package com.commonsware.cwac.netsecurity.conscrypt;

import g.c.a.a.a;
import java.io.BufferedInputStream;
import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.security.cert.CertificateException;
import java.security.cert.CertificateFactory;
import java.security.cert.X509Certificate;
import java.util.Collections;
import java.util.Objects;
import java.util.Set;

/* loaded from: classes.dex */
public class TrustedCertificateStore {
    private static final CertificateFactory CERT_FACTORY;
    private static final String PREFIX_SYSTEM = "system:";
    private static final String PREFIX_USER = "user:";
    private static File defaultCaCertsAddedDir;
    private static File defaultCaCertsDeletedDir;
    private static File defaultCaCertsSystemDir;
    private final File addedDir;
    private final File deletedDir;
    private final File systemDir;

    /* loaded from: classes.dex */
    public interface CertSelector {
        boolean match(X509Certificate x509Certificate);
    }

    static {
        String str = System.getenv("ANDROID_ROOT");
        String str2 = System.getenv("ANDROID_DATA");
        defaultCaCertsSystemDir = new File(a.l(str, "/etc/security/cacerts"));
        setDefaultUserDirectory(new File(a.l(str2, "/misc/keychain")));
        try {
            CERT_FACTORY = CertificateFactory.getInstance("X509");
        } catch (CertificateException e) {
            throw new AssertionError(e);
        }
    }

    public TrustedCertificateStore() {
        this(defaultCaCertsSystemDir, defaultCaCertsAddedDir, defaultCaCertsDeletedDir);
    }

    public TrustedCertificateStore(File file, File file2, File file3) {
        this.systemDir = file;
        this.addedDir = file2;
        this.deletedDir = file3;
    }

    private File file(File file, String str, int i2) {
        return new File(file, str + '.' + i2);
    }

    private File fileForAlias(String str) {
        File file;
        Objects.requireNonNull(str, "alias == null");
        if (!isSystem(str)) {
            if (isUser(str)) {
                file = new File(this.addedDir, str.substring(5));
            }
            return null;
        }
        file = new File(this.systemDir, str.substring(7));
        if (!file.exists() || isTombstone(file)) {
            return null;
        }
        return file;
    }

    public static final boolean isSystem(String str) {
        return str.startsWith(PREFIX_SYSTEM);
    }

    private boolean isTombstone(File file) {
        return file.length() == 0;
    }

    public static final boolean isUser(String str) {
        return str.startsWith(PREFIX_USER);
    }

    private X509Certificate readCertificate(File file) {
        BufferedInputStream bufferedInputStream;
        BufferedInputStream bufferedInputStream2 = null;
        if (!file.isFile()) {
            return null;
        }
        try {
            bufferedInputStream = new BufferedInputStream(new FileInputStream(file));
        } catch (IOException unused) {
            bufferedInputStream = null;
        } catch (CertificateException unused2) {
            bufferedInputStream = null;
        } catch (Throwable th) {
            th = th;
        }
        try {
            X509Certificate x509Certificate = (X509Certificate) CERT_FACTORY.generateCertificate(bufferedInputStream);
            try {
                bufferedInputStream.close();
            } catch (RuntimeException e) {
                throw e;
            } catch (Exception unused3) {
            }
            return x509Certificate;
        } catch (IOException unused4) {
            if (bufferedInputStream != null) {
                try {
                    bufferedInputStream.close();
                } catch (RuntimeException e2) {
                    throw e2;
                } catch (Exception unused5) {
                }
            }
            return null;
        } catch (CertificateException unused6) {
            if (bufferedInputStream != null) {
                try {
                    bufferedInputStream.close();
                } catch (RuntimeException e3) {
                    throw e3;
                } catch (Exception unused7) {
                }
            }
            return null;
        } catch (Throwable th2) {
            th = th2;
            bufferedInputStream2 = bufferedInputStream;
            if (bufferedInputStream2 != null) {
                try {
                    bufferedInputStream2.close();
                } catch (RuntimeException e4) {
                    throw e4;
                } catch (Exception unused8) {
                }
            }
            throw th;
        }
    }

    private void removeUnnecessaryTombstones(String str) throws IOException {
        if (!isUser(str)) {
            throw new AssertionError(str);
        }
        int lastIndexOf = str.lastIndexOf(46);
        if (lastIndexOf == -1) {
            throw new AssertionError(str);
        }
        String substring = str.substring(5, lastIndexOf);
        int parseInt = Integer.parseInt(str.substring(lastIndexOf + 1));
        if (file(this.addedDir, substring, parseInt + 1).exists()) {
            return;
        }
        while (parseInt >= 0) {
            File file = file(this.addedDir, substring, parseInt);
            if (!isTombstone(file)) {
                return;
            }
            if (!file.delete()) {
                throw new IOException("Could not remove " + file);
            }
            parseInt--;
        }
    }

    public static void setDefaultUserDirectory(File file) {
        defaultCaCertsAddedDir = new File(file, "cacerts-added");
        defaultCaCertsDeletedDir = new File(file, "cacerts-removed");
    }

    private void writeCertificate(File file, X509Certificate x509Certificate) throws IOException, CertificateException {
        File parentFile = file.getParentFile();
        parentFile.mkdirs();
        parentFile.setReadable(true, false);
        parentFile.setExecutable(true, false);
        FileOutputStream fileOutputStream = null;
        try {
            FileOutputStream fileOutputStream2 = new FileOutputStream(file);
            try {
                fileOutputStream2.write(x509Certificate.getEncoded());
                try {
                    fileOutputStream2.close();
                } catch (RuntimeException e) {
                    throw e;
                } catch (Exception unused) {
                }
                file.setReadable(true, false);
            } catch (Throwable th) {
                th = th;
                fileOutputStream = fileOutputStream2;
                if (fileOutputStream != null) {
                    try {
                        fileOutputStream.close();
                    } catch (RuntimeException e2) {
                        throw e2;
                    } catch (Exception unused2) {
                    }
                }
                throw th;
            }
        } catch (Throwable th2) {
            th = th2;
        }
    }

    public Set<X509Certificate> findAllIssuers(final X509Certificate x509Certificate) {
        new CertSelector() { // from class: com.commonsware.cwac.netsecurity.conscrypt.TrustedCertificateStore.2
            @Override // com.commonsware.cwac.netsecurity.conscrypt.TrustedCertificateStore.CertSelector
            public boolean match(X509Certificate x509Certificate2) {
                try {
                    x509Certificate.verify(x509Certificate2.getPublicKey());
                    return true;
                } catch (Exception unused) {
                    return false;
                }
            }
        };
        x509Certificate.getIssuerX500Principal();
        return Collections.emptySet();
    }

    public X509Certificate getTrustAnchor(final X509Certificate x509Certificate) {
        new CertSelector() { // from class: com.commonsware.cwac.netsecurity.conscrypt.TrustedCertificateStore.1
            @Override // com.commonsware.cwac.netsecurity.conscrypt.TrustedCertificateStore.CertSelector
            public boolean match(X509Certificate x509Certificate2) {
                return x509Certificate2.getPublicKey().equals(x509Certificate.getPublicKey());
            }
        };
        return null;
    }
}
