package org.openjsse.sun.security.ssl;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.lang.ref.WeakReference;
import java.security.AccessController;
import java.security.KeyStore;
import java.security.PrivilegedAction;
import java.security.PrivilegedExceptionAction;
import java.security.cert.X509Certificate;
import java.util.Collections;
import java.util.Date;
import java.util.Objects;
import java.util.Set;
import org.conscrypt.BuildConfig;
import org.openjsse.sun.security.validator.TrustStoreUtil;
import sun.security.action.GetPropertyAction;
import sun.security.action.OpenFileInputStreamAction;
import t0.d;

/* JADX INFO: Access modifiers changed from: package-private */
/* loaded from: classes.dex */
public final class TrustStoreManager {
    private static final TrustAnchorManager tam = new TrustAnchorManager();

    /* loaded from: classes.dex */
    public static final class TrustAnchorManager {
        private WeakReference<Set<X509Certificate>> csRef;
        private TrustStoreDescriptor descriptor;
        private WeakReference<KeyStore> ksRef;

        private TrustAnchorManager() {
            this.descriptor = null;
            this.ksRef = new WeakReference<>(null);
            this.csRef = new WeakReference<>(null);
        }

        private static KeyStore loadKeyStore(TrustStoreDescriptor trustStoreDescriptor) {
            if (!"NONE".equals(trustStoreDescriptor.storeName) && trustStoreDescriptor.storeFile == null) {
                if (SSLLogger.isOn && SSLLogger.isOn("trustmanager")) {
                    SSLLogger.fine("No available key store", new Object[0]);
                }
                return null;
            }
            KeyStore keyStore = trustStoreDescriptor.storeProvider.isEmpty() ? KeyStore.getInstance(trustStoreDescriptor.storeType) : KeyStore.getInstance(trustStoreDescriptor.storeType, trustStoreDescriptor.storeProvider);
            char[] charArray = !trustStoreDescriptor.storePassword.isEmpty() ? trustStoreDescriptor.storePassword.toCharArray() : null;
            if ("NONE".equals(trustStoreDescriptor.storeName)) {
                keyStore.load(null, charArray);
            } else {
                try {
                    FileInputStream fileInputStream = (FileInputStream) AccessController.doPrivileged((PrivilegedExceptionAction) new OpenFileInputStreamAction(trustStoreDescriptor.storeFile));
                    try {
                        keyStore.load(fileInputStream, charArray);
                        if (fileInputStream != null) {
                            fileInputStream.close();
                        }
                    } finally {
                    }
                } catch (FileNotFoundException unused) {
                    if (SSLLogger.isOn && SSLLogger.isOn("trustmanager")) {
                        SSLLogger.fine("Not available key store: " + trustStoreDescriptor.storeName, new Object[0]);
                    }
                    return null;
                }
            }
            return keyStore;
        }

        private static Set<X509Certificate> loadTrustedCerts(KeyStore keyStore) {
            return keyStore == null ? Collections.emptySet() : TrustStoreUtil.getTrustedCerts(keyStore);
        }

        public synchronized KeyStore getKeyStore(TrustStoreDescriptor trustStoreDescriptor) {
            TrustStoreDescriptor trustStoreDescriptor2 = this.descriptor;
            KeyStore keyStore = this.ksRef.get();
            if (keyStore != null && trustStoreDescriptor.equals(trustStoreDescriptor2)) {
                return keyStore;
            }
            if (SSLLogger.isOn && SSLLogger.isOn("trustmanager")) {
                SSLLogger.fine("Reload the trust store", new Object[0]);
            }
            KeyStore loadKeyStore = loadKeyStore(trustStoreDescriptor);
            this.descriptor = trustStoreDescriptor;
            this.ksRef = new WeakReference<>(loadKeyStore);
            return loadKeyStore;
        }

        /* JADX WARN: Removed duplicated region for block: B:15:0x0031 A[Catch: all -> 0x001a, TryCatch #0 {all -> 0x001a, blocks: (B:4:0x0003, B:6:0x000f, B:11:0x0017, B:15:0x0031, B:17:0x0035, B:19:0x003d, B:20:0x0044, B:21:0x0048, B:23:0x004c, B:25:0x0054, B:26:0x005b, B:28:0x0061, B:30:0x0069, B:31:0x0083, B:35:0x001c, B:37:0x0022, B:38:0x002b), top: B:3:0x0003 }] */
        /*
            Code decompiled incorrectly, please refer to instructions dump.
            To view partially-correct add '--show-bad-code' argument
        */
        public synchronized java.util.Set<java.security.cert.X509Certificate> getTrustedCerts(org.openjsse.sun.security.ssl.TrustStoreManager.TrustStoreDescriptor r6) {
            /*
                r5 = this;
                java.lang.String r0 = "Reloaded "
                monitor-enter(r5)
                org.openjsse.sun.security.ssl.TrustStoreManager$TrustStoreDescriptor r1 = r5.descriptor     // Catch: java.lang.Throwable -> L1a
                java.lang.ref.WeakReference<java.util.Set<java.security.cert.X509Certificate>> r2 = r5.csRef     // Catch: java.lang.Throwable -> L1a
                java.lang.Object r2 = r2.get()     // Catch: java.lang.Throwable -> L1a
                java.util.Set r2 = (java.util.Set) r2     // Catch: java.lang.Throwable -> L1a
                if (r2 == 0) goto L1c
                boolean r1 = r6.equals(r1)     // Catch: java.lang.Throwable -> L1a
                if (r1 == 0) goto L17
                monitor-exit(r5)
                return r2
            L17:
                r5.descriptor = r6     // Catch: java.lang.Throwable -> L1a
                goto L2d
            L1a:
                r6 = move-exception
                goto L8c
            L1c:
                boolean r1 = r6.equals(r1)     // Catch: java.lang.Throwable -> L1a
                if (r1 == 0) goto L2b
                java.lang.ref.WeakReference<java.security.KeyStore> r1 = r5.ksRef     // Catch: java.lang.Throwable -> L1a
                java.lang.Object r1 = r1.get()     // Catch: java.lang.Throwable -> L1a
                java.security.KeyStore r1 = (java.security.KeyStore) r1     // Catch: java.lang.Throwable -> L1a
                goto L2e
            L2b:
                r5.descriptor = r6     // Catch: java.lang.Throwable -> L1a
            L2d:
                r1 = 0
            L2e:
                r2 = 0
                if (r1 != 0) goto L48
                boolean r1 = org.openjsse.sun.security.ssl.SSLLogger.isOn     // Catch: java.lang.Throwable -> L1a
                if (r1 == 0) goto L44
                java.lang.String r1 = "trustmanager"
                boolean r1 = org.openjsse.sun.security.ssl.SSLLogger.isOn(r1)     // Catch: java.lang.Throwable -> L1a
                if (r1 == 0) goto L44
                java.lang.String r1 = "Reload the trust store"
                java.lang.Object[] r3 = new java.lang.Object[r2]     // Catch: java.lang.Throwable -> L1a
                org.openjsse.sun.security.ssl.SSLLogger.fine(r1, r3)     // Catch: java.lang.Throwable -> L1a
            L44:
                java.security.KeyStore r1 = loadKeyStore(r6)     // Catch: java.lang.Throwable -> L1a
            L48:
                boolean r6 = org.openjsse.sun.security.ssl.SSLLogger.isOn     // Catch: java.lang.Throwable -> L1a
                if (r6 == 0) goto L5b
                java.lang.String r3 = "trustmanager"
                boolean r3 = org.openjsse.sun.security.ssl.SSLLogger.isOn(r3)     // Catch: java.lang.Throwable -> L1a
                if (r3 == 0) goto L5b
                java.lang.String r3 = "Reload trust certs"
                java.lang.Object[] r4 = new java.lang.Object[r2]     // Catch: java.lang.Throwable -> L1a
                org.openjsse.sun.security.ssl.SSLLogger.fine(r3, r4)     // Catch: java.lang.Throwable -> L1a
            L5b:
                java.util.Set r1 = loadTrustedCerts(r1)     // Catch: java.lang.Throwable -> L1a
                if (r6 == 0) goto L83
                java.lang.String r6 = "trustmanager"
                boolean r6 = org.openjsse.sun.security.ssl.SSLLogger.isOn(r6)     // Catch: java.lang.Throwable -> L1a
                if (r6 == 0) goto L83
                java.lang.StringBuilder r6 = new java.lang.StringBuilder     // Catch: java.lang.Throwable -> L1a
                r6.<init>(r0)     // Catch: java.lang.Throwable -> L1a
                int r0 = r1.size()     // Catch: java.lang.Throwable -> L1a
                r6.append(r0)     // Catch: java.lang.Throwable -> L1a
                java.lang.String r0 = " trust certs"
                r6.append(r0)     // Catch: java.lang.Throwable -> L1a
                java.lang.String r6 = r6.toString()     // Catch: java.lang.Throwable -> L1a
                java.lang.Object[] r0 = new java.lang.Object[r2]     // Catch: java.lang.Throwable -> L1a
                org.openjsse.sun.security.ssl.SSLLogger.fine(r6, r0)     // Catch: java.lang.Throwable -> L1a
            L83:
                java.lang.ref.WeakReference r6 = new java.lang.ref.WeakReference     // Catch: java.lang.Throwable -> L1a
                r6.<init>(r1)     // Catch: java.lang.Throwable -> L1a
                r5.csRef = r6     // Catch: java.lang.Throwable -> L1a
                monitor-exit(r5)
                return r1
            L8c:
                monitor-exit(r5)     // Catch: java.lang.Throwable -> L1a
                throw r6
            */
            throw new UnsupportedOperationException("Method not decompiled: org.openjsse.sun.security.ssl.TrustStoreManager.TrustAnchorManager.getTrustedCerts(org.openjsse.sun.security.ssl.TrustStoreManager$TrustStoreDescriptor):java.util.Set");
        }
    }

    /* loaded from: classes.dex */
    public static final class TrustStoreDescriptor {
        private static final String defaultStore;
        private static final String defaultStorePath;
        private static final String fileSep;
        private static final String jsseDefaultStore;
        private final long lastModified;
        private final File storeFile;
        private final String storeName;
        private final String storePassword;
        private final String storeProvider;
        private final String storeType;

        static {
            String str = File.separator;
            fileSep = str;
            String str2 = GetPropertyAction.privilegedGetProperty("java.home") + str + "lib" + str + "security";
            defaultStorePath = str2;
            defaultStore = org.bouncycastle.asn1.a.f(str2, str, "cacerts");
            jsseDefaultStore = org.bouncycastle.asn1.a.f(str2, str, "jssecacerts");
        }

        private TrustStoreDescriptor(String str, String str2, String str3, String str4, File file, long j4) {
            this.storeName = str;
            this.storeType = str2;
            this.storeProvider = str3;
            this.storePassword = str4;
            this.storeFile = file;
            this.lastModified = j4;
            if (SSLLogger.isOn && SSLLogger.isOn("trustmanager")) {
                SSLLogger.fine("trustStore is: " + str + "\ntrustStore type is: " + str2 + "\ntrustStore provider is: " + str3 + "\nthe last modified time is: " + new Date(j4), new Object[0]);
            }
        }

        public static TrustStoreDescriptor createInstance() {
            return (TrustStoreDescriptor) AccessController.doPrivileged(new PrivilegedAction<TrustStoreDescriptor>() { // from class: org.openjsse.sun.security.ssl.TrustStoreManager.TrustStoreDescriptor.1
                @Override // java.security.PrivilegedAction
                public TrustStoreDescriptor run() {
                    String property = System.getProperty("javax.net.ssl.trustStore", TrustStoreDescriptor.jsseDefaultStore);
                    String property2 = System.getProperty("javax.net.ssl.trustStoreType", KeyStore.getDefaultType());
                    String property3 = System.getProperty("javax.net.ssl.trustStoreProvider", BuildConfig.FLAVOR);
                    String property4 = System.getProperty("javax.net.ssl.trustStorePassword", BuildConfig.FLAVOR);
                    File file = null;
                    long j4 = 0;
                    if (!"NONE".equals(property)) {
                        String[] strArr = {property, TrustStoreDescriptor.defaultStore};
                        int i4 = 0;
                        while (true) {
                            if (i4 >= 2) {
                                property = BuildConfig.FLAVOR;
                                break;
                            }
                            String str = strArr[i4];
                            File file2 = new File(str);
                            if (file2.isFile() && file2.canRead()) {
                                j4 = file2.lastModified();
                                property = str;
                                file = file2;
                                break;
                            }
                            if (SSLLogger.isOn && SSLLogger.isOn("trustmanager")) {
                                SSLLogger.fine(d.a("Inaccessible trust store: ", property), new Object[0]);
                            }
                            i4++;
                        }
                    }
                    return new TrustStoreDescriptor(property, property2, property3, property4, file, j4);
                }
            });
        }

        public boolean equals(Object obj) {
            if (obj == this) {
                return true;
            }
            if (!(obj instanceof TrustStoreDescriptor)) {
                return false;
            }
            TrustStoreDescriptor trustStoreDescriptor = (TrustStoreDescriptor) obj;
            return this.lastModified == trustStoreDescriptor.lastModified && Objects.equals(this.storeName, trustStoreDescriptor.storeName) && Objects.equals(this.storeType, trustStoreDescriptor.storeType) && Objects.equals(this.storeProvider, trustStoreDescriptor.storeProvider);
        }

        public int hashCode() {
            String str = this.storeName;
            int hashCode = (str == null || str.isEmpty()) ? 17 : this.storeName.hashCode() + 527;
            String str2 = this.storeType;
            if (str2 != null && !str2.isEmpty()) {
                hashCode = (hashCode * 31) + this.storeType.hashCode();
            }
            String str3 = this.storeProvider;
            if (str3 != null && !str3.isEmpty()) {
                hashCode = (hashCode * 31) + this.storeProvider.hashCode();
            }
            File file = this.storeFile;
            if (file != null) {
                hashCode = (hashCode * 31) + file.hashCode();
            }
            long j4 = this.lastModified;
            return j4 != 0 ? (int) ((hashCode * 31) + j4) : hashCode;
        }
    }

    private TrustStoreManager() {
    }

    public static Set<X509Certificate> getTrustedCerts() {
        return tam.getTrustedCerts(TrustStoreDescriptor.createInstance());
    }

    public static KeyStore getTrustedKeyStore() {
        return tam.getKeyStore(TrustStoreDescriptor.createInstance());
    }
}
