package com.citrix.client.c.e.e;

import android.net.http.SslCertificate;
import com.citrix.client.Receiver.contracts.PromptContract$RequestType;
import com.citrix.client.Receiver.exceptions.CertStorageException;
import com.citrix.client.Receiver.params.AMParams;
import com.citrix.client.Receiver.params.C0415s;
import com.citrix.client.Receiver.params.C0416t;
import com.citrix.client.Receiver.repository.storage.InterfaceC0466o;
import com.citrix.client.Receiver.ui.activities.DialogActivity;
import com.citrix.client.Receiver.util.r;
import java.net.Socket;
import java.security.cert.CertificateException;
import java.security.cert.CertificateParsingException;
import java.security.cert.X509Certificate;
import java.util.Arrays;
import javax.net.ssl.X509TrustManager;

/* compiled from: ServerCertValidator.java */
/* loaded from: classes.dex */
public class c implements AMParams.f {

    /* renamed from: a, reason: collision with root package name */
    private final InterfaceC0466o f6424a;

    /* renamed from: b, reason: collision with root package name */
    private final String f6425b;

    /* renamed from: c, reason: collision with root package name */
    private X509TrustManager f6426c;

    /* JADX WARN: Removed duplicated region for block: B:11:? A[RETURN, SYNTHETIC] */
    /* JADX WARN: Removed duplicated region for block: B:8:0x002d  */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    public c(java.lang.String r5, com.citrix.client.Receiver.repository.storage.InterfaceC0466o r6) {
        /*
            r4 = this;
            r4.<init>()
            r4.f6424a = r6
            r4.f6425b = r5
            r5 = 0
            r6 = 0
            java.lang.String r0 = javax.net.ssl.TrustManagerFactory.getDefaultAlgorithm()     // Catch: java.security.KeyStoreException -> L1d java.security.NoSuchAlgorithmException -> L1f
            javax.net.ssl.TrustManagerFactory r0 = javax.net.ssl.TrustManagerFactory.getInstance(r0)     // Catch: java.security.KeyStoreException -> L1d java.security.NoSuchAlgorithmException -> L1f
            r0.init(r6)     // Catch: java.security.KeyStoreException -> L16 java.security.NoSuchAlgorithmException -> L18
            r6 = r0
            goto L2b
        L16:
            r6 = move-exception
            goto L19
        L18:
            r6 = move-exception
        L19:
            r3 = r0
            r0 = r6
            r6 = r3
            goto L20
        L1d:
            r0 = move-exception
            goto L20
        L1f:
            r0 = move-exception
        L20:
            java.lang.String r0 = com.citrix.client.Receiver.util.r.a(r0)
            java.lang.String[] r1 = new java.lang.String[r5]
            java.lang.String r2 = "SCertValidator"
            com.citrix.client.Receiver.util.r.b(r2, r0, r1)
        L2b:
            if (r6 == 0) goto L37
            javax.net.ssl.TrustManager[] r6 = r6.getTrustManagers()
            r5 = r6[r5]
            javax.net.ssl.X509TrustManager r5 = (javax.net.ssl.X509TrustManager) r5
            r4.f6426c = r5
        L37:
            return
        */
        throw new UnsupportedOperationException("Method not decompiled: com.citrix.client.c.e.e.c.<init>(java.lang.String, com.citrix.client.Receiver.repository.storage.o):void");
    }

    private X509Certificate a(String str, X509Certificate[] x509CertificateArr) throws CertificateParsingException {
        if (x509CertificateArr.length <= 0) {
            return null;
        }
        return x509CertificateArr[0];
    }

    private void a(String str, String str2, X509Certificate[] x509CertificateArr) throws CertificateException {
        r.c("SCertValidator", "Validating for store:" + this.f6425b + " Host:" + str + " authType:" + str2, new String[0]);
        if (!this.f6425b.toLowerCase().contains(str.toLowerCase())) {
            r.c("SCertValidator", "store id differs from Host:" + this.f6425b + " Host:" + str, new String[0]);
            this.f6424a.a(x509CertificateArr);
        }
        X509Certificate[] b2 = b();
        if (b2 == null || b2.length <= 0 || !Arrays.deepEquals(b2, x509CertificateArr)) {
            if (!b(str, x509CertificateArr)) {
                throw new CertificateException("User did not trust the cert chain for Host " + str);
            }
            X509Certificate a2 = a(str, x509CertificateArr);
            if (a2 != null) {
                a(a2, x509CertificateArr);
                return;
            }
            throw new CertificateException("Cannot get primary certificate for Host" + str);
        }
    }

    private void a(X509Certificate x509Certificate, X509Certificate[] x509CertificateArr) throws CertificateException {
        try {
            this.f6424a.a(this.f6425b, x509Certificate.getPublicKey().getEncoded(), x509CertificateArr);
        } catch (CertStorageException e2) {
            r.b("SCertValidator", r.a(e2), new String[0]);
            throw new CertificateException("Cannot Store certificates");
        }
    }

    private boolean a(C0415s c0415s) throws CertificateException {
        C0416t c0416t = (C0416t) DialogActivity.a(PromptContract$RequestType.CERT_WARNING, c0415s);
        r.c("SCertValidator", "Response received for promptUser:" + c0416t.toString(), new String[0]);
        switch (b.f6423a[c0416t.b().ordinal()]) {
            case 1:
                return true;
            case 2:
                throw new CertificateException("User did not accept the cert chain for:" + c0415s.c());
            case 3:
                throw new CertificateException("EXCEPTION_THROWN:" + c0416t.a());
            case 4:
                throw new CertificateException("APPLICATION_ERROR_OCCURRED");
            case 5:
                throw new CertificateException("INVALID_REQUEST");
            case 6:
                throw new CertificateException("MAX_TIMEOUT_OCCURRED");
            default:
                throw new CertificateException("Unknown Result:" + c0416t.b());
        }
    }

    private boolean b(String str, SslCertificate sslCertificate) throws CertificateException {
        return a(new C0415s(str, null, sslCertificate));
    }

    private boolean b(String str, X509Certificate[] x509CertificateArr) throws CertificateException {
        return a(new C0415s(str, x509CertificateArr, null));
    }

    private X509Certificate[] b() throws CertificateException {
        try {
            return this.f6424a.getCertificateChain(this.f6425b);
        } catch (CertStorageException e2) {
            r.b("SCertValidator", r.a(e2), new String[0]);
            throw new CertificateException("Cannot get cert chain from keystore");
        }
    }

    @Override // com.citrix.client.Receiver.params.AMParams.f
    public X509TrustManager a() {
        return this.f6426c;
    }

    @Override // com.citrix.auth.z
    public void a(String str, int i, X509Certificate[] x509CertificateArr, String str2) throws CertificateException {
        try {
            if (this.f6426c == null) {
                throw new CertificateException("no Default TrustManager");
            }
            this.f6426c.checkServerTrusted(x509CertificateArr, str2);
        } catch (CertificateException e2) {
            r.b("SCertValidator", r.a(e2), new String[0]);
            a(str, str2, x509CertificateArr);
        }
    }

    @Override // com.citrix.client.Receiver.params.AMParams.f
    public void a(String str, SslCertificate sslCertificate) throws CertificateException {
        r.c("SCertValidator", "Validating for store:" + this.f6425b + " Host:" + str + " :" + sslCertificate, new String[0]);
        if (!this.f6425b.toLowerCase().contains(str.toLowerCase())) {
            r.c("SCertValidator", "store id differs from Host name:" + this.f6425b + " Host:" + str, new String[0]);
        }
        SslCertificate a2 = this.f6424a.a(this.f6425b);
        if (a2 == null || !d.a(sslCertificate, a2)) {
            if (b(str, sslCertificate)) {
                this.f6424a.a(this.f6425b, sslCertificate);
                return;
            }
            throw new CertificateException("User did not trust the cert chain for Host " + str);
        }
    }

    @Override // com.citrix.auth.z
    public void a(String str, X509Certificate[] x509CertificateArr, String str2, Socket socket) throws CertificateException {
        try {
            if (this.f6426c == null) {
                throw new CertificateException("no Default TrustManager");
            }
            this.f6426c.checkServerTrusted(x509CertificateArr, str2);
        } catch (CertificateException e2) {
            r.b("SCertValidator", r.a(e2), new String[0]);
            a(str, str2, x509CertificateArr);
        }
    }
}
