package net.qihoo.smail.q;

import android.content.Context;
import android.content.res.AssetManager;
import java.io.BufferedInputStream;
import java.io.BufferedOutputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.io.InputStream;
import java.io.OutputStream;
import java.math.BigInteger;
import java.nio.charset.Charset;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.MessageDigest;
import java.security.NoSuchAlgorithmException;
import java.security.PrivateKey;
import java.security.Security;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.security.cert.PKIXParameters;
import java.security.cert.TrustAnchor;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.Iterator;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactory;
import javax.net.ssl.X509TrustManager;
import net.qihoo.smail.n.aa;
import net.qihoo.smail.n.d.bq;
import net.qihoo.smail.n.d.cw;
import net.qihoo.smail.n.d.de;
import net.qihoo.smail.n.x;
import org.apache.commons.io.IOUtils;
import org.apache.james.mime4j.dom.field.FieldName;
import org.apache.james.mime4j.util.MimeUtil;
import org.spongycastle.asn1.ASN1EncodableVector;
import org.spongycastle.asn1.cms.AttributeTable;
import org.spongycastle.asn1.cms.IssuerAndSerialNumber;
import org.spongycastle.asn1.smime.SMIMECapabilitiesAttribute;
import org.spongycastle.asn1.smime.SMIMECapability;
import org.spongycastle.asn1.smime.SMIMECapabilityVector;
import org.spongycastle.asn1.smime.SMIMEEncryptionKeyPreferenceAttribute;
import org.spongycastle.asn1.x500.X500Name;
import org.spongycastle.cert.jcajce.JcaCertStore;
import org.spongycastle.cms.CMSSignedDataParser;
import org.spongycastle.cms.CMSSignedDataStreamGenerator;
import org.spongycastle.cms.CMSTypedStream;
import org.spongycastle.cms.jcajce.JcaSimpleSignerInfoGeneratorBuilder;
import org.spongycastle.jce.provider.BouncyCastleProvider;
import org.spongycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder;
import org.spongycastle.util.Strings;

/* loaded from: classes3.dex */
public class k {

    /* renamed from: a, reason: collision with root package name */
    private static final String f3309a = "360mail.bks";

    /* renamed from: b, reason: collision with root package name */
    private static final String f3310b = "939309dcc65431ed69a567989e38cc94";

    /* renamed from: c, reason: collision with root package name */
    private static final String f3311c = "application/x-pkcs7-signature; name=smime.p7s";

    /* renamed from: d, reason: collision with root package name */
    private static PKIXParameters f3312d = null;

    static {
        Security.insertProviderAt(new BouncyCastleProvider(), 1);
    }

    public static net.qihoo.smail.n.c.m a(net.qihoo.smail.n.c.m mVar, File file) {
        try {
            net.qihoo.smail.n.c.j jVar = new net.qihoo.smail.n.c.j(mVar.l());
            a(jVar, mVar);
            net.qihoo.smail.n.c.j jVar2 = new net.qihoo.smail.n.c.j();
            jVar2.a("Content-Type", f3311c);
            jVar2.a("Content-Disposition", "attachment; filename=\"smime.p7s\"");
            jVar2.a(FieldName.CONTENT_DESCRIPTION, "S/MIME Cryptographic Signature");
            jVar2.a("Content-Transfer-Encoding", MimeUtil.ENC_BASE64);
            String a2 = mVar.h()[0].a();
            CMSSignedDataStreamGenerator a3 = a(g.b(a2), g.a(a2));
            File file2 = new File(file, "smime.p7s");
            FileOutputStream fileOutputStream = new FileOutputStream(file2);
            OutputStream open = a3.open(fileOutputStream);
            jVar.a(open);
            open.close();
            fileOutputStream.close();
            de deVar = new de(file2.getPath());
            deVar.a(MimeUtil.ENC_BASE64);
            jVar2.a(deVar);
            StringBuffer stringBuffer = new StringBuffer("signed; protocol=\"application/x-pkcs7-signature\"");
            stringBuffer.append("; micalg=SHA1");
            String stringBuffer2 = stringBuffer.toString();
            net.qihoo.smail.n.c.o oVar = new net.qihoo.smail.n.c.o();
            oVar.e(stringBuffer2);
            oVar.a((net.qihoo.smail.n.e) jVar);
            oVar.a((net.qihoo.smail.n.e) jVar2);
            oVar.a(MimeUtil.ENC_7BIT);
            mVar.a(oVar);
            return mVar;
        } catch (Exception e) {
            e.printStackTrace();
            throw new Exception("Faild to sign message", e);
        }
    }

    private static CMSSignedDataParser a(cw cwVar, File file) {
        try {
            if (!cwVar.j("multipart/signed")) {
                InputStream b2 = b(cwVar);
                if (b2 == null) {
                    throw new Exception("密封签名邮件流获取失败");
                }
                return new CMSSignedDataParser(new JcaDigestCalculatorProviderBuilder().build(), b2);
            }
            byte[] a2 = a(cwVar);
            if (a2 == null) {
                throw new Exception("找不到签名块");
            }
            CMSTypedStream b3 = b(cwVar, file);
            if (b3 == null) {
                throw new Exception("找不到邮件内容");
            }
            return new CMSSignedDataParser(new JcaDigestCalculatorProviderBuilder().build(), b3, a2);
        } catch (x e) {
            throw new Exception("邮件类型解析错误", e);
        }
    }

    private static CMSSignedDataStreamGenerator a(PrivateKey privateKey, Certificate[] certificateArr) {
        try {
            SMIMECapabilityVector sMIMECapabilityVector = new SMIMECapabilityVector();
            sMIMECapabilityVector.addCapability(SMIMECapability.dES_EDE3_CBC);
            sMIMECapabilityVector.addCapability(SMIMECapability.rC2_CBC, 128);
            sMIMECapabilityVector.addCapability(SMIMECapability.dES_CBC);
            ASN1EncodableVector aSN1EncodableVector = new ASN1EncodableVector();
            aSN1EncodableVector.add(new SMIMEEncryptionKeyPreferenceAttribute(new IssuerAndSerialNumber(new X500Name(((X509Certificate) certificateArr[0]).getIssuerDN().getName()), ((X509Certificate) certificateArr[0]).getSerialNumber())));
            aSN1EncodableVector.add(new SMIMECapabilitiesAttribute(sMIMECapabilityVector));
            CMSSignedDataStreamGenerator cMSSignedDataStreamGenerator = new CMSSignedDataStreamGenerator();
            cMSSignedDataStreamGenerator.addSignerInfoGenerator(new JcaSimpleSignerInfoGeneratorBuilder().setSignedAttributeGenerator(new AttributeTable(aSN1EncodableVector)).build("SHA1withRSA", privateKey, (X509Certificate) certificateArr[0]));
            ArrayList arrayList = new ArrayList();
            arrayList.addAll(Arrays.asList(certificateArr));
            cMSSignedDataStreamGenerator.addCertificates(new JcaCertStore(arrayList));
            return cMSSignedDataStreamGenerator;
        } catch (Exception e) {
            e.printStackTrace();
            return null;
        }
    }

    /* JADX WARN: Removed duplicated region for block: B:115:0x00ca  */
    /* JADX WARN: Removed duplicated region for block: B:117:0x00cf  */
    /* JADX WARN: Removed duplicated region for block: B:119:0x00d4  */
    /* JADX WARN: Removed duplicated region for block: B:121:0x00d9  */
    /* JADX WARN: Type inference failed for: r1v23, types: [int] */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public static void a(android.content.Context r15, net.qihoo.smail.n.d.cw r16, java.io.File r17) {
        /*
            Method dump skipped, instructions count: 578
            To view this dump add '--comments-level debug' option
        */
        throw new UnsupportedOperationException("Method not decompiled: net.qihoo.smail.q.k.a(android.content.Context, net.qihoo.smail.n.d.cw, java.io.File):void");
    }

    private static void a(OutputStream outputStream, aa aaVar) {
        Iterator<byte[]> it = aaVar.b_().iterator();
        while (it.hasNext()) {
            outputStream.write(it.next());
            outputStream.write(13);
            outputStream.write(10);
        }
        outputStream.write(13);
        outputStream.write(10);
        if (!(aaVar.l() instanceof net.qihoo.smail.n.c.o)) {
            if (aaVar.l() instanceof net.qihoo.smail.n.c.a) {
                ((net.qihoo.smail.n.c.a) aaVar.l()).b(outputStream);
                return;
            }
            return;
        }
        net.qihoo.smail.n.c.o oVar = (net.qihoo.smail.n.c.o) aaVar.l();
        if (oVar.h() != null) {
            outputStream.write(oVar.h().getBytes(Charset.forName("UTF-8")));
            outputStream.write(13);
            outputStream.write(10);
        }
        int d2 = oVar.d();
        if (d2 == 0) {
            outputStream.write(("--" + oVar.g).getBytes(Charset.forName("UTF-8")));
            outputStream.write(13);
            outputStream.write(10);
        } else {
            for (int i = 0; i < d2; i++) {
                outputStream.write(("--" + oVar.g).getBytes(Charset.forName("UTF-8")));
                outputStream.write(13);
                outputStream.write(10);
                a(outputStream, (net.qihoo.smail.n.c.j) oVar.a(i));
                outputStream.write(13);
                outputStream.write(10);
            }
        }
        outputStream.write(("--" + oVar.g + "--").getBytes(Charset.forName("UTF-8")));
        outputStream.write(13);
        outputStream.write(10);
    }

    private static void a(net.qihoo.smail.n.c.j jVar, net.qihoo.smail.n.c.m mVar) {
        for (String str : mVar.n()) {
            if (Strings.toLowerCase(str).startsWith("content-")) {
                jVar.b(str, mVar.f(str)[0]);
            }
        }
    }

    private static void a(net.qihoo.smail.n.c.m mVar) {
        net.qihoo.smail.n.d l = mVar.l();
        if (l instanceof net.qihoo.smail.n.c.o) {
            a((net.qihoo.smail.n.c.o) l);
        }
    }

    private static void a(net.qihoo.smail.n.c.o oVar) {
        int d2 = oVar.d();
        for (int i = 0; i < d2; i++) {
            net.qihoo.smail.n.d l = oVar.a(i).l();
            if (l instanceof net.qihoo.smail.n.c.a) {
                try {
                    ((net.qihoo.smail.n.c.a) l).a().close();
                } catch (Exception e) {
                }
            } else if (l instanceof net.qihoo.smail.n.c.o) {
                a((net.qihoo.smail.n.c.o) l);
            }
        }
    }

    private static boolean a(InputStream inputStream) {
        MessageDigest messageDigest = MessageDigest.getInstance("MD5");
        byte[] bArr = new byte[8192];
        while (true) {
            try {
                int read = inputStream.read(bArr);
                if (read <= 0) {
                    break;
                }
                messageDigest.update(bArr, 0, read);
            } catch (IOException e) {
                throw new Exception("验证根证书IO错误", e);
            }
        }
        return f3310b.equals(new BigInteger(1, messageDigest.digest()).toString(16));
    }

    private static byte[] a(cw cwVar) {
        return cwVar.J();
    }

    private static X509Certificate[] a() {
        TrustManagerFactory trustManagerFactory = TrustManagerFactory.getInstance("X509");
        trustManagerFactory.init((KeyStore) null);
        TrustManager[] trustManagers = trustManagerFactory.getTrustManagers();
        if (trustManagers == null || 0 >= trustManagers.length) {
            return null;
        }
        return ((X509TrustManager) trustManagers[0]).getAcceptedIssuers();
    }

    private static X509Certificate[] a(Context context) {
        AssetManager assets = context.getAssets();
        try {
            InputStream open = assets.open(f3309a);
            if (!a(open)) {
                throw new Exception("内置根证书完整性校验失败，请检查客户端完整性");
            }
            if (open != null) {
                try {
                    open.close();
                } catch (IOException e) {
                }
            }
            InputStream inputStream = null;
            try {
                try {
                    try {
                        try {
                            ArrayList arrayList = new ArrayList();
                            inputStream = assets.open(f3309a);
                            KeyStore keyStore = KeyStore.getInstance("BKS");
                            keyStore.load(inputStream, "360mail".toCharArray());
                            Enumeration<String> aliases = keyStore.aliases();
                            while (aliases.hasMoreElements()) {
                                String nextElement = aliases.nextElement();
                                if (keyStore.isCertificateEntry(nextElement)) {
                                    Certificate certificate = keyStore.getCertificate(nextElement);
                                    if (certificate instanceof X509Certificate) {
                                        arrayList.add((X509Certificate) certificate);
                                    }
                                }
                            }
                            return (X509Certificate[]) arrayList.toArray(new X509Certificate[0]);
                        } catch (KeyStoreException e2) {
                            throw new Exception("建立内置证书库错误", e2);
                        }
                    } catch (IOException e3) {
                        throw new Exception("读取内置根证书错误", e3);
                    }
                } finally {
                    if (inputStream != null) {
                        try {
                            inputStream.close();
                        } catch (IOException e4) {
                        }
                    }
                }
            } catch (NoSuchAlgorithmException e5) {
                throw new Exception("内置证书库算法不支持", e5);
            } catch (CertificateException e6) {
                throw new Exception("内置根证书加载错误", e6);
            }
        } catch (IOException e7) {
            throw new Exception("内置根证书流打开错误", e7);
        }
    }

    private static InputStream b(cw cwVar) {
        InputStream L = cwVar.L();
        if (L != null) {
            return new BufferedInputStream(L);
        }
        return null;
    }

    private static synchronized PKIXParameters b(Context context) {
        PKIXParameters pKIXParameters;
        synchronized (k.class) {
            if (f3312d == null) {
                X509Certificate[] a2 = a(context);
                X509Certificate[] a3 = a();
                HashSet hashSet = new HashSet();
                if (a2 != null && a2.length > 0) {
                    for (X509Certificate x509Certificate : a2) {
                        hashSet.add(new TrustAnchor(x509Certificate, null));
                    }
                }
                if (a3 != null && a3.length > 0) {
                    for (X509Certificate x509Certificate2 : a3) {
                        hashSet.add(new TrustAnchor(x509Certificate2, null));
                    }
                }
                if (hashSet.size() == 0) {
                    throw new Exception("无可信任根证书");
                }
                f3312d = new PKIXParameters(hashSet);
            }
            pKIXParameters = f3312d;
        }
        return pKIXParameters;
    }

    private static CMSTypedStream b(cw cwVar, File file) {
        BufferedInputStream bufferedInputStream;
        BufferedOutputStream bufferedOutputStream = null;
        try {
            bufferedInputStream = new BufferedInputStream(new FileInputStream(((bq) cwVar.d()).d(cwVar.o())));
        } catch (Throwable th) {
            th = th;
            bufferedInputStream = null;
        }
        try {
            net.qihoo.smail.n.c.m mVar = new net.qihoo.smail.n.c.m(bufferedInputStream);
            IOUtils.closeQuietly((InputStream) bufferedInputStream);
            net.qihoo.smail.n.d l = mVar.l();
            if (!(l instanceof net.qihoo.smail.n.c.o)) {
                a(mVar);
                throw new Exception("邮件结构不符");
            }
            net.qihoo.smail.n.c.o oVar = (net.qihoo.smail.n.c.o) l;
            if (oVar.d() < 2) {
                a(mVar);
                throw new Exception("邮件结构不符");
            }
            try {
                BufferedOutputStream bufferedOutputStream2 = new BufferedOutputStream(new FileOutputStream(file));
                try {
                    a(bufferedOutputStream2, oVar.a(0));
                    bufferedOutputStream2.flush();
                    CMSTypedStream cMSTypedStream = new CMSTypedStream(new BufferedInputStream(new FileInputStream(file)));
                    a(mVar);
                    if (bufferedOutputStream2 != null) {
                        IOUtils.closeQuietly((OutputStream) bufferedOutputStream2);
                    }
                    return cMSTypedStream;
                } catch (Throwable th2) {
                    th = th2;
                    bufferedOutputStream = bufferedOutputStream2;
                    a(mVar);
                    if (bufferedOutputStream != null) {
                        IOUtils.closeQuietly((OutputStream) bufferedOutputStream);
                    }
                    throw th;
                }
            } catch (Throwable th3) {
                th = th3;
            }
        } catch (Throwable th4) {
            th = th4;
            IOUtils.closeQuietly((InputStream) bufferedInputStream);
            throw th;
        }
    }
}
