package org.strongswan.android.logic;

import android.util.Log;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.Observable;
import java.util.concurrent.locks.ReentrantReadWriteLock;

/* loaded from: classes.dex */
public class TrustedCertificateManager extends Observable {

    /* renamed from: f, reason: collision with root package name */
    private static final String f15421f = "TrustedCertificateManager";

    /* renamed from: a, reason: collision with root package name */
    private final ReentrantReadWriteLock f15422a;

    /* renamed from: b, reason: collision with root package name */
    private Hashtable<String, X509Certificate> f15423b;

    /* renamed from: c, reason: collision with root package name */
    private volatile boolean f15424c;

    /* renamed from: d, reason: collision with root package name */
    private boolean f15425d;

    /* renamed from: e, reason: collision with root package name */
    private final ArrayList<KeyStore> f15426e;

    /* loaded from: classes.dex */
    private static class Singleton {

        /* renamed from: a, reason: collision with root package name */
        public static final TrustedCertificateManager f15427a = new TrustedCertificateManager();

        private Singleton() {
        }
    }

    /* loaded from: classes.dex */
    public enum TrustedCertificateSource {
        SYSTEM("system:"),
        USER("user:"),
        LOCAL("local:");


        /* renamed from: a, reason: collision with root package name */
        private final String f15432a;

        TrustedCertificateSource(String str) {
            this.f15432a = str;
        }

        /* JADX INFO: Access modifiers changed from: private */
        public String a() {
            return this.f15432a;
        }
    }

    private TrustedCertificateManager() {
        this.f15422a = new ReentrantReadWriteLock();
        this.f15423b = new Hashtable<>();
        this.f15426e = new ArrayList<>();
        String[] strArr = {"LocalCertificateStore", "AndroidCAStore"};
        for (int i4 = 0; i4 < 2; i4++) {
            String str = strArr[i4];
            try {
                KeyStore keyStore = KeyStore.getInstance(str);
                keyStore.load(null, null);
                this.f15426e.add(keyStore);
            } catch (Exception e4) {
                Log.e(f15421f, "Unable to load KeyStore: " + str);
                e4.printStackTrace();
            }
        }
    }

    private void a() {
        Log.d(f15421f, "Load cached CA certificates");
        Hashtable<String, X509Certificate> hashtable = new Hashtable<>();
        Iterator<KeyStore> it = this.f15426e.iterator();
        while (it.hasNext()) {
            a(hashtable, it.next());
        }
        this.f15423b = hashtable;
        if (!this.f15425d) {
            setChanged();
            notifyObservers();
            this.f15425d = true;
        }
        Log.d(f15421f, "Cached CA certificates loaded");
    }

    private void a(Hashtable<String, X509Certificate> hashtable, KeyStore keyStore) {
        try {
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                Certificate certificate = keyStore.getCertificate(nextElement);
                if (certificate != null && (certificate instanceof X509Certificate)) {
                    hashtable.put(nextElement, (X509Certificate) certificate);
                }
            }
        } catch (KeyStoreException e4) {
            e4.printStackTrace();
        }
    }

    public static TrustedCertificateManager getInstance() {
        return Singleton.f15427a;
    }

    public Hashtable<String, X509Certificate> getAllCACertificates() {
        this.f15422a.readLock().lock();
        Hashtable<String, X509Certificate> hashtable = (Hashtable) this.f15423b.clone();
        this.f15422a.readLock().unlock();
        return hashtable;
    }

    public X509Certificate getCACertificateFromAlias(String str) {
        if (this.f15422a.readLock().tryLock()) {
            X509Certificate x509Certificate = this.f15423b.get(str);
            this.f15422a.readLock().unlock();
            return x509Certificate;
        }
        Iterator<KeyStore> it = this.f15426e.iterator();
        while (it.hasNext()) {
            try {
                Certificate certificate = it.next().getCertificate(str);
                if (certificate != null && (certificate instanceof X509Certificate)) {
                    return (X509Certificate) certificate;
                }
            } catch (KeyStoreException e4) {
                e4.printStackTrace();
            }
        }
        return null;
    }

    public Hashtable<String, X509Certificate> getCACertificates(TrustedCertificateSource trustedCertificateSource) {
        Hashtable<String, X509Certificate> hashtable = new Hashtable<>();
        this.f15422a.readLock().lock();
        for (String str : this.f15423b.keySet()) {
            if (str.startsWith(trustedCertificateSource.a())) {
                hashtable.put(str, this.f15423b.get(str));
            }
        }
        this.f15422a.readLock().unlock();
        return hashtable;
    }

    public TrustedCertificateManager load() {
        Log.d(f15421f, "Ensure cached CA certificates are loaded");
        this.f15422a.writeLock().lock();
        if (!this.f15425d || this.f15424c) {
            this.f15424c = false;
            a();
        }
        this.f15422a.writeLock().unlock();
        return this;
    }

    public TrustedCertificateManager reset() {
        Log.d(f15421f, "Force reload of cached CA certificates on next load");
        this.f15424c = true;
        setChanged();
        notifyObservers();
        return this;
    }
}
