package org.strongswan.android.logic;

import android.util.Log;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.cert.Certificate;
import java.security.cert.X509Certificate;
import java.util.ArrayList;
import java.util.Enumeration;
import java.util.Hashtable;
import java.util.Iterator;
import java.util.Observable;
import java.util.concurrent.locks.ReentrantReadWriteLock;

/* loaded from: classes5.dex */
public class TrustedCertificateManager extends Observable {

    /* renamed from: f, reason: collision with root package name */
    private static final String f61949f = TrustedCertificateManager.class.getSimpleName();

    /* renamed from: a, reason: collision with root package name */
    private final ReentrantReadWriteLock f61950a;

    /* renamed from: b, reason: collision with root package name */
    private Hashtable<String, X509Certificate> f61951b;

    /* renamed from: c, reason: collision with root package name */
    private volatile boolean f61952c;

    /* renamed from: d, reason: collision with root package name */
    private boolean f61953d;

    /* renamed from: e, reason: collision with root package name */
    private final ArrayList<KeyStore> f61954e;

    /* loaded from: classes5.dex */
    private static class Singleton {

        /* renamed from: a, reason: collision with root package name */
        public static final TrustedCertificateManager f61955a = new TrustedCertificateManager();

        private Singleton() {
        }
    }

    /* loaded from: classes5.dex */
    public enum TrustedCertificateSource {
        SYSTEM("system:"),
        USER("user:"),
        LOCAL("local:");


        /* renamed from: b, reason: collision with root package name */
        private final String f61957b;

        TrustedCertificateSource(String str) {
            this.f61957b = str;
        }
    }

    private TrustedCertificateManager() {
        this.f61950a = new ReentrantReadWriteLock();
        this.f61951b = new Hashtable<>();
        this.f61954e = new ArrayList<>();
        String[] strArr = {"LocalCertificateStore", "AndroidCAStore"};
        for (int i10 = 0; i10 < 2; i10++) {
            String str = strArr[i10];
            try {
                KeyStore keyStore = KeyStore.getInstance(str);
                keyStore.load(null, null);
                this.f61954e.add(keyStore);
            } catch (Exception e10) {
                Log.e(f61949f, "Unable to load KeyStore: " + str);
                e10.printStackTrace();
            }
        }
    }

    private void a(Hashtable<String, X509Certificate> hashtable, KeyStore keyStore) {
        try {
            Enumeration<String> aliases = keyStore.aliases();
            while (aliases.hasMoreElements()) {
                String nextElement = aliases.nextElement();
                Certificate certificate = keyStore.getCertificate(nextElement);
                if (certificate != null && (certificate instanceof X509Certificate)) {
                    hashtable.put(nextElement, (X509Certificate) certificate);
                }
            }
        } catch (KeyStoreException e10) {
            e10.printStackTrace();
        }
    }

    private void e() {
        Log.d(f61949f, "Load cached CA certificates");
        Hashtable<String, X509Certificate> hashtable = new Hashtable<>();
        Iterator<KeyStore> it = this.f61954e.iterator();
        while (it.hasNext()) {
            a(hashtable, it.next());
        }
        this.f61951b = hashtable;
        if (!this.f61953d) {
            setChanged();
            notifyObservers();
            this.f61953d = true;
        }
        Log.d(f61949f, "Cached CA certificates loaded");
    }

    public static TrustedCertificateManager getInstance() {
        return Singleton.f61955a;
    }

    public Hashtable<String, X509Certificate> b() {
        this.f61950a.readLock().lock();
        Hashtable<String, X509Certificate> hashtable = (Hashtable) this.f61951b.clone();
        this.f61950a.readLock().unlock();
        return hashtable;
    }

    public X509Certificate c(String str) {
        if (this.f61950a.readLock().tryLock()) {
            X509Certificate x509Certificate = this.f61951b.get(str);
            this.f61950a.readLock().unlock();
            return x509Certificate;
        }
        Iterator<KeyStore> it = this.f61954e.iterator();
        while (it.hasNext()) {
            try {
                Certificate certificate = it.next().getCertificate(str);
                if (certificate != null && (certificate instanceof X509Certificate)) {
                    return (X509Certificate) certificate;
                }
            } catch (KeyStoreException e10) {
                e10.printStackTrace();
            }
        }
        return null;
    }

    public TrustedCertificateManager d() {
        Log.d(f61949f, "Ensure cached CA certificates are loaded");
        this.f61950a.writeLock().lock();
        if (!this.f61953d || this.f61952c) {
            this.f61952c = false;
            e();
        }
        this.f61950a.writeLock().unlock();
        return this;
    }
}
