package org.openjsse.sun.security.ssl;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.lang.ref.WeakReference;
import java.security.AccessController;
import java.security.KeyStore;
import java.security.PrivilegedAction;
import java.security.PrivilegedExceptionAction;
import java.security.cert.X509Certificate;
import java.util.Collections;
import java.util.Date;
import java.util.Objects;
import java.util.Set;
import org.conscrypt.BuildConfig;
import org.openjsse.sun.security.validator.TrustStoreUtil;
import sun.security.action.GetPropertyAction;
import sun.security.action.OpenFileInputStreamAction;

/* loaded from: classes.dex */
final class TrustStoreManager {
    private static final TrustAnchorManager tam = new TrustAnchorManager();

    /* loaded from: classes.dex */
    public static final class TrustAnchorManager {
        private WeakReference<Set<X509Certificate>> csRef;
        private TrustStoreDescriptor descriptor;
        private WeakReference<KeyStore> ksRef;

        private TrustAnchorManager() {
            this.descriptor = null;
            this.ksRef = new WeakReference<>(null);
            this.csRef = new WeakReference<>(null);
        }

        private static KeyStore loadKeyStore(TrustStoreDescriptor trustStoreDescriptor) {
            if (!"NONE".equals(trustStoreDescriptor.storeName) && trustStoreDescriptor.storeFile == null) {
                if (SSLLogger.isOn && SSLLogger.isOn("trustmanager")) {
                    SSLLogger.fine("No available key store", new Object[0]);
                }
                return null;
            }
            KeyStore keyStore = trustStoreDescriptor.storeProvider.isEmpty() ? KeyStore.getInstance(trustStoreDescriptor.storeType) : KeyStore.getInstance(trustStoreDescriptor.storeType, trustStoreDescriptor.storeProvider);
            char[] charArray = !trustStoreDescriptor.storePassword.isEmpty() ? trustStoreDescriptor.storePassword.toCharArray() : null;
            if ("NONE".equals(trustStoreDescriptor.storeName)) {
                keyStore.load(null, charArray);
            } else {
                try {
                    FileInputStream fileInputStream = (FileInputStream) AccessController.doPrivileged((PrivilegedExceptionAction) new OpenFileInputStreamAction(trustStoreDescriptor.storeFile));
                    try {
                        keyStore.load(fileInputStream, charArray);
                        if (fileInputStream != null) {
                            fileInputStream.close();
                        }
                    } finally {
                    }
                } catch (FileNotFoundException unused) {
                    if (SSLLogger.isOn && SSLLogger.isOn("trustmanager")) {
                        StringBuilder y5 = androidx.activity.b.y("Not available key store: ");
                        y5.append(trustStoreDescriptor.storeName);
                        SSLLogger.fine(y5.toString(), new Object[0]);
                    }
                    return null;
                }
            }
            return keyStore;
        }

        private static Set<X509Certificate> loadTrustedCerts(KeyStore keyStore) {
            return keyStore == null ? Collections.emptySet() : TrustStoreUtil.getTrustedCerts(keyStore);
        }

        public synchronized KeyStore getKeyStore(TrustStoreDescriptor trustStoreDescriptor) {
            TrustStoreDescriptor trustStoreDescriptor2 = this.descriptor;
            KeyStore keyStore = this.ksRef.get();
            if (keyStore != null && trustStoreDescriptor.equals(trustStoreDescriptor2)) {
                return keyStore;
            }
            if (SSLLogger.isOn && SSLLogger.isOn("trustmanager")) {
                SSLLogger.fine("Reload the trust store", new Object[0]);
            }
            KeyStore loadKeyStore = loadKeyStore(trustStoreDescriptor);
            this.descriptor = trustStoreDescriptor;
            this.ksRef = new WeakReference<>(loadKeyStore);
            return loadKeyStore;
        }

        /* JADX WARN: Removed duplicated region for block: B:14:0x002a A[Catch: all -> 0x008a, TryCatch #0 {, blocks: (B:4:0x0002, B:6:0x000e, B:11:0x0016, B:14:0x002a, B:16:0x002e, B:18:0x0036, B:19:0x003d, B:20:0x0041, B:22:0x0045, B:24:0x004d, B:25:0x0054, B:27:0x005a, B:29:0x0062, B:30:0x0081, B:34:0x0019, B:36:0x001f), top: B:3:0x0002 }] */
        /*
            Code decompiled incorrectly, please refer to instructions dump.
            To view partially-correct add '--show-bad-code' argument
        */
        public synchronized java.util.Set<java.security.cert.X509Certificate> getTrustedCerts(org.openjsse.sun.security.ssl.TrustStoreManager.TrustStoreDescriptor r5) {
            /*
                r4 = this;
                monitor-enter(r4)
                r0 = 0
                org.openjsse.sun.security.ssl.TrustStoreManager$TrustStoreDescriptor r1 = r4.descriptor     // Catch: java.lang.Throwable -> L8a
                java.lang.ref.WeakReference<java.util.Set<java.security.cert.X509Certificate>> r2 = r4.csRef     // Catch: java.lang.Throwable -> L8a
                java.lang.Object r2 = r2.get()     // Catch: java.lang.Throwable -> L8a
                java.util.Set r2 = (java.util.Set) r2     // Catch: java.lang.Throwable -> L8a
                if (r2 == 0) goto L19
                boolean r1 = r5.equals(r1)     // Catch: java.lang.Throwable -> L8a
                if (r1 == 0) goto L16
                monitor-exit(r4)
                return r2
            L16:
                r4.descriptor = r5     // Catch: java.lang.Throwable -> L8a
                goto L27
            L19:
                boolean r1 = r5.equals(r1)     // Catch: java.lang.Throwable -> L8a
                if (r1 == 0) goto L16
                java.lang.ref.WeakReference<java.security.KeyStore> r0 = r4.ksRef     // Catch: java.lang.Throwable -> L8a
                java.lang.Object r0 = r0.get()     // Catch: java.lang.Throwable -> L8a
                java.security.KeyStore r0 = (java.security.KeyStore) r0     // Catch: java.lang.Throwable -> L8a
            L27:
                r1 = 0
                if (r0 != 0) goto L41
                boolean r0 = org.openjsse.sun.security.ssl.SSLLogger.isOn     // Catch: java.lang.Throwable -> L8a
                if (r0 == 0) goto L3d
                java.lang.String r0 = "trustmanager"
                boolean r0 = org.openjsse.sun.security.ssl.SSLLogger.isOn(r0)     // Catch: java.lang.Throwable -> L8a
                if (r0 == 0) goto L3d
                java.lang.String r0 = "Reload the trust store"
                java.lang.Object[] r2 = new java.lang.Object[r1]     // Catch: java.lang.Throwable -> L8a
                org.openjsse.sun.security.ssl.SSLLogger.fine(r0, r2)     // Catch: java.lang.Throwable -> L8a
            L3d:
                java.security.KeyStore r0 = loadKeyStore(r5)     // Catch: java.lang.Throwable -> L8a
            L41:
                boolean r5 = org.openjsse.sun.security.ssl.SSLLogger.isOn     // Catch: java.lang.Throwable -> L8a
                if (r5 == 0) goto L54
                java.lang.String r2 = "trustmanager"
                boolean r2 = org.openjsse.sun.security.ssl.SSLLogger.isOn(r2)     // Catch: java.lang.Throwable -> L8a
                if (r2 == 0) goto L54
                java.lang.String r2 = "Reload trust certs"
                java.lang.Object[] r3 = new java.lang.Object[r1]     // Catch: java.lang.Throwable -> L8a
                org.openjsse.sun.security.ssl.SSLLogger.fine(r2, r3)     // Catch: java.lang.Throwable -> L8a
            L54:
                java.util.Set r0 = loadTrustedCerts(r0)     // Catch: java.lang.Throwable -> L8a
                if (r5 == 0) goto L81
                java.lang.String r5 = "trustmanager"
                boolean r5 = org.openjsse.sun.security.ssl.SSLLogger.isOn(r5)     // Catch: java.lang.Throwable -> L8a
                if (r5 == 0) goto L81
                java.lang.StringBuilder r5 = new java.lang.StringBuilder     // Catch: java.lang.Throwable -> L8a
                r5.<init>()     // Catch: java.lang.Throwable -> L8a
                java.lang.String r2 = "Reloaded "
                r5.append(r2)     // Catch: java.lang.Throwable -> L8a
                int r2 = r0.size()     // Catch: java.lang.Throwable -> L8a
                r5.append(r2)     // Catch: java.lang.Throwable -> L8a
                java.lang.String r2 = " trust certs"
                r5.append(r2)     // Catch: java.lang.Throwable -> L8a
                java.lang.String r5 = r5.toString()     // Catch: java.lang.Throwable -> L8a
                java.lang.Object[] r1 = new java.lang.Object[r1]     // Catch: java.lang.Throwable -> L8a
                org.openjsse.sun.security.ssl.SSLLogger.fine(r5, r1)     // Catch: java.lang.Throwable -> L8a
            L81:
                java.lang.ref.WeakReference r5 = new java.lang.ref.WeakReference     // Catch: java.lang.Throwable -> L8a
                r5.<init>(r0)     // Catch: java.lang.Throwable -> L8a
                r4.csRef = r5     // Catch: java.lang.Throwable -> L8a
                monitor-exit(r4)
                return r0
            L8a:
                r5 = move-exception
                monitor-exit(r4)
                throw r5
            */
            throw new UnsupportedOperationException("Method not decompiled: org.openjsse.sun.security.ssl.TrustStoreManager.TrustAnchorManager.getTrustedCerts(org.openjsse.sun.security.ssl.TrustStoreManager$TrustStoreDescriptor):java.util.Set");
        }
    }

    /* loaded from: classes.dex */
    public static final class TrustStoreDescriptor {
        private static final String defaultStore;
        private static final String defaultStorePath;
        private static final String fileSep;
        private static final String jsseDefaultStore;
        private final long lastModified;
        private final File storeFile;
        private final String storeName;
        private final String storePassword;
        private final String storeProvider;
        private final String storeType;

        static {
            String str = File.separator;
            fileSep = str;
            String str2 = GetPropertyAction.privilegedGetProperty("java.home") + str + "lib" + str + "security";
            defaultStorePath = str2;
            defaultStore = androidx.activity.b.t(str2, str, "cacerts");
            jsseDefaultStore = androidx.activity.b.t(str2, str, "jssecacerts");
        }

        private TrustStoreDescriptor(String str, String str2, String str3, String str4, File file, long j5) {
            this.storeName = str;
            this.storeType = str2;
            this.storeProvider = str3;
            this.storePassword = str4;
            this.storeFile = file;
            this.lastModified = j5;
            if (SSLLogger.isOn && SSLLogger.isOn("trustmanager")) {
                SSLLogger.fine("trustStore is: " + str + "\ntrustStore type is: " + str2 + "\ntrustStore provider is: " + str3 + "\nthe last modified time is: " + new Date(j5), new Object[0]);
            }
        }

        public static TrustStoreDescriptor createInstance() {
            return (TrustStoreDescriptor) AccessController.doPrivileged(new PrivilegedAction<TrustStoreDescriptor>() { // from class: org.openjsse.sun.security.ssl.TrustStoreManager.TrustStoreDescriptor.1
                @Override // java.security.PrivilegedAction
                public TrustStoreDescriptor run() {
                    String str;
                    long j5;
                    File file;
                    String property = System.getProperty("javax.net.ssl.trustStore", TrustStoreDescriptor.jsseDefaultStore);
                    String property2 = System.getProperty("javax.net.ssl.trustStoreType", KeyStore.getDefaultType());
                    String property3 = System.getProperty("javax.net.ssl.trustStoreProvider", BuildConfig.FLAVOR);
                    String property4 = System.getProperty("javax.net.ssl.trustStorePassword", BuildConfig.FLAVOR);
                    if ("NONE".equals(property)) {
                        str = property;
                    } else {
                        String[] strArr = {property, TrustStoreDescriptor.defaultStore};
                        for (int i5 = 0; i5 < 2; i5++) {
                            String str2 = strArr[i5];
                            File file2 = new File(str2);
                            if (file2.isFile() && file2.canRead()) {
                                j5 = file2.lastModified();
                                str = str2;
                                file = file2;
                                break;
                            }
                            if (SSLLogger.isOn && SSLLogger.isOn("trustmanager")) {
                                SSLLogger.fine(androidx.activity.b.s("Inaccessible trust store: ", property), new Object[0]);
                            }
                        }
                        str = BuildConfig.FLAVOR;
                    }
                    j5 = 0;
                    file = null;
                    return new TrustStoreDescriptor(str, property2, property3, property4, file, j5);
                }
            });
        }

        public boolean equals(Object obj) {
            if (obj == this) {
                return true;
            }
            if (!(obj instanceof TrustStoreDescriptor)) {
                return false;
            }
            TrustStoreDescriptor trustStoreDescriptor = (TrustStoreDescriptor) obj;
            return this.lastModified == trustStoreDescriptor.lastModified && Objects.equals(this.storeName, trustStoreDescriptor.storeName) && Objects.equals(this.storeType, trustStoreDescriptor.storeType) && Objects.equals(this.storeProvider, trustStoreDescriptor.storeProvider);
        }

        public int hashCode() {
            String str = this.storeName;
            int hashCode = (str == null || str.isEmpty()) ? 17 : this.storeName.hashCode() + 527;
            String str2 = this.storeType;
            if (str2 != null && !str2.isEmpty()) {
                hashCode = (hashCode * 31) + this.storeType.hashCode();
            }
            String str3 = this.storeProvider;
            if (str3 != null && !str3.isEmpty()) {
                hashCode = (hashCode * 31) + this.storeProvider.hashCode();
            }
            File file = this.storeFile;
            if (file != null) {
                hashCode = (hashCode * 31) + file.hashCode();
            }
            long j5 = this.lastModified;
            return j5 != 0 ? (int) ((hashCode * 31) + j5) : hashCode;
        }
    }

    private TrustStoreManager() {
    }

    public static Set<X509Certificate> getTrustedCerts() {
        return tam.getTrustedCerts(TrustStoreDescriptor.createInstance());
    }

    public static KeyStore getTrustedKeyStore() {
        return tam.getKeyStore(TrustStoreDescriptor.createInstance());
    }
}
