package com.fsck.k9.mail.ssl;

import android.content.Context;
import android.security.KeyChain;
import android.security.KeyChainException;
import androidx.appcompat.view.SupportMenuInflater$$ExternalSyntheticOutline0;
import com.fsck.k9.mail.CertificateValidationException;
import com.fsck.k9.mail.MessagingException;
import java.net.Socket;
import java.security.Principal;
import java.security.PrivateKey;
import java.security.cert.CertificateException;
import java.security.cert.X509Certificate;
import javax.net.ssl.SSLEngine;
import javax.net.ssl.X509ExtendedKeyManager;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes.dex */
public class KeyChainKeyManager extends X509ExtendedKeyManager {
    private final String mAlias;
    private final X509Certificate[] mChain;
    private final PrivateKey mPrivateKey;

    public KeyChainKeyManager(Context context, String str) throws MessagingException {
        this.mAlias = str;
        try {
            this.mChain = fetchCertificateChain(context, str);
            this.mPrivateKey = fetchPrivateKey(context, str);
        } catch (KeyChainException e) {
            throw new CertificateValidationException(e.getMessage(), CertificateValidationException.Reason.RetrievalFailure, str);
        } catch (InterruptedException e2) {
            throw new CertificateValidationException(e2.getMessage(), CertificateValidationException.Reason.RetrievalFailure, str);
        }
    }

    /* JADX WARN: Code restructure failed: missing block: B:22:0x0055, code lost:
    
        if (r12.length != 0) goto L29;
     */
    /* JADX WARN: Code restructure failed: missing block: B:23:0x0058, code lost:
    
        r11 = java.util.Arrays.asList(r12);
        r12 = r10.mChain;
        r1 = r12.length;
        r3 = 0;
     */
    /* JADX WARN: Code restructure failed: missing block: B:24:0x0060, code lost:
    
        if (r3 >= r1) goto L49;
     */
    /* JADX WARN: Code restructure failed: missing block: B:26:0x006c, code lost:
    
        if (r11.contains(r12[r3].getIssuerX500Principal()) == false) goto L35;
     */
    /* JADX WARN: Code restructure failed: missing block: B:27:0x0071, code lost:
    
        r3 = r3 + 1;
     */
    /* JADX WARN: Code restructure failed: missing block: B:30:0x0070, code lost:
    
        return r10.mAlias;
     */
    /* JADX WARN: Code restructure failed: missing block: B:33:0x0074, code lost:
    
        timber.log.Timber.Forest.w("Client certificate %s not issued by any of the requested issuers", r10.mAlias);
     */
    /* JADX WARN: Code restructure failed: missing block: B:34:0x0081, code lost:
    
        return null;
     */
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    private java.lang.String chooseAlias(java.lang.String[] r11, java.security.Principal[] r12) {
        /*
            r10 = this;
            r0 = 0
            if (r11 == 0) goto L92
            int r1 = r11.length
            if (r1 != 0) goto L8
            goto L92
        L8:
            java.security.cert.X509Certificate[] r1 = r10.mChain
            r2 = 0
            r1 = r1[r2]
            java.security.PublicKey r3 = r1.getPublicKey()
            java.lang.String r3 = r3.getAlgorithm()
            java.lang.String r1 = r1.getSigAlgName()
            java.util.Locale r4 = java.util.Locale.US
            java.lang.String r1 = r1.toUpperCase(r4)
            int r4 = r11.length
            r5 = 0
        L21:
            r6 = 1
            if (r5 >= r4) goto L85
            r7 = r11[r5]
            if (r7 != 0) goto L29
            goto L4f
        L29:
            r8 = 95
            int r8 = r7.indexOf(r8)
            r9 = -1
            if (r8 != r9) goto L34
            r9 = r0
            goto L3e
        L34:
            int r9 = r8 + 1
            java.lang.String r9 = r7.substring(r9)
            java.lang.String r7 = r7.substring(r2, r8)
        L3e:
            boolean r7 = r3.equals(r7)
            if (r7 != 0) goto L45
            goto L4f
        L45:
            if (r9 == 0) goto L52
            if (r1 == 0) goto L52
            boolean r7 = r1.contains(r9)
            if (r7 != 0) goto L52
        L4f:
            int r5 = r5 + 1
            goto L21
        L52:
            if (r12 == 0) goto L82
            int r11 = r12.length
            if (r11 != 0) goto L58
            goto L82
        L58:
            java.util.List r11 = java.util.Arrays.asList(r12)
            java.security.cert.X509Certificate[] r12 = r10.mChain
            int r1 = r12.length
            r3 = 0
        L60:
            if (r3 >= r1) goto L74
            r4 = r12[r3]
            javax.security.auth.x500.X500Principal r4 = r4.getIssuerX500Principal()
            boolean r4 = r11.contains(r4)
            if (r4 == 0) goto L71
            java.lang.String r11 = r10.mAlias
            return r11
        L71:
            int r3 = r3 + 1
            goto L60
        L74:
            java.lang.Object[] r11 = new java.lang.Object[r6]
            java.lang.String r12 = r10.mAlias
            r11[r2] = r12
            timber.log.Timber$Forest r12 = timber.log.Timber.Forest
            java.lang.String r1 = "Client certificate %s not issued by any of the requested issuers"
            r12.w(r1, r11)
            return r0
        L82:
            java.lang.String r11 = r10.mAlias
            return r11
        L85:
            java.lang.Object[] r11 = new java.lang.Object[r6]
            java.lang.String r12 = r10.mAlias
            r11[r2] = r12
            timber.log.Timber$Forest r12 = timber.log.Timber.Forest
            java.lang.String r1 = "Client certificate %s does not match any of the requested key types"
            r12.w(r1, r11)
        L92:
            return r0
        */
        throw new UnsupportedOperationException("Method not decompiled: com.fsck.k9.mail.ssl.KeyChainKeyManager.chooseAlias(java.lang.String[], java.security.Principal[]):java.lang.String");
    }

    private X509Certificate[] fetchCertificateChain(Context context, String str) throws KeyChainException, InterruptedException, MessagingException {
        X509Certificate[] certificateChain = KeyChain.getCertificateChain(context, str);
        if (certificateChain == null || certificateChain.length == 0) {
            throw new MessagingException(SupportMenuInflater$$ExternalSyntheticOutline0.m("No certificate chain found for: ", str));
        }
        try {
            for (X509Certificate x509Certificate : certificateChain) {
                x509Certificate.checkValidity();
            }
            return certificateChain;
        } catch (CertificateException e) {
            throw new CertificateValidationException(e.getMessage(), CertificateValidationException.Reason.Expired, str);
        }
    }

    private PrivateKey fetchPrivateKey(Context context, String str) throws KeyChainException, InterruptedException, MessagingException {
        PrivateKey privateKey = KeyChain.getPrivateKey(context, str);
        if (privateKey != null) {
            return privateKey;
        }
        throw new MessagingException(SupportMenuInflater$$ExternalSyntheticOutline0.m("No private key found for: ", str));
    }

    @Override // javax.net.ssl.X509KeyManager
    public String chooseClientAlias(String[] strArr, Principal[] principalArr, Socket socket) {
        return chooseAlias(strArr, principalArr);
    }

    @Override // javax.net.ssl.X509ExtendedKeyManager
    public String chooseEngineClientAlias(String[] strArr, Principal[] principalArr, SSLEngine sSLEngine) {
        return chooseAlias(strArr, principalArr);
    }

    @Override // javax.net.ssl.X509ExtendedKeyManager
    public String chooseEngineServerAlias(String str, Principal[] principalArr, SSLEngine sSLEngine) {
        return chooseAlias(new String[]{str}, principalArr);
    }

    @Override // javax.net.ssl.X509KeyManager
    public String chooseServerAlias(String str, Principal[] principalArr, Socket socket) {
        return chooseAlias(new String[]{str}, principalArr);
    }

    @Override // javax.net.ssl.X509KeyManager
    public X509Certificate[] getCertificateChain(String str) {
        if (this.mAlias.equals(str)) {
            return this.mChain;
        }
        return null;
    }

    @Override // javax.net.ssl.X509KeyManager
    public String[] getClientAliases(String str, Principal[] principalArr) {
        String chooseAlias = chooseAlias(new String[]{str}, principalArr);
        if (chooseAlias == null) {
            return null;
        }
        return new String[]{chooseAlias};
    }

    @Override // javax.net.ssl.X509KeyManager
    public PrivateKey getPrivateKey(String str) {
        if (this.mAlias.equals(str)) {
            return this.mPrivateKey;
        }
        return null;
    }

    @Override // javax.net.ssl.X509KeyManager
    public String[] getServerAliases(String str, Principal[] principalArr) {
        String chooseAlias = chooseAlias(new String[]{str}, principalArr);
        if (chooseAlias == null) {
            return null;
        }
        return new String[]{chooseAlias};
    }
}
