package hp.secure.storage;

import com.microsoft.aad.adal.AuthenticationConstants;
import java.io.IOException;
import java.net.InetAddress;
import java.net.URL;
import java.net.UnknownHostException;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import java.util.Enumeration;
import javax.net.ssl.HttpsURLConnection;
import javax.net.ssl.SSLContext;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import timber.log.Timber;

/* loaded from: classes2.dex */
public class CertificateStorage {
    private static final String KEYSTORE_ALIAS_PREFIX = "PrinterServer_";
    private String mAddress;
    private String mHostname;
    private int mPort;
    private ITrustManager mTrustManager;

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes2.dex */
    public interface ITrustManager extends X509TrustManager {
        X509Certificate getServerCert();
    }

    /* loaded from: classes2.dex */
    public enum StorageResult {
        SUCCESS,
        CONNECTION_FAILED,
        STORAGE_FAILED
    }

    /* JADX INFO: Access modifiers changed from: private */
    /* loaded from: classes2.dex */
    public static class UnifiedTrustManager implements ITrustManager {
        private X509TrustManager defaultTrustManager;
        private X509TrustManager localTrustManager;
        private X509Certificate mServerCert;

        UnifiedTrustManager(KeyStore keyStore) throws KeyStoreException {
            try {
                this.defaultTrustManager = createTrustManager(null);
                if (keyStore != null) {
                    this.localTrustManager = createTrustManager(keyStore);
                }
            } catch (NoSuchAlgorithmException e) {
                Timber.e(e, "Could not create TrustManager", new Object[0]);
            }
        }

        private X509TrustManager createTrustManager(KeyStore keyStore) throws NoSuchAlgorithmException, KeyStoreException {
            TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance(TrustManagerFactory.getDefaultAlgorithm());
            trustManagerFactory.init(keyStore);
            TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
            if (trustManagers == null || trustManagers.length <= 0) {
                return null;
            }
            return (X509TrustManager) trustManagers[0];
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkClientTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            try {
                if (this.defaultTrustManager != null) {
                    this.defaultTrustManager.checkClientTrusted(x509CertificateArr, str);
                }
            } catch (CertificateException e) {
                if (this.localTrustManager == null) {
                    throw e;
                }
                this.localTrustManager.checkClientTrusted(x509CertificateArr, str);
            }
        }

        @Override // javax.net.ssl.X509TrustManager
        public void checkServerTrusted(X509Certificate[] x509CertificateArr, String str) throws CertificateException {
            this.mServerCert = x509CertificateArr[0];
            try {
                if (this.defaultTrustManager != null) {
                    this.defaultTrustManager.checkServerTrusted(x509CertificateArr, str);
                }
            } catch (CertificateException e) {
                if (this.localTrustManager == null) {
                    throw e;
                }
                try {
                    this.localTrustManager.checkClientTrusted(x509CertificateArr, str);
                } catch (CertificateException e2) {
                    Timber.e(e2, "Certificate exception", new Object[0]);
                    throw e2;
                }
            }
        }

        @Override // javax.net.ssl.X509TrustManager
        public X509Certificate[] getAcceptedIssuers() {
            X509Certificate[] acceptedIssuers = this.defaultTrustManager.getAcceptedIssuers();
            X509Certificate[] acceptedIssuers2 = this.localTrustManager.getAcceptedIssuers();
            X509Certificate[] x509CertificateArr = (X509Certificate[]) Arrays.copyOf(acceptedIssuers, acceptedIssuers.length + acceptedIssuers2.length);
            System.arraycopy(acceptedIssuers2, 0, x509CertificateArr, acceptedIssuers.length, acceptedIssuers2.length);
            return x509CertificateArr;
        }

        @Override // hp.secure.storage.CertificateStorage.ITrustManager
        public X509Certificate getServerCert() {
            return this.mServerCert;
        }
    }

    public CertificateStorage(String str, int i) {
        this.mAddress = str;
        this.mPort = i;
    }

    private boolean connect(KeyStore keyStore) {
        try {
            this.mHostname = InetAddress.getByName(this.mAddress).getHostName();
        } catch (UnknownHostException unused) {
            this.mHostname = this.mAddress;
        }
        try {
            this.mTrustManager = setUnifiedTrustManager(keyStore);
            ((HttpsURLConnection) new URL(AuthenticationConstants.Broker.REDIRECT_SSL_PREFIX + this.mHostname + ":" + this.mPort).openConnection()).getInputStream().close();
            return true;
        } catch (Exception e) {
            Timber.e(e, "Could not connect to %s", this.mAddress);
            return false;
        }
    }

    private UnifiedTrustManager setUnifiedTrustManager(KeyStore keyStore) {
        UnifiedTrustManager unifiedTrustManager;
        try {
            unifiedTrustManager = new UnifiedTrustManager(keyStore);
        } catch (Exception e) {
            e = e;
            unifiedTrustManager = null;
        }
        try {
            SSLContext sSLContext = SSLContext.getInstance("TLS");
            sSLContext.init(null, new TrustManager[]{unifiedTrustManager}, null);
            HttpsURLConnection.setDefaultSSLSocketFactory(sSLContext.getSocketFactory());
        } catch (Exception e2) {
            e = e2;
            Timber.e(e, "Could not set UnifiedTrustManager", new Object[0]);
            return unifiedTrustManager;
        }
        return unifiedTrustManager;
    }

    public boolean isConnectionTrusted() {
        try {
            return connect(SecureStorage.getKeyStore());
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            Timber.e(e, "Could not load keystore file", new Object[0]);
            e.printStackTrace();
            return false;
        }
    }

    public int removeCertificates(boolean z) {
        KeyStore keyStore;
        int i;
        try {
            keyStore = SecureStorage.getKeyStore();
        } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e) {
            Timber.e(e, "Could not load keystore file", new Object[0]);
            e.printStackTrace();
            keyStore = null;
        }
        if (keyStore == null) {
            return 0;
        }
        connect(keyStore);
        try {
        } catch (KeyStoreException e2) {
            e = e2;
            i = 0;
        }
        if (!z) {
            keyStore.deleteEntry(KEYSTORE_ALIAS_PREFIX + this.mHostname);
            return 1;
        }
        Enumeration<String> aliases = keyStore.aliases();
        i = 0;
        while (aliases.hasMoreElements()) {
            try {
                String nextElement = aliases.nextElement();
                if (nextElement.contains(KEYSTORE_ALIAS_PREFIX)) {
                    keyStore.deleteEntry(nextElement);
                    i++;
                }
            } catch (KeyStoreException e3) {
                e = e3;
                Timber.e(e, "Could not delete keystore entry", new Object[0]);
                e.printStackTrace();
                return i;
            }
        }
        return i;
    }

    public void resetKeystoreInstance() {
        SecureStorage.resetKeyStoreInstance();
    }

    public StorageResult storeCertificate() {
        StorageResult storageResult;
        KeyStore keyStore;
        Exception e;
        synchronized (this) {
            storageResult = StorageResult.SUCCESS;
            try {
                keyStore = SecureStorage.getKeyStore();
            } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e2) {
                keyStore = null;
                e = e2;
            }
            try {
                connect(keyStore);
            } catch (IOException | KeyStoreException | NoSuchAlgorithmException | CertificateException e3) {
                e = e3;
                Timber.e(e, "Could not load keystore file", new Object[0]);
                e.printStackTrace();
                if (this.mTrustManager != null) {
                }
                storageResult = StorageResult.CONNECTION_FAILED;
                Timber.e("Could not connect and obtain certificate for storage: %s", this.mAddress);
                return storageResult;
            }
            if (this.mTrustManager != null || this.mTrustManager.getServerCert() == null) {
                storageResult = StorageResult.CONNECTION_FAILED;
                Timber.e("Could not connect and obtain certificate for storage: %s", this.mAddress);
            } else {
                X509Certificate serverCert = this.mTrustManager.getServerCert();
                Timber.v("Certificate details: %s", serverCert.toString());
                try {
                    if (keyStore != null) {
                        keyStore.setCertificateEntry(KEYSTORE_ALIAS_PREFIX + this.mHostname, serverCert);
                    } else {
                        storageResult = StorageResult.STORAGE_FAILED;
                    }
                } catch (KeyStoreException e4) {
                    StorageResult storageResult2 = StorageResult.STORAGE_FAILED;
                    Timber.e(e4, "Could not store certificate", new Object[0]);
                    storageResult = storageResult2;
                }
            }
        }
        return storageResult;
    }
}
