package net.qihoo.secmail.l;

import android.content.Context;
import android.content.res.AssetManager;
import java.io.BufferedInputStream;
import java.io.BufferedOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.math.BigInteger;
import java.nio.charset.Charset;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Security;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.PKIXParameters;
import java.security.cert.TrustAnchor;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.Iterator;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import net.qihoo.secmail.h.d.bk;
import net.qihoo.secmail.h.d.co;
import net.qihoo.secmail.h.d.cw;
import net.qihoo.secmail.h.r;
import net.qihoo.secmail.h.u;
import org.apache.commons.io.IOUtils;
import org.apache.james.mime4j.dom.field.FieldName;
import org.apache.james.mime4j.util.MimeUtil;
import org.spongycastle.asn1.ASN1EncodableVector;
import org.spongycastle.asn1.cms.AttributeTable;
import org.spongycastle.asn1.cms.IssuerAndSerialNumber;
import org.spongycastle.asn1.smime.SMIMECapabilitiesAttribute;
import org.spongycastle.asn1.smime.SMIMECapability;
import org.spongycastle.asn1.smime.SMIMECapabilityVector;
import org.spongycastle.asn1.smime.SMIMEEncryptionKeyPreferenceAttribute;
import org.spongycastle.asn1.x500.X500Name;
import org.spongycastle.cert.jcajce.JcaCertStore;
import org.spongycastle.cms.CMSSignedDataParser;
import org.spongycastle.cms.CMSSignedDataStreamGenerator;
import org.spongycastle.cms.CMSTypedStream;
import org.spongycastle.cms.jcajce.JcaSimpleSignerInfoGeneratorBuilder;
import org.spongycastle.jce.provider.BouncyCastleProvider;
import org.spongycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder;
import org.spongycastle.util.Strings;

/* loaded from: classes.dex */
public final class j {
    private static final String a = "360mail.bks";
    private static final String b = "939309dcc65431ed69a567989e38cc94";
    private static final String c = "application/x-pkcs7-signature; name=smime.p7s";
    private static PKIXParameters d = null;

    static {
        Security.insertProviderAt(new BouncyCastleProvider(), 1);
    }

    public static net.qihoo.secmail.h.c.l a(net.qihoo.secmail.h.c.l lVar, File file) {
        try {
            net.qihoo.secmail.h.c.i iVar = new net.qihoo.secmail.h.c.i(lVar.l());
            for (String str : lVar.n()) {
                if (Strings.toLowerCase(str).startsWith("content-")) {
                    iVar.b(str, lVar.f(str)[0]);
                }
            }
            net.qihoo.secmail.h.c.i iVar2 = new net.qihoo.secmail.h.c.i();
            iVar2.a("Content-Type", c);
            iVar2.a("Content-Disposition", "attachment; filename=\"smime.p7s\"");
            iVar2.a(FieldName.CONTENT_DESCRIPTION, "S/MIME Cryptographic Signature");
            iVar2.a("Content-Transfer-Encoding", MimeUtil.ENC_BASE64);
            String a2 = lVar.h()[0].a();
            CMSSignedDataStreamGenerator a3 = a(f.b(a2), f.a(a2));
            File file2 = new File(file, "smime.p7s");
            FileOutputStream fileOutputStream = new FileOutputStream(file2);
            OutputStream open = a3.open(fileOutputStream);
            iVar.a(open);
            open.close();
            fileOutputStream.close();
            cw cwVar = new cw(file2.getPath());
            cwVar.a(MimeUtil.ENC_BASE64);
            iVar2.a(cwVar);
            StringBuffer stringBuffer = new StringBuffer("signed; protocol=\"application/x-pkcs7-signature\"");
            stringBuffer.append("; micalg=SHA1");
            String stringBuffer2 = stringBuffer.toString();
            net.qihoo.secmail.h.c.n nVar = new net.qihoo.secmail.h.c.n();
            nVar.d(stringBuffer2);
            nVar.a((net.qihoo.secmail.h.e) iVar);
            nVar.a((net.qihoo.secmail.h.e) iVar2);
            nVar.a(MimeUtil.ENC_7BIT);
            lVar.a(nVar);
            return lVar;
        } catch (Exception e) {
            e.printStackTrace();
            throw new Exception("Faild to sign message", e);
        }
    }

    private static CMSSignedDataParser a(co coVar, File file) {
        try {
            if (!(!coVar.k("multipart/signed"))) {
                byte[] D = coVar.D();
                if (D == null) {
                    throw new Exception("找不到签名块");
                }
                return new CMSSignedDataParser(new JcaDigestCalculatorProviderBuilder().build(), b(coVar, file), D);
            }
            InputStream E = coVar.E();
            BufferedInputStream bufferedInputStream = E != null ? new BufferedInputStream(E) : null;
            if (bufferedInputStream == null) {
                throw new Exception("密封签名邮件流获取失败");
            }
            return new CMSSignedDataParser(new JcaDigestCalculatorProviderBuilder().build(), bufferedInputStream);
        } catch (r e) {
            throw new Exception("邮件类型解析错误", e);
        }
    }

    private static CMSSignedDataStreamGenerator a(PrivateKey privateKey, Certificate[] certificateArr) {
        try {
            SMIMECapabilityVector sMIMECapabilityVector = new SMIMECapabilityVector();
            sMIMECapabilityVector.addCapability(SMIMECapability.dES_EDE3_CBC);
            sMIMECapabilityVector.addCapability(SMIMECapability.rC2_CBC, 128);
            sMIMECapabilityVector.addCapability(SMIMECapability.dES_CBC);
            ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
            aSN1EncodableVector.add(new SMIMEEncryptionKeyPreferenceAttribute(new IssuerAndSerialNumber(new X500Name(((X509Certificate) certificateArr[0]).getIssuerDN().getName()), ((X509Certificate) certificateArr[0]).getSerialNumber())));
            aSN1EncodableVector.add(new SMIMECapabilitiesAttribute(sMIMECapabilityVector));
            CMSSignedDataStreamGenerator cMSSignedDataStreamGenerator = new CMSSignedDataStreamGenerator();
            cMSSignedDataStreamGenerator.addSignerInfoGenerator(new JcaSimpleSignerInfoGeneratorBuilder().setSignedAttributeGenerator(new AttributeTable(aSN1EncodableVector)).build("SHA1withRSA", privateKey, (X509Certificate) certificateArr[0]));
            ArrayList arrayList = new ArrayList();
            arrayList.addAll(Arrays.asList(certificateArr));
            cMSSignedDataStreamGenerator.addCertificates(new JcaCertStore(arrayList));
            return cMSSignedDataStreamGenerator;
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    /* JADX WARN: Removed duplicated region for block: B:115:0x0091  */
    /* JADX WARN: Removed duplicated region for block: B:117:0x0096  */
    /* JADX WARN: Removed duplicated region for block: B:119:0x009b  */
    /* JADX WARN: Removed duplicated region for block: B:121:0x00a0  */
    /* JADX WARN: Type inference failed for: r0v23, types: [int] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static void a(android.content.Context r13, net.qihoo.secmail.h.d.co r14, java.io.File r15) {
        /*
            Method dump skipped, instructions count: 565
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: net.qihoo.secmail.l.j.a(android.content.Context, net.qihoo.secmail.h.d.co, java.io.File):void");
    }

    private static void a(OutputStream outputStream, u uVar) {
        Iterator it = uVar.a_().iterator();
        while (it.hasNext()) {
            outputStream.write((byte[]) it.next());
            outputStream.write(13);
            outputStream.write(10);
        }
        outputStream.write(13);
        outputStream.write(10);
        if (!(uVar.l() instanceof net.qihoo.secmail.h.c.n)) {
            if (uVar.l() instanceof net.qihoo.secmail.h.c.a) {
                ((net.qihoo.secmail.h.c.a) uVar.l()).b(outputStream);
                return;
            }
            return;
        }
        net.qihoo.secmail.h.c.n nVar = (net.qihoo.secmail.h.c.n) uVar.l();
        if (nVar.f() != null) {
            outputStream.write(nVar.f().getBytes(Charset.forName("UTF-8")));
            outputStream.write(13);
            outputStream.write(10);
        }
        int d2 = nVar.d();
        if (d2 == 0) {
            outputStream.write(("--" + nVar.f).getBytes(Charset.forName("UTF-8")));
            outputStream.write(13);
            outputStream.write(10);
        } else {
            for (int i = 0; i < d2; i++) {
                outputStream.write(("--" + nVar.f).getBytes(Charset.forName("UTF-8")));
                outputStream.write(13);
                outputStream.write(10);
                a(outputStream, (net.qihoo.secmail.h.c.i) nVar.a(i));
                outputStream.write(13);
                outputStream.write(10);
            }
        }
        outputStream.write(("--" + nVar.f + "--").getBytes(Charset.forName("UTF-8")));
        outputStream.write(13);
        outputStream.write(10);
    }

    private static void a(net.qihoo.secmail.h.c.i iVar, net.qihoo.secmail.h.c.l lVar) {
        for (String str : lVar.n()) {
            if (Strings.toLowerCase(str).startsWith("content-")) {
                iVar.b(str, lVar.f(str)[0]);
            }
        }
    }

    private static void a(net.qihoo.secmail.h.c.l lVar) {
        net.qihoo.secmail.h.d l = lVar.l();
        if (l instanceof net.qihoo.secmail.h.c.n) {
            a((net.qihoo.secmail.h.c.n) l);
        }
    }

    private static void a(net.qihoo.secmail.h.c.n nVar) {
        int d2 = nVar.d();
        for (int i = 0; i < d2; i++) {
            net.qihoo.secmail.h.d l = nVar.a(i).l();
            if (l instanceof net.qihoo.secmail.h.c.a) {
                try {
                    ((net.qihoo.secmail.h.c.a) l).a().close();
                } catch (Exception e) {
                }
            } else if (l instanceof net.qihoo.secmail.h.c.n) {
                a((net.qihoo.secmail.h.c.n) l);
            }
        }
    }

    private static boolean a(InputStream inputStream) {
        MessageDigest messageDigest = MessageDigest.getInstance("MD5");
        byte[] bArr = new byte[8192];
        while (true) {
            try {
                int read = inputStream.read(bArr);
                if (read <= 0) {
                    break;
                }
                messageDigest.update(bArr, 0, read);
            } catch (IOException e) {
                throw new Exception("验证根证书IO错误", e);
            }
        }
        return b.equals(new BigInteger(1, messageDigest.digest()).toString(16));
    }

    private static byte[] a(co coVar) {
        return coVar.D();
    }

    private static X509Certificate[] a() {
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("X509");
        trustManagerFactory.init((KeyStore) null);
        TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
        if (trustManagers == null || trustManagers.length == 0) {
            return null;
        }
        return ((X509TrustManager) trustManagers[0]).getAcceptedIssuers();
    }

    private static X509Certificate[] a(Context context) {
        AssetManager assets = context.getAssets();
        try {
            InputStream open = assets.open(a);
            if (!a(open)) {
                throw new Exception("内置根证书完整性校验失败，请检查客户端完整性");
            }
            if (open != null) {
                try {
                    open.close();
                } catch (IOException e) {
                }
            }
            InputStream inputStream = null;
            try {
                try {
                    try {
                        try {
                            ArrayList arrayList = new ArrayList();
                            inputStream = assets.open(a);
                            KeyStore keyStore = KeyStore.getInstance("BKS");
                            keyStore.load(inputStream, "360mail".toCharArray());
                            Enumeration<String> aliases = keyStore.aliases();
                            while (aliases.hasMoreElements()) {
                                String nextElement = aliases.nextElement();
                                if (keyStore.isCertificateEntry(nextElement)) {
                                    Certificate certificate = keyStore.getCertificate(nextElement);
                                    if (certificate instanceof X509Certificate) {
                                        arrayList.add((X509Certificate) certificate);
                                    }
                                }
                            }
                            return (X509Certificate[]) arrayList.toArray(new X509Certificate[0]);
                        } catch (CertificateException e2) {
                            throw new Exception("内置根证书加载错误", e2);
                        }
                    } catch (KeyStoreException e3) {
                        throw new Exception("建立内置证书库错误", e3);
                    }
                } finally {
                    if (inputStream != null) {
                        try {
                            inputStream.close();
                        } catch (IOException e4) {
                        }
                    }
                }
            } catch (IOException e5) {
                throw new Exception("读取内置根证书错误", e5);
            } catch (NoSuchAlgorithmException e6) {
                throw new Exception("内置证书库算法不支持", e6);
            }
        } catch (IOException e7) {
            throw new Exception("内置根证书流打开错误", e7);
        }
    }

    private static InputStream b(co coVar) {
        InputStream E = coVar.E();
        if (E != null) {
            return new BufferedInputStream(E);
        }
        return null;
    }

    private static synchronized PKIXParameters b(Context context) {
        PKIXParameters pKIXParameters;
        synchronized (j.class) {
            if (d == null) {
                X509Certificate[] a2 = a(context);
                TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("X509");
                trustManagerFactory.init((KeyStore) null);
                TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
                X509Certificate[] acceptedIssuers = (trustManagers == null || trustManagers.length == 0) ? null : ((X509TrustManager) trustManagers[0]).getAcceptedIssuers();
                HashSet hashSet = new HashSet();
                if (a2 != null && a2.length > 0) {
                    for (X509Certificate x509Certificate : a2) {
                        hashSet.add(new TrustAnchor(x509Certificate, null));
                    }
                }
                if (acceptedIssuers != null && acceptedIssuers.length > 0) {
                    for (X509Certificate x509Certificate2 : acceptedIssuers) {
                        hashSet.add(new TrustAnchor(x509Certificate2, null));
                    }
                }
                if (hashSet.size() == 0) {
                    throw new Exception("无可信任根证书");
                }
                d = new PKIXParameters(hashSet);
            }
            pKIXParameters = d;
        }
        return pKIXParameters;
    }

    private static CMSTypedStream b(co coVar, File file) {
        BufferedInputStream bufferedInputStream;
        BufferedOutputStream bufferedOutputStream = null;
        try {
            bufferedInputStream = new BufferedInputStream(new FileInputStream(((bk) coVar.d()).d(coVar.o())));
        } catch (Throwable th) {
            th = th;
            bufferedInputStream = null;
        }
        try {
            net.qihoo.secmail.h.c.l lVar = new net.qihoo.secmail.h.c.l(bufferedInputStream);
            IOUtils.closeQuietly((InputStream) bufferedInputStream);
            net.qihoo.secmail.h.d l = lVar.l();
            if (!(l instanceof net.qihoo.secmail.h.c.n)) {
                a(lVar);
                throw new Exception("邮件结构不符");
            }
            net.qihoo.secmail.h.c.n nVar = (net.qihoo.secmail.h.c.n) l;
            if (nVar.d() < 2) {
                a(lVar);
                throw new Exception("邮件结构不符");
            }
            try {
                BufferedOutputStream bufferedOutputStream2 = new BufferedOutputStream(new FileOutputStream(file));
                try {
                    a(bufferedOutputStream2, nVar.a(0));
                    bufferedOutputStream2.flush();
                    CMSTypedStream cMSTypedStream = new CMSTypedStream(new BufferedInputStream(new FileInputStream(file)));
                    a(lVar);
                    IOUtils.closeQuietly((OutputStream) bufferedOutputStream2);
                    return cMSTypedStream;
                } catch (Throwable th2) {
                    th = th2;
                    bufferedOutputStream = bufferedOutputStream2;
                    a(lVar);
                    if (bufferedOutputStream != null) {
                        IOUtils.closeQuietly((OutputStream) bufferedOutputStream);
                    }
                    throw th;
                }
            } catch (Throwable th3) {
                th = th3;
            }
        } catch (Throwable th4) {
            th = th4;
            IOUtils.closeQuietly((InputStream) bufferedInputStream);
            throw th;
        }
    }
}
