package org.kman.AquaMail.cert.smime;

import androidx.compose.runtime.internal.q;
import java.io.ByteArrayInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.security.KeyStore;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.Collection;
import java.util.Enumeration;
import javax.net.ssl.KeyManagerFactory;
import kotlin.jvm.internal.k0;
import org.bouncycastle.jcajce.provider.asymmetric.x509.CertificateFactory;
import org.kman.AquaMail.cert.smime.i;
import org.kman.AquaMail.io.v;
import org.kman.AquaMail.mail.smime.SMimeError;

@q(parameters = 0)
/* loaded from: classes5.dex */
public final class j implements i {
    public static final int $stable = 8;

    /* renamed from: b, reason: collision with root package name */
    @y6.l
    private final i.b f51701b;

    public j(@y6.l i.b smimeCertData) {
        k0.p(smimeCertData, "smimeCertData");
        this.f51701b = smimeCertData;
    }

    private final b7.d b(Collection<Object> collection) {
        b7.d dVar = new b7.d();
        if (collection != null && !collection.isEmpty()) {
            for (Object obj : collection) {
                if (!(obj instanceof X509Certificate)) {
                    throw new SMimeError(org.kman.AquaMail.mail.smime.a.ERROR_CERT_INVALID_CERT_CONTAINER, "Cert container contains invalid certificates", null, 4, null);
                }
                dVar.add(obj);
            }
        }
        return dVar;
    }

    private final b7.d c(Certificate[] certificateArr) {
        b7.d dVar = new b7.d();
        if (certificateArr != null) {
            if (!(certificateArr.length == 0)) {
                for (Certificate certificate : certificateArr) {
                    if (!(certificate instanceof X509Certificate)) {
                        int i8 = (0 << 0) << 4;
                        throw new SMimeError(org.kman.AquaMail.mail.smime.a.ERROR_CERT_INVALID_CERT_CONTAINER, "Cert container contains invalid certificates", null, 4, null);
                    }
                    dVar.add(certificate);
                }
            }
        }
        return dVar;
    }

    private final void e(d dVar) {
        String l8 = this.f51701b.l();
        if (k0.g(l8, org.kman.AquaMail.mail.smime.a.PKCS_TYPE_P12)) {
            g(dVar);
        } else if (k0.g(l8, org.kman.AquaMail.mail.smime.a.PKCS_PEM)) {
            f(dVar);
        }
    }

    private final void f(d dVar) {
        try {
            FileInputStream fileInputStream = new FileInputStream(this.f51701b.j());
            try {
                k.f51702a.p(b(new CertificateFactory().engineGenerateCertificates(new ByteArrayInputStream(org.kman.AquaMail.mail.smime.b.f56497a.j(fileInputStream, dVar.g())))), dVar);
                kotlin.io.c.a(fileInputStream, null);
            } finally {
            }
        } catch (Exception e9) {
            throw new SMimeError(org.kman.AquaMail.mail.smime.a.ERROR_CERT_FAILED_TO_LOAD_FILE, "Error reading S/Mime certificate", e9);
        }
    }

    private final void g(d dVar) {
        FileInputStream fileInputStream;
        Certificate[] certificateChain;
        try {
            File j8 = this.f51701b.j();
            char[] i8 = this.f51701b.i();
            char[] h8 = this.f51701b.h();
            KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
            KeyStore keyStore = KeyStore.getInstance(org.kman.AquaMail.mail.smime.a.KEYSTORE_TYPE);
            FileInputStream fileInputStream2 = null;
            try {
                try {
                    fileInputStream = new FileInputStream(j8);
                } catch (Exception unused) {
                }
            } catch (Throwable th) {
                th = th;
            }
            try {
                ByteArrayInputStream byteArrayInputStream = new ByteArrayInputStream(org.kman.AquaMail.mail.smime.b.f56497a.j(fileInputStream, this.f51701b.k()));
                keyStore.load(byteArrayInputStream, i8);
                keyManagerFactory.init(keyStore, i8);
                v.a(byteArrayInputStream);
                v.a(fileInputStream);
                Enumeration<String> aliases = keyStore.aliases();
                while (true) {
                    if (!aliases.hasMoreElements()) {
                        break;
                    }
                    String nextElement = aliases.nextElement();
                    if (nextElement != null && (certificateChain = keyStore.getCertificateChain(nextElement)) != null) {
                        if (k.f51702a.p(c(certificateChain), dVar) != null) {
                            try {
                                KeyStore.Entry entry = keyStore.getEntry(nextElement, new KeyStore.PasswordProtection(h8));
                                k0.n(entry, "null cannot be cast to non-null type java.security.KeyStore.PrivateKeyEntry");
                                dVar.D(((KeyStore.PrivateKeyEntry) entry).getPrivateKey());
                                dVar.s(nextElement);
                                break;
                            } catch (Exception unused2) {
                                throw new SMimeError(org.kman.AquaMail.mail.smime.a.ERROR_CERT_PRIVATE_KEY_WRONG_PASS, "Private key wrong password", null, 4, null);
                            }
                        }
                    }
                }
                if (k0.g(dVar.h(), Boolean.TRUE)) {
                    dVar.B(keyStore);
                }
                b7.d d9 = dVar.d();
                if (d9 == null || d9.isEmpty()) {
                    throw new SMimeError(org.kman.AquaMail.mail.smime.a.ERROR_CERT_NO_SMIME_CERT_IN_FILE, "Could not load S/Mime certificate", null, 4, null);
                }
                if (dVar.l() == null) {
                    throw new SMimeError(org.kman.AquaMail.mail.smime.a.ERROR_CERT_PRIVATE_KEY_NULL, "Error loading Private Key", null, 4, null);
                }
            } catch (Exception unused3) {
                fileInputStream2 = fileInputStream;
                int i9 = 4 >> 0;
                throw new SMimeError(org.kman.AquaMail.mail.smime.a.ERROR_CERT_CERT_WRONG_PASS, "Certificate password wrong", null, 4, null);
            } catch (Throwable th2) {
                th = th2;
                fileInputStream2 = fileInputStream;
                v.a(fileInputStream2);
                throw th;
            }
        } catch (SMimeError e9) {
            throw e9;
        } catch (Exception e10) {
            throw new SMimeError(org.kman.AquaMail.mail.smime.a.ERROR_CERT_FAILED_TO_LOAD_FILE, "Error reading S/Mime certificate", e10);
        }
    }

    @Override // org.kman.AquaMail.cert.smime.i
    public void a(@y6.l d smimeCertStore) {
        k0.p(smimeCertStore, "smimeCertStore");
        e(smimeCertStore);
    }

    @y6.l
    public final i.b d() {
        return this.f51701b;
    }
}
