package org.bouncycastle.jsse.provider;

import java.io.File;
import java.lang.reflect.Constructor;
import java.security.GeneralSecurityException;
import java.security.InvalidAlgorithmParameterException;
import java.security.KeyStore;
import java.security.Provider;
import java.security.cert.CertPathParameters;
import java.security.cert.Certificate;
import java.security.cert.PKIXParameters;
import java.security.cert.TrustAnchor;
import java.security.cert.X509Certificate;
import java.util.Enumeration;
import java.util.HashSet;
import java.util.Set;
import java.util.logging.Logger;
import javax.net.ssl.CertPathTrustManagerParameters;
import javax.net.ssl.ManagerFactoryParameters;
import javax.net.ssl.TrustManager;
import javax.net.ssl.TrustManagerFactorySpi;
import javax.net.ssl.X509TrustManager;

/* loaded from: classes.dex */
class ProvTrustManagerFactorySpi extends TrustManagerFactorySpi {
    static final String CACERTS_PATH;
    static final String JSSECACERTS_PATH;
    private static Logger LOG = Logger.getLogger(ProvTrustManagerFactorySpi.class.getName());
    static final Constructor<? extends X509TrustManager> extendedTrustManagerConstructor;
    protected final Provider pkixProvider;
    protected X509TrustManager trustManager;

    static {
        Constructor<? extends X509TrustManager> constructor = null;
        try {
            if (JsseUtils.loadClass(ProvTrustManagerFactorySpi.class, "javax.net.ssl.X509ExtendedTrustManager") != null) {
                constructor = JsseUtils.getDeclaredConstructor(JsseUtils.loadClass(ProvTrustManagerFactorySpi.class, "org.bouncycastle.jsse.provider.ProvX509ExtendedTrustManager_7"), ProvX509TrustManager.class);
            }
        } catch (Exception e) {
        }
        extendedTrustManagerConstructor = constructor;
        String systemProperty = PropertyUtils.getSystemProperty("java.home");
        CACERTS_PATH = systemProperty + "/lib/security/cacerts".replace('/', File.separatorChar);
        JSSECACERTS_PATH = systemProperty + "/lib/security/jssecacerts".replace('/', File.separatorChar);
    }

    public ProvTrustManagerFactorySpi(Provider provider) {
        this.pkixProvider = provider;
    }

    private KeyStore createTrustStore() {
        String trustStoreType = getTrustStoreType();
        String systemProperty = PropertyUtils.getSystemProperty("javax.net.ssl.trustStoreProvider");
        return (systemProperty == null || systemProperty.length() < 1) ? KeyStore.getInstance(trustStoreType) : KeyStore.getInstance(trustStoreType, systemProperty);
    }

    private Set<TrustAnchor> getTrustAnchors(KeyStore keyStore) {
        HashSet hashSet = new HashSet(keyStore.size());
        Enumeration<String> aliases = keyStore.aliases();
        while (aliases.hasMoreElements()) {
            String nextElement = aliases.nextElement();
            if (keyStore.isCertificateEntry(nextElement)) {
                Certificate certificate = keyStore.getCertificate(nextElement);
                if (certificate instanceof X509Certificate) {
                    hashSet.add(new TrustAnchor((X509Certificate) certificate, null));
                }
            }
        }
        return hashSet;
    }

    private String getTrustStoreType() {
        String systemProperty = PropertyUtils.getSystemProperty("javax.net.ssl.trustStoreType");
        return systemProperty == null ? KeyStore.getDefaultType() : systemProperty;
    }

    static X509TrustManager makeExportTrustManager(ProvX509TrustManager provX509TrustManager) {
        if (extendedTrustManagerConstructor != null) {
            try {
                return extendedTrustManagerConstructor.newInstance(provX509TrustManager);
            } catch (Exception e) {
            }
        }
        return provX509TrustManager;
    }

    @Override // javax.net.ssl.TrustManagerFactorySpi
    protected TrustManager[] engineGetTrustManagers() {
        return new TrustManager[]{this.trustManager};
    }

    /* JADX WARN: Removed duplicated region for block: B:19:0x0028 A[Catch: Exception -> 0x008f, TryCatch #0 {Exception -> 0x008f, blocks: (B:11:0x0003, B:13:0x000f, B:15:0x001a, B:17:0x0022, B:19:0x0028, B:20:0x0066, B:22:0x0046, B:24:0x0053, B:25:0x0056, B:27:0x0063, B:3:0x0034), top: B:10:0x0003 }] */
    /* JADX WARN: Removed duplicated region for block: B:20:0x0066 A[Catch: Exception -> 0x008f, TRY_LEAVE, TryCatch #0 {Exception -> 0x008f, blocks: (B:11:0x0003, B:13:0x000f, B:15:0x001a, B:17:0x0022, B:19:0x0028, B:20:0x0066, B:22:0x0046, B:24:0x0053, B:25:0x0056, B:27:0x0063, B:3:0x0034), top: B:10:0x0003 }] */
    @Override // javax.net.ssl.TrustManagerFactorySpi
    /*
        Code decompiled incorrectly, please refer to instructions dump.
        To view partially-correct add '--show-bad-code' argument
    */
    protected void engineInit(java.security.KeyStore r5) {
        /*
            r4 = this;
            r0 = 0
            if (r5 != 0) goto L34
            java.security.KeyStore r5 = r4.createTrustStore()     // Catch: java.lang.Exception -> L8f
            java.lang.String r1 = "javax.net.ssl.trustStore"
            java.lang.String r1 = org.bouncycastle.jsse.provider.PropertyUtils.getSystemProperty(r1)     // Catch: java.lang.Exception -> L8f
            if (r1 == 0) goto L46
            java.io.File r2 = new java.io.File     // Catch: java.lang.Exception -> L8f
            r2.<init>(r1)     // Catch: java.lang.Exception -> L8f
            boolean r2 = r2.exists()     // Catch: java.lang.Exception -> L8f
            if (r2 == 0) goto L98
            java.lang.String r2 = "javax.net.ssl.trustStorePassword"
            java.lang.String r2 = org.bouncycastle.jsse.provider.PropertyUtils.getSystemProperty(r2)     // Catch: java.lang.Exception -> L8f
            if (r2 == 0) goto L26
            char[] r0 = r2.toCharArray()     // Catch: java.lang.Exception -> L8f
        L26:
            if (r1 != 0) goto L66
            r0 = 0
            r1 = 0
            r5.load(r0, r1)     // Catch: java.lang.Exception -> L8f
            java.util.logging.Logger r0 = org.bouncycastle.jsse.provider.ProvTrustManagerFactorySpi.LOG     // Catch: java.lang.Exception -> L8f
            java.lang.String r1 = "Initialized with empty trust store"
            r0.warning(r1)     // Catch: java.lang.Exception -> L8f
        L34:
            java.util.Set r0 = r4.getTrustAnchors(r5)     // Catch: java.lang.Exception -> L8f
            org.bouncycastle.jsse.provider.ProvX509TrustManagerImpl r1 = new org.bouncycastle.jsse.provider.ProvX509TrustManagerImpl     // Catch: java.lang.Exception -> L8f
            java.security.Provider r2 = r4.pkixProvider     // Catch: java.lang.Exception -> L8f
            r1.<init>(r2, r0)     // Catch: java.lang.Exception -> L8f
            javax.net.ssl.X509TrustManager r0 = makeExportTrustManager(r1)     // Catch: java.lang.Exception -> L8f
            r4.trustManager = r0     // Catch: java.lang.Exception -> L8f
            return
        L46:
            java.io.File r1 = new java.io.File     // Catch: java.lang.Exception -> L8f
            java.lang.String r2 = org.bouncycastle.jsse.provider.ProvTrustManagerFactorySpi.JSSECACERTS_PATH     // Catch: java.lang.Exception -> L8f
            r1.<init>(r2)     // Catch: java.lang.Exception -> L8f
            boolean r1 = r1.exists()     // Catch: java.lang.Exception -> L8f
            if (r1 == 0) goto L56
            java.lang.String r1 = org.bouncycastle.jsse.provider.ProvTrustManagerFactorySpi.JSSECACERTS_PATH     // Catch: java.lang.Exception -> L8f
            goto L26
        L56:
            java.io.File r1 = new java.io.File     // Catch: java.lang.Exception -> L8f
            java.lang.String r2 = org.bouncycastle.jsse.provider.ProvTrustManagerFactorySpi.CACERTS_PATH     // Catch: java.lang.Exception -> L8f
            r1.<init>(r2)     // Catch: java.lang.Exception -> L8f
            boolean r1 = r1.exists()     // Catch: java.lang.Exception -> L8f
            if (r1 == 0) goto L98
            java.lang.String r1 = org.bouncycastle.jsse.provider.ProvTrustManagerFactorySpi.CACERTS_PATH     // Catch: java.lang.Exception -> L8f
            goto L26
        L66:
            java.io.BufferedInputStream r2 = new java.io.BufferedInputStream     // Catch: java.lang.Exception -> L8f
            java.io.FileInputStream r3 = new java.io.FileInputStream     // Catch: java.lang.Exception -> L8f
            r3.<init>(r1)     // Catch: java.lang.Exception -> L8f
            r2.<init>(r3)     // Catch: java.lang.Exception -> L8f
            r5.load(r2, r0)     // Catch: java.lang.Exception -> L8f
            r2.close()     // Catch: java.lang.Exception -> L8f
            java.util.logging.Logger r0 = org.bouncycastle.jsse.provider.ProvTrustManagerFactorySpi.LOG     // Catch: java.lang.Exception -> L8f
            java.lang.StringBuilder r2 = new java.lang.StringBuilder     // Catch: java.lang.Exception -> L8f
            r2.<init>()     // Catch: java.lang.Exception -> L8f
            java.lang.String r3 = "Initialized with trust store at path: "
            java.lang.StringBuilder r2 = r2.append(r3)     // Catch: java.lang.Exception -> L8f
            java.lang.StringBuilder r1 = r2.append(r1)     // Catch: java.lang.Exception -> L8f
            java.lang.String r1 = r1.toString()     // Catch: java.lang.Exception -> L8f
            r0.info(r1)     // Catch: java.lang.Exception -> L8f
            goto L34
        L8f:
            r0 = move-exception
            java.security.KeyStoreException r1 = new java.security.KeyStoreException
            java.lang.String r2 = "initialization failed"
            r1.<init>(r2, r0)
            throw r1
        L98:
            r1 = r0
            goto L26
        */
        throw new UnsupportedOperationException("Method not decompiled: org.bouncycastle.jsse.provider.ProvTrustManagerFactorySpi.engineInit(java.security.KeyStore):void");
    }

    @Override // javax.net.ssl.TrustManagerFactorySpi
    protected void engineInit(ManagerFactoryParameters managerFactoryParameters) {
        if (!(managerFactoryParameters instanceof CertPathTrustManagerParameters)) {
            if (managerFactoryParameters != null) {
                throw new InvalidAlgorithmParameterException("unknown spec: " + managerFactoryParameters.getClass().getName());
            }
            throw new InvalidAlgorithmParameterException("spec cannot be null");
        }
        try {
            CertPathParameters parameters = ((CertPathTrustManagerParameters) managerFactoryParameters).getParameters();
            if (!(parameters instanceof PKIXParameters)) {
                throw new InvalidAlgorithmParameterException("parameters must inherit from PKIXParameters");
            }
            this.trustManager = makeExportTrustManager(new ProvX509TrustManagerImpl(this.pkixProvider, (PKIXParameters) parameters));
        } catch (GeneralSecurityException e) {
            throw new InvalidAlgorithmParameterException("unable to process parameters: " + e.getMessage(), e);
        }
    }
}
