package org.strongswan.android.logic;

import android.util.Log;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.Observable;
import java.util.concurrent.locks.ReentrantReadWriteLock;

/* loaded from: classes2.dex */
public class TrustedCertificateManager extends Observable {

    /* renamed from: f, reason: collision with root package name */
    private static final String f14565f = "TrustedCertificateManager";

    /* renamed from: a, reason: collision with root package name */
    private final ReentrantReadWriteLock f14566a;
    private Hashtable<String, X509Certificate> b;

    /* renamed from: c, reason: collision with root package name */
    private volatile boolean f14567c;

    /* renamed from: d, reason: collision with root package name */
    private boolean f14568d;

    /* renamed from: e, reason: collision with root package name */
    private final ArrayList<KeyStore> f14569e;

    /* loaded from: classes2.dex */
    public static class Singleton {

        /* renamed from: a, reason: collision with root package name */
        public static final TrustedCertificateManager f14570a = new TrustedCertificateManager();

        private Singleton() {
        }
    }

    /* loaded from: classes2.dex */
    public enum TrustedCertificateSource {
        SYSTEM("system:"),
        USER("user:"),
        LOCAL("local:");


        /* renamed from: a, reason: collision with root package name */
        private final String f14574a;

        TrustedCertificateSource(String str) {
            this.f14574a = str;
        }

        /* JADX INFO: Access modifiers changed from: private */
        public String a() {
            return this.f14574a;
        }
    }

    private TrustedCertificateManager() {
        this.f14566a = new ReentrantReadWriteLock();
        this.b = new Hashtable<>();
        this.f14569e = new ArrayList<>();
        String[] strArr = {"LocalCertificateStore", "AndroidCAStore"};
        for (int i10 = 0; i10 < 2; i10++) {
            String str = strArr[i10];
            try {
                KeyStore keyStore = KeyStore.getInstance(str);
                keyStore.load(null, null);
                this.f14569e.add(keyStore);
            } catch (Exception e10) {
                Log.e(f14565f, "Unable to load KeyStore: " + str);
                e10.printStackTrace();
            }
        }
    }

    private void a() {
        Log.d(f14565f, "Load cached CA certificates");
        Hashtable<String, X509Certificate> hashtable = new Hashtable<>();
        Iterator<KeyStore> it = this.f14569e.iterator();
        while (it.hasNext()) {
            a(hashtable, it.next());
        }
        this.b = hashtable;
        if (!this.f14568d) {
            setChanged();
            notifyObservers();
            this.f14568d = true;
        }
        Log.d(f14565f, "Cached CA certificates loaded");
    }

    private void a(Hashtable<String, X509Certificate> hashtable, KeyStore keyStore) {
        try {
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                Certificate certificate = keyStore.getCertificate(nextElement);
                if (certificate != null && (certificate instanceof X509Certificate)) {
                    hashtable.put(nextElement, (X509Certificate) certificate);
                }
            }
        } catch (KeyStoreException e10) {
            e10.printStackTrace();
        }
    }

    public static TrustedCertificateManager getInstance() {
        return Singleton.f14570a;
    }

    public Hashtable<String, X509Certificate> getAllCACertificates() {
        this.f14566a.readLock().lock();
        Hashtable<String, X509Certificate> hashtable = (Hashtable) this.b.clone();
        this.f14566a.readLock().unlock();
        return hashtable;
    }

    public X509Certificate getCACertificateFromAlias(String str) {
        if (this.f14566a.readLock().tryLock()) {
            X509Certificate x509Certificate = this.b.get(str);
            this.f14566a.readLock().unlock();
            return x509Certificate;
        }
        Iterator<KeyStore> it = this.f14569e.iterator();
        while (it.hasNext()) {
            try {
                Certificate certificate = it.next().getCertificate(str);
                if (certificate != null && (certificate instanceof X509Certificate)) {
                    return (X509Certificate) certificate;
                }
            } catch (KeyStoreException e10) {
                e10.printStackTrace();
            }
        }
        return null;
    }

    public Hashtable<String, X509Certificate> getCACertificates(TrustedCertificateSource trustedCertificateSource) {
        Hashtable<String, X509Certificate> hashtable = new Hashtable<>();
        this.f14566a.readLock().lock();
        for (String str : this.b.keySet()) {
            if (str.startsWith(trustedCertificateSource.a())) {
                hashtable.put(str, this.b.get(str));
            }
        }
        this.f14566a.readLock().unlock();
        return hashtable;
    }

    public TrustedCertificateManager load() {
        Log.d(f14565f, "Ensure cached CA certificates are loaded");
        this.f14566a.writeLock().lock();
        if (!this.f14568d || this.f14567c) {
            this.f14567c = false;
            a();
        }
        this.f14566a.writeLock().unlock();
        return this;
    }

    public TrustedCertificateManager reset() {
        Log.d(f14565f, "Force reload of cached CA certificates on next load");
        this.f14567c = true;
        setChanged();
        notifyObservers();
        return this;
    }
}
