        } catch (MessagingException e3) {
            LogUtils.d(a, e3, "Error getting mime type", new Object[0]);
            return false;
        }
    }

    private X509CertificateVerifier.CertVerificationResult b(@NonNull X509Certificate x509Certificate, @Nullable String str) {
        X509CertificateVerifier.CertVerificationResult certVerificationResult = null;
        if (str != null) {
            try {
                String trim = str.trim();
                if (trim.length() > 0) {
                    certVerificationResult = a(x509Certificate, trim).c();
                    CertificateManager y = ObjectGraphController.a().y();
                    if (y.d(CertificateUtility.a(x509Certificate.getEncoded())) == null) {
                        y.a(trim, x509Certificate, certVerificationResult, this.j.k());
                    }
                }
            } catch (IllegalArgumentException e2) {
                LogUtils.e(a, "trying to verify bad signer cert", e2);
            } catch (CertificateEncodingException e3) {
                LogUtils.e(a, "saving signer cert fails because of bad cert encoding", e3);
            }
        }
        return certVerificationResult;
    }

    @NonNull
    private File b() throws IOException {
        return File.createTempFile(c + System.currentTimeMillis(), "", TempDirectory.a());
    }

    public static boolean b(@NonNull MimeMessage mimeMessage) {
        try {
            return SMIMECryptoUtil.g.equals(mimeMessage.i());
        } catch (MessagingException e2) {
            LogUtils.d(a, e2, "Error getting mmime type", new Object[0]);
            return false;
        }
    }

    private SMIMEException c() {
        long awGetErrorCode = this.g.awGetErrorCode();
        return new SMIMEException(new OpenSSLError(awGetErrorCode, this.g.awGetErrorMessage(awGetErrorCode)).d());
    }

    private boolean c(@NonNull MimeMessage mimeMessage) {
        try {
            String e2 = mimeMessage.e();
            try {
                String h = mimeMessage.h();
                if (e2 == null || !"multipart/signed".contains(e2) || h == null) {
                    return false;
                }
                return h.contains(SMIMECryptoUtil.d) || h.contains(SMIMECryptoUtil.e);
            } catch (MessagingException e3) {
                LogUtils.d(a, e3, "Error getting protocol", new Object[0]);
                return false;
            }
        } catch (MessagingException e4) {
            LogUtils.d(a, e4, "Error getting mime type", new Object[0]);
            return false;
        }
    }

    public SMIMEMessage a(@NonNull SMIMEMessage sMIMEMessage) throws SMIMEException {
        byte[] a2;
        X509Certificate a3 = this.f.a();
        PrivateKey c2 = this.f.c();
        CertificateManager y = ObjectGraphController.a().y();
        PrivateKey privateKey = c2;
        List<SMIMECertificate> list = null;
        while (true) {
            if (a3 != null) {
                try {
                    a2 = this.h.a(a3);
                } catch (SMIMEException e2) {
                    List<SMIMECertificate> d2 = list == null ? y.d(this.j.m()) : list;
                    if (d2.size() <= 0) {
                        throw e2;
                    }
                    SMIMECertificate sMIMECertificate = d2.get(0);
                    if (sMIMECertificate == null) {
                        throw e2;
                    }
                    d2.remove(0);
                    X509Certificate a4 = sMIMECertificate.a();
                    if (a4 == null) {
                        throw e2;
                    }
                    PrivateKey h = y.h(sMIMECertificate.i());
                    list = d2;
                    a3 = a4;
                    privateKey = h;
                } catch (IOException e3) {
                    LogUtils.e(a, e3, "Error in decrypt/verify", new Object[0]);
                    throw new SMIMEException(e3, 48);
                } catch (CertificateException e4) {
                    LogUtils.e(a, e4, "Error in decrypt/verify", new Object[0]);
                    throw new SMIMEException(e4, 33);
                }
            } else {
                a2 = null;
            }
            return a(sMIMEMessage, a2, privateKey != null ? this.h.a(privateKey) : null);
        }
    }

    @VisibleForTesting
    SMIMEMessage a(@NonNull SMIMEMessage sMIMEMessage, @Nullable byte[] bArr, @Nullable byte[] bArr2) throws SMIMEException {
        String str;
        if (sMIMEMessage.a == null) {
            return sMIMEMessage;
        }
        try {
            str = new MimeHeader(new ByteArrayInputStream(sMIMEMessage.a)).c().toLowerCase();
        } catch (MessagingException | IOException e2) {
            LogUtils.d(a, e2, "Message does not have from address", new Object[0]);
            str = null;
        }
        return a(sMIMEMessage, bArr, bArr2, str, null);
    }

    @VisibleForTesting
    protected SMIMESignerCertVerifier a(X509Certificate x509Certificate, String str) {
        return new SMIMESignerCertVerifier(this.i, x509Certificate, str, this.j, SMIMECertRevocationChecker.a());
    }
}
